Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/323430363a373734303a3a2f33322d3438203d3e20313431303733.roa
File: 323430363a373734303a3a2f33322d3438203d3e20313431303733.roa (raw, json)
Hash identifier: 9pt7JLtOWMCBsJXp8H1J28V9N/OUvx5VflNai/uQZgc=
Subject key identifier: 84:BC:C3:A0:CE:F8:19:1F:9A:55:4E:EA:9C:0E:3B:CB:26:BD:EC:64
Certificate issuer: /CN=2D18956397FA6055A44153CABF07303FD6E55E44
Certificate serial: 477936EB748228341BF3081007C63CC1A42D1419
Authority key identifier: 2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/323430363a373734303a3a2f33322d3438203d3e20313431303733.roa
Signing time: Wed 01 Jan 2025 05:00:02 +0000
ROA not before: Wed 01 Jan 2025 04:55:02 +0000
ROA not after: Wed 31 Dec 2025 05:00:02 +0000
asID: 141073
IP address blocks: 2406:7740::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:79:36:eb:74:82:28:34:1b:f3:08:10:07:c6:3c:c1:a4:2d:14:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D18956397FA6055A44153CABF07303FD6E55E44
Validity
Not Before: Jan 1 04:55:02 2025 GMT
Not After : Dec 31 05:00:02 2025 GMT
Subject: CN=84BCC3A0CEF8191F9A554EEA9C0E3BCB26BDEC64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:16:fa:23:61:cc:6e:6c:89:f0:c2:3e:b7:e9:
02:9d:5d:ed:7d:53:42:0d:bf:ac:c5:06:48:f2:aa:
67:7a:01:b5:a9:93:fa:49:b4:88:9b:dd:48:c1:03:
86:63:9d:e1:d7:7b:05:95:1a:00:18:4f:87:aa:d1:
d3:33:4f:c8:ab:29:14:fb:c1:46:2d:a4:b1:59:fa:
91:93:3f:52:77:eb:93:5c:8d:4f:52:55:c0:e2:a2:
75:e6:9a:a0:d5:a1:5e:1a:e5:db:5f:35:d0:15:bd:
44:1e:51:82:0f:7d:fc:6b:9a:87:c7:28:44:6d:3b:
61:07:c1:27:d2:10:d8:7f:7e:fe:93:c3:9f:e1:c8:
fe:26:76:d4:5d:9e:90:a9:e8:dd:7a:62:24:e5:9f:
0b:75:28:c3:d4:32:cb:0b:09:22:d4:b9:92:ea:6d:
82:f3:6d:12:87:44:f5:16:49:53:48:67:c1:b8:ae:
4c:40:7a:53:46:e4:53:50:59:67:1e:70:6f:6e:d0:
16:46:61:13:10:c2:b2:7e:a3:67:a8:30:17:25:df:
14:cf:6e:8b:8b:f7:48:42:33:44:9f:5e:04:c9:61:
cf:d9:45:c3:c9:f7:ee:b8:9b:e6:5b:f1:79:a7:ef:
2a:31:bf:09:04:b1:80:99:06:a1:08:85:aa:39:40:
2f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:BC:C3:A0:CE:F8:19:1F:9A:55:4E:EA:9C:0E:3B:CB:26:BD:EC:64
X509v3 Authority Key Identifier:
keyid:2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/323430363a373734303a3a2f33322d3438203d3e20313431303733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:7740::/32
Signature Algorithm: sha256WithRSAEncryption
c0:5a:e6:08:09:c1:be:7a:b3:ba:a2:09:c0:02:ca:76:d0:31:
db:01:c6:6a:d0:b3:80:53:fc:f9:b3:f1:2b:7c:fe:a2:c0:6d:
3d:1c:5c:cf:ab:c8:83:a5:81:c1:e3:e3:d4:26:a8:69:2c:10:
7f:41:13:8d:29:9f:36:4a:86:d4:e4:6c:cc:a7:ec:07:5c:c4:
b1:7b:d7:af:ab:12:c2:b9:99:b2:3a:be:95:1a:67:d0:87:7a:
09:b7:7d:1a:3b:60:d0:e5:6b:a7:43:48:26:ff:ea:12:88:13:
af:9a:e3:53:c0:3c:7c:54:bf:56:2f:4c:f4:e2:53:73:a4:22:
42:c0:d0:52:9f:58:71:2b:85:6e:57:f5:fc:e4:be:96:d6:81:
9f:79:57:81:35:ac:b5:d4:6d:78:50:59:0a:4b:7a:e3:ab:08:
77:c6:fe:05:2b:ab:8a:c9:a4:70:49:61:72:b5:94:98:42:f2:
34:19:42:17:a1:ca:88:b4:b8:12:02:3b:ad:93:86:1b:e0:10:
6e:48:f9:ad:d3:31:05:cd:28:eb:23:6b:b9:5f:3a:27:91:d4:
b5:30:b9:94:73:98:00:f9:fa:1a:b8:a6:19:3d:10:ee:ad:6d:
7a:ef:a7:47:73:b3:a0:d8:5f:46:42:03:ee:f8:e1:0c:32:7b:
66:96:27:15
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUR3k263SCKDQb8wgQB8Y8waQtFBkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZE
NkU1NUU0NDAeFw0yNTAxMDEwNDU1MDJaFw0yNTEyMzEwNTAwMDJaMDMxMTAvBgNV
BAMTKDg0QkNDM0EwQ0VGODE5MUY5QTU1NEVFQTlDMEUzQkNCMjZCREVDNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrFvojYcxubInwwj636QKdXe19
U0INv6zFBkjyqmd6AbWpk/pJtIib3UjBA4ZjneHXewWVGgAYT4eq0dMzT8irKRT7
wUYtpLFZ+pGTP1J365NcjU9SVcDionXmmqDVoV4a5dtfNdAVvUQeUYIPffxrmofH
KERtO2EHwSfSENh/fv6Tw5/hyP4mdtRdnpCp6N16YiTlnwt1KMPUMssLCSLUuZLq
bYLzbRKHRPUWSVNIZ8G4rkxAelNG5FNQWWcecG9u0BZGYRMQwrJ+o2eoMBcl3xTP
bouL90hCM0SfXgTJYc/ZRcPJ9+64m+Zb8Xmn7yoxvwkEsYCZBqEIhao5QC/HAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUhLzDoM74GR+aVU7qnA47yya97GQwHwYDVR0j
BBgwFoAULRiVY5f6YFWkQVPKvwcwP9blXkQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
ODU4Zjg1Yy1hNDU4LTRhNTgtYmJkZS00YmZiMzQzZGM0YjAvMC8yRDE4OTU2Mzk3
RkE2MDU1QTQ0MTUzQ0FCRjA3MzAzRkQ2RTU1RTQ0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZENkU1
NUU0NC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ4NThmODVjLWE0NTgtNGE1OC1i
YmRlLTRiZmIzNDNkYzRiMC8wLzMyMzQzMDM2M2EzNzM3MzQzMDNhM2EyZjMzMzIy
ZDM0MzgyMDNkM2UyMDMxMzQzMTMwMzczMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQGd0AwDQYJKoZI
hvcNAQELBQADggEBAMBa5ggJwb56s7qiCcACynbQMdsBxmrQs4BT/Pmz8St8/qLA
bT0cXM+ryIOlgcHj49QmqGksEH9BE40pnzZKhtTkbMyn7AdcxLF716+rEsK5mbI6
vpUaZ9CHegm3fRo7YNDla6dDSCb/6hKIE6+a41PAPHxUv1YvTPTiU3OkIkLA0FKf
WHErhW5X9fzkvpbWgZ95V4E1rLXUbXhQWQpLeuOrCHfG/gUrq4rJpHBJYXK1lJhC
8jQZQhehyoi0uBICO62ThhvgEG5I+a3TMQXNKOsja7lfOieR1LUwuZRzmAD5+hq4
phk9EO6tbXrvp0dzs6DYX0ZCA+744Qwye2aWJxU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:50:42 2025 by rpki-client