Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/35382e3134352e3136382e302f32312d3231203d3e203436303534.roa
File: 35382e3134352e3136382e302f32312d3231203d3e203436303534.roa (raw, json)
Hash identifier: m+q7ZgpD2GbDgHvxK3Mi9rcFamM0AOK41baaZkFJd+o=
Subject key identifier: F1:FE:CF:CD:A7:49:62:69:8A:82:77:B1:3D:4A:97:51:9E:8E:FB:B7
Certificate issuer: /CN=26425B70294F98035D38788E597A4A6CEB9C9CE5
Certificate serial: 33A2F4D3EEF2EAC88181965F334A43D7E2711B25
Authority key identifier: 26:42:5B:70:29:4F:98:03:5D:38:78:8E:59:7A:4A:6C:EB:9C:9C:E5
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/26425B70294F98035D38788E597A4A6CEB9C9CE5.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/35382e3134352e3136382e302f32312d3231203d3e203436303534.roa
Signing time: Wed 31 Jul 2024 05:08:00 +0000
ROA not before: Wed 31 Jul 2024 05:03:00 +0000
ROA not after: Wed 30 Jul 2025 05:08:00 +0000
asID: 46054
IP address blocks: 58.145.168.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:a2:f4:d3:ee:f2:ea:c8:81:81:96:5f:33:4a:43:d7:e2:71:1b:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26425B70294F98035D38788E597A4A6CEB9C9CE5
Validity
Not Before: Jul 31 05:03:00 2024 GMT
Not After : Jul 30 05:08:00 2025 GMT
Subject: CN=F1FECFCDA74962698A8277B13D4A97519E8EFBB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7d:04:4d:97:7f:0b:ab:7a:16:95:ce:91:d9:
99:80:21:6c:c9:aa:5a:82:bf:dd:e6:ed:7c:ee:de:
37:ef:0f:69:d3:e6:04:69:e3:f7:f3:66:11:5b:43:
49:ed:39:2a:78:ee:70:7c:13:e9:c3:c0:a0:01:80:
ae:50:7a:b2:3b:7a:39:65:61:c7:29:16:cf:97:74:
47:4f:b3:11:e5:49:f3:71:3a:53:6a:4f:85:fb:29:
2e:7f:52:b3:d3:4e:94:30:08:9b:ad:65:21:f0:a8:
a0:9a:68:73:e2:47:f9:65:07:74:e6:53:54:45:c6:
7a:e4:e8:c0:52:8a:7d:5d:c5:17:65:cb:53:b9:1d:
44:61:e3:44:87:89:fd:65:4e:25:2c:3e:c6:c6:17:
02:c4:fe:aa:8e:a4:a9:5f:df:0e:cd:47:21:03:48:
e7:6a:86:fd:e8:9a:5a:29:2d:11:6d:44:0b:92:00:
62:30:72:d2:f5:9c:cd:75:99:1e:e9:9e:37:93:42:
82:2b:c0:43:00:92:b7:ac:22:5b:c2:ae:34:5d:34:
83:9a:07:51:e7:38:41:7b:35:7e:ac:ea:ed:18:92:
76:a3:a7:77:c8:13:c5:48:9b:4d:9f:b9:0d:9f:80:
e7:c3:4e:15:39:dc:05:14:ce:a8:d0:d8:f7:77:0c:
21:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:FE:CF:CD:A7:49:62:69:8A:82:77:B1:3D:4A:97:51:9E:8E:FB:B7
X509v3 Authority Key Identifier:
keyid:26:42:5B:70:29:4F:98:03:5D:38:78:8E:59:7A:4A:6C:EB:9C:9C:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/26425B70294F98035D38788E597A4A6CEB9C9CE5.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/26425B70294F98035D38788E597A4A6CEB9C9CE5.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/35382e3134352e3136382e302f32312d3231203d3e203436303534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
