Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/51234c4a-a8ff-4036-8420-da8162111806/0/3135372e31352e36322e302f32332d3233203d3e20313532333733.roa
File: 3135372e31352e36322e302f32332d3233203d3e20313532333733.roa (raw, json)
Hash identifier: jXxQ64IynNf9UaROvNwdTvfTlkwJClGyFCLy03gvgpE=
Subject key identifier: 8E:BC:0C:29:CD:50:25:19:03:5D:BF:82:3F:57:F7:AA:17:A3:F8:AC
Certificate issuer: /CN=CB54DC526FA214F9F736926E6AAA16ABE39BF8E8
Certificate serial: 2ACF9D8D796CDEBB351B6205965CD5CB8A71BCB3
Authority key identifier: CB:54:DC:52:6F:A2:14:F9:F7:36:92:6E:6A:AA:16:AB:E3:9B:F8:E8
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CB54DC526FA214F9F736926E6AAA16ABE39BF8E8.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/51234c4a-a8ff-4036-8420-da8162111806/0/3135372e31352e36322e302f32332d3233203d3e20313532333733.roa
Signing time: Thu 20 Feb 2025 20:00:01 +0000
ROA not before: Thu 20 Feb 2025 19:55:01 +0000
ROA not after: Thu 19 Feb 2026 20:00:01 +0000
asID: 152373
IP address blocks: 157.15.62.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:cf:9d:8d:79:6c:de:bb:35:1b:62:05:96:5c:d5:cb:8a:71:bc:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CB54DC526FA214F9F736926E6AAA16ABE39BF8E8
Validity
Not Before: Feb 20 19:55:01 2025 GMT
Not After : Feb 19 20:00:01 2026 GMT
Subject: CN=8EBC0C29CD502519035DBF823F57F7AA17A3F8AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:45:82:dd:06:8a:d3:7f:88:54:a5:e5:f7:6c:
0f:f2:5c:83:89:0d:02:52:9e:09:cc:52:66:08:f3:
e9:6b:c4:f4:6b:1a:3e:2a:d2:b2:0a:a2:23:74:fe:
8e:12:f0:4c:0b:4b:15:3d:d9:f6:62:e7:f6:7d:d0:
0e:33:8b:2b:65:bc:20:5c:0c:29:e8:54:2d:7e:15:
b6:e7:24:b8:2e:87:2a:50:fb:1f:47:32:2d:14:d7:
4f:54:b4:34:6d:83:8b:b1:21:49:1a:7e:79:09:ed:
b8:be:a4:8b:fa:62:93:07:92:4f:7d:13:a2:75:10:
5a:c2:f1:6a:c4:8c:88:90:67:ee:d5:6d:d0:cc:49:
0c:ad:0a:a1:e9:ff:5a:cb:c0:5e:85:ec:b6:a9:4b:
2e:7e:cc:18:2c:0b:09:8c:6f:00:e4:6c:1f:2d:2a:
2b:f6:6a:36:1e:ce:73:bb:e5:57:b7:da:c1:1c:20:
7f:82:94:c8:a6:38:da:9d:3b:da:c4:e5:8f:c6:7f:
75:c7:c3:66:17:94:1d:1e:5e:70:ad:aa:68:84:02:
24:80:2c:99:33:e8:55:9d:f1:05:d0:cb:b2:b4:d8:
6f:db:b9:c9:16:d3:99:0f:0f:eb:b8:97:cd:87:b9:
3e:d0:0f:eb:5d:7d:7b:3b:4a:f0:33:dd:bd:6c:98:
83:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:BC:0C:29:CD:50:25:19:03:5D:BF:82:3F:57:F7:AA:17:A3:F8:AC
X509v3 Authority Key Identifier:
keyid:CB:54:DC:52:6F:A2:14:F9:F7:36:92:6E:6A:AA:16:AB:E3:9B:F8:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/51234c4a-a8ff-4036-8420-da8162111806/0/CB54DC526FA214F9F736926E6AAA16ABE39BF8E8.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CB54DC526FA214F9F736926E6AAA16ABE39BF8E8.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/51234c4a-a8ff-4036-8420-da8162111806/0/3135372e31352e36322e302f32332d3233203d3e20313532333733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.15.62.0/23
