Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/3230322e3137332e36342e302f31392d3139203d3e203233363935.roa
File: 3230322e3137332e36342e302f31392d3139203d3e203233363935.roa (raw, json)
Hash identifier: 2bUXUTcYKqH84i/OW2TNfGKGcjdUBjA5fkOcr7LqU+Y=
Subject key identifier: 38:06:3D:6A:F2:EA:E9:54:3A:EC:C8:44:F0:51:8F:23:93:09:BA:84
Certificate issuer: /CN=41E09326F68CE0113635EACAF4E37394AE4E2D8C
Certificate serial: 3EA5F5D7B8BD454444F14C4E34A698D8333C7FA5
Authority key identifier: 41:E0:93:26:F6:8C:E0:11:36:35:EA:CA:F4:E3:73:94:AE:4E:2D:8C
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/41E09326F68CE0113635EACAF4E37394AE4E2D8C.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/3230322e3137332e36342e302f31392d3139203d3e203233363935.roa
Signing time: Wed 26 Feb 2025 07:00:01 +0000
ROA not before: Wed 26 Feb 2025 06:55:01 +0000
ROA not after: Wed 25 Feb 2026 07:00:01 +0000
asID: 23695
IP address blocks: 202.173.64.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:a5:f5:d7:b8:bd:45:44:44:f1:4c:4e:34:a6:98:d8:33:3c:7f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41E09326F68CE0113635EACAF4E37394AE4E2D8C
Validity
Not Before: Feb 26 06:55:01 2025 GMT
Not After : Feb 25 07:00:01 2026 GMT
Subject: CN=38063D6AF2EAE9543AECC844F0518F239309BA84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:29:90:81:e8:7f:5c:ef:d4:b8:4f:c7:83:9f:
ed:8d:1e:d3:1a:80:c4:fa:3f:5f:3a:08:94:f5:32:
94:9e:92:64:3f:8e:72:32:39:2b:1e:29:f2:74:d6:
82:e8:19:6a:70:91:33:f4:a9:7d:75:27:6b:d9:1e:
47:0a:26:5a:7a:a4:51:19:64:8e:83:28:a6:cc:4e:
2a:aa:c5:4e:dc:25:f9:1f:3f:9e:c0:40:d4:f0:53:
d0:60:65:21:94:0b:b6:83:7c:4f:29:36:e7:27:b5:
02:e5:19:1f:a4:5a:c0:34:fc:cd:6a:e0:12:3e:83:
31:6c:4a:cc:f6:52:d8:95:7a:54:b6:63:6b:01:88:
2c:d3:8d:8d:16:9f:fa:82:40:de:d6:7d:1b:17:e6:
1e:c5:78:33:40:7f:db:11:b8:56:40:d0:3d:1c:a7:
fc:e0:e2:91:b3:94:53:1b:e8:af:57:0b:26:ee:e9:
ed:2b:d4:21:24:ed:f5:94:34:69:85:fc:38:83:b5:
1d:7c:2a:11:27:ed:a2:fb:5f:cb:0b:80:fb:1c:72:
d3:32:e8:45:0c:b8:4c:d8:c8:10:3c:98:52:f9:61:
a2:04:01:ba:1e:57:10:a2:e3:cf:9c:f5:52:e6:e5:
8d:bb:1d:0f:cb:08:d7:34:30:57:d7:5e:e2:4c:29:
81:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:06:3D:6A:F2:EA:E9:54:3A:EC:C8:44:F0:51:8F:23:93:09:BA:84
X509v3 Authority Key Identifier:
keyid:41:E0:93:26:F6:8C:E0:11:36:35:EA:CA:F4:E3:73:94:AE:4E:2D:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/41E09326F68CE0113635EACAF4E37394AE4E2D8C.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/41E09326F68CE0113635EACAF4E37394AE4E2D8C.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/3230322e3137332e36342e302f31392d3139203d3e203233363935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.173.64.0/19
