Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233302e302f32342d3234203d3e203338373634.roa
File: 3132302e32392e3233302e302f32342d3234203d3e203338373634.roa (raw, json)
Hash identifier: 8F55uNQoN3zi97DtY0Vq2ak+DmYZUOFPxOyq8OUlCl0=
Subject key identifier: 31:77:9D:A2:BB:12:0C:8A:5E:3E:E0:93:AA:BC:02:3A:03:F4:79:14
Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251
Certificate serial: 5831B313CA2038D412B10AECE767DF25784CABD3
Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233302e302f32342d3234203d3e203338373634.roa
Signing time: Wed 19 Feb 2025 11:00:01 +0000
ROA not before: Wed 19 Feb 2025 10:55:01 +0000
ROA not after: Wed 18 Feb 2026 11:00:01 +0000
asID: 38764
IP address blocks: 120.29.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:31:b3:13:ca:20:38:d4:12:b1:0a:ec:e7:67:df:25:78:4c:ab:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251
Validity
Not Before: Feb 19 10:55:01 2025 GMT
Not After : Feb 18 11:00:01 2026 GMT
Subject: CN=31779DA2BB120C8A5E3EE093AABC023A03F47914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ee:b2:21:2c:b7:00:c4:e2:4b:bd:61:c9:bb:
53:63:89:70:77:ff:7d:25:7b:30:9e:c2:04:46:34:
8d:70:7b:db:39:02:cd:d2:bd:04:3c:c3:54:e5:48:
a1:71:10:e1:18:1e:54:b4:a6:aa:70:8d:69:f3:bf:
87:3e:c4:f3:98:89:d2:c0:36:87:4c:cf:34:69:9c:
34:57:d8:f0:c3:6d:13:8a:aa:57:1f:eb:83:b1:ec:
d3:f6:90:98:3f:85:60:6d:9f:9c:7f:51:67:b4:b5:
c5:6a:fa:13:10:41:e1:e6:ce:40:7c:20:25:88:eb:
41:2a:eb:6e:cf:67:d9:96:c9:1e:cc:66:22:be:71:
de:86:e8:e8:ab:26:10:cf:f5:e4:91:ed:59:48:a3:
17:dd:23:b2:a8:7a:90:a5:eb:56:8f:3b:60:d0:f3:
b5:9b:ad:66:5e:da:20:ac:95:bb:e6:4d:bb:1d:12:
34:13:7c:1d:23:12:a8:e3:f3:74:3a:5c:b7:9d:b7:
06:0a:0b:bd:f3:8e:21:1f:7a:c4:e8:e8:17:23:9f:
92:88:b9:bd:97:83:53:d0:7d:92:dc:b9:ab:05:62:
65:56:4a:8d:88:e4:99:05:fd:82:50:93:a3:44:ee:
db:9b:a6:6e:72:13:a2:fe:ea:0a:97:71:5a:41:87:
ab:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:77:9D:A2:BB:12:0C:8A:5E:3E:E0:93:AA:BC:02:3A:03:F4:79:14
X509v3 Authority Key Identifier:
keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233302e302f32342d3234203d3e203338373634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
120.29.230.0/24
Signature Algorithm: sha256WithRSAEncryption
16:4f:ba:54:d3:f9:87:68:14:fe:61:7a:b9:c1:d5:ec:9f:e0:
5f:89:f1:80:d9:86:55:e5:a6:0e:72:03:a8:a2:a4:99:69:f4:
53:8e:65:bf:8e:77:ba:c9:ae:ba:9b:53:28:aa:3d:cf:d8:5d:
84:c9:e3:71:83:dc:29:36:e0:a7:06:20:31:93:53:57:7d:c6:
4b:4b:33:35:84:65:49:04:1e:7b:87:e2:f0:e3:76:ce:18:f0:
f4:5b:7d:77:73:03:1e:55:4d:22:8d:cc:2b:96:ff:52:66:eb:
dd:c1:8d:39:d2:4e:4a:85:52:99:69:55:b4:50:ec:95:1b:5b:
44:e3:98:e8:be:f4:23:2b:21:9a:7f:18:13:b5:93:ea:f3:02:
fc:8d:8e:bb:70:1d:3a:04:fe:28:e1:98:30:a7:0c:34:10:d6:
56:0e:d4:68:da:84:20:0e:dd:94:03:0e:53:85:b0:4d:0e:39:
bb:99:eb:ed:2c:11:fb:5d:c1:cb:e7:3d:de:a3:72:cf:5a:5b:
74:99:22:ca:d9:ab:63:a4:89:3e:62:76:93:62:7a:54:66:62:
ee:9b:54:49:56:c4:d8:7a:38:91:39:46:90:55:31:68:8a:e6:
48:49:bc:b2:48:08:6d:6f:34:57:ea:b3:1a:6e:03:c3:e4:41:
33:11:5d:90
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUWDGzE8ogONQSsQrs52ffJXhMq9MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB
MzVCMDI1MTAeFw0yNTAyMTkxMDU1MDFaFw0yNjAyMTgxMTAwMDFaMDMxMTAvBgNV
BAMTKDMxNzc5REEyQkIxMjBDOEE1RTNFRTA5M0FBQkMwMjNBMDNGNDc5MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb7rIhLLcAxOJLvWHJu1NjiXB3
/30lezCewgRGNI1we9s5As3SvQQ8w1TlSKFxEOEYHlS0pqpwjWnzv4c+xPOYidLA
NodMzzRpnDRX2PDDbROKqlcf64Ox7NP2kJg/hWBtn5x/UWe0tcVq+hMQQeHmzkB8
ICWI60Eq627PZ9mWyR7MZiK+cd6G6OirJhDP9eSR7VlIoxfdI7KoepCl61aPO2DQ
87WbrWZe2iCslbvmTbsdEjQTfB0jEqjj83Q6XLedtwYKC73zjiEfesTo6Bcjn5KI
ub2Xg1PQfZLcuasFYmVWSo2I5JkF/YJQk6NE7tubpm5yE6L+6gqXcVpBh6unAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUMXedorsSDIpePuCTqrwCOgP0eRQwHwYDVR0j
BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz
Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC
MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i
ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMzMwMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzMzODM3MzYzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd5jANBgkqhkiG
9w0BAQsFAAOCAQEAFk+6VNP5h2gU/mF6ucHV7J/gX4nxgNmGVeWmDnIDqKKkmWn0
U45lv453usmuuptTKKo9z9hdhMnjcYPcKTbgpwYgMZNTV33GS0szNYRlSQQee4fi
8ON2zhjw9Ft9d3MDHlVNIo3MK5b/Umbr3cGNOdJOSoVSmWlVtFDslRtbROOY6L70
Iyshmn8YE7WT6vMC/I2Ou3AdOgT+KOGYMKcMNBDWVg7UaNqEIA7dlAMOU4WwTQ45
u5nr7SwR+13By+c93qNyz1pbdJkiytmrY6SJPmJ2k2J6VGZi7ptUSVbE2Ho4kTlG
kFUxaIrmSEm8skgIbW80V+qzGm4Dw+RBMxFdkA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:30:49 2025 by rpki-client