Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/3135372e32302e3234342e302f32342d3234203d3e20313338303839.roa
File: 3135372e32302e3234342e302f32342d3234203d3e20313338303839.roa (raw, json)
Hash identifier: oZcKTmYCJqDy9qRd0DlVW5dVuhLNvdkEUxYoj4jIWDo=
Subject key identifier: 36:FF:66:B7:C4:DA:0B:FF:29:04:37:C8:D9:F4:56:67:75:18:EC:37
Certificate issuer: /CN=2ADDD4035173FAC3BB3949CB36CCEF2553798BFC
Certificate serial: 20B736116F0792890E9EB1C03CBDA6C0B4682041
Authority key identifier: 2A:DD:D4:03:51:73:FA:C3:BB:39:49:CB:36:CC:EF:25:53:79:8B:FC
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/3135372e32302e3234342e302f32342d3234203d3e20313338303839.roa
Signing time: Tue 14 May 2024 09:33:05 +0000
ROA not before: Tue 14 May 2024 09:28:05 +0000
ROA not after: Tue 13 May 2025 09:33:05 +0000
asID: 138089
IP address blocks: 157.20.244.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:b7:36:11:6f:07:92:89:0e:9e:b1:c0:3c:bd:a6:c0:b4:68:20:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ADDD4035173FAC3BB3949CB36CCEF2553798BFC
Validity
Not Before: May 14 09:28:05 2024 GMT
Not After : May 13 09:33:05 2025 GMT
Subject: CN=36FF66B7C4DA0BFF290437C8D9F456677518EC37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:be:83:58:d0:ed:8b:0f:3c:4c:da:f9:bb:34:
26:d8:0c:40:25:fa:c6:42:9c:f9:44:b1:7a:41:c6:
aa:06:c9:08:5e:e2:d9:37:1b:1e:01:e9:46:e3:d4:
3f:9c:34:1d:a1:6d:7c:2a:61:6b:9a:30:00:b1:fe:
77:8a:f0:b6:1f:a9:8d:5a:b9:63:3c:8f:d8:d6:49:
54:c2:fb:ac:f4:81:b3:69:e8:c5:c0:4e:17:93:10:
fb:b8:06:b7:0d:db:1d:b9:78:18:bf:45:43:f3:f9:
38:79:75:ac:6b:99:9a:02:c1:62:33:b1:fc:21:8b:
36:c6:7b:6f:b6:d6:1b:34:66:df:60:85:79:d8:e4:
17:63:28:0d:40:34:c3:e1:58:cc:fb:12:fe:3f:b7:
55:60:76:59:0e:0a:b4:71:41:b8:32:e9:7d:ab:cd:
51:bf:34:94:24:0b:06:1c:b1:76:55:16:21:ad:8f:
b5:d7:00:d6:73:ab:56:bb:fb:95:b4:cf:10:d0:f4:
9d:6e:f2:4e:6f:4f:8d:eb:f9:9c:70:1a:d1:b0:31:
50:8d:5c:9e:68:d2:28:38:f4:e3:5c:54:65:7b:77:
54:0a:4b:e5:37:10:53:8c:43:4a:50:23:a6:a7:ee:
c9:9d:cd:42:f5:49:1c:0e:50:6a:7d:a6:31:58:0a:
5a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:FF:66:B7:C4:DA:0B:FF:29:04:37:C8:D9:F4:56:67:75:18:EC:37
X509v3 Authority Key Identifier:
keyid:2A:DD:D4:03:51:73:FA:C3:BB:39:49:CB:36:CC:EF:25:53:79:8B:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/3135372e32302e3234342e302f32342d3234203d3e20313338303839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.244.0/24
Signature Algorithm: sha256WithRSAEncryption
70:5b:ab:0f:ab:d9:20:21:26:b8:0b:4e:0c:40:22:3c:35:6b:
