Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a3a2f33322d3438203d3e20313437313337.roa
File: 323430303a343661303a3a2f33322d3438203d3e20313437313337.roa (raw, json)
Hash identifier: 9D15ranZ4YwNSLaXFD5FAq+pNZxj9EjBiBFXk+HdqAc=
Subject key identifier: DA:91:FC:17:E4:96:43:24:B2:82:73:29:4E:6D:98:F6:F1:36:6F:33
Certificate issuer: /CN=9A52B6405ED406A7B17C4478D516DF3E37282980
Certificate serial: 2BC6D574CC88B70F4D0604E733DC43DF0264C5B2
Authority key identifier: 9A:52:B6:40:5E:D4:06:A7:B1:7C:44:78:D5:16:DF:3E:37:28:29:80
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9A52B6405ED406A7B17C4478D516DF3E37282980.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a3a2f33322d3438203d3e20313437313337.roa
Signing time: Fri 14 Feb 2025 22:00:01 +0000
ROA not before: Fri 14 Feb 2025 21:55:01 +0000
ROA not after: Fri 13 Feb 2026 22:00:01 +0000
asID: 147137
IP address blocks: 2400:46a0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:c6:d5:74:cc:88:b7:0f:4d:06:04:e7:33:dc:43:df:02:64:c5:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9A52B6405ED406A7B17C4478D516DF3E37282980
Validity
Not Before: Feb 14 21:55:01 2025 GMT
Not After : Feb 13 22:00:01 2026 GMT
Subject: CN=DA91FC17E4964324B28273294E6D98F6F1366F33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5e:e8:6b:c5:9f:55:22:61:8c:e2:33:8f:d7:
cd:ee:60:02:e7:d7:35:e9:9e:d1:b4:ac:a1:35:40:
f5:62:1f:3c:64:b4:a7:34:d1:09:09:6e:98:b3:88:
58:15:a3:80:bf:74:5f:77:d5:80:96:12:d0:ff:90:
a2:fd:f0:03:ea:1b:fd:5c:1a:74:cb:21:94:f0:80:
4e:21:6d:21:02:b7:cf:a7:da:c6:36:aa:43:16:9d:
57:bf:d7:98:cd:7d:ba:1c:a9:64:0e:b5:99:cd:23:
f1:5b:23:c8:cc:4f:d3:36:9b:05:9e:64:1f:6e:68:
60:47:eb:29:52:3c:20:ff:82:ce:21:8c:be:d5:ee:
19:ba:c5:ec:57:6f:c2:70:1b:43:79:81:09:a2:ab:
bd:08:85:1e:13:95:64:c5:f7:ae:9b:ab:20:f9:57:
23:87:54:61:38:c9:ff:43:0d:52:6f:3d:25:3b:24:
d2:e7:00:89:cc:16:f5:54:2c:54:b1:13:55:e7:1a:
f8:a9:22:f8:72:38:7c:97:b6:cd:c9:37:c9:ac:0b:
74:96:a9:6f:e7:17:1c:a9:4e:3c:99:32:0d:2f:65:
6d:cf:e3:92:9b:62:e6:0e:02:53:73:3e:85:81:7c:
30:3d:36:a0:f6:cc:b9:e4:88:5f:ee:2a:78:7c:bc:
27:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:91:FC:17:E4:96:43:24:B2:82:73:29:4E:6D:98:F6:F1:36:6F:33
X509v3 Authority Key Identifier:
keyid:9A:52:B6:40:5E:D4:06:A7:B1:7C:44:78:D5:16:DF:3E:37:28:29:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/9A52B6405ED406A7B17C4478D516DF3E37282980.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9A52B6405ED406A7B17C4478D516DF3E37282980.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a3a2f33322d3438203d3e20313437313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:46a0::/32
