Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/438061f1-fa30-4bd6-81a0-2ec670836c42/0/3131392e322e36342e302f31392d3234203d3e203137343530.roa
File: 3131392e322e36342e302f31392d3234203d3e203137343530.roa (raw, json)
Hash identifier: IjDU6VchKiVRt/VpnNfkp1NDPemNIu86cnCMdMAMgr8=
Subject key identifier: DA:C2:9C:47:40:9D:3A:52:CC:CA:44:44:23:DD:B1:9F:3F:38:43:6F
Certificate issuer: /CN=4AC7DCD8EB1234ADC427AEBE3949E8691638A707
Certificate serial: 7D3C4E7D3609165CF44ABB140254313ACA3D0D54
Authority key identifier: 4A:C7:DC:D8:EB:12:34:AD:C4:27:AE:BE:39:49:E8:69:16:38:A7:07
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AC7DCD8EB1234ADC427AEBE3949E8691638A707.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/438061f1-fa30-4bd6-81a0-2ec670836c42/0/3131392e322e36342e302f31392d3234203d3e203137343530.roa
Signing time: Wed 26 Jun 2024 02:16:00 +0000
ROA not before: Wed 26 Jun 2024 02:11:00 +0000
ROA not after: Wed 25 Jun 2025 02:16:00 +0000
asID: 17450
IP address blocks: 119.2.64.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:3c:4e:7d:36:09:16:5c:f4:4a:bb:14:02:54:31:3a:ca:3d:0d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4AC7DCD8EB1234ADC427AEBE3949E8691638A707
Validity
Not Before: Jun 26 02:11:00 2024 GMT
Not After : Jun 25 02:16:00 2025 GMT
Subject: CN=DAC29C47409D3A52CCCA444423DDB19F3F38436F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:77:81:bd:4a:38:f3:12:b6:58:c4:e6:0c:17:
0d:18:c5:e2:e6:b8:21:e8:b6:5f:4c:dc:17:22:c9:
8d:e1:6c:94:2f:e2:3b:29:59:73:97:ae:86:b3:d4:
9e:6f:d2:44:64:76:a1:ba:38:2f:5d:ed:ce:d6:98:
87:11:56:e2:d5:9f:60:b0:53:0a:b4:4a:45:8c:b7:
91:88:34:24:51:83:eb:df:a3:19:de:71:d4:86:65:
b6:ba:e3:c8:0b:1d:25:ab:63:54:56:35:08:20:73:
96:b5:7f:3a:07:fa:34:68:b3:b0:13:f1:71:b0:72:
c0:bd:03:0b:09:4f:4e:3a:40:a9:69:65:98:ae:e1:
62:f7:cc:00:42:d8:38:ab:fd:cb:74:72:56:56:cb:
1e:03:09:66:24:18:e3:bd:61:76:6d:60:76:e2:4f:
e4:07:4c:89:63:68:70:9f:cb:fa:59:8b:b8:8d:4d:
92:10:bb:4f:ab:71:6b:74:5a:db:dd:32:47:b4:61:
93:15:a7:d1:f7:9e:6a:ed:f2:71:da:b0:bc:ae:ec:
fa:0f:b9:85:df:cb:2d:20:2c:5b:fc:44:08:fe:c8:
f5:47:bf:f6:99:ff:d9:2e:24:9d:31:df:48:4c:d3:
86:95:43:b1:68:a2:6f:11:16:6d:8b:0c:30:cb:86:
ec:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C2:9C:47:40:9D:3A:52:CC:CA:44:44:23:DD:B1:9F:3F:38:43:6F
X509v3 Authority Key Identifier:
keyid:4A:C7:DC:D8:EB:12:34:AD:C4:27:AE:BE:39:49:E8:69:16:38:A7:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/438061f1-fa30-4bd6-81a0-2ec670836c42/0/4AC7DCD8EB1234ADC427AEBE3949E8691638A707.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AC7DCD8EB1234ADC427AEBE3949E8691638A707.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/438061f1-fa30-4bd6-81a0-2ec670836c42/0/3131392e322e36342e302f31392d3234203d3e203137343530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
