Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/69e2f3bd-d4ec-42cb-aacf-adc2825c184b/0/34332e3235342e3132342e302f32322d3234203d3e203538343832.roa
File: 34332e3235342e3132342e302f32322d3234203d3e203538343832.roa (raw, json)
Hash identifier: tcS0/4g/bvz81xpbYZwH5c3HOtuAVxXo5nqpsqEa1Dc=
Subject key identifier: DD:33:87:03:1F:05:58:4B:8E:F8:46:EF:25:50:97:87:7E:95:74:D8
Certificate issuer: /CN=CDC8674326238BE355329012E1CFDDB99EC5B6BA
Certificate serial: 21C17F5A60A4F2ECD08D07EA656B79B075280B21
Authority key identifier: CD:C8:67:43:26:23:8B:E3:55:32:90:12:E1:CF:DD:B9:9E:C5:B6:BA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CDC8674326238BE355329012E1CFDDB99EC5B6BA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/69e2f3bd-d4ec-42cb-aacf-adc2825c184b/0/34332e3235342e3132342e302f32322d3234203d3e203538343832.roa
Signing time: Mon 01 Jul 2024 01:02:49 +0000
ROA not before: Mon 01 Jul 2024 00:57:49 +0000
ROA not after: Mon 30 Jun 2025 01:02:49 +0000
asID: 58482
IP address blocks: 43.254.124.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:c1:7f:5a:60:a4:f2:ec:d0:8d:07:ea:65:6b:79:b0:75:28:0b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CDC8674326238BE355329012E1CFDDB99EC5B6BA
Validity
Not Before: Jul 1 00:57:49 2024 GMT
Not After : Jun 30 01:02:49 2025 GMT
Subject: CN=DD3387031F05584B8EF846EF255097877E9574D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:86:2e:cc:7b:14:5b:b5:e8:76:40:cd:8d:e9:
24:15:98:ed:d4:fb:80:10:54:80:4e:19:5e:e1:e5:
54:bd:fc:b8:52:16:d6:3b:db:ec:04:ae:db:b6:bb:
65:05:3a:f3:64:d2:8d:db:19:5b:72:1a:66:a7:bd:
22:e9:1a:0c:27:4d:12:00:53:5b:9f:ff:81:aa:cc:
b4:e3:c0:ae:c9:0a:ad:c8:5a:f2:37:c2:e4:1b:52:
76:9c:89:b2:40:aa:0c:01:b9:b9:5f:b4:2b:e9:c3:
41:87:28:55:f1:ad:dc:46:f3:90:d8:af:1e:4a:66:
e4:2c:7b:7b:46:87:1e:73:ee:47:90:96:a9:cf:cb:
5b:78:fd:79:2f:da:9a:55:81:5f:86:46:5a:7a:b5:
8c:8b:28:d9:6c:d0:87:39:0e:c6:03:b0:57:c0:06:
3b:59:cb:61:a3:5d:c8:4f:85:27:30:f9:f0:88:05:
be:fe:04:e7:75:c0:67:12:1b:84:83:94:42:87:45:
7d:ed:e0:a5:f1:be:88:4e:f2:e9:bb:e5:3a:c8:3c:
1f:29:05:c7:63:f9:00:03:df:04:07:23:e7:66:54:
5a:20:27:d6:b4:1d:0c:67:e2:8b:26:49:f1:fd:67:
5e:3a:c9:0a:82:2a:18:84:0a:49:c8:cf:7e:7f:a9:
30:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:33:87:03:1F:05:58:4B:8E:F8:46:EF:25:50:97:87:7E:95:74:D8
X509v3 Authority Key Identifier:
keyid:CD:C8:67:43:26:23:8B:E3:55:32:90:12:E1:CF:DD:B9:9E:C5:B6:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/69e2f3bd-d4ec-42cb-aacf-adc2825c184b/0/CDC8674326238BE355329012E1CFDDB99EC5B6BA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CDC8674326238BE355329012E1CFDDB99EC5B6BA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/69e2f3bd-d4ec-42cb-aacf-adc2825c184b/0/34332e3235342e3132342e302f32322d3234203d3e203538343832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.254.124.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:f9:5a:ba:b7:29:b3:3a:60:b9:54:b6:26:2a:72:95:45:f1:
b2:6e:2c:40:40:06:ca:47:58:62:c9:cd:a8:94:f2:49:ba:b3:
e5:5e:05:5b:39:b7:4b:3b:eb:fc:35:7e:f3:76:9d:fe:b3:6f:
8c:03:a6:b7:ae:6a:0b:72:4f:3e:df:e4:4b:03:2d:f0:01:43:
38:67:5b:d5:ef:f4:90:6f:d7:f0:17:b9:d9:44:d8:a7:ec:7b:
35:4b:3b:f2:18:e0:28:c4:79:81:0b:e2:57:44:99:93:2f:09:
f3:c8:b4:e1:63:fe:1d:25:7c:4c:4c:7d:70:88:ec:d9:50:2b:
2d:49:a0:ae:77:db:17:d1:8b:4c:25:54:e2:7f:8e:0c:77:b7:
97:86:db:cb:d7:44:1b:49:95:02:7f:04:e7:dd:dd:0c:0c:4c:
d1:fa:3f:ab:62:54:7e:f7:74:00:96:15:8c:18:41:6d:a3:60:
51:c5:28:e1:c5:61:d7:24:81:f1:ac:67:f8:51:e1:28:de:39:
16:65:73:91:a3:2c:2e:da:2a:68:e6:24:e1:05:bc:ff:c8:09:
b4:c1:4c:00:41:03:13:6e:92:f6:8b:b5:73:a5:97:d3:d8:fd:
69:7c:15:aa:2a:6b:84:0d:4f:e9:68:fe:57:48:e3:22:f7:c7:
ff:84:04:bd
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUIcF/WmCk8uzQjQfqZWt5sHUoCyEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0RDODY3NDMyNjIzOEJFMzU1MzI5MDEyRTFDRkREQjk5
RUM1QjZCQTAeFw0yNDA3MDEwMDU3NDlaFw0yNTA2MzAwMTAyNDlaMDMxMTAvBgNV
BAMTKEREMzM4NzAzMUYwNTU4NEI4RUY4NDZFRjI1NTA5Nzg3N0U5NTc0RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRhi7MexRbteh2QM2N6SQVmO3U
+4AQVIBOGV7h5VS9/LhSFtY72+wErtu2u2UFOvNk0o3bGVtyGmanvSLpGgwnTRIA
U1uf/4GqzLTjwK7JCq3IWvI3wuQbUnacibJAqgwBublftCvpw0GHKFXxrdxG85DY
rx5KZuQse3tGhx5z7keQlqnPy1t4/Xkv2ppVgV+GRlp6tYyLKNls0Ic5DsYDsFfA
BjtZy2GjXchPhScw+fCIBb7+BOd1wGcSG4SDlEKHRX3t4KXxvohO8um75TrIPB8p
Bcdj+QAD3wQHI+dmVFogJ9a0HQxn4osmSfH9Z146yQqCKhiECknIz35/qTBNAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU3TOHAx8FWEuO+EbvJVCXh36VdNgwHwYDVR0j
BBgwFoAUzchnQyYji+NVMpAS4c/duZ7FtrowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
OWUyZjNiZC1kNGVjLTQyY2ItYWFjZi1hZGMyODI1YzE4NGIvMC9DREM4Njc0MzI2
MjM4QkUzNTUzMjkwMTJFMUNGRERCOTlFQzVCNkJBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQ0RDODY3NDMyNjIzOEJFMzU1MzI5MDEyRTFDRkREQjk5RUM1
QjZCQS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY5ZTJmM2JkLWQ0ZWMtNDJjYi1h
YWNmLWFkYzI4MjVjMTg0Yi8wLzM0MzMyZTMyMzUzNDJlMzEzMjM0MmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzUzODM0MzgzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAiv+fDANBgkqhkiG
9w0BAQsFAAOCAQEAbPlaurcpszpguVS2JipylUXxsm4sQEAGykdYYsnNqJTySbqz
5V4FWzm3Szvr/DV+83ad/rNvjAOmt65qC3JPPt/kSwMt8AFDOGdb1e/0kG/X8Be5
2UTYp+x7NUs78hjgKMR5gQviV0SZky8J88i04WP+HSV8TEx9cIjs2VArLUmgrnfb
F9GLTCVU4n+ODHe3l4bby9dEG0mVAn8E593dDAxM0fo/q2JUfvd0AJYVjBhBbaNg
UcUo4cVh1ySB8axn+FHhKN45FmVzkaMsLtoqaOYk4QW8/8gJtMFMAEEDE26S9ou1
c6WX09j9aXwVqiprhA1P6Wj+V0jjIvfH/4QEvQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:57:49 2025 by rpki-client