Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/3135372e32302e3230342e302f32332d3234203d3e20313532343139.roa
File: 3135372e32302e3230342e302f32332d3234203d3e20313532343139.roa (raw, json)
Hash identifier: mBt52f39yB2WTMjY8yTiBWW7j1vK6aWMbOkMPXZ1lgU=
Subject key identifier: FC:F0:10:4B:A6:F0:2D:18:5F:5F:A1:DD:BD:D8:00:18:36:F8:C2:E2
Certificate issuer: /CN=77ACF18F5317E7A202E583C3C59C223234FA2D8B
Certificate serial: 33BE1BFC253ADE7EC4E7CE8DE80B7D7C5A8403E8
Authority key identifier: 77:AC:F1:8F:53:17:E7:A2:02:E5:83:C3:C5:9C:22:32:34:FA:2D:8B
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/77ACF18F5317E7A202E583C3C59C223234FA2D8B.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/3135372e32302e3230342e302f32332d3234203d3e20313532343139.roa
Signing time: Wed 08 Jan 2025 10:59:22 +0000
ROA not before: Wed 08 Jan 2025 10:54:22 +0000
ROA not after: Wed 07 Jan 2026 10:59:22 +0000
asID: 152419
IP address blocks: 157.20.204.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:be:1b:fc:25:3a:de:7e:c4:e7:ce:8d:e8:0b:7d:7c:5a:84:03:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77ACF18F5317E7A202E583C3C59C223234FA2D8B
Validity
Not Before: Jan 8 10:54:22 2025 GMT
Not After : Jan 7 10:59:22 2026 GMT
Subject: CN=FCF0104BA6F02D185F5FA1DDBDD8001836F8C2E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a1:44:b7:6c:d3:93:ba:b9:86:18:9e:df:63:
b6:75:27:de:75:dd:20:28:ac:f9:c2:47:d3:74:b9:
c5:1d:71:9f:c1:58:99:77:06:fb:32:a2:5c:5b:c3:
ed:82:dc:ec:61:69:7d:51:2b:ec:42:33:03:b3:f8:
0c:fb:5a:b6:f6:e4:8c:e1:86:23:a5:71:95:18:ea:
4e:3f:b9:5d:5d:44:65:88:d3:fd:4f:6b:e6:11:c2:
2d:5a:78:99:c5:3f:1e:d9:15:45:f6:66:67:20:81:
f8:71:ed:7a:72:9d:01:92:6c:b2:1b:36:8e:93:db:
c1:f5:71:8d:b5:c0:76:5e:47:9b:2d:6d:bc:4d:0e:
34:ed:20:a7:d8:9b:be:d4:73:5d:49:69:ba:65:b3:
24:16:61:92:28:0c:11:88:7b:19:45:14:70:5e:69:
96:88:42:12:b9:dc:5d:b4:ef:16:70:af:c6:04:a4:
d5:50:7f:b3:2b:9b:34:5e:9d:3d:95:66:1c:a1:9c:
89:45:aa:06:b4:fb:9e:56:9b:d6:99:68:3b:d0:f2:
b8:a2:5c:b3:f7:a8:db:e2:b3:52:25:08:64:73:8a:
c9:7f:f3:f8:9e:40:d8:56:0e:1e:9a:fa:1f:bb:fd:
0b:48:b0:1d:8f:4d:7a:10:10:5b:06:a4:ac:74:41:
11:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F0:10:4B:A6:F0:2D:18:5F:5F:A1:DD:BD:D8:00:18:36:F8:C2:E2
X509v3 Authority Key Identifier:
keyid:77:AC:F1:8F:53:17:E7:A2:02:E5:83:C3:C5:9C:22:32:34:FA:2D:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/77ACF18F5317E7A202E583C3C59C223234FA2D8B.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/77ACF18F5317E7A202E583C3C59C223234FA2D8B.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5d823bb3-5a01-4658-a783-f8e89fadcf45/0/3135372e32302e3230342e302f32332d3234203d3e20313532343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.204.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:ba:58:c7:0b:b4:94:21:17:bc:04:84:c9:7d:c5:10:f1:f2:
e1:3c:02:f2:84:4c:3f:24:e1:6c:27:a7:0c:d6:25:5f:5c:f9:
81:8a:f0:98:ec:dc:34:3b:2f:c5:45:2b:42:e2:60:14:04:2b:
a2:f3:04:9e:5a:76:2b:0a:d4:0c:c8:ca:4b:1e:06:d1:48:42:
0d:95:63:0a:ac:dd:8b:22:46:6a:90:18:da:76:0e:95:39:40:
ac:02:d3:4d:e1:38:44:7c:4d:41:ba:98:28:8e:98:e4:46:71:
d6:21:5e:ed:f2:20:3b:d8:18:bc:6d:a1:87:96:6d:13:be:7d:
47:ac:0e:2d:c6:fd:20:4e:88:c5:c7:27:19:03:3c:4e:36:2b:
76:34:17:a0:e1:c8:01:b3:d2:eb:7f:f4:78:fe:7c:e9:75:c7:
af:23:6d:a7:99:8c:b7:5d:94:1e:cf:80:95:3f:5f:45:fc:13:
d9:4b:93:40:f0:0c:3c:e1:ee:65:54:8d:5d:ca:25:90:2d:9e:
46:9c:7b:6d:d1:e6:4b:06:92:54:5a:12:48:56:51:f6:c9:b1:
5f:07:a5:69:06:44:08:4a:9f:1d:23:b3:c3:5d:77:1a:e1:78:
1b:47:8c:d0:61:91:9a:6d:d7:62:8b:d3:ae:c5:f7:d7:68:f5:
0b:5f:b9:d3
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUM74b/CU63n7E586N6At9fFqEA+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzdBQ0YxOEY1MzE3RTdBMjAyRTU4M0MzQzU5QzIyMzIz
NEZBMkQ4QjAeFw0yNTAxMDgxMDU0MjJaFw0yNjAxMDcxMDU5MjJaMDMxMTAvBgNV
BAMTKEZDRjAxMDRCQTZGMDJEMTg1RjVGQTFEREJERDgwMDE4MzZGOEMyRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFoUS3bNOTurmGGJ7fY7Z1J951
3SAorPnCR9N0ucUdcZ/BWJl3Bvsyolxbw+2C3OxhaX1RK+xCMwOz+Az7Wrb25Izh
hiOlcZUY6k4/uV1dRGWI0/1Pa+YRwi1aeJnFPx7ZFUX2Zmcggfhx7XpynQGSbLIb
No6T28H1cY21wHZeR5stbbxNDjTtIKfYm77Uc11JabplsyQWYZIoDBGIexlFFHBe
aZaIQhK53F207xZwr8YEpNVQf7MrmzRenT2VZhyhnIlFqga0+55Wm9aZaDvQ8rii
XLP3qNvis1IlCGRzisl/8/ieQNhWDh6a+h+7/QtIsB2PTXoQEFsGpKx0QRGPAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU/PAQS6bwLRhfX6HdvdgAGDb4wuIwHwYDVR0j
BBgwFoAUd6zxj1MX56IC5YPDxZwiMjT6LYswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
ZDgyM2JiMy01YTAxLTQ2NTgtYTc4My1mOGU4OWZhZGNmNDUvMC83N0FDRjE4RjUz
MTdFN0EyMDJFNTgzQzNDNTlDMjIzMjM0RkEyRDhCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvNzdBQ0YxOEY1MzE3RTdBMjAyRTU4M0MzQzU5QzIyMzIzNEZB
MkQ4Qi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVkODIzYmIzLTVhMDEtNDY1OC1h
NzgzLWY4ZTg5ZmFkY2Y0NS8wLzMxMzUzNzJlMzIzMDJlMzIzMDM0MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRTMMA0GCSqG
SIb3DQEBCwUAA4IBAQB8uljHC7SUIRe8BITJfcUQ8fLhPALyhEw/JOFsJ6cM1iVf
XPmBivCY7Nw0Oy/FRStC4mAUBCui8wSeWnYrCtQMyMpLHgbRSEINlWMKrN2LIkZq
kBjadg6VOUCsAtNN4ThEfE1BupgojpjkRnHWIV7t8iA72Bi8baGHlm0Tvn1HrA4t
xv0gTojFxycZAzxONit2NBeg4cgBs9Lrf/R4/nzpdcevI22nmYy3XZQez4CVP19F
/BPZS5NA8Aw84e5lVI1dyiWQLZ5GnHtt0eZLBpJUWhJIVlH2ybFfB6VpBkQISp8d
I7PDXXca4XgbR4zQYZGabddii9OuxffXaPULX7nT
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:36 2025 by rpki-client