119.2.64.0/19
Signature Algorithm: sha256WithRSAEncryption
af:ea:10:57:ab:33:09:f4:4a:31:e8:eb:05:a7:0e:30:b2:ca:
06:66:be:f0:0e:7c:20:ee:ce:eb:4d:7f:93:d6:58:a4:5f:2a:
b7:1e:17:d6:99:74:4b:cd:a9:62:ff:7c:6e:de:d7:d9:5b:81:
23:10:20:38:d9:06:1b:97:bc:5c:ca:87:56:bd:cb:02:4f:c6:
4f:50:16:20:9f:cd:be:28:7d:06:84:16:a9:66:ba:c5:e2:fc:
ac:8a:fa:45:4e:a7:9b:74:66:67:cc:fe:9b:90:fb:b6:c5:2b:
ff:90:68:5f:73:bc:dd:b6:33:87:69:5b:15:02:6c:55:2c:19:
b5:6c:3b:df:80:8d:fe:df:14:1d:91:48:f5:d4:9c:7c:e9:e1:
3b:4c:02:e1:0e:3f:05:f7:06:4e:a0:64:d3:4f:cd:60:0b:97:
4d:69:63:c4:09:11:53:63:86:67:e6:f3:d0:f6:d1:86:28:8e:
48:69:c5:44:9d:93:f4:e2:df:76:43:d5:c6:2f:50:f3:a8:9f:
4c:3b:e6:69:03:52:73:71:fb:0a:0f:cc:1f:aa:3b:40:c3:74:
49:d5:a2:41:a0:d7:2b:b6:16:a3:cf:03:ad:50:16:45:57:18:
1a:02:3f:3e:57:03:8a:5a:df:84:ec:34:5f:4e:fe:6b:9c:5f:
57:7e:7c:e3
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUfTxOfTYJFlz0SrsUAlQxOso9DVQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNEFDN0RDRDhFQjEyMzRBREM0MjdBRUJFMzk0OUU4Njkx
NjM4QTcwNzAeFw0yNDA2MjYwMjExMDBaFw0yNTA2MjUwMjE2MDBaMDMxMTAvBgNV
BAMTKERBQzI5QzQ3NDA5RDNBNTJDQ0NBNDQ0NDIzRERCMTlGM0YzODQzNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+d4G9SjjzErZYxOYMFw0YxeLm
uCHotl9M3BciyY3hbJQv4jspWXOXroaz1J5v0kRkdqG6OC9d7c7WmIcRVuLVn2Cw
Uwq0SkWMt5GINCRRg+vfoxnecdSGZba648gLHSWrY1RWNQggc5a1fzoH+jRos7AT
8XGwcsC9AwsJT046QKlpZZiu4WL3zABC2Dir/ct0clZWyx4DCWYkGOO9YXZtYHbi
T+QHTIljaHCfy/pZi7iNTZIQu0+rcWt0WtvdMke0YZMVp9H3nmrt8nHasLyu7PoP
uYXfyy0gLFv8RAj+yPVHv/aZ/9kuJJ0x30hM04aVQ7Foom8RFm2LDDDLhuw1AgMB
AAGjggItMIICKTAdBgNVHQ4EFgQU2sKcR0CdOlLMykREI92xnz84Q28wHwYDVR0j
BBgwFoAUSsfc2OsSNK3EJ66+OUnoaRY4pwcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
MzgwNjFmMS1mYTMwLTRiZDYtODFhMC0yZWM2NzA4MzZjNDIvMC80QUM3RENEOEVC
MTIzNEFEQzQyN0FFQkUzOTQ5RTg2OTE2MzhBNzA3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNEFDN0RDRDhFQjEyMzRBREM0MjdBRUJFMzk0OUU4NjkxNjM4
QTcwNy5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDM4MDYxZjEtZmEzMC00YmQ2LTgx
YTAtMmVjNjcwODM2YzQyLzAvMzEzMTM5MmUzMjJlMzYzNDJlMzAyZjMxMzkyZDMy
MzQyMDNkM2UyMDMxMzczNDM1MzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAV3AkAwDQYJKoZIhvcNAQEL
BQADggEBAK/qEFerMwn0SjHo6wWnDjCyygZmvvAOfCDuzutNf5PWWKRfKrceF9aZ
dEvNqWL/fG7e19lbgSMQIDjZBhuXvFzKh1a9ywJPxk9QFiCfzb4ofQaEFqlmusXi
/KyK+kVOp5t0ZmfM/puQ+7bFK/+QaF9zvN22M4dpWxUCbFUsGbVsO9+Ajf7fFB2R
SPXUnHzp4TtMAuEOPwX3Bk6gZNNPzWALl01pY8QJEVNjhmfm89D20YYojkhpxUSd
k/Ti33ZD1cYvUPOon0w75mkDUnNx+woPzB+qO0DDdEnVokGg1yu2FqPPA61QFkVX
GBoCPz5XA4pa34TsNF9O/mucX1d+fOM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:34:08 2025 by rpki-client