Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/5a519aeb-5c56-4cb3-94a0-0f400ea6a375/0/323430343a666563303a3a2f33322d3332203d3e20313338383636.roa
File: 323430343a666563303a3a2f33322d3332203d3e20313338383636.roa (raw, json)
Hash identifier: 3xWXXks4UVNYkXH6dJVO0j8s1qvxiBuFe16NtmlEZXU=
Subject key identifier: 98:71:33:98:81:C3:CA:6A:08:E9:F3:30:A6:0E:F8:2B:A8:3F:94:E8
Certificate issuer: /CN=3D64FD900E2E64CB159D0067167853AAFC8A7E97
Certificate serial: 29B3A032CDC163A6E74C5040BFC9CBB92D5F4DB6
Authority key identifier: 3D:64:FD:90:0E:2E:64:CB:15:9D:00:67:16:78:53:AA:FC:8A:7E:97
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D64FD900E2E64CB159D0067167853AAFC8A7E97.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/5a519aeb-5c56-4cb3-94a0-0f400ea6a375/0/323430343a666563303a3a2f33322d3332203d3e20313338383636.roa
Signing time: Mon 01 Jul 2024 16:00:02 +0000
ROA not before: Mon 01 Jul 2024 15:55:02 +0000
ROA not after: Mon 30 Jun 2025 16:00:02 +0000
asID: 138866
IP address blocks: 2404:fec0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:b3:a0:32:cd:c1:63:a6:e7:4c:50:40:bf:c9:cb:b9:2d:5f:4d:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3D64FD900E2E64CB159D0067167853AAFC8A7E97
Validity
Not Before: Jul 1 15:55:02 2024 GMT
Not After : Jun 30 16:00:02 2025 GMT
Subject: CN=9871339881C3CA6A08E9F330A60EF82BA83F94E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:de:f4:a9:3c:30:fb:f2:ff:94:40:6b:5e:42:
55:47:7d:ee:96:73:dc:6c:bc:79:df:39:0b:3f:87:
9f:a4:c7:33:0a:2b:2f:49:40:a5:99:e8:d6:bd:4d:
8f:f8:b8:0e:d8:d7:50:a5:57:96:40:4f:ad:9e:95:
bb:b2:93:10:8e:17:c9:56:04:87:56:15:a6:34:54:
4b:10:99:89:75:e2:00:e6:9b:32:9c:a6:44:a0:6e:
e9:9c:df:fb:a8:64:5f:10:e2:19:d1:c8:01:c3:e4:
8b:c1:dd:08:7f:a5:23:38:31:97:b0:9a:26:bb:44:
19:8c:50:9b:bd:b1:0f:f6:3d:7b:6c:07:76:04:12:
32:99:dc:fb:f0:85:1d:d2:3b:ab:50:6e:af:ea:65:
ba:cb:6c:ff:48:10:64:c6:8a:59:4a:da:32:82:4e:
d7:fd:71:19:6b:cb:cb:fc:96:c6:10:13:d8:37:e1:
0c:03:b2:fe:b8:f7:d0:a6:6e:52:69:f1:53:1b:6b:
bd:de:38:61:20:a0:16:ed:0d:17:5a:e6:7d:1b:16:
5a:7f:e6:af:ea:35:3c:65:51:c3:4c:2b:e1:35:34:
44:f4:76:7e:c3:98:1a:f1:2c:20:69:94:eb:ff:cb:
ab:64:ca:a2:f6:95:f2:25:0f:5c:a5:06:3e:7e:19:
63:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:71:33:98:81:C3:CA:6A:08:E9:F3:30:A6:0E:F8:2B:A8:3F:94:E8
X509v3 Authority Key Identifier:
keyid:3D:64:FD:90:0E:2E:64:CB:15:9D:00:67:16:78:53:AA:FC:8A:7E:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/5a519aeb-5c56-4cb3-94a0-0f400ea6a375/0/3D64FD900E2E64CB159D0067167853AAFC8A7E97.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D64FD900E2E64CB159D0067167853AAFC8A7E97.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5a519aeb-5c56-4cb3-94a0-0f400ea6a375/0/323430343a666563303a3a2f33322d3332203d3e20313338383636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2404:fec0::/32