Signature Algorithm: sha256WithRSAEncryption
96:03:d0:37:7c:d7:94:47:95:b8:df:a7:96:8a:74:4f:f9:70:
7c:33:ff:36:4a:a4:fc:5b:ea:fb:f3:24:ed:c2:3d:b6:0c:8f:
99:06:de:21:82:ce:b6:e8:0f:38:28:02:11:c0:0c:f5:04:7e:
97:6f:03:d4:c9:78:9e:c6:7d:10:11:91:0d:a9:21:e6:3e:44:
c5:00:85:f4:e4:81:38:b7:74:74:7c:a4:42:27:f7:a4:4b:1f:
ad:98:b1:09:e8:bc:1c:99:01:b0:71:c5:d2:e0:07:72:9d:e2:
90:66:07:38:ae:e2:fd:b8:6f:62:3f:d1:d9:7d:c9:54:b9:f4:
29:f2:77:df:67:07:23:ca:28:78:69:68:25:5d:88:95:30:ae:
a7:35:d2:08:bb:5f:cf:9f:ec:7b:42:be:1c:01:85:25:7e:3e:
7a:77:a4:b2:41:1d:d0:60:8b:1f:ac:e1:9f:d0:4a:7f:cd:36:
78:ad:f6:d6:88:5f:c2:91:d5:3a:96:50:aa:a6:cb:97:df:98:
29:61:20:85:71:4f:b0:1d:38:3b:60:11:97:b3:20:7f:1b:ae:
d8:eb:90:a4:2c:29:e5:64:5c:26:86:18:d3:a5:05:14:82:3e:
de:54:7c:b3:cb:ed:59:11:a2:b7:d4:86:c4:5b:e2:55:c0:fa:
d6:30:e9:e4
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUKs+djXls3rs1G2IFllzVy4pxvLMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0I1NERDNTI2RkEyMTRGOUY3MzY5MjZFNkFBQTE2QUJF
MzlCRjhFODAeFw0yNTAyMjAxOTU1MDFaFw0yNjAyMTkyMDAwMDFaMDMxMTAvBgNV
BAMTKDhFQkMwQzI5Q0Q1MDI1MTkwMzVEQkY4MjNGNTdGN0FBMTdBM0Y4QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3RYLdBorTf4hUpeX3bA/yXIOJ
DQJSngnMUmYI8+lrxPRrGj4q0rIKoiN0/o4S8EwLSxU92fZi5/Z90A4ziytlvCBc
DCnoVC1+FbbnJLguhypQ+x9HMi0U109UtDRtg4uxIUkafnkJ7bi+pIv6YpMHkk99
E6J1EFrC8WrEjIiQZ+7VbdDMSQytCqHp/1rLwF6F7LapSy5+zBgsCwmMbwDkbB8t
Kiv2ajYeznO75Ve32sEcIH+ClMimONqdO9rE5Y/Gf3XHw2YXlB0eXnCtqmiEAiSA
LJkz6FWd8QXQy7K02G/buckW05kPD+u4l82HuT7QD+tdfXs7SvAz3b1smIOBAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUjrwMKc1QJRkDXb+CP1f3qhej+KwwHwYDVR0j
BBgwFoAUy1TcUm+iFPn3NpJuaqoWq+Ob+OgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
MTIzNGM0YS1hOGZmLTQwMzYtODQyMC1kYTgxNjIxMTE4MDYvMC9DQjU0REM1MjZG
QTIxNEY5RjczNjkyNkU2QUFBMTZBQkUzOUJGOEU4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvQ0I1NERDNTI2RkEyMTRGOUY3MzY5MjZFNkFBQTE2QUJFMzlC
RjhFOC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzUxMjM0YzRhLWE4ZmYtNDAzNi04
NDIwLWRhODE2MjExMTgwNi8wLzMxMzUzNzJlMzEzNTJlMzYzMjJlMzAyZjMyMzMy
ZDMyMzMyMDNkM2UyMDMxMzUzMjMzMzczMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZ0PPjANBgkqhkiG
9w0BAQsFAAOCAQEAlgPQN3zXlEeVuN+nlop0T/lwfDP/Nkqk/Fvq+/Mk7cI9tgyP
mQbeIYLOtugPOCgCEcAM9QR+l28D1Ml4nsZ9EBGRDakh5j5ExQCF9OSBOLd0dHyk
Qif3pEsfrZixCei8HJkBsHHF0uAHcp3ikGYHOK7i/bhvYj/R2X3JVLn0KfJ332cH
I8ooeGloJV2IlTCupzXSCLtfz5/se0K+HAGFJX4+enekskEd0GCLH6zhn9BKf802
eK321ohfwpHVOpZQqqbLl9+YKWEghXFPsB04O2ARl7Mgfxuu2OuQpCwp5WRcJoYY
06UFFII+3lR8s8vtWRGit9SGxFviVcD61jDp5A==
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:49:08 2025 by rpki-client