Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3132342e3130392e32302e302f32342d3234203d3e203338353237.roa
File: 3132342e3130392e32302e302f32342d3234203d3e203338353237.roa (raw, json)
Hash identifier: ETJz1GlN0xqgrI/TiDRe3oL2wRqZlR8gI6HL/idn2yc=
Subject key identifier: E6:05:80:3A:F8:0C:9E:0A:72:3A:88:6B:D3:97:78:52:7D:C6:E0:80
Certificate issuer: /CN=228E752BBFB8C16B3B46F3D388ECED50CF9A6473
Certificate serial: 09CADC8B1E0A6822FC49D76536C85D08CF4ACC9D
Authority key identifier: 22:8E:75:2B:BF:B8:C1:6B:3B:46:F3:D3:88:EC:ED:50:CF:9A:64:73
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3132342e3130392e32302e302f32342d3234203d3e203338353237.roa
Signing time: Wed 15 Jan 2025 12:00:02 +0000
ROA not before: Wed 15 Jan 2025 11:55:02 +0000
ROA not after: Wed 14 Jan 2026 12:00:02 +0000
asID: 38527
IP address blocks: 124.109.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:ca:dc:8b:1e:0a:68:22:fc:49:d7:65:36:c8:5d:08:cf:4a:cc:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=228E752BBFB8C16B3B46F3D388ECED50CF9A6473
Validity
Not Before: Jan 15 11:55:02 2025 GMT
Not After : Jan 14 12:00:02 2026 GMT
Subject: CN=E605803AF80C9E0A723A886BD39778527DC6E080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:34:7b:3e:43:bf:e8:7c:c3:d9:c7:d1:a1:cc:
f6:81:ad:a2:ba:85:e8:f7:73:2f:2d:74:08:e0:dc:
75:ba:3f:89:03:e6:31:a9:28:95:21:27:8c:11:d0:
cb:d2:f4:5b:93:86:67:ff:f7:b2:9d:32:b9:ab:b3:
05:13:25:46:29:28:ce:5a:7f:20:8d:2e:a8:2d:5b:
79:c1:94:d8:8f:db:60:ec:77:21:00:e1:e5:9d:11:
c1:66:19:01:57:57:b5:36:0c:53:18:76:e3:c4:f4:
ef:eb:e4:0d:a3:96:2d:9e:94:10:32:d9:7e:6f:1d:
0c:5c:63:a3:ce:45:69:c7:6d:b3:0d:7d:6a:93:52:
d4:cc:12:dd:0a:ef:0e:6b:1d:17:7b:e8:93:0a:0e:
80:2b:8c:6d:93:68:74:ba:0e:bc:e5:ff:f9:0f:98:
40:73:d4:40:89:e0:c2:18:b9:30:f3:ed:d7:30:66:
c7:30:b0:28:e0:63:5d:4e:1e:3e:c5:2b:7a:4e:70:
76:0d:db:1c:ff:4b:a2:cc:83:44:90:1c:ad:c5:32:
38:a3:8e:c1:9e:e3:91:5a:8a:18:a9:b3:e2:59:46:
5e:e7:8b:1f:ce:35:69:d1:2d:87:69:65:23:95:56:
ff:42:f6:0f:16:0e:9c:3a:51:d2:a5:5e:a6:26:f4:
0f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:05:80:3A:F8:0C:9E:0A:72:3A:88:6B:D3:97:78:52:7D:C6:E0:80
X509v3 Authority Key Identifier:
keyid:22:8E:75:2B:BF:B8:C1:6B:3B:46:F3:D3:88:EC:ED:50:CF:9A:64:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3132342e3130392e32302e302f32342d3234203d3e203338353237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
124.109.20.0/24
Signature Algorithm: sha256WithRSAEncryption
29:46:03:e2:6d:46:55:d0:a3:72:9e:57:28:d9:df:15:bc:fe:
31:93:47:fa:38:f2:4e:c9:43:d8:cb:88:04:f8:82:aa:a0:aa:
c6:07:40:0b:b0:44:20:3a:99:2c:67:2a:4c:70:d8:90:91:b2:
c4:c2:dd:01:67:de:46:8d:06:48:2e:38:0d:f5:c4:ec:4d:7b:
d1:ad:e9:50:34:48:96:e8:46:d9:22:13:14:e0:f7:e2:b9:f0:
ab:c5:5b:3e:c1:ca:1f:ec:a0:ab:15:f7:39:dc:87:70:33:a8:
f9:a9:16:8f:6c:37:40:8e:12:5b:11:00:96:bb:39:14:b8:81:
ab:f3:78:24:f4:3a:f0:c8:7a:41:1d:88:99:1d:73:9f:80:25:
de:3b:b9:6c:06:48:74:61:2f:ee:1c:c7:3a:95:5a:49:68:64:
fd:3e:78:67:e1:ee:4e:e1:0a:dc:8e:c5:c7:a0:70:68:95:b0:
9a:15:62:e7:24:4b:67:4b:9a:5d:d1:bc:2d:7b:b1:1b:29:e9:
05:86:c0:82:33:0c:53:19:c4:cf:7d:9a:04:a6:4f:9c:68:c6:
81:46:17:ab:fa:74:3c:8a:ff:63:26:4b:42:ba:a7:03:50:cc:
1d:56:8f:b6:bb:b3:ea:d2:6d:94:70:cf:cd:74:e6:07:2f:aa:
9c:04:f0:b8
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUCcrcix4KaCL8SddlNshdCM9KzJ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI4RTc1MkJCRkI4QzE2QjNCNDZGM0QzODhFQ0VENTBD
RjlBNjQ3MzAeFw0yNTAxMTUxMTU1MDJaFw0yNjAxMTQxMjAwMDJaMDMxMTAvBgNV
BAMTKEU2MDU4MDNBRjgwQzlFMEE3MjNBODg2QkQzOTc3ODUyN0RDNkUwODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkNHs+Q7/ofMPZx9GhzPaBraK6
hej3cy8tdAjg3HW6P4kD5jGpKJUhJ4wR0MvS9FuThmf/97KdMrmrswUTJUYpKM5a
fyCNLqgtW3nBlNiP22DsdyEA4eWdEcFmGQFXV7U2DFMYduPE9O/r5A2jli2elBAy
2X5vHQxcY6PORWnHbbMNfWqTUtTMEt0K7w5rHRd76JMKDoArjG2TaHS6Drzl//kP
mEBz1ECJ4MIYuTDz7dcwZscwsCjgY11OHj7FK3pOcHYN2xz/S6LMg0SQHK3FMjij
jsGe45Faihips+JZRl7nix/ONWnRLYdpZSOVVv9C9g8WDpw6UdKlXqYm9A+5AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU5gWAOvgMngpyOohr05d4Un3G4IAwHwYDVR0j
BBgwFoAUIo51K7+4wWs7RvPTiOztUM+aZHMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MTdlZmQyYS0wMmFiLTQyMDItOTcwZi1mNjk5ZGZmOTdkZTUvMC8yMjhFNzUyQkJG
QjhDMTZCM0I0NkYzRDM4OEVDRUQ1MENGOUE2NDczLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI4RTc1MkJCRkI4QzE2QjNCNDZGM0QzODhFQ0VENTBDRjlB
NjQ3My5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMxN2VmZDJhLTAyYWItNDIwMi05
NzBmLWY2OTlkZmY5N2RlNS8wLzMxMzIzNDJlMzEzMDM5MmUzMjMwMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzMzODM1MzIzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHxtFDANBgkqhkiG
9w0BAQsFAAOCAQEAKUYD4m1GVdCjcp5XKNnfFbz+MZNH+jjyTslD2MuIBPiCqqCq
xgdAC7BEIDqZLGcqTHDYkJGyxMLdAWfeRo0GSC44DfXE7E170a3pUDRIluhG2SIT
FOD34rnwq8VbPsHKH+ygqxX3OdyHcDOo+akWj2w3QI4SWxEAlrs5FLiBq/N4JPQ6
8Mh6QR2ImR1zn4Al3ju5bAZIdGEv7hzHOpVaSWhk/T54Z+HuTuEK3I7Fx6BwaJWw
mhVi5yRLZ0uaXdG8LXuxGynpBYbAgjMMUxnEz32aBKZPnGjGgUYXq/p0PIr/YyZL
QrqnA1DMHVaPtruz6tJtlHDPzXTmBy+qnATwuA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:55:42 2025 by rpki-client