Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3c3e68bd-b04c-4d35-8020-02936342fb1d/0/3135372e36362e33342e302f32332d3234203d3e203535363838.roa
File: 3135372e36362e33342e302f32332d3234203d3e203535363838.roa (raw, json)
Hash identifier: YnMl14zMBBAGefIrNCpqtc2Cgu/mTkse/nZA5aRzjVk=
Subject key identifier: 5C:88:6F:91:D2:12:85:3C:C6:D4:E8:6E:F9:A9:60:FC:1B:3B:C8:6E
Certificate issuer: /CN=85735A4922D529215199E6F4D6829DF68512E117
Certificate serial: 1069FC441D0B7F295DF8EC2D075A49A4D7D246AD
Authority key identifier: 85:73:5A:49:22:D5:29:21:51:99:E6:F4:D6:82:9D:F6:85:12:E1:17
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/85735A4922D529215199E6F4D6829DF68512E117.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3c3e68bd-b04c-4d35-8020-02936342fb1d/0/3135372e36362e33342e302f32332d3234203d3e203535363838.roa
Signing time: Mon 29 Apr 2024 09:19:29 +0000
ROA not before: Mon 29 Apr 2024 09:14:29 +0000
ROA not after: Mon 28 Apr 2025 09:19:29 +0000
asID: 55688
IP address blocks: 157.66.34.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:69:fc:44:1d:0b:7f:29:5d:f8:ec:2d:07:5a:49:a4:d7:d2:46:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85735A4922D529215199E6F4D6829DF68512E117
Validity
Not Before: Apr 29 09:14:29 2024 GMT
Not After : Apr 28 09:19:29 2025 GMT
Subject: CN=5C886F91D212853CC6D4E86EF9A960FC1B3BC86E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:92:4a:d5:2d:4c:b1:01:6f:33:81:bb:4e:40:
0d:c2:ee:66:91:d0:5c:83:41:40:09:ff:ee:44:1b:
da:39:9a:23:a5:ff:8b:6f:30:88:43:c2:49:d5:44:
03:0e:e0:51:cd:6e:f2:ed:64:7e:9a:6f:29:65:2c:
8f:8e:8c:52:09:4d:51:48:97:e4:6a:a9:70:19:80:
17:3e:fa:8e:e8:ad:ef:aa:c1:2f:9e:02:b9:e5:2e:
a2:bb:3f:9a:58:5e:6a:0d:ee:2f:32:48:02:51:68:
1c:1f:d7:ed:2a:dc:15:1e:31:9e:6f:3d:3b:c0:c3:
c0:97:f0:c1:a8:04:6e:b0:2b:7a:8c:f1:ba:95:88:
f3:74:c8:aa:f6:bc:4e:27:ad:c4:ca:92:fe:77:3d:
66:a1:78:5c:fe:5a:ac:3a:e3:54:5e:d7:bb:01:5e:
f3:49:8b:8c:23:8e:9b:68:76:91:ff:97:80:0c:58:
d6:c2:62:f6:8c:88:76:d2:29:85:77:82:98:ec:f9:
d5:23:de:12:8f:c3:3b:88:f8:6b:a4:80:77:ef:e6:
27:4b:11:b2:1d:c2:5e:98:b5:d5:dd:1d:c8:ad:28:
40:4d:a7:d5:3a:75:b3:f3:da:e9:8a:27:65:50:20:
fb:32:7d:32:ac:42:75:ec:7c:9e:69:24:c2:65:18:
46:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:88:6F:91:D2:12:85:3C:C6:D4:E8:6E:F9:A9:60:FC:1B:3B:C8:6E
X509v3 Authority Key Identifier:
keyid:85:73:5A:49:22:D5:29:21:51:99:E6:F4:D6:82:9D:F6:85:12:E1:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3c3e68bd-b04c-4d35-8020-02936342fb1d/0/85735A4922D529215199E6F4D6829DF68512E117.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/85735A4922D529215199E6F4D6829DF68512E117.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3c3e68bd-b04c-4d35-8020-02936342fb1d/0/3135372e36362e33342e302f32332d3234203d3e203535363838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.66.34.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:d7:a5:b6:92:e0:2b:7e:44:c3:6b:46:89:67:6f:0d:db:1a:
84:3b:c0:b2:c4:fa:ad:99:b5:02:35:ef:ad:47:a7:ba:ff:7d:
ae:7a:fc:ca:0f:97:5b:6f:19:15:ff:44:b0:15:82:66:42:7e:
ca:5b:62:ab:6c:ba:a2:79:66:67:d2:f3:1d:96:a4:46:7b:be:
76:ac:19:9b:9e:6c:06:30:e0:a0:da:94:20:c0:dd:c9:85:66:
5d:5f:14:ad:85:68:a0:43:26:2e:af:3b:81:64:a2:82:3c:05:
fe:51:70:25:01:3b:68:14:30:0e:09:e7:cd:03:9f:12:bc:35:
8a:dd:95:4f:64:51:04:3e:eb:80:97:ad:03:79:97:71:24:61:
c7:38:c5:58:2a:62:94:ea:bc:b7:08:01:e9:07:83:98:98:14:
a5:f8:c1:88:4c:c2:fa:5c:6d:b4:00:d6:c6:55:6e:1d:8c:60:
0d:e3:f7:c5:b6:21:ec:54:10:f6:d7:ab:de:84:7f:0a:f9:f4:
c7:6d:26:40:39:eb:52:7a:da:6d:1d:d5:9d:aa:84:a4:eb:2b:
25:54:88:dd:ba:20:cd:9b:22:93:05:46:9b:cc:90:d8:ac:2e:
83:2d:39:5c:f0:7f:bb:6d:12:94:19:fd:90:87:65:14:61:32:
67:10:dd:44
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUEGn8RB0Lfyld+OwtB1pJpNfSRq0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODU3MzVBNDkyMkQ1MjkyMTUxOTlFNkY0RDY4MjlERjY4
NTEyRTExNzAeFw0yNDA0MjkwOTE0MjlaFw0yNTA0MjgwOTE5MjlaMDMxMTAvBgNV
BAMTKDVDODg2RjkxRDIxMjg1M0NDNkQ0RTg2RUY5QTk2MEZDMUIzQkM4NkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNkkrVLUyxAW8zgbtOQA3C7maR
0FyDQUAJ/+5EG9o5miOl/4tvMIhDwknVRAMO4FHNbvLtZH6abyllLI+OjFIJTVFI
l+RqqXAZgBc++o7ore+qwS+eArnlLqK7P5pYXmoN7i8ySAJRaBwf1+0q3BUeMZ5v
PTvAw8CX8MGoBG6wK3qM8bqViPN0yKr2vE4nrcTKkv53PWaheFz+Wqw641Re17sB
XvNJi4wjjptodpH/l4AMWNbCYvaMiHbSKYV3gpjs+dUj3hKPwzuI+GukgHfv5idL
EbIdwl6YtdXdHcitKEBNp9U6dbPz2umKJ2VQIPsyfTKsQnXsfJ5pJMJlGEadAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUXIhvkdIShTzG1Ohu+alg/Bs7yG4wHwYDVR0j
BBgwFoAUhXNaSSLVKSFRmeb01oKd9oUS4RcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
YzNlNjhiZC1iMDRjLTRkMzUtODAyMC0wMjkzNjM0MmZiMWQvMC84NTczNUE0OTIy
RDUyOTIxNTE5OUU2RjRENjgyOURGNjg1MTJFMTE3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvODU3MzVBNDkyMkQ1MjkyMTUxOTlFNkY0RDY4MjlERjY4NTEy
RTExNy5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNjM2U2OGJkLWIwNGMtNGQzNS04
MDIwLTAyOTM2MzQyZmIxZC8wLzMxMzUzNzJlMzYzNjJlMzMzNDJlMzAyZjMyMzMy
ZDMyMzQyMDNkM2UyMDM1MzUzNjM4Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdQiIwDQYJKoZIhvcN
AQELBQADggEBAH7XpbaS4Ct+RMNrRolnbw3bGoQ7wLLE+q2ZtQI1761Hp7r/fa56
/MoPl1tvGRX/RLAVgmZCfspbYqtsuqJ5ZmfS8x2WpEZ7vnasGZuebAYw4KDalCDA
3cmFZl1fFK2FaKBDJi6vO4FkooI8Bf5RcCUBO2gUMA4J580DnxK8NYrdlU9kUQQ+
64CXrQN5l3EkYcc4xVgqYpTqvLcIAekHg5iYFKX4wYhMwvpcbbQA1sZVbh2MYA3j
98W2IexUEPbXq96Efwr59MdtJkA561J62m0d1Z2qhKTrKyVUiN26IM2bIpMFRpvM
kNisLoMtOVzwf7ttEpQZ/ZCHZRRhMmcQ3UQ=
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:32:32 2025 by rpki-client