Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/36302e3235332e39362e302f31392d3234203d3e203338313434.roa
File: 36302e3235332e39362e302f31392d3234203d3e203338313434.roa (raw, json)
Hash identifier: Qw+QQXeY4ygHVGUJMQ05GH+K/HnAhSZIrw89V5Vsm4Q=
Subject key identifier: C3:16:59:7A:9D:B8:DE:2A:01:D3:56:30:20:E1:09:BF:A2:CE:2D:F5
Certificate issuer: /CN=253E2BB4DE467AF08F191AF7632EE3BD058DA101
Certificate serial: 731F97B97168783117F024A4453AA50B7BB5C381
Authority key identifier: 25:3E:2B:B4:DE:46:7A:F0:8F:19:1A:F7:63:2E:E3:BD:05:8D:A1:01
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/253E2BB4DE467AF08F191AF7632EE3BD058DA101.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/36302e3235332e39362e302f31392d3234203d3e203338313434.roa
Signing time: Mon 01 Jul 2024 01:05:28 +0000
ROA not before: Mon 01 Jul 2024 01:00:28 +0000
ROA not after: Mon 30 Jun 2025 01:05:28 +0000
asID: 38144
IP address blocks: 60.253.96.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:1f:97:b9:71:68:78:31:17:f0:24:a4:45:3a:a5:0b:7b:b5:c3:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253E2BB4DE467AF08F191AF7632EE3BD058DA101
Validity
Not Before: Jul 1 01:00:28 2024 GMT
Not After : Jun 30 01:05:28 2025 GMT
Subject: CN=C316597A9DB8DE2A01D3563020E109BFA2CE2DF5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:26:69:e6:1a:b5:9a:97:99:61:6a:19:8c:dc:
44:16:c7:15:97:04:94:6f:b1:d8:9a:2f:33:60:b7:
71:0e:98:e8:48:1a:82:44:8d:4c:5e:4c:12:6a:84:
74:8e:b1:e9:5b:27:0c:e8:24:8b:fc:fa:d8:5b:b6:
0a:48:66:a5:88:bc:c9:0e:e5:11:5a:62:f2:7b:90:
ab:31:2d:01:51:e0:c4:e2:d9:69:69:b7:e6:d6:6a:
36:44:c9:d7:24:9c:b2:d8:ba:e2:96:4a:c7:52:8c:
96:66:a6:63:88:40:31:15:37:74:4c:20:21:36:b7:
2b:75:9f:6c:4a:8b:8c:b3:7c:05:84:ab:de:ec:39:
d5:81:04:45:9e:ab:d6:7a:9e:4e:d4:5c:d7:7a:e6:
d8:69:4b:2d:58:dc:f4:da:9f:66:97:08:3c:e6:5f:
c0:35:5c:54:17:13:45:f1:1b:b5:cd:8f:c0:53:82:
2f:79:63:3c:30:98:8b:24:ba:33:0d:9f:2f:07:42:
ef:0e:9c:ae:20:15:41:36:af:63:46:b2:ab:cc:12:
31:f0:16:66:18:2b:cc:47:00:63:09:0c:be:cb:aa:
dc:e1:bd:bf:2c:2d:23:a5:04:ef:4d:45:a1:63:07:
83:d2:a3:65:a7:ba:2e:3a:13:60:59:78:1c:b7:fb:
bb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:16:59:7A:9D:B8:DE:2A:01:D3:56:30:20:E1:09:BF:A2:CE:2D:F5
X509v3 Authority Key Identifier:
keyid:25:3E:2B:B4:DE:46:7A:F0:8F:19:1A:F7:63:2E:E3:BD:05:8D:A1:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/253E2BB4DE467AF08F191AF7632EE3BD058DA101.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/253E2BB4DE467AF08F191AF7632EE3BD058DA101.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/36302e3235332e39362e302f31392d3234203d3e203338313434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