08:de:da:e9:ac:07:4d:38:ff:cc:eb:01:4d:9d:70:49:cf:4f:
b0:31:c2:57:c6:ee:de:2f:4e:4a:be:92:e4:d6:76:3c:0c:c6:
bc:25:95:d3:0e:7a:14:17:4b:4c:98:41:c2:80:05:04:3b:de:
22:b7:8f:e3:94:0e:d1:42:5e:81:e7:0d:54:cd:55:69:e8:10:
d3:1c:a4:07:60:3a:84:d5:88:d1:11:c7:66:d9:8d:f2:d4:b0:
d6:8e:4c:e7:a5:3c:b4:54:a4:22:38:cb:bc:68:a6:c9:50:cc:
0c:c7:15:f0:1a:8e:b1:5c:73:95:fd:13:20:1d:67:5b:1e:16:
20:cd:46:ba:2d:85:47:9c:57:98:e5:c5:8f:58:7e:8f:94:5b:
dd:f0:6f:52:fc:7d:88:3c:9b:8b:1a:05:d7:3a:5c:30:97:f4:
61:de:28:ec:54:34:7e:4b:9e:a7:f0:00:44:7c:a3:88:c4:07:
75:f0:9f:3c:ba:ff:5c:52:90:be:6d:bc:78:cb:57:90:ed:57:
35:ed:b7:e8:a8:f7:09:8d:fb:65:2c:46:4b:8a:48:8a:1b:8a:
51:20:5c:71:fb:3f:52:8f:de:bb:f8:3b:8d:d0:82:35:01:3d:
2f:b5:3a:68
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUILc2EW8HkokOnrHAPL2mwLRoIEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkFEREQ0MDM1MTczRkFDM0JCMzk0OUNCMzZDQ0VGMjU1
Mzc5OEJGQzAeFw0yNDA1MTQwOTI4MDVaFw0yNTA1MTMwOTMzMDVaMDMxMTAvBgNV
BAMTKDM2RkY2NkI3QzREQTBCRkYyOTA0MzdDOEQ5RjQ1NjY3NzUxOEVDMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6voNY0O2LDzxM2vm7NCbYDEAl
+sZCnPlEsXpBxqoGyQhe4tk3Gx4B6Ubj1D+cNB2hbXwqYWuaMACx/neK8LYfqY1a
uWM8j9jWSVTC+6z0gbNp6MXATheTEPu4BrcN2x25eBi/RUPz+Th5daxrmZoCwWIz
sfwhizbGe2+21hs0Zt9ghXnY5BdjKA1ANMPhWMz7Ev4/t1VgdlkOCrRxQbgy6X2r
zVG/NJQkCwYcsXZVFiGtj7XXANZzq1a7+5W0zxDQ9J1u8k5vT43r+ZxwGtGwMVCN
XJ5o0ig49ONcVGV7d1QKS+U3EFOMQ0pQI6an7smdzUL1SRwOUGp9pjFYClonAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUNv9mt8TaC/8pBDfI2fRWZ3UY7DcwHwYDVR0j
BBgwFoAUKt3UA1Fz+sO7OUnLNszvJVN5i/wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ODY3YTJlZS1kNDExLTRmZjgtOWY1Yy0zNWQwMzQxMjNmODQvMC8yQURERDQwMzUx
NzNGQUMzQkIzOTQ5Q0IzNkNDRUYyNTUzNzk4QkZDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvMkFEREQ0MDM1MTczRkFDM0JCMzk0OUNCMzZDQ0VGMjU1Mzc5
OEJGQy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI4NjdhMmVlLWQ0MTEtNGZmOC05
ZjVjLTM1ZDAzNDEyM2Y4NC8wLzMxMzUzNzJlMzIzMDJlMzIzNDM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM4MzAzODM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRT0MA0GCSqG
SIb3DQEBCwUAA4IBAQBwW6sPq9kgISa4C04MQCI8NWsI3trprAdNOP/M6wFNnXBJ
z0+wMcJXxu7eL05KvpLk1nY8DMa8JZXTDnoUF0tMmEHCgAUEO94it4/jlA7RQl6B
5w1UzVVp6BDTHKQHYDqE1YjREcdm2Y3y1LDWjkznpTy0VKQiOMu8aKbJUMwMxxXw
Go6xXHOV/RMgHWdbHhYgzUa6LYVHnFeY5cWPWH6PlFvd8G9S/H2IPJuLGgXXOlww
l/Rh3ijsVDR+S56n8ABEfKOIxAd18J88uv9cUpC+bbx4y1eQ7Vc17bfoqPcJjftl
LEZLikiKG4pRIFxx+z9Sj967+DuN0II1AT0vtTpo
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:09:21 2025 by rpki-client