Signature Algorithm: sha256WithRSAEncryption
49:31:be:74:cc:51:ed:57:de:7e:4e:2a:38:3e:e3:e7:29:a9:
be:dc:99:70:5e:03:be:fa:14:39:99:80:a8:3f:28:f5:01:fc:
6f:5f:7a:c7:97:d8:f0:aa:58:65:68:4e:08:92:0a:7c:6c:2e:
df:28:c4:3a:e2:33:8c:26:e7:38:f2:3b:2c:20:2d:0f:07:a1:
2b:f6:7d:5a:e9:d2:8b:16:41:f0:84:8e:c3:a2:07:54:6a:35:
42:8a:77:bb:76:e5:07:55:b1:e3:2b:e9:11:6b:3e:e4:a0:fe:
99:f6:12:1f:3d:bd:f2:8f:23:ee:e6:37:dc:68:4f:8a:fc:00:
34:59:7f:76:01:58:29:a7:40:c6:e0:03:7f:6a:98:ef:54:d5:
a1:bd:42:19:97:b3:96:84:02:a1:2e:38:f0:f6:35:b4:0b:fb:
0a:25:6e:32:7b:80:3f:35:3b:a6:6b:c7:40:9b:1c:31:28:31:
2f:7e:bb:1d:17:36:cb:4e:f1:ec:77:c9:bd:1b:ac:7e:4c:99:
ae:b6:aa:84:66:a7:2a:8e:7b:77:b9:7f:3d:af:93:e8:92:b4:
64:c4:3c:58:30:71:fd:5e:3a:c4:7c:e2:17:6b:16:cf:ad:f8:
3c:49:34:db:95:0d:75:5e:9b:99:b6:57:d9:b9:28:97:05:94:
9c:6e:30:b4
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUKbOgMs3BY6bnTFBAv8nLuS1fTbYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Q2NEZEOTAwRTJFNjRDQjE1OUQwMDY3MTY3ODUzQUFG
QzhBN0U5NzAeFw0yNDA3MDExNTU1MDJaFw0yNTA2MzAxNjAwMDJaMDMxMTAvBgNV
BAMTKDk4NzEzMzk4ODFDM0NBNkEwOEU5RjMzMEE2MEVGODJCQTgzRjk0RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC43vSpPDD78v+UQGteQlVHfe6W
c9xsvHnfOQs/h5+kxzMKKy9JQKWZ6Na9TY/4uA7Y11ClV5ZAT62elbuykxCOF8lW
BIdWFaY0VEsQmYl14gDmmzKcpkSgbumc3/uoZF8Q4hnRyAHD5IvB3Qh/pSM4MZew
mia7RBmMUJu9sQ/2PXtsB3YEEjKZ3PvwhR3SO6tQbq/qZbrLbP9IEGTGillK2jKC
Ttf9cRlry8v8lsYQE9g34QwDsv6499CmblJp8VMba73eOGEgoBbtDRda5n0bFlp/
5q/qNTxlUcNMK+E1NET0dn7DmBrxLCBplOv/y6tkyqL2lfIlD1ylBj5+GWMxAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUmHEzmIHDymoI6fMwpg74K6g/lOgwHwYDVR0j
BBgwFoAUPWT9kA4uZMsVnQBnFnhTqvyKfpcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
YTUxOWFlYi01YzU2LTRjYjMtOTRhMC0wZjQwMGVhNmEzNzUvMC8zRDY0RkQ5MDBF
MkU2NENCMTU5RDAwNjcxNjc4NTNBQUZDOEE3RTk3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvM0Q2NEZEOTAwRTJFNjRDQjE1OUQwMDY3MTY3ODUzQUFGQzhB
N0U5Ny5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVhNTE5YWViLTVjNTYtNGNiMy05
NGEwLTBmNDAwZWE2YTM3NS8wLzMyMzQzMDM0M2E2NjY1NjMzMDNhM2EyZjMzMzIy
ZDMzMzIyMDNkM2UyMDMxMzMzODM4MzYzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQE/sAwDQYJKoZI
hvcNAQELBQADggEBAEkxvnTMUe1X3n5OKjg+4+cpqb7cmXBeA776FDmZgKg/KPUB
/G9feseX2PCqWGVoTgiSCnxsLt8oxDriM4wm5zjyOywgLQ8HoSv2fVrp0osWQfCE
jsOiB1RqNUKKd7t25QdVseMr6RFrPuSg/pn2Eh89vfKPI+7mN9xoT4r8ADRZf3YB
WCmnQMbgA39qmO9U1aG9QhmXs5aEAqEuOPD2NbQL+wolbjJ7gD81O6Zrx0CbHDEo
MS9+ux0XNstO8ex3yb0brH5Mma62qoRmpyqOe3e5fz2vk+iStGTEPFgwcf1eOsR8
4hdrFs+t+DxJNNuVDXVem5m2V9m5KJcFlJxuMLQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:04:23 2025 by rpki-client