Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/3230322e34332e3235352e302f32342d3234203d3e20313338303734.roa
File: 3230322e34332e3235352e302f32342d3234203d3e20313338303734.roa (raw, json)
Hash identifier: 5rg1EeqRUgeSLgMy7lGVLTMSo/SW/vkwy5TwRaBl/j8=
Subject key identifier: 90:FB:4D:B7:A8:8D:A0:C6:53:32:EB:5B:8C:EF:64:6C:88:91:28:04
Certificate issuer: /CN=C8EC18E027639B05BC58A2228D126486BEFB3ABB
Certificate serial: 330C82085584977BAA74E2430824D54D033A063F
Authority key identifier: C8:EC:18:E0:27:63:9B:05:BC:58:A2:22:8D:12:64:86:BE:FB:3A:BB
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8EC18E027639B05BC58A2228D126486BEFB3ABB.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/3230322e34332e3235352e302f32342d3234203d3e20313338303734.roa
Signing time: Mon 30 Dec 2024 02:00:03 +0000
ROA not before: Mon 30 Dec 2024 01:55:03 +0000
ROA not after: Mon 29 Dec 2025 02:00:03 +0000
asID: 138074
IP address blocks: 202.43.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:0c:82:08:55:84:97:7b:aa:74:e2:43:08:24:d5:4d:03:3a:06:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C8EC18E027639B05BC58A2228D126486BEFB3ABB
Validity
Not Before: Dec 30 01:55:03 2024 GMT
Not After : Dec 29 02:00:03 2025 GMT
Subject: CN=90FB4DB7A88DA0C65332EB5B8CEF646C88912804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:81:ec:4b:09:ed:ed:d4:a9:99:96:10:6c:c3:
53:46:ab:c7:76:aa:98:60:fe:20:f6:06:2d:79:8c:
97:d9:e7:d5:e0:3a:74:8d:f1:33:3b:b3:25:7e:30:
c0:32:20:eb:60:74:9d:df:46:78:4e:a5:c7:a3:32:
9b:a0:6a:91:8d:93:56:dc:1f:17:b3:b9:64:a0:e0:
ad:00:93:a7:a9:9a:e8:e4:73:ac:6b:e4:54:8b:19:
df:95:f7:6b:44:33:de:2c:e2:13:8f:77:ea:d1:b5:
cd:f8:7f:58:da:8f:78:f9:9b:19:08:99:71:c2:7d:
1e:bf:d7:47:2d:3e:06:cc:71:78:21:d1:88:93:c2:
ec:c3:df:bf:82:54:e1:99:02:2f:6e:66:4b:18:3a:
e2:55:39:10:9f:cf:89:40:2c:21:7f:fb:ff:79:30:
eb:fb:19:6a:17:8f:a9:2b:f1:ad:08:fb:c9:64:bc:
2f:eb:70:63:9e:dd:13:42:c0:49:ae:f6:25:6e:e1:
dc:e8:1b:45:0b:ee:13:8a:6d:de:e9:81:30:0c:07:
ef:18:f8:eb:51:43:a7:85:39:3c:c4:01:7a:81:e6:
f7:e2:61:4d:b4:e1:61:09:0e:73:7d:c7:70:7b:19:
28:c7:fb:03:a9:da:9c:57:44:63:6f:ba:31:c4:ff:
27:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:FB:4D:B7:A8:8D:A0:C6:53:32:EB:5B:8C:EF:64:6C:88:91:28:04
X509v3 Authority Key Identifier:
keyid:C8:EC:18:E0:27:63:9B:05:BC:58:A2:22:8D:12:64:86:BE:FB:3A:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/C8EC18E027639B05BC58A2228D126486BEFB3ABB.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8EC18E027639B05BC58A2228D126486BEFB3ABB.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/3230322e34332e3235352e302f32342d3234203d3e20313338303734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.43.255.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:08:30:8f:8e:5f:1f:c5:c5:22:c0:e9:5e:eb:c9:f8:69:47:
15:4b:97:94:5a:3f:b7:99:72:c2:3e:b1:b4:f6:42:cc:a1:5d:
61:e3:cc:47:3d:6a:72:61:3f:70:55:43:d2:c7:09:b7:dd:1a:
d5:0c:b4:e7:2d:00:a7:ac:5d:b8:a2:68:09:8b:ca:c8:68:43:
81:74:dc:bf:a7:1e:27:d8:39:f2:d7:cb:29:f9:cd:b9:a1:8c:
0b:18:78:76:25:3a:01:58:f0:f6:94:e8:c7:fc:0c:15:66:01:
49:3b:00:90:38:43:4d:aa:a2:52:1d:d2:3f:34:ea:5c:50:77:
5c:2a:04:15:ae:93:24:be:c9:15:1c:12:91:9e:11:63:85:3e:
f8:a4:1c:5f:73:0e:aa:19:e8:15:0b:8b:ea:19:32:82:30:19:
64:c5:61:56:e2:73:52:bd:39:54:22:f2:88:7c:22:dd:12:ce:
e8:46:c4:eb:5b:92:0d:7f:36:64:9c:25:e5:b3:65:3b:3d:0b:
ed:ed:f7:6a:a1:49:e4:72:1b:d5:14:50:55:07:35:1d:46:ee:
a2:45:ca:a5:82:27:8f:e5:be:bc:cf:1a:07:1c:4e:6b:50:06:
7c:b9:55:5f:52:dc:18:e2:a9:6d:f0:ac:59:bb:5b:9a:7c:22:
d3:b5:e9:06
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUMwyCCFWEl3uqdOJDCCTVTQM6Bj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzhFQzE4RTAyNzYzOUIwNUJDNThBMjIyOEQxMjY0ODZC
RUZCM0FCQjAeFw0yNDEyMzAwMTU1MDNaFw0yNTEyMjkwMjAwMDNaMDMxMTAvBgNV
BAMTKDkwRkI0REI3QTg4REEwQzY1MzMyRUI1QjhDRUY2NDZDODg5MTI4MDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1gexLCe3t1KmZlhBsw1NGq8d2
qphg/iD2Bi15jJfZ59XgOnSN8TM7syV+MMAyIOtgdJ3fRnhOpcejMpugapGNk1bc
HxezuWSg4K0Ak6epmujkc6xr5FSLGd+V92tEM94s4hOPd+rRtc34f1jaj3j5mxkI
mXHCfR6/10ctPgbMcXgh0YiTwuzD37+CVOGZAi9uZksYOuJVORCfz4lALCF/+/95
MOv7GWoXj6kr8a0I+8lkvC/rcGOe3RNCwEmu9iVu4dzoG0UL7hOKbd7pgTAMB+8Y
+OtRQ6eFOTzEAXqB5vfiYU204WEJDnN9x3B7GSjH+wOp2pxXRGNvujHE/yffAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUkPtNt6iNoMZTMutbjO9kbIiRKAQwHwYDVR0j
BBgwFoAUyOwY4CdjmwW8WKIijRJkhr77OrswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
YzI4OTcwNi1hNGY0LTRlMWYtOWE2ZS0wMWM5YzUzY2Q4ZjkvMC9DOEVDMThFMDI3
NjM5QjA1QkM1OEEyMjI4RDEyNjQ4NkJFRkIzQUJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzhFQzE4RTAyNzYzOUIwNUJDNThBMjIyOEQxMjY0ODZCRUZC
M0FCQi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFjMjg5NzA2LWE0ZjQtNGUxZi05
YTZlLTAxYzljNTNjZDhmOS8wLzMyMzAzMjJlMzQzMzJlMzIzNTM1MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM4MzAzNzM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyiv/MA0GCSqG
SIb3DQEBCwUAA4IBAQA7CDCPjl8fxcUiwOle68n4aUcVS5eUWj+3mXLCPrG09kLM
oV1h48xHPWpyYT9wVUPSxwm33RrVDLTnLQCnrF24omgJi8rIaEOBdNy/px4n2Dny
18sp+c25oYwLGHh2JToBWPD2lOjH/AwVZgFJOwCQOENNqqJSHdI/NOpcUHdcKgQV
rpMkvskVHBKRnhFjhT74pBxfcw6qGegVC4vqGTKCMBlkxWFW4nNSvTlUIvKIfCLd
Es7oRsTrW5INfzZknCXls2U7PQvt7fdqoUnkchvVFFBVBzUdRu6iRcqlgieP5b68
zxoHHE5rUAZ8uVVfUtwY4qlt8KxZu1uafCLTtekG
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:59:21 2025 by rpki-client