Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/1d07e3d8-9bfc-4483-a2dd-afa4593811e5/0/323430363a613063303a3a2f33322d3332203d3e20313337333331.roa
File: 323430363a613063303a3a2f33322d3332203d3e20313337333331.roa (raw, json)
Hash identifier: Ai0eZhLY+4L7mdTG5liUS7qc6ABicMzreMWiAuYqKfU=
Subject key identifier: 51:9E:4B:7C:08:C6:6F:6B:DA:84:7D:31:4A:8E:B2:47:CA:3E:8A:82
Certificate issuer: /CN=FABDB6E44451B7F0378AE92C2750EBFE5A3CFA38
Certificate serial: 29B627DB1110ACB13D6E8C8FBF31409BCF54EB8D
Authority key identifier: FA:BD:B6:E4:44:51:B7:F0:37:8A:E9:2C:27:50:EB:FE:5A:3C:FA:38
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FABDB6E44451B7F0378AE92C2750EBFE5A3CFA38.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/1d07e3d8-9bfc-4483-a2dd-afa4593811e5/0/323430363a613063303a3a2f33322d3332203d3e20313337333331.roa
Signing time: Mon 13 Jan 2025 01:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:55:00 +0000
ROA not after: Mon 12 Jan 2026 01:00:00 +0000
asID: 137331
IP address blocks: 2406:a0c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:b6:27:db:11:10:ac:b1:3d:6e:8c:8f:bf:31:40:9b:cf:54:eb:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FABDB6E44451B7F0378AE92C2750EBFE5A3CFA38
Validity
Not Before: Jan 13 00:55:00 2025 GMT
Not After : Jan 12 01:00:00 2026 GMT
Subject: CN=519E4B7C08C66F6BDA847D314A8EB247CA3E8A82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fa:07:46:5e:39:69:b1:8f:51:28:9c:c5:33:
bd:30:b2:b2:f5:5e:bf:b4:16:63:5b:3f:89:a8:a5:
32:2e:b8:9a:f0:58:39:96:0e:19:ac:8e:a3:4e:3b:
9f:ce:b0:57:7c:2c:8b:65:34:32:d0:d1:cb:5a:62:
6b:c0:89:2e:d2:50:4a:5f:78:87:6f:67:f5:f1:8e:
c7:b9:70:82:83:f0:8f:83:50:09:23:59:70:ec:9a:
d3:ae:da:2e:db:d1:c0:62:12:64:33:e0:b4:f2:ef:
cb:60:05:46:e0:da:b1:37:78:f9:bc:e7:b5:8a:81:
d1:9f:ab:61:2e:e3:f6:e9:c7:9d:03:e9:50:fc:9f:
5e:a2:cc:4b:e4:57:0c:3f:94:34:52:09:9d:6f:31:
33:4c:2a:c7:23:60:79:d8:fb:39:f5:14:00:0e:79:
35:ec:b6:40:c9:87:dd:d1:39:da:f8:7c:13:97:e1:
d3:0d:db:b1:65:02:1b:87:20:2f:28:72:06:ad:9b:
90:45:40:42:35:0c:9b:f2:c8:40:a9:5a:02:f9:8d:
a4:19:dc:2a:89:4b:1f:93:d3:fa:61:6f:78:c7:54:
6c:c2:07:31:04:f7:11:a8:30:60:f4:4d:f4:8d:fe:
a1:cd:d5:b9:11:66:98:f5:e3:88:c8:4a:13:bd:b8:
9c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:9E:4B:7C:08:C6:6F:6B:DA:84:7D:31:4A:8E:B2:47:CA:3E:8A:82
X509v3 Authority Key Identifier:
keyid:FA:BD:B6:E4:44:51:B7:F0:37:8A:E9:2C:27:50:EB:FE:5A:3C:FA:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/1d07e3d8-9bfc-4483-a2dd-afa4593811e5/0/FABDB6E44451B7F0378AE92C2750EBFE5A3CFA38.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FABDB6E44451B7F0378AE92C2750EBFE5A3CFA38.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1d07e3d8-9bfc-4483-a2dd-afa4593811e5/0/323430363a613063303a3a2f33322d3332203d3e20313337333331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:a0c0::/32
