Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/63669ea4-e82f-46c3-8dd3-2e988159b202/0/3230322e3133332e302e302f32312d3231203d3e203234323030.roa
File: 3230322e3133332e302e302f32312d3231203d3e203234323030.roa (raw, json)
Hash identifier: TfiqH+4JRlzCqMd+ohke3uaa5qrL5wiizfc5eyZU4Bw=
Subject key identifier: 37:42:24:E5:CC:7E:EB:3C:80:36:F2:95:CF:C4:FF:54:8C:05:59:B8
Certificate issuer: /CN=D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40
Certificate serial: 0880CA5BF5BFF1E5038FA5BC80515C6A2F90F1E0
Authority key identifier: D0:C6:D7:5C:3C:34:7D:5B:27:C7:89:11:F6:2C:5F:AB:8B:A7:BE:40
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/63669ea4-e82f-46c3-8dd3-2e988159b202/0/3230322e3133332e302e302f32312d3231203d3e203234323030.roa
Signing time: Mon 23 Dec 2024 08:37:37 +0000
ROA not before: Mon 23 Dec 2024 08:32:37 +0000
ROA not after: Mon 22 Dec 2025 08:37:37 +0000
asID: 24200
IP address blocks: 202.133.0.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:80:ca:5b:f5:bf:f1:e5:03:8f:a5:bc:80:51:5c:6a:2f:90:f1:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40
Validity
Not Before: Dec 23 08:32:37 2024 GMT
Not After : Dec 22 08:37:37 2025 GMT
Subject: CN=374224E5CC7EEB3C8036F295CFC4FF548C0559B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b2:5c:0f:8d:b8:ec:c7:65:29:29:31:6c:ac:
15:14:20:67:30:f6:67:14:40:72:c7:44:02:13:b9:
05:8e:24:fb:ad:98:b5:9b:4a:5d:68:56:45:bc:2f:
75:ad:30:f5:2a:52:fa:96:ed:2c:64:dd:07:96:9d:
d2:0f:12:a7:3f:9c:28:30:c0:c4:1a:5d:df:83:62:
58:a4:82:ce:a7:fc:1b:ff:92:58:df:f1:a0:6f:46:
e8:c7:6e:43:18:d4:6d:f1:2b:b4:5c:28:62:56:2d:
81:89:bb:fd:43:58:71:93:df:2e:9d:1d:35:48:a9:
81:b0:e3:eb:0e:50:53:99:09:8a:9f:79:c7:98:05:
11:11:66:39:6d:83:37:c3:69:31:4e:a0:ae:18:dd:
1b:d7:2c:75:13:dd:d5:2b:4b:df:c4:c7:7c:95:d6:
1b:56:a2:ca:fb:16:b4:b7:e1:bb:9b:9a:74:9d:9b:
84:c9:c9:78:a9:0a:0b:cf:f4:45:51:ea:54:7d:9e:
6a:f3:8e:10:15:22:58:b9:31:aa:2b:61:21:1d:90:
34:55:51:28:af:68:88:53:26:c8:0a:d5:6e:25:bd:
35:a2:c1:52:e4:52:4d:0d:1d:50:57:50:4d:e2:9e:
5a:55:ba:ff:6f:f3:34:13:3d:c6:1e:71:a1:ae:13:
31:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:42:24:E5:CC:7E:EB:3C:80:36:F2:95:CF:C4:FF:54:8C:05:59:B8
X509v3 Authority Key Identifier:
keyid:D0:C6:D7:5C:3C:34:7D:5B:27:C7:89:11:F6:2C:5F:AB:8B:A7:BE:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/63669ea4-e82f-46c3-8dd3-2e988159b202/0/D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/63669ea4-e82f-46c3-8dd3-2e988159b202/0/3230322e3133332e302e302f32312d3231203d3e203234323030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.133.0.0/21
