Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/608b2959-1c25-46a0-89d1-f77d5c474691/0/3231302e35372e3230392e302f32342d3234203d3e203338313432.roa
File: 3231302e35372e3230392e302f32342d3234203d3e203338313432.roa (raw, json)
Hash identifier: 9rMYsccqlUlU/MG43HYhUrMN+tfhHpYZ3vOxhHvtNFA=
Subject key identifier: 3C:19:D1:FB:C0:3A:B4:14:23:26:38:DF:C2:D0:92:B3:2F:B6:7A:A2
Certificate issuer: /CN=29A4AE587F980E73A344FD1ED55C47566E609511
Certificate serial: 4CF9C371CF388CAD2A36423D2601CC037F8C4D2C
Authority key identifier: 29:A4:AE:58:7F:98:0E:73:A3:44:FD:1E:D5:5C:47:56:6E:60:95:11
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/29A4AE587F980E73A344FD1ED55C47566E609511.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/608b2959-1c25-46a0-89d1-f77d5c474691/0/3231302e35372e3230392e302f32342d3234203d3e203338313432.roa
Signing time: Mon 21 Oct 2024 13:00:02 +0000
ROA not before: Mon 21 Oct 2024 12:55:02 +0000
ROA not after: Mon 20 Oct 2025 13:00:02 +0000
asID: 38142
IP address blocks: 210.57.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:f9:c3:71:cf:38:8c:ad:2a:36:42:3d:26:01:cc:03:7f:8c:4d:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29A4AE587F980E73A344FD1ED55C47566E609511
Validity
Not Before: Oct 21 12:55:02 2024 GMT
Not After : Oct 20 13:00:02 2025 GMT
Subject: CN=3C19D1FBC03AB414232638DFC2D092B32FB67AA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6b:95:88:80:58:b4:4b:60:b9:f5:63:94:4b:
31:62:23:82:d3:7c:a4:d2:65:2e:da:6f:75:f0:e0:
36:9d:2f:ac:80:67:13:a6:ee:ce:f8:85:b0:fa:7e:
9e:bc:45:3f:19:d1:b2:de:b3:f2:0f:66:8a:3a:4d:
4f:a0:19:91:a4:50:22:c7:02:ba:17:4b:a4:44:42:
67:cc:06:62:24:71:5f:b2:f6:e7:93:58:6d:d0:75:
6f:99:fa:9c:b9:0e:4e:57:55:0f:5e:a7:7b:6c:33:
db:ff:4d:3c:7b:5c:d9:c6:e4:0a:26:0b:2d:55:b4:
8d:17:a8:a5:0e:19:86:49:22:ea:c0:8f:8d:66:33:
4e:0a:58:8c:9b:b5:41:0d:5c:5b:b5:7f:3c:dc:dc:
b0:24:4d:50:90:8c:3b:6e:51:7e:8f:25:55:a4:db:
92:1e:17:50:fe:2a:bb:c1:15:b1:87:42:4c:a0:57:
22:92:9a:f7:7b:6a:dd:7c:a7:78:69:4b:a7:01:03:
fc:41:ce:97:b5:60:d2:d2:96:1f:b0:b8:11:5e:28:
34:bf:58:2f:e8:cb:a7:28:7d:fa:0a:88:55:63:cf:
3e:98:07:5f:80:7b:2c:cc:a5:6e:f3:80:d1:2d:c5:
ef:08:ba:02:02:86:cd:ba:30:54:86:d5:14:a7:18:
8a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:19:D1:FB:C0:3A:B4:14:23:26:38:DF:C2:D0:92:B3:2F:B6:7A:A2
X509v3 Authority Key Identifier:
keyid:29:A4:AE:58:7F:98:0E:73:A3:44:FD:1E:D5:5C:47:56:6E:60:95:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/608b2959-1c25-46a0-89d1-f77d5c474691/0/29A4AE587F980E73A344FD1ED55C47566E609511.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/29A4AE587F980E73A344FD1ED55C47566E609511.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/608b2959-1c25-46a0-89d1-f77d5c474691/0/3231302e35372e3230392e302f32342d3234203d3e203338313432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
