Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3ae83673-096a-440c-b27a-9be64b13b4e5/0/33362e35302e3232352e302f32342d3234203d3e20313532303830.roa
File: 33362e35302e3232352e302f32342d3234203d3e20313532303830.roa (raw, json)
Hash identifier: UZEJkb14VYd5zTuhtfKTenX+tuyfDVy8P92hqVk8bgg=
Subject key identifier: 02:6C:D0:DA:7A:D9:8C:A5:2F:FB:F3:74:60:0B:FE:3D:95:FC:A1:32
Certificate issuer: /CN=F5D71EC77922A9080F17C3A16FBE5F69B1CD8832
Certificate serial: 5AF6C8F1DED75712119A8C389CD2E737C94B6E80
Authority key identifier: F5:D7:1E:C7:79:22:A9:08:0F:17:C3:A1:6F:BE:5F:69:B1:CD:88:32
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F5D71EC77922A9080F17C3A16FBE5F69B1CD8832.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3ae83673-096a-440c-b27a-9be64b13b4e5/0/33362e35302e3232352e302f32342d3234203d3e20313532303830.roa
Signing time: Mon 03 Mar 2025 06:00:00 +0000
ROA not before: Mon 03 Mar 2025 05:55:00 +0000
ROA not after: Mon 02 Mar 2026 06:00:00 +0000
asID: 152080
IP address blocks: 36.50.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:f6:c8:f1:de:d7:57:12:11:9a:8c:38:9c:d2:e7:37:c9:4b:6e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F5D71EC77922A9080F17C3A16FBE5F69B1CD8832
Validity
Not Before: Mar 3 05:55:00 2025 GMT
Not After : Mar 2 06:00:00 2026 GMT
Subject: CN=026CD0DA7AD98CA52FFBF374600BFE3D95FCA132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6a:73:aa:b4:6a:3b:b2:ee:aa:ec:75:21:8a:
5a:cc:10:27:fd:db:c8:bf:3a:19:bd:9f:7c:d0:be:
9d:dd:8c:b6:d4:60:7b:2a:91:75:94:48:d7:e8:35:
31:e1:85:09:f4:e0:49:e6:b1:59:c7:b2:d6:3d:44:
4c:76:2d:ca:e7:4f:4e:54:d5:3b:b3:e7:61:05:69:
0f:19:6d:d3:32:7d:9e:8d:df:52:49:9f:7b:5d:30:
c3:be:da:52:78:79:31:83:22:50:30:61:46:98:27:
13:33:47:52:f8:c4:d8:d9:d2:c3:de:69:f8:be:32:
ed:f6:96:2a:69:17:0e:56:11:58:ad:b3:00:63:55:
41:9d:65:4a:4b:68:14:ef:7f:13:83:0f:4f:6b:47:
09:67:ac:a8:73:7d:5e:5d:b3:4b:62:67:76:1a:27:
8a:2a:da:28:6e:e7:d4:db:5f:ff:7a:01:9b:8f:3c:
0f:01:45:9f:88:e8:f3:80:26:f5:2e:43:c1:be:bd:
8b:b9:61:54:21:27:ab:66:95:4f:39:18:bc:c3:7f:
9d:f6:89:a6:43:fe:c2:56:59:28:33:43:66:5d:c5:
51:c9:15:3c:72:d6:de:67:d2:91:3b:0e:3c:c8:58:
eb:3e:cd:0b:71:17:09:fa:e7:08:5b:a2:45:4a:7f:
b0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:6C:D0:DA:7A:D9:8C:A5:2F:FB:F3:74:60:0B:FE:3D:95:FC:A1:32
X509v3 Authority Key Identifier:
keyid:F5:D7:1E:C7:79:22:A9:08:0F:17:C3:A1:6F:BE:5F:69:B1:CD:88:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3ae83673-096a-440c-b27a-9be64b13b4e5/0/F5D71EC77922A9080F17C3A16FBE5F69B1CD8832.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F5D71EC77922A9080F17C3A16FBE5F69B1CD8832.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3ae83673-096a-440c-b27a-9be64b13b4e5/0/33362e35302e3232352e302f32342d3234203d3e20313532303830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.50.225.0/24
