Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232372e302f32342d3234203d3e203338373634.roa
File: 3132302e32392e3232372e302f32342d3234203d3e203338373634.roa (raw, json)
Hash identifier: kizpm5pMXSzgoWrppvdtyhcaCD0lO2EdJCuHJxptLZU=
Subject key identifier: 59:37:F2:C2:1F:5D:43:72:3C:B1:4C:07:6B:AA:08:5E:64:C4:DE:95
Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251
Certificate serial: 5077977538CAB2FD53F063A1260C34A69B349884
Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232372e302f32342d3234203d3e203338373634.roa
Signing time: Wed 19 Feb 2025 11:00:02 +0000
ROA not before: Wed 19 Feb 2025 10:55:02 +0000
ROA not after: Wed 18 Feb 2026 11:00:02 +0000
asID: 38764
IP address blocks: 120.29.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:77:97:75:38:ca:b2:fd:53:f0:63:a1:26:0c:34:a6:9b:34:98:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251
Validity
Not Before: Feb 19 10:55:02 2025 GMT
Not After : Feb 18 11:00:02 2026 GMT
Subject: CN=5937F2C21F5D43723CB14C076BAA085E64C4DE95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:62:0f:4c:18:44:da:b1:48:d2:2a:8b:2b:c3:
8b:95:97:bc:7b:1e:e4:40:fe:3f:89:05:9f:5b:79:
d2:d3:bc:80:7b:34:a7:5f:99:35:be:0c:4c:c3:08:
ef:5a:d1:fc:66:ae:69:63:6f:2a:99:ad:0b:8e:5d:
18:28:63:54:d5:69:1c:31:08:f8:b1:43:6d:c9:35:
9e:e1:97:8e:82:2a:02:f2:79:68:48:f3:10:1c:c9:
0d:03:0d:fd:3f:de:9f:f0:71:1d:af:d4:42:0d:4c:
66:82:af:28:d0:04:20:1a:0f:1d:03:bc:d4:62:18:
17:f5:a9:7c:59:0f:bb:0d:9b:5e:49:31:dd:f6:e5:
00:18:2d:a0:8d:35:c9:15:a7:d3:1e:52:6d:91:2d:
8a:76:90:d2:03:45:61:2a:7b:fc:79:c9:fc:9e:d7:
ec:53:08:a1:53:e2:8c:bb:da:53:2b:c5:a7:1f:83:
ef:5f:d7:e8:04:2d:25:2b:6f:82:aa:e9:0b:8a:3d:
d6:96:79:20:0a:fc:02:16:89:48:dc:b2:4e:d4:a9:
75:46:58:c1:09:f4:23:09:ba:e3:b5:09:9e:bf:1a:
8f:6f:77:bd:3b:1c:41:88:57:c6:1b:72:99:ab:c9:
f0:c2:c0:de:16:4e:fa:fb:70:d7:4e:9f:2d:af:bb:
17:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:37:F2:C2:1F:5D:43:72:3C:B1:4C:07:6B:AA:08:5E:64:C4:DE:95
X509v3 Authority Key Identifier:
keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232372e302f32342d3234203d3e203338373634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
120.29.227.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:89:f7:cf:80:8f:de:9b:c9:19:d8:b3:cc:a0:9a:35:19:27:
32:31:b7:67:1f:9d:a8:67:11:5c:2c:2e:44:78:a5:92:9b:5b:
a1:58:a7:04:7f:7e:e4:16:77:e8:d6:66:d9:3d:c3:54:18:fc:
d3:e2:25:cf:45:6f:5d:ec:a8:96:2a:ce:27:61:ac:6a:c6:b2:
f5:90:4d:de:19:fe:38:a2:1d:1e:0e:9e:43:1e:78:3b:16:ca:
14:58:c5:fb:0c:4b:09:5a:41:ea:61:17:f5:eb:28:7c:69:84:
9f:b6:57:4c:4d:9f:d9:6b:fb:ea:d5:57:f3:08:3d:87:b9:29:
45:48:fd:ce:ab:07:fa:90:23:ec:f0:9c:e5:47:f8:98:60:1f:
64:b2:cd:a4:3e:30:de:32:c1:01:ac:9b:25:f1:cb:99:14:85:
e2:cb:6d:1b:19:7a:2e:0f:5d:c6:63:12:a4:94:4f:0d:a7:00:
a6:f9:e8:77:31:48:39:76:6b:d9:3b:97:22:e6:ea:84:0f:e3:
b5:31:db:dd:6b:d3:83:b8:af:52:22:f3:9d:90:93:8b:6a:77:
e5:ec:f3:0e:e0:2f:66:b6:b9:74:be:cc:87:d5:c4:8f:24:60:
38:ef:b1:f9:bf:e6:15:b2:7b:bb:8e:ac:b4:d0:c8:1e:6e:21:
eb:f0:54:f4
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUUHeXdTjKsv1T8GOhJgw0pps0mIQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB
MzVCMDI1MTAeFw0yNTAyMTkxMDU1MDJaFw0yNjAyMTgxMTAwMDJaMDMxMTAvBgNV
BAMTKDU5MzdGMkMyMUY1RDQzNzIzQ0IxNEMwNzZCQUEwODVFNjRDNERFOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoYg9MGETasUjSKosrw4uVl7x7
HuRA/j+JBZ9bedLTvIB7NKdfmTW+DEzDCO9a0fxmrmljbyqZrQuOXRgoY1TVaRwx
CPixQ23JNZ7hl46CKgLyeWhI8xAcyQ0DDf0/3p/wcR2v1EINTGaCryjQBCAaDx0D
vNRiGBf1qXxZD7sNm15JMd325QAYLaCNNckVp9MeUm2RLYp2kNIDRWEqe/x5yfye
1+xTCKFT4oy72lMrxacfg+9f1+gELSUrb4Kq6QuKPdaWeSAK/AIWiUjcsk7UqXVG
WMEJ9CMJuuO1CZ6/Go9vd707HEGIV8YbcpmryfDCwN4WTvr7cNdOny2vuxfBAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUWTfywh9dQ3I8sUwHa6oIXmTE3pUwHwYDVR0j
BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz
Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC
MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i
ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMjM3MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzMzODM3MzYzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd4zANBgkqhkiG
9w0BAQsFAAOCAQEAa4n3z4CP3pvJGdizzKCaNRknMjG3Zx+dqGcRXCwuRHilkptb
oVinBH9+5BZ36NZm2T3DVBj80+Ilz0VvXeyolirOJ2Gsasay9ZBN3hn+OKIdHg6e
Qx54OxbKFFjF+wxLCVpB6mEX9esofGmEn7ZXTE2f2Wv76tVX8wg9h7kpRUj9zqsH
+pAj7PCc5Uf4mGAfZLLNpD4w3jLBAaybJfHLmRSF4sttGxl6Lg9dxmMSpJRPDacA
pvnodzFIOXZr2TuXIubqhA/jtTHb3WvTg7ivUiLznZCTi2p35ezzDuAvZra5dL7M
h9XEjyRgOO+x+b/mFbJ7u46stNDIHm4h6/BU9A==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:25:36 2025 by rpki-client