210.57.209.0/24
Signature Algorithm: sha256WithRSAEncryption
14:41:09:84:94:4e:e6:93:64:d6:af:f1:ec:a7:44:a7:62:2b:
08:9e:d9:eb:3f:bb:98:75:b1:93:22:5f:4e:2e:30:24:26:86:
5a:6d:7b:99:41:3a:c0:ff:8b:5e:d4:e6:66:19:1a:3f:a8:05:
19:65:54:66:51:40:f4:26:97:97:32:7b:46:23:e4:5d:2c:b4:
b5:16:2d:9e:28:93:35:06:fc:df:8f:e5:1b:ea:1f:b4:17:5b:
d5:b9:cc:54:7e:89:37:93:1f:18:de:04:35:d2:d3:e5:67:a9:
13:ca:f1:b6:4a:88:0f:a7:40:e7:8c:fb:ff:98:36:95:dd:e8:
59:07:a0:b0:b2:1f:a9:19:2e:ca:c4:79:d5:2b:e1:e7:64:3f:
f4:d0:81:90:73:ef:eb:36:43:ce:b7:a9:19:ac:5e:97:ea:3e:
20:65:93:c8:e7:bd:93:b2:72:59:0c:f6:0b:cd:4e:1b:c3:d3:
4b:3e:67:07:bf:0e:0b:80:48:c4:db:a7:15:8f:c5:85:f7:aa:
18:74:00:30:c1:97:aa:01:d8:6c:f5:d5:ef:ed:f7:d5:5f:37:
9c:51:7d:3a:6f:f5:e9:de:65:2d:d7:6c:c0:6b:26:ed:38:45:
be:c4:1b:41:bd:de:47:10:68:1b:20:4a:e0:5d:3f:8e:65:5c:
94:2e:59:13
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUTPnDcc84jK0qNkI9JgHMA3+MTSwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjlBNEFFNTg3Rjk4MEU3M0EzNDRGRDFFRDU1QzQ3NTY2
RTYwOTUxMTAeFw0yNDEwMjExMjU1MDJaFw0yNTEwMjAxMzAwMDJaMDMxMTAvBgNV
BAMTKDNDMTlEMUZCQzAzQUI0MTQyMzI2MzhERkMyRDA5MkIzMkZCNjdBQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpa5WIgFi0S2C59WOUSzFiI4LT
fKTSZS7ab3Xw4DadL6yAZxOm7s74hbD6fp68RT8Z0bLes/IPZoo6TU+gGZGkUCLH
AroXS6REQmfMBmIkcV+y9ueTWG3QdW+Z+py5Dk5XVQ9ep3tsM9v/TTx7XNnG5Aom
Cy1VtI0XqKUOGYZJIurAj41mM04KWIybtUENXFu1fzzc3LAkTVCQjDtuUX6PJVWk
25IeF1D+KrvBFbGHQkygVyKSmvd7at18p3hpS6cBA/xBzpe1YNLSlh+wuBFeKDS/
WC/oy6coffoKiFVjzz6YB1+AeyzMpW7zgNEtxe8IugIChs26MFSG1RSnGIoVAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUPBnR+8A6tBQjJjjfwtCSsy+2eqIwHwYDVR0j
BBgwFoAUKaSuWH+YDnOjRP0e1VxHVm5glREwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
MDhiMjk1OS0xYzI1LTQ2YTAtODlkMS1mNzdkNWM0NzQ2OTEvMC8yOUE0QUU1ODdG
OTgwRTczQTM0NEZEMUVENTVDNDc1NjZFNjA5NTExLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjlBNEFFNTg3Rjk4MEU3M0EzNDRGRDFFRDU1QzQ3NTY2RTYw
OTUxMS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYwOGIyOTU5LTFjMjUtNDZhMC04
OWQxLWY3N2Q1YzQ3NDY5MS8wLzMyMzEzMDJlMzUzNzJlMzIzMDM5MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzMzODMxMzQzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANI50TANBgkqhkiG
9w0BAQsFAAOCAQEAFEEJhJRO5pNk1q/x7KdEp2IrCJ7Z6z+7mHWxkyJfTi4wJCaG
Wm17mUE6wP+LXtTmZhkaP6gFGWVUZlFA9CaXlzJ7RiPkXSy0tRYtniiTNQb834/l
G+oftBdb1bnMVH6JN5MfGN4ENdLT5WepE8rxtkqID6dA54z7/5g2ld3oWQegsLIf
qRkuysR51Svh52Q/9NCBkHPv6zZDzrepGaxel+o+IGWTyOe9k7JyWQz2C81OG8PT
Sz5nB78OC4BIxNunFY/FhfeqGHQAMMGXqgHYbPXV7+331V83nFF9Om/16d5lLdds
wGsm7ThFvsQbQb3eRxBoGyBK4F0/jmVclC5ZEw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:18:12 2025 by rpki-client