Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/63669ea4-e82f-46c3-8dd3-2e988159b202/0/3230322e3133332e352e302f32342d3234203d3e203234323030.roa
File: 3230322e3133332e352e302f32342d3234203d3e203234323030.roa (raw, json)
Hash identifier: fpRL8Fma9ykhIZFDzSC08kbZM+itPsUgTlUHNfip6cw=
Subject key identifier: A4:BE:00:7A:6D:CF:0E:EB:8C:D3:60:1C:88:23:38:C4:84:B7:DE:21
Certificate issuer: /CN=D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40
Certificate serial: 4504ED57B0DCCACE821307B7387D7BB9989A9D93
Authority key identifier: D0:C6:D7:5C:3C:34:7D:5B:27:C7:89:11:F6:2C:5F:AB:8B:A7:BE:40
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/63669ea4-e82f-46c3-8dd3-2e988159b202/0/3230322e3133332e352e302f32342d3234203d3e203234323030.roa
Signing time: Mon 23 Dec 2024 08:35:46 +0000
ROA not before: Mon 23 Dec 2024 08:30:46 +0000
ROA not after: Mon 22 Dec 2025 08:35:46 +0000
asID: 24200
IP address blocks: 202.133.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:04:ed:57:b0:dc:ca:ce:82:13:07:b7:38:7d:7b:b9:98:9a:9d:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40
Validity
Not Before: Dec 23 08:30:46 2024 GMT
Not After : Dec 22 08:35:46 2025 GMT
Subject: CN=A4BE007A6DCF0EEB8CD3601C882338C484B7DE21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4e:fa:88:a9:3d:d8:ec:ce:06:d0:ba:bc:13:
e1:82:a5:34:bf:31:c8:88:90:c9:9f:8a:4c:5c:80:
ff:9c:35:16:17:96:0a:42:f7:60:03:16:29:12:f7:
58:38:6d:98:c2:e2:8d:e0:6c:04:00:ed:9f:3e:91:
e6:23:43:5b:1d:d7:08:cc:31:2d:d0:28:bf:3f:c6:
4d:9f:2f:22:30:14:e3:09:cc:65:25:c0:3b:09:cb:
12:4e:3d:ca:6b:e8:06:8f:3b:8d:21:a5:51:e8:23:
d9:25:b5:51:6b:f6:81:35:4e:c6:d0:c6:05:b5:80:
1b:75:fd:2f:b0:56:7f:50:22:b7:6d:ff:38:19:5a:
5e:cc:68:f3:e5:d4:89:f8:f7:6c:e2:7a:92:3a:a3:
90:ef:83:c8:0b:e9:59:3b:dd:29:5a:f1:c5:6f:d5:
db:92:df:34:81:66:be:12:0f:88:fa:78:52:67:56:
b3:99:1b:16:f4:7d:37:eb:63:5e:63:e7:54:fd:f2:
4e:8d:3b:a9:7f:c5:2b:c3:43:d4:82:97:a1:af:47:
b2:b5:f0:39:2f:2d:9d:8a:03:02:bb:38:0b:5b:a3:
c9:2b:1c:4a:5f:0f:38:fe:60:1d:95:56:52:9c:78:
c4:8c:f0:1f:ef:53:ee:66:43:90:28:57:0b:bb:46:
c1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:BE:00:7A:6D:CF:0E:EB:8C:D3:60:1C:88:23:38:C4:84:B7:DE:21
X509v3 Authority Key Identifier:
keyid:D0:C6:D7:5C:3C:34:7D:5B:27:C7:89:11:F6:2C:5F:AB:8B:A7:BE:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/63669ea4-e82f-46c3-8dd3-2e988159b202/0/D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/63669ea4-e82f-46c3-8dd3-2e988159b202/0/3230322e3133332e352e302f32342d3234203d3e203234323030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.133.5.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:7b:11:3e:3b:f4:6d:c3:2f:5e:de:81:51:f9:42:6d:7d:01:
86:ef:87:b1:38:8b:93:94:7e:82:3f:c0:b8:9d:93:40:e8:57:
54:ca:14:31:c0:f4:c8:d8:18:8d:87:62:a4:76:0b:1c:61:94:
fa:f8:4e:9a:00:38:a7:da:5d:ec:b4:cc:c6:48:40:c6:be:02:
56:05:c7:6f:6f:26:02:44:7e:40:76:d7:b7:90:d1:b0:5a:a7:
3e:e2:6a:a2:49:b5:67:54:aa:19:f9:c4:dc:9e:58:84:1b:a2:
4c:7e:25:ee:80:d7:78:c6:f5:50:8d:51:00:84:08:ab:cc:bc:
e2:fb:21:ba:d3:c1:86:ae:f4:00:b2:44:b2:ff:07:98:58:08:
aa:a4:0f:aa:c8:70:a0:95:c8:43:15:32:67:d7:62:34:67:36:
3b:c2:05:6b:c8:40:1e:5a:2d:be:39:40:84:0a:b8:8c:9c:5a:
66:fa:3e:4a:00:1e:e7:2f:2c:c7:94:0f:11:fb:0c:04:2e:59:
71:44:e8:8b:50:ac:f4:cf:85:03:4b:3a:20:eb:0e:93:bb:5f:
32:59:dd:4a:c0:e7:49:a8:0d:09:94:55:8c:80:68:d5:03:af:
65:27:0f:a4:0e:6d:23:6a:b4:73:9f:8e:6e:19:4a:d3:e7:6a:
43:30:5d:a9
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIURQTtV7Dcys6CEwe3OH17uZianZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDBDNkQ3NUMzQzM0N0Q1QjI3Qzc4OTExRjYyQzVGQUI4
QkE3QkU0MDAeFw0yNDEyMjMwODMwNDZaFw0yNTEyMjIwODM1NDZaMDMxMTAvBgNV
BAMTKEE0QkUwMDdBNkRDRjBFRUI4Q0QzNjAxQzg4MjMzOEM0ODRCN0RFMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOTvqIqT3Y7M4G0Lq8E+GCpTS/
MciIkMmfikxcgP+cNRYXlgpC92ADFikS91g4bZjC4o3gbAQA7Z8+keYjQ1sd1wjM
MS3QKL8/xk2fLyIwFOMJzGUlwDsJyxJOPcpr6AaPO40hpVHoI9kltVFr9oE1TsbQ
xgW1gBt1/S+wVn9QIrdt/zgZWl7MaPPl1In492ziepI6o5Dvg8gL6Vk73Sla8cVv
1duS3zSBZr4SD4j6eFJnVrOZGxb0fTfrY15j51T98k6NO6l/xSvDQ9SCl6GvR7K1
8DkvLZ2KAwK7OAtbo8krHEpfDzj+YB2VVlKceMSM8B/vU+5mQ5AoVwu7RsG7AgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUpL4Aem3PDuuM02AciCM4xIS33iEwHwYDVR0j
BBgwFoAU0MbXXDw0fVsnx4kR9ixfq4unvkAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
MzY2OWVhNC1lODJmLTQ2YzMtOGRkMy0yZTk4ODE1OWIyMDIvMC9EMEM2RDc1QzND
MzQ3RDVCMjdDNzg5MTFGNjJDNUZBQjhCQTdCRTQwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDBDNkQ3NUMzQzM0N0Q1QjI3Qzc4OTExRjYyQzVGQUI4QkE3
QkU0MC5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYzNjY5ZWE0LWU4MmYtNDZjMy04
ZGQzLTJlOTg4MTU5YjIwMi8wLzMyMzAzMjJlMzEzMzMzMmUzNTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMyMzQzMjMwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKhQUwDQYJKoZIhvcN
AQELBQADggEBAB17ET479G3DL17egVH5Qm19AYbvh7E4i5OUfoI/wLidk0DoV1TK
FDHA9MjYGI2HYqR2CxxhlPr4TpoAOKfaXey0zMZIQMa+AlYFx29vJgJEfkB217eQ
0bBapz7iaqJJtWdUqhn5xNyeWIQbokx+Je6A13jG9VCNUQCECKvMvOL7IbrTwYau
9ACyRLL/B5hYCKqkD6rIcKCVyEMVMmfXYjRnNjvCBWvIQB5aLb45QIQKuIycWmb6
PkoAHucvLMeUDxH7DAQuWXFE6ItQrPTPhQNLOiDrDpO7XzJZ3UrA50moDQmUVYyA
aNUDr2UnD6QObSNqtHOfjm4ZStPnakMwXak=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:08:10 2025 by rpki-client