Signature Algorithm: sha256WithRSAEncryption
ae:b1:c7:ba:76:67:2e:80:c6:e1:1f:93:62:95:45:18:28:7a:
12:6a:81:4a:94:df:92:f0:eb:56:33:e1:a3:22:a9:c2:cf:4b:
01:34:c5:44:d7:1a:eb:3c:27:65:d0:7d:bf:26:d6:f8:83:95:
96:3c:6e:2f:a7:94:d1:03:61:98:e3:19:01:65:19:a6:e0:36:
40:4a:53:05:5e:fa:7b:96:80:18:42:56:f5:a6:91:15:29:a0:
09:ff:ea:8e:6d:09:2c:92:32:a2:70:43:53:08:c4:91:31:01:
c6:7e:c2:9f:a8:95:f1:36:e8:3b:a2:a2:a4:64:4d:1f:df:bc:
eb:77:e9:38:d5:3b:28:7a:8a:93:de:1a:53:3a:b5:d9:ef:ca:
a8:6f:60:87:1e:b2:9b:cd:ad:5f:94:dc:e0:a2:9b:51:7b:69:
ec:ee:aa:f2:27:62:55:1b:e4:f6:81:62:1b:94:80:bb:8b:6c:
94:da:86:1d:8d:ef:66:81:46:3e:7f:55:3b:59:14:98:22:d7:
8e:5d:bd:39:c7:8d:10:a6:4d:41:45:76:3c:f2:ea:7b:1e:0e:
39:59:a0:af:60:ed:98:1a:3f:f2:b0:7f:e8:9b:8c:c5:0a:1c:
a1:86:0f:ab:78:4d:ea:17:98:8f:08:f6:48:f0:a0:69:aa:15:
d1:f8:0a:e0
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUCIDKW/W/8eUDj6W8gFFcai+Q8eAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDBDNkQ3NUMzQzM0N0Q1QjI3Qzc4OTExRjYyQzVGQUI4
QkE3QkU0MDAeFw0yNDEyMjMwODMyMzdaFw0yNTEyMjIwODM3MzdaMDMxMTAvBgNV
BAMTKDM3NDIyNEU1Q0M3RUVCM0M4MDM2RjI5NUNGQzRGRjU0OEMwNTU5QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBslwPjbjsx2UpKTFsrBUUIGcw
9mcUQHLHRAITuQWOJPutmLWbSl1oVkW8L3WtMPUqUvqW7Sxk3QeWndIPEqc/nCgw
wMQaXd+DYlikgs6n/Bv/kljf8aBvRujHbkMY1G3xK7RcKGJWLYGJu/1DWHGT3y6d
HTVIqYGw4+sOUFOZCYqfeceYBRERZjltgzfDaTFOoK4Y3RvXLHUT3dUrS9/Ex3yV
1htWosr7FrS34bubmnSdm4TJyXipCgvP9EVR6lR9nmrzjhAVIli5MaorYSEdkDRV
USivaIhTJsgK1W4lvTWiwVLkUk0NHVBXUE3inlpVuv9v8zQTPcYecaGuEzHrAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUN0Ik5cx+6zyANvKVz8T/VIwFWbgwHwYDVR0j
BBgwFoAU0MbXXDw0fVsnx4kR9ixfq4unvkAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
MzY2OWVhNC1lODJmLTQ2YzMtOGRkMy0yZTk4ODE1OWIyMDIvMC9EMEM2RDc1QzND
MzQ3RDVCMjdDNzg5MTFGNjJDNUZBQjhCQTdCRTQwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDBDNkQ3NUMzQzM0N0Q1QjI3Qzc4OTExRjYyQzVGQUI4QkE3
QkU0MC5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYzNjY5ZWE0LWU4MmYtNDZjMy04
ZGQzLTJlOTg4MTU5YjIwMi8wLzMyMzAzMjJlMzEzMzMzMmUzMDJlMzAyZjMyMzEy
ZDMyMzEyMDNkM2UyMDMyMzQzMjMwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPKhQAwDQYJKoZIhvcN
AQELBQADggEBAK6xx7p2Zy6AxuEfk2KVRRgoehJqgUqU35Lw61Yz4aMiqcLPSwE0
xUTXGus8J2XQfb8m1viDlZY8bi+nlNEDYZjjGQFlGabgNkBKUwVe+nuWgBhCVvWm
kRUpoAn/6o5tCSySMqJwQ1MIxJExAcZ+wp+olfE26DuioqRkTR/fvOt36TjVOyh6
ipPeGlM6tdnvyqhvYIcespvNrV+U3OCim1F7aezuqvInYlUb5PaBYhuUgLuLbJTa
hh2N72aBRj5/VTtZFJgi145dvTnHjRCmTUFFdjzy6nseDjlZoK9g7ZgaP/Kwf+ib
jMUKHKGGD6t4TeoXmI8I9kjwoGmqFdH4CuA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:41:40 2025 by rpki-client