Signature Algorithm: sha256WithRSAEncryption
74:c9:ce:51:35:04:41:f7:d0:16:6a:d1:e6:52:78:e0:40:b0:
9b:aa:bb:67:ed:7a:f1:97:8e:be:95:1b:07:43:a6:1a:81:38:
d6:fd:8b:2f:0d:75:c8:1d:ec:59:d0:f1:41:03:7f:ae:ca:f6:
18:7d:ed:05:50:e5:ca:ce:fd:71:c5:21:6c:47:14:60:83:b6:
5e:1c:21:36:31:c4:74:3c:de:f4:7e:7d:00:ac:7f:ff:92:4f:
ad:79:95:3f:d8:d3:9c:52:a0:fc:e3:4b:0f:81:28:c7:95:65:
51:7f:67:0e:82:26:2e:a0:40:38:24:db:80:fd:0a:cf:6a:1e:
22:23:48:67:a2:8a:ed:0b:a4:71:49:6c:6c:f3:21:6b:cf:ca:
13:61:e1:bc:12:d2:d5:4a:79:5d:2c:0a:aa:b7:41:8b:c5:e8:
2c:c1:91:9c:7b:b7:fb:b3:90:f8:99:67:6f:7f:14:57:e6:a2:
3f:f3:c0:a7:4d:5c:c7:da:71:e7:6c:c8:c4:f1:f6:79:cd:a0:
2e:8f:09:05:7b:40:62:2d:7b:65:5b:d7:2b:3d:52:f5:70:d1:
e3:6e:4a:41:80:da:c3:f7:91:6e:6a:81:2c:d6:36:d9:0c:06:
28:f4:54:65:36:ab:a6:21:ec:9a:5d:fc:48:ba:4e:06:2d:63:
72:b9:0b:8f
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUWvbI8d7XVxIRmow4nNLnN8lLboAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjVENzFFQzc3OTIyQTkwODBGMTdDM0ExNkZCRTVGNjlC
MUNEODgzMjAeFw0yNTAzMDMwNTU1MDBaFw0yNjAzMDIwNjAwMDBaMDMxMTAvBgNV
BAMTKDAyNkNEMERBN0FEOThDQTUyRkZCRjM3NDYwMEJGRTNEOTVGQ0ExMzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyanOqtGo7su6q7HUhilrMECf9
28i/Ohm9n3zQvp3djLbUYHsqkXWUSNfoNTHhhQn04EnmsVnHstY9REx2LcrnT05U
1Tuz52EFaQ8ZbdMyfZ6N31JJn3tdMMO+2lJ4eTGDIlAwYUaYJxMzR1L4xNjZ0sPe
afi+Mu32lippFw5WEVitswBjVUGdZUpLaBTvfxODD09rRwlnrKhzfV5ds0tiZ3Ya
J4oq2ihu59TbX/96AZuPPA8BRZ+I6POAJvUuQ8G+vYu5YVQhJ6tmlU85GLzDf532
iaZD/sJWWSgzQ2ZdxVHJFTxy1t5n0pE7DjzIWOs+zQtxFwn65whbokVKf7B5AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUAmzQ2nrZjKUv+/N0YAv+PZX8oTIwHwYDVR0j
BBgwFoAU9dcex3kiqQgPF8Ohb75fabHNiDIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
YWU4MzY3My0wOTZhLTQ0MGMtYjI3YS05YmU2NGIxM2I0ZTUvMC9GNUQ3MUVDNzc5
MjJBOTA4MEYxN0MzQTE2RkJFNUY2OUIxQ0Q4ODMyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjVENzFFQzc3OTIyQTkwODBGMTdDM0ExNkZCRTVGNjlCMUNE
ODgzMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNhZTgzNjczLTA5NmEtNDQwYy1i
MjdhLTliZTY0YjEzYjRlNS8wLzMzMzYyZTM1MzAyZTMyMzIzNTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMjMwMzgzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACQy4TANBgkqhkiG
9w0BAQsFAAOCAQEAdMnOUTUEQffQFmrR5lJ44ECwm6q7Z+168ZeOvpUbB0OmGoE4
1v2LLw11yB3sWdDxQQN/rsr2GH3tBVDlys79ccUhbEcUYIO2XhwhNjHEdDze9H59
AKx//5JPrXmVP9jTnFKg/ONLD4Eox5VlUX9nDoImLqBAOCTbgP0Kz2oeIiNIZ6KK
7QukcUlsbPMha8/KE2HhvBLS1Up5XSwKqrdBi8XoLMGRnHu3+7OQ+Jlnb38UV+ai
P/PAp01cx9px52zIxPH2ec2gLo8JBXtAYi17ZVvXKz1S9XDR425KQYDaw/eRbmqB
LNY22QwGKPRUZTarpiHsml38SLpOBi1jcrkLjw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:14:57 2025 by rpki-client