58.145.168.0/21
Signature Algorithm: sha256WithRSAEncryption
bb:8d:3c:cf:f9:2d:c4:db:d0:7f:58:3a:0b:18:43:53:a8:9a:
9c:37:d5:90:ef:73:3e:83:41:3f:bc:1c:b4:75:73:a5:05:0d:
6e:3d:de:18:c6:11:20:06:a9:62:c4:9d:a8:f9:e8:d0:df:74:
bb:33:b7:12:53:0b:e8:8f:73:61:2a:a5:48:23:df:43:72:e0:
f4:58:4d:c3:70:dc:be:53:ff:e7:4f:8d:fd:62:45:6d:79:b5:
74:1b:51:04:a8:0e:5b:4c:71:70:9b:a0:c4:d3:ad:be:8f:73:
9d:13:61:c0:ae:22:77:5e:e5:77:30:d7:86:13:8b:80:d9:7a:
6d:1d:bb:6e:61:df:76:0b:bb:2b:e4:64:27:20:40:d9:b2:4b:
58:b2:70:9a:99:21:a4:96:79:be:b0:f4:fe:cd:be:4d:a9:45:
55:b1:b4:32:ab:ba:f3:db:db:d5:be:5e:e1:c5:32:7a:d5:47:
73:a9:73:ec:78:9a:5b:f1:25:7f:3d:a0:86:d1:48:e6:a4:fa:
7d:6d:5e:7d:57:1e:20:df:95:cb:28:fc:43:a2:49:a4:8a:49:
cf:fa:5c:1b:24:e1:91:a1:2c:31:47:14:7f:3e:36:c1:5f:ea:
93:f3:18:54:7d:10:e6:ad:97:8e:d9:f4:a7:2f:58:bd:19:3f:
c8:7f:01:23
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUM6L00+7y6siBgZZfM0pD1+JxGyUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjY0MjVCNzAyOTRGOTgwMzVEMzg3ODhFNTk3QTRBNkNF
QjlDOUNFNTAeFw0yNDA3MzEwNTAzMDBaFw0yNTA3MzAwNTA4MDBaMDMxMTAvBgNV
BAMTKEYxRkVDRkNEQTc0OTYyNjk4QTgyNzdCMTNENEE5NzUxOUU4RUZCQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAfQRNl38Lq3oWlc6R2ZmAIWzJ
qlqCv93m7Xzu3jfvD2nT5gRp4/fzZhFbQ0ntOSp47nB8E+nDwKABgK5QerI7ejll
YccpFs+XdEdPsxHlSfNxOlNqT4X7KS5/UrPTTpQwCJutZSHwqKCaaHPiR/llB3Tm
U1RFxnrk6MBSin1dxRdly1O5HURh40SHif1lTiUsPsbGFwLE/qqOpKlf3w7NRyED
SOdqhv3omlopLRFtRAuSAGIwctL1nM11mR7pnjeTQoIrwEMAkresIlvCrjRdNIOa
B1HnOEF7NX6s6u0Yknajp3fIE8VIm02fuQ2fgOfDThU53AUUzqjQ2Pd3DCFxAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU8f7PzadJYmmKgnexPUqXUZ6O+7cwHwYDVR0j
BBgwFoAUJkJbcClPmANdOHiOWXpKbOucnOUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
Y2YzMDkzNi1jNzUwLTQzM2ItOWMyYS04ZmY1ZjM4ZTYzZDQvMC8yNjQyNUI3MDI5
NEY5ODAzNUQzODc4OEU1OTdBNEE2Q0VCOUM5Q0U1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjY0MjVCNzAyOTRGOTgwMzVEMzg3ODhFNTk3QTRBNkNFQjlD
OUNFNS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNjZjMwOTM2LWM3NTAtNDMzYi05
YzJhLThmZjVmMzhlNjNkNC8wLzM1MzgyZTMxMzQzNTJlMzEzNjM4MmUzMDJmMzIz
MTJkMzIzMTIwM2QzZTIwMzQzNjMwMzUzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzqRqDANBgkqhkiG
9w0BAQsFAAOCAQEAu408z/ktxNvQf1g6CxhDU6ianDfVkO9zPoNBP7wctHVzpQUN
bj3eGMYRIAapYsSdqPno0N90uzO3ElML6I9zYSqlSCPfQ3Lg9FhNw3DcvlP/50+N
/WJFbXm1dBtRBKgOW0xxcJugxNOtvo9znRNhwK4id17ldzDXhhOLgNl6bR27bmHf
dgu7K+RkJyBA2bJLWLJwmpkhpJZ5vrD0/s2+TalFVbG0Mqu689vb1b5e4cUyetVH
c6lz7HiaW/Elfz2ghtFI5qT6fW1efVceIN+Vyyj8Q6JJpIpJz/pcGyThkaEsMUcU
fz42wV/qk/MYVH0Q5q2Xjtn0py9YvRk/yH8BIw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:45:38 2025 by rpki-client