60.253.96.0/19
Signature Algorithm: sha256WithRSAEncryption
a9:e7:5e:60:f1:32:85:00:55:d2:2e:3b:fc:ee:d4:7f:82:b2:
0f:55:1c:b0:09:ef:01:16:4c:32:63:d6:dc:6c:21:5c:61:97:
bd:c2:dd:ed:ef:f8:36:93:cd:70:6f:17:bb:8e:cb:f4:f1:5f:
b5:03:6b:14:35:3a:d8:b7:a3:5f:ef:74:06:d2:dd:d5:ff:78:
ff:68:4e:60:e6:3c:02:0b:8f:15:c0:df:bd:c9:1c:f1:5c:35:
ac:03:0c:1a:55:ad:6a:d9:f4:38:fd:94:09:d9:10:d5:45:c5:
be:8f:3b:88:5d:21:be:93:7b:65:29:76:84:41:1a:7a:f1:5a:
37:96:01:ec:c6:1b:38:1b:4e:bb:19:31:56:87:2d:fb:0e:f6:
f3:65:71:27:e3:0b:74:1f:25:d2:64:99:00:ab:69:2d:bb:3d:
32:3d:a8:2f:4e:a7:b9:d1:cb:94:5e:08:f7:8d:20:d6:5d:34:
33:bf:48:91:df:59:10:de:f3:3c:d3:43:be:d1:37:38:5a:fe:
73:4c:a9:70:65:98:46:44:c4:8e:21:4a:bd:a5:45:b5:0b:47:
59:11:e1:c9:11:32:dc:ec:4f:80:82:5f:e1:fa:f8:1d:fe:cb:
f1:19:5f:01:8e:53:52:36:59:2a:1d:be:c1:a3:28:a5:ce:56:
76:86:3c:a7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUcx+XuXFoeDEX8CSkRTqlC3u1w4EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjUzRTJCQjRERTQ2N0FGMDhGMTkxQUY3NjMyRUUzQkQw
NThEQTEwMTAeFw0yNDA3MDEwMTAwMjhaFw0yNTA2MzAwMTA1MjhaMDMxMTAvBgNV
BAMTKEMzMTY1OTdBOURCOERFMkEwMUQzNTYzMDIwRTEwOUJGQTJDRTJERjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClJmnmGrWal5lhahmM3EQWxxWX
BJRvsdiaLzNgt3EOmOhIGoJEjUxeTBJqhHSOselbJwzoJIv8+thbtgpIZqWIvMkO
5RFaYvJ7kKsxLQFR4MTi2Wlpt+bWajZEydcknLLYuuKWSsdSjJZmpmOIQDEVN3RM
ICE2tyt1n2xKi4yzfAWEq97sOdWBBEWeq9Z6nk7UXNd65thpSy1Y3PTan2aXCDzm
X8A1XFQXE0XxG7XNj8BTgi95YzwwmIskujMNny8HQu8OnK4gFUE2r2NGsqvMEjHw
FmYYK8xHAGMJDL7Lqtzhvb8sLSOlBO9NRaFjB4PSo2Wnui46E2BZeBy3+7tnAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUwxZZep243ioB01YwIOEJv6LOLfUwHwYDVR0j
BBgwFoAUJT4rtN5GevCPGRr3Yy7jvQWNoQEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
Y2Q3NTM2ZC05ZTEwLTRkNDktYjZjYS0wNDFjYzlhNTkxNGUvMC8yNTNFMkJCNERF
NDY3QUYwOEYxOTFBRjc2MzJFRTNCRDA1OERBMTAxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjUzRTJCQjRERTQ2N0FGMDhGMTkxQUY3NjMyRUUzQkQwNThE
QTEwMS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJjZDc1MzZkLTllMTAtNGQ0OS1i
NmNhLTA0MWNjOWE1OTE0ZS8wLzM2MzAyZTMyMzUzMzJlMzkzNjJlMzAyZjMxMzky
ZDMyMzQyMDNkM2UyMDMzMzgzMTM0MzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAU8/WAwDQYJKoZIhvcN
AQELBQADggEBAKnnXmDxMoUAVdIuO/zu1H+Csg9VHLAJ7wEWTDJj1txsIVxhl73C
3e3v+DaTzXBvF7uOy/TxX7UDaxQ1Oti3o1/vdAbS3dX/eP9oTmDmPAILjxXA373J
HPFcNawDDBpVrWrZ9Dj9lAnZENVFxb6PO4hdIb6Te2UpdoRBGnrxWjeWAezGGzgb
TrsZMVaHLfsO9vNlcSfjC3QfJdJkmQCraS27PTI9qC9Op7nRy5ReCPeNINZdNDO/
SJHfWRDe8zzTQ77RNzha/nNMqXBlmEZExI4hSr2lRbULR1kR4ckRMtzsT4CCX+H6
+B3+y/EZXwGOU1I2WSodvsGjKKXOVnaGPKc=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:13:10 2025 by rpki-client