Signature Algorithm: sha256WithRSAEncryption
11:31:be:f0:43:bc:3d:af:77:18:f5:89:32:1c:52:1f:5b:ba:
c5:0e:cb:78:19:52:7c:9c:67:d4:e0:8f:92:ee:97:e1:8f:36:
a9:19:5a:7c:41:81:cd:00:86:5b:48:5f:2a:41:36:32:a3:cc:
87:59:7d:29:b9:e1:88:1c:2b:cb:91:9c:58:a3:d9:af:34:16:
fc:6a:43:c4:ca:7d:7a:7d:cf:cb:0d:de:a9:bc:a0:86:7c:e6:
06:6a:4d:1a:7b:b9:8a:97:14:0f:9a:76:18:e0:5d:3e:cb:b0:
d9:bf:4b:e7:c4:fc:60:66:ac:83:ed:8e:06:77:f6:b7:b5:ca:
9e:fd:9f:4b:51:45:b5:23:e0:4b:50:bd:af:56:3b:8a:c1:d8:
70:38:46:d5:8d:8e:aa:e9:01:8b:04:d1:da:d7:64:bb:50:60:
3f:f8:cf:ba:3f:1f:31:60:e0:97:09:1e:be:49:1e:93:cf:a0:
2d:c2:29:15:4a:75:be:78:85:77:c3:0d:92:09:4f:d2:e4:98:
51:1f:51:b1:f1:5e:ae:fd:32:b6:7f:82:37:61:c3:eb:e9:69:
2c:73:86:32:75:75:c3:73:d1:4e:a3:e8:5f:4b:20:11:0f:9b:
c2:6b:9a:81:ed:6f:f6:e5:22:1e:7b:84:0a:3e:14:0b:a0:fb:
27:a6:98:b8
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUKbYn2xEQrLE9boyPvzFAm89U640wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkFCREI2RTQ0NDUxQjdGMDM3OEFFOTJDMjc1MEVCRkU1
QTNDRkEzODAeFw0yNTAxMTMwMDU1MDBaFw0yNjAxMTIwMTAwMDBaMDMxMTAvBgNV
BAMTKDUxOUU0QjdDMDhDNjZGNkJEQTg0N0QzMTRBOEVCMjQ3Q0EzRThBODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK+gdGXjlpsY9RKJzFM70wsrL1
Xr+0FmNbP4mopTIuuJrwWDmWDhmsjqNOO5/OsFd8LItlNDLQ0ctaYmvAiS7SUEpf
eIdvZ/Xxjse5cIKD8I+DUAkjWXDsmtOu2i7b0cBiEmQz4LTy78tgBUbg2rE3ePm8
57WKgdGfq2Eu4/bpx50D6VD8n16izEvkVww/lDRSCZ1vMTNMKscjYHnY+zn1FAAO
eTXstkDJh93ROdr4fBOX4dMN27FlAhuHIC8ocgatm5BFQEI1DJvyyECpWgL5jaQZ
3CqJSx+T0/phb3jHVGzCBzEE9xGoMGD0TfSN/qHN1bkRZpj144jIShO9uJz1AgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUUZ5LfAjGb2vahH0xSo6yR8o+ioIwHwYDVR0j
BBgwFoAU+r225ERRt/A3iuksJ1Dr/lo8+jgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ZDA3ZTNkOC05YmZjLTQ0ODMtYTJkZC1hZmE0NTkzODExZTUvMC9GQUJEQjZFNDQ0
NTFCN0YwMzc4QUU5MkMyNzUwRUJGRTVBM0NGQTM4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRkFCREI2RTQ0NDUxQjdGMDM3OEFFOTJDMjc1MEVCRkU1QTND
RkEzOC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFkMDdlM2Q4LTliZmMtNDQ4My1h
MmRkLWFmYTQ1OTM4MTFlNS8wLzMyMzQzMDM2M2E2MTMwNjMzMDNhM2EyZjMzMzIy
ZDMzMzIyMDNkM2UyMDMxMzMzNzMzMzMzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQGoMAwDQYJKoZI
hvcNAQELBQADggEBABExvvBDvD2vdxj1iTIcUh9busUOy3gZUnycZ9Tgj5Lul+GP
NqkZWnxBgc0AhltIXypBNjKjzIdZfSm54YgcK8uRnFij2a80FvxqQ8TKfXp9z8sN
3qm8oIZ85gZqTRp7uYqXFA+adhjgXT7LsNm/S+fE/GBmrIPtjgZ39re1yp79n0tR
RbUj4EtQva9WO4rB2HA4RtWNjqrpAYsE0drXZLtQYD/4z7o/HzFg4JcJHr5JHpPP
oC3CKRVKdb54hXfDDZIJT9LkmFEfUbHxXq79MrZ/gjdhw+vpaSxzhjJ1dcNz0U6j
6F9LIBEPm8JrmoHtb/blIh57hAo+FAug+yemmLg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:25:42 2025 by rpki-client