Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/64f7eb4f-7924-4db6-b6d6-394d83b392fc/0/3230322e34362e3134342e302f32322d3234203d3e203138303536.roa
File: 3230322e34362e3134342e302f32322d3234203d3e203138303536.roa (raw, json)
Hash identifier: +zMuF2d6C36Qn9OFjFhter7f0zvIprv5Kce2a+7KyYs=
Subject key identifier: AF:6C:E5:EC:BC:40:35:85:6F:65:F8:C5:B4:F9:0C:A5:37:28:90:38
Certificate issuer: /CN=3E6F306418455683DBA0AC95B4FD41E1846476AB
Certificate serial: 546EF67377DBACCD03FFFB90180A67B96097C04F
Authority key identifier: 3E:6F:30:64:18:45:56:83:DB:A0:AC:95:B4:FD:41:E1:84:64:76:AB
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E6F306418455683DBA0AC95B4FD41E1846476AB.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/64f7eb4f-7924-4db6-b6d6-394d83b392fc/0/3230322e34362e3134342e302f32322d3234203d3e203138303536.roa
Signing time: Thu 27 Feb 2025 15:00:00 +0000
ROA not before: Thu 27 Feb 2025 14:55:00 +0000
ROA not after: Thu 26 Feb 2026 15:00:00 +0000
asID: 18056
IP address blocks: 202.46.144.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:6e:f6:73:77:db:ac:cd:03:ff:fb:90:18:0a:67:b9:60:97:c0:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E6F306418455683DBA0AC95B4FD41E1846476AB
Validity
Not Before: Feb 27 14:55:00 2025 GMT
Not After : Feb 26 15:00:00 2026 GMT
Subject: CN=AF6CE5ECBC4035856F65F8C5B4F90CA537289038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:35:0b:ac:33:47:22:f6:11:c7:21:83:8d:56:
d7:9c:64:ea:9b:9a:68:81:06:01:1d:9f:2a:af:4c:
23:95:24:5e:cd:4a:1b:22:ed:4b:7f:c9:9d:4e:3c:
2e:f0:20:96:7a:3b:87:69:2c:e2:4f:38:a6:68:98:
52:90:e8:13:6c:ad:9a:73:6f:92:71:3f:d5:05:d5:
5e:2e:0c:5f:36:08:4e:6b:d3:5d:c4:b7:ec:6f:54:
3b:84:95:3f:c1:01:8c:44:2c:b6:dc:15:7a:0b:93:
da:16:cf:bf:35:5e:03:16:3c:b8:59:9e:de:89:73:
58:b5:8c:07:f3:eb:89:48:d3:61:30:6f:e0:6e:7d:
b0:86:8e:ca:8f:a7:96:a7:97:3d:ae:6a:27:a4:9d:
01:9b:25:df:11:4b:dc:66:a1:70:4d:3a:10:d7:03:
4b:9e:03:99:d5:49:e3:97:8a:c1:cc:0b:28:87:44:
75:31:b0:1e:bf:20:1c:93:79:08:18:59:18:3b:f2:
00:4c:19:ca:15:18:07:a3:2e:65:bc:26:51:c3:88:
2d:3c:06:eb:5c:23:da:62:e8:7d:8f:99:97:c7:4f:
63:85:ce:58:53:d2:bf:f7:f6:08:ba:af:ab:99:ab:
9a:69:d0:66:96:9a:0f:dc:06:e8:b7:dc:6b:cd:b9:
89:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:6C:E5:EC:BC:40:35:85:6F:65:F8:C5:B4:F9:0C:A5:37:28:90:38
X509v3 Authority Key Identifier:
keyid:3E:6F:30:64:18:45:56:83:DB:A0:AC:95:B4:FD:41:E1:84:64:76:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/64f7eb4f-7924-4db6-b6d6-394d83b392fc/0/3E6F306418455683DBA0AC95B4FD41E1846476AB.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E6F306418455683DBA0AC95B4FD41E1846476AB.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/64f7eb4f-7924-4db6-b6d6-394d83b392fc/0/3230322e34362e3134342e302f32322d3234203d3e203138303536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.46.144.0/22
