Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3132342e3130392e32332e302f32342d3234203d3e203338353237.roa
File: 3132342e3130392e32332e302f32342d3234203d3e203338353237.roa (raw, json)
Hash identifier: hSmHQriBgEB6G8euGPo5okmMfhhllZ1AqyrcnX9VlJE=
Subject key identifier: BC:31:3B:9C:6D:40:B9:2D:17:B4:56:16:3F:B4:0E:53:B3:1E:3D:4E
Certificate issuer: /CN=228E752BBFB8C16B3B46F3D388ECED50CF9A6473
Certificate serial: 355FDBC56E4782839BABBE418244B4B23BD70177
Authority key identifier: 22:8E:75:2B:BF:B8:C1:6B:3B:46:F3:D3:88:EC:ED:50:CF:9A:64:73
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3132342e3130392e32332e302f32342d3234203d3e203338353237.roa
Signing time: Wed 15 Jan 2025 12:00:02 +0000
ROA not before: Wed 15 Jan 2025 11:55:02 +0000
ROA not after: Wed 14 Jan 2026 12:00:02 +0000
asID: 38527
IP address blocks: 124.109.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:5f:db:c5:6e:47:82:83:9b:ab:be:41:82:44:b4:b2:3b:d7:01:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=228E752BBFB8C16B3B46F3D388ECED50CF9A6473
Validity
Not Before: Jan 15 11:55:02 2025 GMT
Not After : Jan 14 12:00:02 2026 GMT
Subject: CN=BC313B9C6D40B92D17B456163FB40E53B31E3D4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:dd:32:db:fb:97:6d:bd:54:e3:b4:88:89:51:
18:29:0a:83:c7:5b:33:25:c3:dd:92:f2:65:3c:fc:
4b:e6:6a:cd:f6:e7:e2:44:52:90:15:d6:91:88:53:
ce:25:54:c2:6f:2a:71:f1:73:6b:66:77:cd:52:c4:
45:e9:03:e2:af:34:d7:2a:77:fe:ad:4c:9f:2e:42:
a5:a6:03:6c:eb:c8:4c:48:e4:92:fb:f9:24:01:30:
98:ce:47:bc:b5:6d:69:73:19:f6:46:f2:75:e3:44:
f5:6f:ab:32:23:71:9b:aa:e3:aa:6f:97:9a:1d:43:
f6:43:e8:7d:61:d8:80:18:91:20:a6:c2:13:12:c3:
fe:cc:61:db:27:d6:c6:80:9f:d0:9f:53:81:b1:63:
e4:20:b4:c7:3d:3d:3f:c5:81:bf:96:49:39:d9:86:
97:b7:03:5f:c1:ae:5b:13:0f:dd:cb:ea:f6:31:e6:
4a:12:0d:50:b1:a0:c8:d6:18:5c:c3:bb:85:6b:13:
76:ce:2b:b0:56:ca:0f:1b:ff:8a:9a:48:eb:6d:0e:
2b:cb:2a:72:ea:87:8c:09:0c:4d:5b:b2:68:8f:8c:
d6:52:84:44:31:e6:f3:a0:c7:77:91:c5:b2:bd:0e:
bc:22:af:3e:53:42:e1:f7:cb:25:7a:5a:80:75:3f:
a7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:31:3B:9C:6D:40:B9:2D:17:B4:56:16:3F:B4:0E:53:B3:1E:3D:4E
X509v3 Authority Key Identifier:
keyid:22:8E:75:2B:BF:B8:C1:6B:3B:46:F3:D3:88:EC:ED:50:CF:9A:64:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/3132342e3130392e32332e302f32342d3234203d3e203338353237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
124.109.23.0/24
Signature Algorithm: sha256WithRSAEncryption
46:56:f7:ca:09:21:23:8a:7b:07:af:78:df:6e:56:37:08:6d:
09:39:24:8b:bc:38:18:52:23:07:53:bb:59:3d:7e:ab:ea:f4:
cc:fb:cc:17:74:1e:b5:ee:13:1a:c3:e0:1a:bc:6c:71:5b:1c:
9a:9b:98:1b:fd:81:6f:15:9f:42:a0:af:e6:37:63:f6:f8:8d:
c1:2d:47:6f:16:01:66:e7:bb:95:2d:70:10:e1:5b:0e:02:44:
90:31:ee:71:c7:d6:72:42:10:f9:d4:fe:4f:9d:8c:88:00:cb:
cb:d3:48:92:25:3c:d0:a9:aa:20:d0:79:7e:ba:4d:38:47:60:
92:b2:16:26:bf:61:3f:c4:b5:18:56:57:21:bd:49:f4:11:eb:
d4:e1:95:64:25:2c:7d:89:93:6c:02:ea:de:ac:34:13:16:f8:
09:a4:50:f8:cd:52:d2:85:ad:34:94:5a:65:b9:28:83:0a:a6:
ef:81:cf:84:bb:8e:78:09:fb:b6:91:d1:f8:7d:e5:8e:8f:07:
92:ae:ab:2a:bc:4f:04:5a:b3:90:e6:93:eb:d1:46:33:4a:ba:
6a:ea:bb:16:d7:ac:fc:f2:c4:7b:35:02:0f:8c:2e:75:41:e6:
9e:15:81:87:81:75:6a:6e:b6:50:64:da:0d:c2:e5:3f:45:5c:
8b:36:85:a4
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUNV/bxW5HgoObq75BgkS0sjvXAXcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI4RTc1MkJCRkI4QzE2QjNCNDZGM0QzODhFQ0VENTBD
RjlBNjQ3MzAeFw0yNTAxMTUxMTU1MDJaFw0yNjAxMTQxMjAwMDJaMDMxMTAvBgNV
BAMTKEJDMzEzQjlDNkQ0MEI5MkQxN0I0NTYxNjNGQjQwRTUzQjMxRTNENEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv3TLb+5dtvVTjtIiJURgpCoPH
WzMlw92S8mU8/Evmas325+JEUpAV1pGIU84lVMJvKnHxc2tmd81SxEXpA+KvNNcq
d/6tTJ8uQqWmA2zryExI5JL7+SQBMJjOR7y1bWlzGfZG8nXjRPVvqzIjcZuq46pv
l5odQ/ZD6H1h2IAYkSCmwhMSw/7MYdsn1saAn9CfU4GxY+QgtMc9PT/Fgb+WSTnZ
hpe3A1/BrlsTD93L6vYx5koSDVCxoMjWGFzDu4VrE3bOK7BWyg8b/4qaSOttDivL
KnLqh4wJDE1bsmiPjNZShEQx5vOgx3eRxbK9Drwirz5TQuH3yyV6WoB1P6eHAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUvDE7nG1AuS0XtFYWP7QOU7MePU4wHwYDVR0j
BBgwFoAUIo51K7+4wWs7RvPTiOztUM+aZHMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MTdlZmQyYS0wMmFiLTQyMDItOTcwZi1mNjk5ZGZmOTdkZTUvMC8yMjhFNzUyQkJG
QjhDMTZCM0I0NkYzRDM4OEVDRUQ1MENGOUE2NDczLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI4RTc1MkJCRkI4QzE2QjNCNDZGM0QzODhFQ0VENTBDRjlB
NjQ3My5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMxN2VmZDJhLTAyYWItNDIwMi05
NzBmLWY2OTlkZmY5N2RlNS8wLzMxMzIzNDJlMzEzMDM5MmUzMjMzMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzMzODM1MzIzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHxtFzANBgkqhkiG
9w0BAQsFAAOCAQEARlb3ygkhI4p7B694325WNwhtCTkki7w4GFIjB1O7WT1+q+r0
zPvMF3Qete4TGsPgGrxscVscmpuYG/2BbxWfQqCv5jdj9viNwS1HbxYBZue7lS1w
EOFbDgJEkDHuccfWckIQ+dT+T52MiADLy9NIkiU80KmqINB5frpNOEdgkrIWJr9h
P8S1GFZXIb1J9BHr1OGVZCUsfYmTbALq3qw0Exb4CaRQ+M1S0oWtNJRaZbkogwqm
74HPhLuOeAn7tpHR+H3ljo8Hkq6rKrxPBFqzkOaT69FGM0q6auq7Ftes/PLEezUC
D4wudUHmnhWBh4F1am62UGTaDcLlP0VcizaFpA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:22:08 2025 by rpki-client