Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/69e2f3bd-d4ec-42cb-aacf-adc2825c184b/0/323430343a663930303a3a2f33322d3438203d3e203538343832.roa
File: 323430343a663930303a3a2f33322d3438203d3e203538343832.roa (raw, json)
Hash identifier: P1hzEQwjHdVhS7I0LLckp0JkbGZXIWU/KqIoWLVRQrY=
Subject key identifier: EA:91:EA:B9:EA:5D:D4:E0:3F:AD:E1:96:D6:C7:2A:01:39:7B:95:98
Certificate issuer: /CN=CDC8674326238BE355329012E1CFDDB99EC5B6BA
Certificate serial: 2B39D135BA5485128B8995A46BDA307CF4A21505
Authority key identifier: CD:C8:67:43:26:23:8B:E3:55:32:90:12:E1:CF:DD:B9:9E:C5:B6:BA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CDC8674326238BE355329012E1CFDDB99EC5B6BA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/69e2f3bd-d4ec-42cb-aacf-adc2825c184b/0/323430343a663930303a3a2f33322d3438203d3e203538343832.roa
Signing time: Thu 30 Jan 2025 00:00:00 +0000
ROA not before: Wed 29 Jan 2025 23:55:00 +0000
ROA not after: Thu 29 Jan 2026 00:00:00 +0000
asID: 58482
IP address blocks: 2404:f900::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:39:d1:35:ba:54:85:12:8b:89:95:a4:6b:da:30:7c:f4:a2:15:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CDC8674326238BE355329012E1CFDDB99EC5B6BA
Validity
Not Before: Jan 29 23:55:00 2025 GMT
Not After : Jan 29 00:00:00 2026 GMT
Subject: CN=EA91EAB9EA5DD4E03FADE196D6C72A01397B9598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cd:fa:06:20:ad:b1:aa:9f:45:2f:a9:67:e0:
df:06:a7:09:b1:d2:2c:b3:cc:8a:b7:d9:cc:25:37:
8c:0a:20:32:1f:cc:50:d4:7d:0a:65:30:fd:1c:4c:
cd:dc:9c:e6:b4:63:66:05:6b:21:57:0c:92:6d:57:
99:ec:0f:46:60:17:da:0d:a1:45:64:15:0c:87:4d:
9b:73:52:4c:c4:2c:65:16:56:3d:f4:5f:46:64:44:
0b:fa:a3:f0:e6:ad:ff:2f:9b:0d:88:6a:5b:bd:2d:
d9:11:3c:12:1a:23:8a:2b:18:1e:14:fc:60:8f:9f:
5f:07:32:bd:9d:af:39:30:50:c7:4c:70:c9:b6:23:
29:dc:2a:5c:11:0c:c9:e0:74:ae:25:6d:77:04:b9:
4a:62:f8:a9:95:23:b6:18:e0:cd:33:ff:4d:74:0c:
30:10:9b:04:a7:0b:92:29:25:81:19:e2:03:d6:f5:
fd:00:0b:16:20:47:4c:e1:7a:7e:0b:e0:fb:e5:2a:
06:15:41:f6:bf:23:7f:4b:77:e5:b0:ba:9d:d2:3f:
7a:97:ff:de:6d:2a:7e:b6:da:13:a1:69:96:cf:8e:
db:37:43:ff:3b:74:52:90:17:56:2d:9d:4a:14:61:
ea:db:54:2e:d9:2d:f0:16:06:67:e6:8d:7b:b4:b6:
05:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:91:EA:B9:EA:5D:D4:E0:3F:AD:E1:96:D6:C7:2A:01:39:7B:95:98
X509v3 Authority Key Identifier:
keyid:CD:C8:67:43:26:23:8B:E3:55:32:90:12:E1:CF:DD:B9:9E:C5:B6:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/69e2f3bd-d4ec-42cb-aacf-adc2825c184b/0/CDC8674326238BE355329012E1CFDDB99EC5B6BA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CDC8674326238BE355329012E1CFDDB99EC5B6BA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/69e2f3bd-d4ec-42cb-aacf-adc2825c184b/0/323430343a663930303a3a2f33322d3438203d3e203538343832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2404:f900::/32