Signature Algorithm: sha256WithRSAEncryption
71:d5:2d:bb:94:14:d1:0d:40:28:f0:c3:4a:e1:ef:ee:39:cd:
50:3c:b4:bb:8c:d5:01:ef:ae:0a:39:db:87:a0:8d:4e:22:2f:
45:77:39:7f:36:85:c7:81:4a:2b:35:6b:2b:64:48:ec:41:50:
5a:80:2f:3f:65:77:a0:c7:0c:6e:69:0d:57:fb:3b:75:e3:2c:
17:b8:f6:30:c4:b9:0b:14:ad:c1:05:c5:05:92:9c:67:38:e9:
6b:53:ee:1c:d3:a1:9d:c7:20:4d:30:8f:12:31:3f:5a:5d:4b:
36:37:54:b4:b7:d7:bb:d1:0b:61:3d:63:2e:fa:f8:0d:7d:59:
54:71:ca:9c:ca:6e:ec:a0:ff:00:03:d3:9d:46:41:21:ed:87:
bd:ea:f1:5e:32:8f:20:cc:8c:aa:06:7e:ac:80:25:b5:e8:da:
24:3f:cc:86:5f:bf:7a:69:67:1c:ee:27:ab:86:ba:cc:b3:53:
92:44:25:05:b4:86:90:a6:31:27:f2:ff:2d:1e:ce:a0:0c:63:
fe:d4:95:37:ce:79:21:a1:49:42:8e:40:e6:01:e8:92:6e:2b:
56:ec:e5:1a:ba:45:54:2c:53:03:0a:3d:25:ad:86:7e:82:94:
de:fc:22:e2:87:90:d8:d9:84:f9:3f:dc:e7:e8:53:39:3c:08:
05:74:44:70
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUVG72c3fbrM0D//uQGApnuWCXwE8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0U2RjMwNjQxODQ1NTY4M0RCQTBBQzk1QjRGRDQxRTE4
NDY0NzZBQjAeFw0yNTAyMjcxNDU1MDBaFw0yNjAyMjYxNTAwMDBaMDMxMTAvBgNV
BAMTKEFGNkNFNUVDQkM0MDM1ODU2RjY1RjhDNUI0RjkwQ0E1MzcyODkwMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDINQusM0ci9hHHIYONVtecZOqb
mmiBBgEdnyqvTCOVJF7NShsi7Ut/yZ1OPC7wIJZ6O4dpLOJPOKZomFKQ6BNsrZpz
b5JxP9UF1V4uDF82CE5r013Et+xvVDuElT/BAYxELLbcFXoLk9oWz781XgMWPLhZ
nt6Jc1i1jAfz64lI02Ewb+BufbCGjsqPp5anlz2uaieknQGbJd8RS9xmoXBNOhDX
A0ueA5nVSeOXisHMCyiHRHUxsB6/IByTeQgYWRg78gBMGcoVGAejLmW8JlHDiC08
ButcI9pi6H2PmZfHT2OFzlhT0r/39gi6r6uZq5pp0GaWmg/cBui33GvNuYnBAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUr2zl7LxANYVvZfjFtPkMpTcokDgwHwYDVR0j
BBgwFoAUPm8wZBhFVoPboKyVtP1B4YRkdqswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
NGY3ZWI0Zi03OTI0LTRkYjYtYjZkNi0zOTRkODNiMzkyZmMvMC8zRTZGMzA2NDE4
NDU1NjgzREJBMEFDOTVCNEZENDFFMTg0NjQ3NkFCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvM0U2RjMwNjQxODQ1NTY4M0RCQTBBQzk1QjRGRDQxRTE4NDY0
NzZBQi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY0ZjdlYjRmLTc5MjQtNGRiNi1i
NmQ2LTM5NGQ4M2IzOTJmYy8wLzMyMzAzMjJlMzQzNjJlMzEzNDM0MmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzEzODMwMzUzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsoukDANBgkqhkiG
9w0BAQsFAAOCAQEAcdUtu5QU0Q1AKPDDSuHv7jnNUDy0u4zVAe+uCjnbh6CNTiIv
RXc5fzaFx4FKKzVrK2RI7EFQWoAvP2V3oMcMbmkNV/s7deMsF7j2MMS5CxStwQXF
BZKcZzjpa1PuHNOhnccgTTCPEjE/Wl1LNjdUtLfXu9ELYT1jLvr4DX1ZVHHKnMpu
7KD/AAPTnUZBIe2HverxXjKPIMyMqgZ+rIAltejaJD/Mhl+/emlnHO4nq4a6zLNT
kkQlBbSGkKYxJ/L/LR7OoAxj/tSVN855IaFJQo5A5gHokm4rVuzlGrpFVCxTAwo9
Ja2GfoKU3vwi4oeQ2NmE+T/c5+hTOTwIBXREcA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:48:54 2025 by rpki-client