Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3131322e302f32342d3234203d3e203233393531.roa
File: 3230322e36352e3131322e302f32342d3234203d3e203233393531.roa (raw, json)
Hash identifier: G3BDF4TZ5GKx7Jq6M6FOl3lpCmK1xcIVdoD+jUyf4vU=
Subject key identifier: DC:9D:87:F1:07:4C:5C:71:50:9E:5A:57:49:C4:80:E8:95:A8:2D:50
Certificate issuer: /CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F
Certificate serial: 25576FBD64B9797528B75EB4D95F3C1508FA216B
Authority key identifier: CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3131322e302f32342d3234203d3e203233393531.roa
Signing time: Tue 25 Mar 2025 18:00:00 +0000
ROA not before: Tue 25 Mar 2025 17:55:00 +0000
ROA not after: Tue 24 Mar 2026 18:00:00 +0000
asID: 23951
IP address blocks: 202.65.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:57:6f:bd:64:b9:79:75:28:b7:5e:b4:d9:5f:3c:15:08:fa:21:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F
Validity
Not Before: Mar 25 17:55:00 2025 GMT
Not After : Mar 24 18:00:00 2026 GMT
Subject: CN=DC9D87F1074C5C71509E5A5749C480E895A82D50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c7:a9:c0:eb:49:82:89:36:c9:5a:2c:40:d8:
db:37:80:50:ca:50:a5:69:51:c6:9c:e4:8a:68:d6:
3a:ca:25:78:83:b6:16:62:06:54:38:d6:3f:62:1c:
5e:09:dd:1e:70:bb:93:a7:34:9d:fa:9f:99:bf:99:
e0:80:3e:35:a6:c6:79:cd:6d:cb:a3:b0:8f:af:ac:
b6:44:ac:5e:ee:43:ae:bf:f7:7b:c3:bc:2c:02:57:
95:38:5c:e5:60:17:87:c8:47:92:e5:f8:4d:6b:63:
4d:5e:00:2d:9e:7a:45:c0:aa:76:f9:54:d6:b9:24:
9c:fb:36:57:7b:31:c0:85:3b:13:09:61:10:c1:c5:
b3:37:98:65:f2:df:3a:5e:6a:21:a7:8c:31:4a:b4:
ca:1f:db:c3:24:2a:e0:26:0f:84:46:83:0d:55:7a:
0c:dc:c4:41:49:b4:3f:b8:39:22:d8:f8:a1:ee:46:
99:1b:0a:67:45:e0:e3:0c:02:58:a1:8c:dd:ca:6c:
52:3e:bd:b9:4a:92:03:1e:4b:4f:a4:e3:98:12:7b:
42:cc:25:bd:25:8c:ea:65:75:78:03:6b:97:ad:af:
6e:4b:03:a5:df:92:a4:83:0d:60:b9:44:c8:b6:52:
a7:7f:b0:77:5c:70:0f:a0:2a:09:ef:c0:08:2a:4a:
77:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:9D:87:F1:07:4C:5C:71:50:9E:5A:57:49:C4:80:E8:95:A8:2D:50
X509v3 Authority Key Identifier:
keyid:CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3131322e302f32342d3234203d3e203233393531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.65.112.0/24
Signature Algorithm: sha256WithRSAEncryption
15:34:57:f6:3f:77:32:3d:cf:c8:9d:1a:07:08:f6:b3:b6:68:
ef:84:9d:d0:cc:89:11:f4:1c:17:6c:a8:58:58:3b:c9:eb:3e:
f9:71:fa:82:fa:26:f4:98:b0:52:f7:5f:21:13:6b:47:16:ca:
70:67:ee:dd:b8:8c:43:fc:ec:cb:f5:ea:dc:dd:19:59:58:9d:
76:b6:3e:63:3e:bd:20:9e:8d:f8:d9:59:2f:54:0f:8a:82:7c:
a3:6f:dd:6f:91:cb:b4:72:e8:00:90:ea:2d:8a:19:a4:04:88:
5d:d0:20:cf:22:33:78:e7:3b:5b:24:01:73:35:80:10:fe:74:
c4:af:ff:c3:90:d1:70:ee:fe:48:ba:e4:f6:e3:a8:10:69:52:
a9:8a:b8:76:74:24:03:9b:7b:fd:2f:ab:e8:5d:5a:61:e7:95:
88:2f:ea:9f:dc:ac:fa:6f:82:57:1c:d3:bc:4f:9d:d9:e1:d1:
8a:95:5c:75:35:93:39:15:66:73:5f:68:ad:50:f1:7b:3e:d5:
83:32:e7:36:b8:d7:aa:07:ed:35:62:73:59:54:bb:da:d6:7c:
fc:91:a3:03:ed:af:aa:de:17:c3:ee:3e:cb:dc:ca:d8:f4:43:
a4:e5:e8:80:21:01:27:44:f3:a5:0f:1b:60:01:35:27:7f:a8:
a3:4f:6b:11
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUJVdvvWS5eXUot1602V88FQj6IWswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUx
NDNDOEU4RjAeFw0yNTAzMjUxNzU1MDBaFw0yNjAzMjQxODAwMDBaMDMxMTAvBgNV
BAMTKERDOUQ4N0YxMDc0QzVDNzE1MDlFNUE1NzQ5QzQ4MEU4OTVBODJENTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjx6nA60mCiTbJWixA2Ns3gFDK
UKVpUcac5Ipo1jrKJXiDthZiBlQ41j9iHF4J3R5wu5OnNJ36n5m/meCAPjWmxnnN
bcujsI+vrLZErF7uQ66/93vDvCwCV5U4XOVgF4fIR5Ll+E1rY01eAC2eekXAqnb5
VNa5JJz7Nld7McCFOxMJYRDBxbM3mGXy3zpeaiGnjDFKtMof28MkKuAmD4RGgw1V
egzcxEFJtD+4OSLY+KHuRpkbCmdF4OMMAlihjN3KbFI+vblKkgMeS0+k45gSe0LM
Jb0ljOpldXgDa5etr25LA6XfkqSDDWC5RMi2Uqd/sHdccA+gKgnvwAgqSncHAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU3J2H8QdMXHFQnlpXScSA6JWoLVAwHwYDVR0j
BBgwFoAUyjW6x6QF3x7Z7WLwnS9PLhQ8jo8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ZTZhN2U0Ni1iNmFkLTRhN2QtYjkzMC0xYWIwYmYwMmRkNWQvMC9DQTM1QkFDN0E0
MDVERjFFRDlFRDYyRjA5RDJGNEYyRTE0M0M4RThGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUxNDND
OEU4Ri5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFlNmE3ZTQ2LWI2YWQtNGE3ZC1i
OTMwLTFhYjBiZjAyZGQ1ZC8wLzMyMzAzMjJlMzYzNTJlMzEzMTMyMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzIzMzM5MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMpBcDANBgkqhkiG
9w0BAQsFAAOCAQEAFTRX9j93Mj3PyJ0aBwj2s7Zo74Sd0MyJEfQcF2yoWFg7yes+
+XH6gvom9JiwUvdfIRNrRxbKcGfu3biMQ/zsy/Xq3N0ZWViddrY+Yz69IJ6N+NlZ
L1QPioJ8o2/db5HLtHLoAJDqLYoZpASIXdAgzyIzeOc7WyQBczWAEP50xK//w5DR
cO7+SLrk9uOoEGlSqYq4dnQkA5t7/S+r6F1aYeeViC/qn9ys+m+CVxzTvE+d2eHR
ipVcdTWTORVmc19orVDxez7VgzLnNrjXqgftNWJzWVS72tZ8/JGjA+2vqt4Xw+4+
y9zK2PRDpOXogCEBJ0TzpQ8bYAE1J3+oo09rEQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:27:08 2025 by rpki-client