Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132302e302f32342d3234203d3e20313532343133.roa
File: 3135372e32302e3132302e302f32342d3234203d3e20313532343133.roa (raw, json)
Hash identifier: mtxUuoBWjsUwdIjXZpNi9bHZl2ZJW5TeiOYPZBEVbaM=
Subject key identifier: 14:2C:4E:A0:71:EC:A7:1B:DA:86:08:B2:B6:C3:07:57:8D:58:09:0E
Certificate issuer: /CN=D78FE5AE870EF221FD95775CFEAFEAD5ACF32368
Certificate serial: 4C3FB3AA15970E38104F03017FAD0BC281866787
Authority key identifier: D7:8F:E5:AE:87:0E:F2:21:FD:95:77:5C:FE:AF:EA:D5:AC:F3:23:68
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132302e302f32342d3234203d3e20313532343133.roa
Signing time: Thu 13 Feb 2025 16:43:56 +0000
ROA not before: Thu 13 Feb 2025 16:38:56 +0000
ROA not after: Thu 12 Feb 2026 16:43:56 +0000
asID: 152413
IP address blocks: 157.20.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:3f:b3:aa:15:97:0e:38:10:4f:03:01:7f:ad:0b:c2:81:86:67:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D78FE5AE870EF221FD95775CFEAFEAD5ACF32368
Validity
Not Before: Feb 13 16:38:56 2025 GMT
Not After : Feb 12 16:43:56 2026 GMT
Subject: CN=142C4EA071ECA71BDA8608B2B6C307578D58090E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ac:0b:d0:d5:77:73:7b:9b:b6:e9:94:11:01:
f9:05:b8:b3:33:df:47:b9:6d:af:3b:48:4f:0f:be:
25:f0:e9:9b:e9:2b:a4:cc:91:f7:98:d1:d9:9c:bf:
dd:f8:36:67:57:20:81:d1:71:d3:71:7a:34:db:81:
d9:40:d0:64:ce:4d:6d:5b:0f:ce:c7:5f:d9:da:42:
a7:22:36:ff:54:da:a0:d2:dd:0a:2b:8a:3f:77:90:
aa:f6:9e:5b:bb:28:cd:89:71:e1:a8:bc:8d:44:83:
4c:ae:5a:21:37:3e:3a:dd:32:2e:50:bf:a2:7d:4a:
8a:0a:08:b0:ef:af:d2:54:d6:56:f4:9e:fb:76:fb:
d1:e3:b4:2e:de:fc:de:2f:71:a7:f6:67:0c:8b:53:
36:41:6b:5f:5c:6b:f9:ce:41:37:88:19:e8:2e:02:
c8:d6:da:e7:16:9e:ec:ab:68:e3:e5:bf:6a:fb:a6:
c2:65:c7:38:64:11:9a:10:ef:9f:e4:5c:c8:80:0a:
cf:36:2e:e2:c7:e4:91:99:a4:45:e8:57:3e:4d:55:
37:76:8e:a3:69:87:c2:bf:5a:13:73:b4:be:12:5e:
4d:48:ec:c2:69:3a:6b:57:2e:c4:e8:e7:f8:77:66:
dc:70:1a:e2:25:ff:8a:53:9c:cb:f3:d8:94:d3:2e:
62:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:2C:4E:A0:71:EC:A7:1B:DA:86:08:B2:B6:C3:07:57:8D:58:09:0E
X509v3 Authority Key Identifier:
keyid:D7:8F:E5:AE:87:0E:F2:21:FD:95:77:5C:FE:AF:EA:D5:AC:F3:23:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132302e302f32342d3234203d3e20313532343133.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.120.0/24
Signature Algorithm: sha256WithRSAEncryption
38:60:70:24:b7:e4:05:0d:04:8a:c0:71:4f:91:bc:dc:36:aa:
40:c0:4e:f6:80:af:fd:da:e1:a1:5e:32:44:af:87:fe:96:6d:
f2:df:3a:6d:91:42:41:d4:1e:af:8d:1e:6f:d6:b0:e8:dc:6d:
88:5a:25:23:a3:dc:1a:15:33:ba:1c:4e:1d:67:57:22:26:7e:
8a:21:f9:5e:fc:f5:39:e9:a4:74:14:a3:d3:4e:ac:15:08:0f:
c4:ea:4b:e6:6d:a1:c7:a9:15:a0:26:d1:f4:f6:84:47:6c:70:
52:56:61:15:1f:7f:85:2e:dc:fe:25:47:97:76:5f:06:cf:25:
f4:9f:e0:70:3e:c7:bf:44:bb:23:14:00:9d:1a:e7:99:9d:8f:
7e:2c:19:e5:cc:be:d1:0c:1f:b1:26:96:fc:d0:f1:19:32:34:
14:0f:7e:69:fb:17:ea:4f:4a:3b:fe:32:87:73:54:5a:af:53:
91:8a:ca:66:a0:a0:8d:38:c4:75:c2:57:f6:d1:51:2c:78:7b:
75:b3:30:0c:57:94:48:49:84:9e:d9:10:4b:48:5e:f2:4c:62:
24:80:f6:88:a2:d1:81:c8:23:1d:9f:e4:83:47:29:2b:91:1b:
66:69:f8:a6:f3:6c:19:a9:ce:55:99:47:03:a3:5c:52:e0:b5:
13:ce:04:9f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUTD+zqhWXDjgQTwMBf60LwoGGZ4cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDc4RkU1QUU4NzBFRjIyMUZEOTU3NzVDRkVBRkVBRDVB
Q0YzMjM2ODAeFw0yNTAyMTMxNjM4NTZaFw0yNjAyMTIxNjQzNTZaMDMxMTAvBgNV
BAMTKDE0MkM0RUEwNzFFQ0E3MUJEQTg2MDhCMkI2QzMwNzU3OEQ1ODA5MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOrAvQ1Xdze5u26ZQRAfkFuLMz
30e5ba87SE8PviXw6ZvpK6TMkfeY0dmcv934NmdXIIHRcdNxejTbgdlA0GTOTW1b
D87HX9naQqciNv9U2qDS3Qorij93kKr2nlu7KM2JceGovI1Eg0yuWiE3PjrdMi5Q
v6J9SooKCLDvr9JU1lb0nvt2+9HjtC7e/N4vcaf2ZwyLUzZBa19ca/nOQTeIGegu
AsjW2ucWnuyraOPlv2r7psJlxzhkEZoQ75/kXMiACs82LuLH5JGZpEXoVz5NVTd2
jqNph8K/WhNztL4SXk1I7MJpOmtXLsTo5/h3ZtxwGuIl/4pTnMvz2JTTLmKBAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUFCxOoHHspxvahgiytsMHV41YCQ4wHwYDVR0j
BBgwFoAU14/lrocO8iH9lXdc/q/q1azzI2gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
NjQ0MjYzYS04ZWUyLTRlZWMtYTgxMC01NzMzY2NhZjUxZTMvMC9ENzhGRTVBRTg3
MEVGMjIxRkQ5NTc3NUNGRUFGRUFENUFDRjMyMzY4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvRDc4RkU1QUU4NzBFRjIyMUZEOTU3NzVDRkVBRkVBRDVBQ0Yz
MjM2OC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ2NDQyNjNhLThlZTItNGVlYy1h
ODEwLTU3MzNjY2FmNTFlMy8wLzMxMzUzNzJlMzIzMDJlMzEzMjMwMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMTMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRR4MA0GCSqG
SIb3DQEBCwUAA4IBAQA4YHAkt+QFDQSKwHFPkbzcNqpAwE72gK/92uGhXjJEr4f+
lm3y3zptkUJB1B6vjR5v1rDo3G2IWiUjo9waFTO6HE4dZ1ciJn6KIfle/PU56aR0
FKPTTqwVCA/E6kvmbaHHqRWgJtH09oRHbHBSVmEVH3+FLtz+JUeXdl8GzyX0n+Bw
Pse/RLsjFACdGueZnY9+LBnlzL7RDB+xJpb80PEZMjQUD35p+xfqT0o7/jKHc1Ra
r1ORispmoKCNOMR1wlf20VEseHt1szAMV5RISYSe2RBLSF7yTGIkgPaIotGByCMd
n+SDRykrkRtmafim82wZqc5VmUcDo1xS4LUTzgSf
-----END CERTIFICATE-----
Generated at Sat Feb 22 04:25:46 2025 by rpki-client