Signature Algorithm: sha256WithRSAEncryption
9f:77:4e:63:15:7b:40:ca:d5:f4:1c:86:5c:f8:2a:80:51:47:
e5:54:70:28:94:bc:2c:87:79:a2:45:6a:98:23:e8:60:a2:75:
8f:06:33:24:bc:e1:3b:03:f9:bd:da:6f:40:fd:79:14:a4:2f:
53:b6:31:be:7f:30:53:30:8b:d4:46:80:f3:09:3f:ba:05:2e:
98:a4:c6:f2:34:43:e5:ae:c5:5b:1c:b6:16:c0:b1:71:7c:92:
36:65:d1:4c:55:b8:dc:ee:40:b3:ba:54:31:53:72:61:e5:cc:
4f:6f:ad:25:ef:6f:6f:d9:c9:90:84:2b:a6:e4:f5:df:23:6b:
c8:f1:ad:45:81:af:2d:c9:a2:5f:cd:53:e8:f6:99:36:71:62:
af:34:0b:f7:d7:a9:ba:aa:5d:39:3d:e3:a3:8b:53:52:d0:eb:
fe:b6:cb:02:b6:cd:d1:a5:3f:aa:c6:ab:b0:02:9a:a6:18:ef:
4a:c8:5e:fc:e3:f8:70:fb:5e:6c:35:24:25:36:f6:19:a9:db:
53:96:43:81:09:2a:8e:28:40:d4:3f:de:40:43:28:29:bf:a3:
68:80:17:61:64:d3:4d:75:3b:ce:69:75:72:a9:06:d5:72:4a:
8c:b6:78:dc:38:ca:50:02:e5:b9:6c:ba:6e:0f:38:03:9c:80:
2a:9b:b8:1b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIUKznRNbpUhRKLiZWka9owfPSiFQUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0RDODY3NDMyNjIzOEJFMzU1MzI5MDEyRTFDRkREQjk5
RUM1QjZCQTAeFw0yNTAxMjkyMzU1MDBaFw0yNjAxMjkwMDAwMDBaMDMxMTAvBgNV
BAMTKEVBOTFFQUI5RUE1REQ0RTAzRkFERTE5NkQ2QzcyQTAxMzk3Qjk1OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFzfoGIK2xqp9FL6ln4N8Gpwmx
0iyzzIq32cwlN4wKIDIfzFDUfQplMP0cTM3cnOa0Y2YFayFXDJJtV5nsD0ZgF9oN
oUVkFQyHTZtzUkzELGUWVj30X0ZkRAv6o/Dmrf8vmw2Ialu9LdkRPBIaI4orGB4U
/GCPn18HMr2drzkwUMdMcMm2IyncKlwRDMngdK4lbXcEuUpi+KmVI7YY4M0z/010
DDAQmwSnC5IpJYEZ4gPW9f0ACxYgR0zhen4L4PvlKgYVQfa/I39Ld+Wwup3SP3qX
/95tKn622hOhaZbPjts3Q/87dFKQF1YtnUoUYerbVC7ZLfAWBmfmjXu0tgUxAgMB
AAGjggIxMIICLTAdBgNVHQ4EFgQU6pHquepd1OA/reGW1scqATl7lZgwHwYDVR0j
BBgwFoAUzchnQyYji+NVMpAS4c/duZ7FtrowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
OWUyZjNiZC1kNGVjLTQyY2ItYWFjZi1hZGMyODI1YzE4NGIvMC9DREM4Njc0MzI2
MjM4QkUzNTUzMjkwMTJFMUNGRERCOTlFQzVCNkJBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQ0RDODY3NDMyNjIzOEJFMzU1MzI5MDEyRTFDRkREQjk5RUM1
QjZCQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY5ZTJmM2JkLWQ0ZWMtNDJjYi1h
YWNmLWFkYzI4MjVjMTg0Yi8wLzMyMzQzMDM0M2E2NjM5MzAzMDNhM2EyZjMzMzIy
ZDM0MzgyMDNkM2UyMDM1MzgzNDM4MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBPkAMA0GCSqGSIb3
DQEBCwUAA4IBAQCfd05jFXtAytX0HIZc+CqAUUflVHAolLwsh3miRWqYI+hgonWP
BjMkvOE7A/m92m9A/XkUpC9TtjG+fzBTMIvURoDzCT+6BS6YpMbyNEPlrsVbHLYW
wLFxfJI2ZdFMVbjc7kCzulQxU3Jh5cxPb60l729v2cmQhCum5PXfI2vI8a1Fga8t
yaJfzVPo9pk2cWKvNAv316m6ql05PeOji1NS0Ov+tssCts3RpT+qxquwApqmGO9K
yF784/hw+15sNSQlNvYZqdtTlkOBCSqOKEDUP95AQygpv6NogBdhZNNNdTvOaXVy
qQbVckqMtnjcOMpQAuW5bLpuDzgDnIAqm7gb
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:55:24 2025 by rpki-client