Signature Algorithm: sha256WithRSAEncryption
0e:ef:63:4b:49:dc:43:d1:ae:21:6d:8d:ee:28:5b:e4:51:88:
d3:f4:e1:4c:92:89:0d:9b:86:9b:b3:aa:b2:64:bd:80:3d:5b:
ea:7a:e5:d4:a1:65:7a:21:e2:14:d6:ab:73:31:35:19:0c:2c:
71:40:e9:f7:99:ad:1c:75:10:20:3b:d2:4d:32:09:a2:43:e3:
71:3f:b7:94:26:8e:95:db:3f:dd:88:1c:60:3e:4c:39:7a:51:
c0:15:26:2d:33:a6:3c:7f:89:e1:1c:e1:50:3c:80:28:79:72:
2a:42:e3:3a:6c:73:02:65:90:41:1f:80:26:f2:ec:9b:28:2c:
f9:82:11:a5:2c:58:b3:8b:65:bf:23:f1:68:11:71:fd:4b:8d:
c0:3d:d3:d8:25:e8:c2:34:76:6d:aa:4c:63:90:d0:2c:8a:55:
c1:ac:77:b4:d0:69:a1:14:87:84:be:bd:ff:de:7a:79:de:7e:
ba:86:68:0d:0b:c8:9a:0b:87:35:3d:41:b2:df:08:a7:e9:0f:
9a:ca:c4:6b:60:6f:10:fb:ee:a6:5d:bf:d3:f7:f0:15:bd:5f:
64:ab:a3:1d:07:9d:0f:bd:2b:fd:16:33:d0:1d:f0:4a:e7:57:
7c:6a:31:67:eb:ff:06:c4:4a:88:8a:27:8a:f1:6d:f2:e5:61:
be:c7:53:ac
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUK8bVdMyItw9NBgTnM9xD3wJkxbIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUE1MkI2NDA1RUQ0MDZBN0IxN0M0NDc4RDUxNkRGM0Uz
NzI4Mjk4MDAeFw0yNTAyMTQyMTU1MDFaFw0yNjAyMTMyMjAwMDFaMDMxMTAvBgNV
BAMTKERBOTFGQzE3RTQ5NjQzMjRCMjgyNzMyOTRFNkQ5OEY2RjEzNjZGMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKXuhrxZ9VImGM4jOP183uYALn
1zXpntG0rKE1QPViHzxktKc00QkJbpiziFgVo4C/dF931YCWEtD/kKL98APqG/1c
GnTLIZTwgE4hbSECt8+n2sY2qkMWnVe/15jNfbocqWQOtZnNI/FbI8jMT9M2mwWe
ZB9uaGBH6ylSPCD/gs4hjL7V7hm6xexXb8JwG0N5gQmiq70IhR4TlWTF966bqyD5
VyOHVGE4yf9DDVJvPSU7JNLnAInMFvVULFSxE1XnGvipIvhyOHyXts3JN8msC3SW
qW/nFxypTjyZMg0vZW3P45KbYuYOAlNzPoWBfDA9NqD2zLnkiF/uKnh8vCdjAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQU2pH8F+SWQySygnMpTm2Y9vE2bzMwHwYDVR0j
BBgwFoAUmlK2QF7UBqexfER41RbfPjcoKYAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
YTY2NWMzMi02ZGFmLTQ3MmItYmNlNi0zMTdkNWQ2Yzc4OWUvMC85QTUyQjY0MDVF
RDQwNkE3QjE3QzQ0NzhENTE2REYzRTM3MjgyOTgwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOUE1MkI2NDA1RUQ0MDZBN0IxN0M0NDc4RDUxNkRGM0UzNzI4
Mjk4MC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNhNjY1YzMyLTZkYWYtNDcyYi1i
Y2U2LTMxN2Q1ZDZjNzg5ZS8wLzMyMzQzMDMwM2EzNDM2NjEzMDNhM2EyZjMzMzIy
ZDM0MzgyMDNkM2UyMDMxMzQzNzMxMzMzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQARqAwDQYJKoZI
hvcNAQELBQADggEBAA7vY0tJ3EPRriFtje4oW+RRiNP04UySiQ2bhpuzqrJkvYA9
W+p65dShZXoh4hTWq3MxNRkMLHFA6feZrRx1ECA70k0yCaJD43E/t5QmjpXbP92I
HGA+TDl6UcAVJi0zpjx/ieEc4VA8gCh5cipC4zpscwJlkEEfgCby7JsoLPmCEaUs
WLOLZb8j8WgRcf1LjcA909gl6MI0dm2qTGOQ0CyKVcGsd7TQaaEUh4S+vf/eenne
frqGaA0LyJoLhzU9QbLfCKfpD5rKxGtgbxD77qZdv9P38BW9X2Srox0HnQ+9K/0W
M9Ad8ErnV3xqMWfr/wbESoiKJ4rxbfLlYb7HU6w=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:14:58 2025 by rpki-client