Signature Algorithm: sha256WithRSAEncryption
22:8d:37:e7:da:55:ed:17:cf:6a:3c:dc:75:85:63:f3:3a:98:
39:0d:8a:22:64:d0:aa:b4:ab:a6:a1:07:bd:65:7c:b5:60:20:
65:e9:e1:2e:5d:2d:e4:8f:8c:1b:04:3c:f9:f9:e4:3a:4c:6e:
08:13:9a:57:8c:17:c1:60:ab:b7:e3:51:20:b5:2d:c9:ea:56:
38:87:83:09:77:66:05:0f:76:02:61:9f:e9:b6:b4:94:48:c4:
0a:ce:36:49:79:44:0a:93:6c:12:d3:b1:9f:ce:6b:d7:9f:c2:
a8:9b:b2:09:1c:a6:82:76:91:61:1b:1a:77:3b:0d:fc:f7:37:
24:2f:89:0f:3a:38:c2:ef:da:78:58:e8:89:ed:ba:fe:4e:96:
f3:7d:08:e0:e1:b1:95:d7:9a:6e:fd:26:33:77:dc:e1:18:4f:
9b:cb:29:4d:42:ab:1f:22:75:1d:51:34:2c:40:90:a5:c9:f2:
03:78:c5:47:d8:02:ea:ed:59:99:29:01:a1:4f:62:f0:4a:e5:
a0:b8:fc:2a:63:09:ec:e5:31:59:4e:78:a4:cd:ab:9e:79:d7:
cd:c1:f1:9d:d4:33:50:37:f7:e3:19:46:e4:cf:bf:3c:2f:25:
a6:16:9a:80:3b:f3:cd:c0:ca:ce:73:4b:63:c6:c1:30:9c:1f:
48:09:8c:a5
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUPqX117i9RURE8UxONKaY2DM8f6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFFMDkzMjZGNjhDRTAxMTM2MzVFQUNBRjRFMzczOTRB
RTRFMkQ4QzAeFw0yNTAyMjYwNjU1MDFaFw0yNjAyMjUwNzAwMDFaMDMxMTAvBgNV
BAMTKDM4MDYzRDZBRjJFQUU5NTQzQUVDQzg0NEYwNTE4RjIzOTMwOUJBODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLKZCB6H9c79S4T8eDn+2NHtMa
gMT6P186CJT1MpSekmQ/jnIyOSseKfJ01oLoGWpwkTP0qX11J2vZHkcKJlp6pFEZ
ZI6DKKbMTiqqxU7cJfkfP57AQNTwU9BgZSGUC7aDfE8pNucntQLlGR+kWsA0/M1q
4BI+gzFsSsz2UtiVelS2Y2sBiCzTjY0Wn/qCQN7WfRsX5h7FeDNAf9sRuFZA0D0c
p/zg4pGzlFMb6K9XCybu6e0r1CEk7fWUNGmF/DiDtR18KhEn7aL7X8sLgPscctMy
6EUMuEzYyBA8mFL5YaIEAboeVxCi48+c9VLm5Y27HQ/LCNc0MFfXXuJMKYErAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUOAY9avLq6VQ67MhE8FGPI5MJuoQwHwYDVR0j
BBgwFoAUQeCTJvaM4BE2NerK9ONzlK5OLYwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
ZjBmMmJkOS00MmFlLTQ0OWEtOGQ1Ny1iMjZkYTA0ZDdlZTEvMC80MUUwOTMyNkY2
OENFMDExMzYzNUVBQ0FGNEUzNzM5NEFFNEUyRDhDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDFFMDkzMjZGNjhDRTAxMTM2MzVFQUNBRjRFMzczOTRBRTRF
MkQ4Qy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZmMGYyYmQ5LTQyYWUtNDQ5YS04
ZDU3LWIyNmRhMDRkN2VlMS8wLzMyMzAzMjJlMzEzNzMzMmUzNjM0MmUzMDJmMzEz
OTJkMzEzOTIwM2QzZTIwMzIzMzM2MzkzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcqtQDANBgkqhkiG
9w0BAQsFAAOCAQEAIo0359pV7RfPajzcdYVj8zqYOQ2KImTQqrSrpqEHvWV8tWAg
ZenhLl0t5I+MGwQ8+fnkOkxuCBOaV4wXwWCrt+NRILUtyepWOIeDCXdmBQ92AmGf
6ba0lEjECs42SXlECpNsEtOxn85r15/CqJuyCRymgnaRYRsadzsN/Pc3JC+JDzo4
wu/aeFjoie26/k6W830I4OGxldeabv0mM3fc4RhPm8spTUKrHyJ1HVE0LECQpcny
A3jFR9gC6u1ZmSkBoU9i8ErloLj8KmMJ7OUxWU54pM2rnnnXzcHxndQzUDf34xlG
5M+/PC8lphaagDvzzcDKznNLY8bBMJwfSAmMpQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:45:57 2025 by rpki-client