Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/3230322e3137332e37312e302f32342d3234203d3e203233363935.roa
File: 3230322e3137332e37312e302f32342d3234203d3e203233363935.roa (raw, json)
Hash identifier: Xthgw31h3s+GW8ypk/PRH8TnEVJQ++dwiKocGGYj4NY=
Subject key identifier: 1D:89:58:70:5F:DA:DB:95:CC:54:5E:E0:DF:BC:91:88:3E:68:AE:77
Certificate issuer: /CN=41E09326F68CE0113635EACAF4E37394AE4E2D8C
Certificate serial: 278C30C76238AE050EE03EC10B4D9B0F1872E444
Authority key identifier: 41:E0:93:26:F6:8C:E0:11:36:35:EA:CA:F4:E3:73:94:AE:4E:2D:8C
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/41E09326F68CE0113635EACAF4E37394AE4E2D8C.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/3230322e3137332e37312e302f32342d3234203d3e203233363935.roa
Signing time: Wed 28 Aug 2024 04:02:15 +0000
ROA not before: Wed 28 Aug 2024 03:57:15 +0000
ROA not after: Wed 27 Aug 2025 04:02:15 +0000
asID: 23695
IP address blocks: 202.173.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:8c:30:c7:62:38:ae:05:0e:e0:3e:c1:0b:4d:9b:0f:18:72:e4:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41E09326F68CE0113635EACAF4E37394AE4E2D8C
Validity
Not Before: Aug 28 03:57:15 2024 GMT
Not After : Aug 27 04:02:15 2025 GMT
Subject: CN=1D8958705FDADB95CC545EE0DFBC91883E68AE77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b9:78:d5:70:c0:72:e2:ad:58:4e:60:71:a8:
5c:96:5a:66:7b:86:9a:6e:4b:5c:ab:a4:a5:5e:e8:
8e:7e:70:06:0d:61:4f:d0:c8:6a:85:bd:5e:53:ea:
85:57:24:e4:1e:6c:80:35:0d:38:86:78:53:70:5a:
03:1d:96:d6:6b:61:27:65:0e:9d:91:8e:7d:33:c6:
f9:0c:ba:1d:36:3f:57:d7:6d:d2:fd:21:d7:ae:c3:
bf:c6:05:2d:cf:d6:12:c4:f5:92:10:a2:fa:fb:c0:
d1:aa:10:9d:00:99:ae:10:87:ae:9f:fc:0b:ab:7b:
d9:ed:b6:d0:7c:90:e2:6e:01:54:47:77:38:55:cd:
ba:7a:42:46:17:57:f0:0b:ea:7e:23:5a:2a:be:fc:
f3:21:e8:fe:8f:41:bb:f5:36:56:b3:6b:65:2d:70:
64:2d:a7:cc:9d:f9:dc:fa:fd:b1:6b:2c:95:7c:9f:
58:e9:3e:65:b7:c8:df:89:c3:64:05:6e:3a:69:13:
71:10:8d:24:8b:9c:2b:49:28:44:71:88:d0:99:2b:
26:6c:66:cf:f6:10:49:fa:c6:fd:69:49:8f:c3:9e:
2b:5e:5d:c5:77:c2:d4:47:2b:68:a5:ed:ab:d3:2d:
f4:a2:28:a8:ad:d5:51:75:aa:73:3f:ad:4b:00:03:
48:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:89:58:70:5F:DA:DB:95:CC:54:5E:E0:DF:BC:91:88:3E:68:AE:77
X509v3 Authority Key Identifier:
keyid:41:E0:93:26:F6:8C:E0:11:36:35:EA:CA:F4:E3:73:94:AE:4E:2D:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/41E09326F68CE0113635EACAF4E37394AE4E2D8C.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/41E09326F68CE0113635EACAF4E37394AE4E2D8C.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/3230322e3137332e37312e302f32342d3234203d3e203233363935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.173.71.0/24
Signature Algorithm: sha256WithRSAEncryption
94:1e:81:d1:ec:6c:91:cf:a0:3a:fd:71:ac:40:39:6b:88:70:
34:0b:63:b3:8f:bd:c6:22:80:6f:e8:1c:17:b4:33:fa:d7:3d:
b2:71:32:49:c6:5b:de:4d:23:26:a5:ba:ce:9a:0d:7c:46:75:
66:75:dc:54:19:ca:a3:e7:76:2d:1e:b6:47:7f:10:89:a5:23:
19:f2:7c:ab:89:c0:78:fa:86:80:f2:e4:2c:48:04:28:04:a9:
36:2c:7c:1b:e6:94:20:e9:ef:95:0c:81:24:5e:24:7d:fd:fa:
70:00:77:de:ec:49:6d:82:ca:fa:d8:b0:8c:d6:3b:12:fa:b8:
b5:37:07:79:e6:c1:e6:9a:5c:4a:99:fe:c2:19:1c:d5:05:c2:
24:e8:61:54:14:17:30:6a:c3:fa:c0:53:43:ba:18:aa:be:44:
df:d8:45:fd:d9:c7:b5:31:bf:54:ca:7f:2a:c6:71:58:2a:ed:
0b:aa:03:2f:ac:fe:72:f2:07:02:97:1f:24:e7:48:24:57:1f:
be:82:49:20:ff:23:8b:25:5c:3f:74:d4:36:be:45:c3:f1:59:
bd:00:62:97:4b:bf:ad:c4:5d:84:46:23:29:8a:6a:72:c7:ef:
e1:7a:55:fb:fe:cf:f3:64:cb:be:03:e3:27:6b:18:c1:ba:1e:
71:73:3a:80
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUJ4wwx2I4rgUO4D7BC02bDxhy5EQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFFMDkzMjZGNjhDRTAxMTM2MzVFQUNBRjRFMzczOTRB
RTRFMkQ4QzAeFw0yNDA4MjgwMzU3MTVaFw0yNTA4MjcwNDAyMTVaMDMxMTAvBgNV
BAMTKDFEODk1ODcwNUZEQURCOTVDQzU0NUVFMERGQkM5MTg4M0U2OEFFNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+uXjVcMBy4q1YTmBxqFyWWmZ7
hppuS1yrpKVe6I5+cAYNYU/QyGqFvV5T6oVXJOQebIA1DTiGeFNwWgMdltZrYSdl
Dp2Rjn0zxvkMuh02P1fXbdL9Ideuw7/GBS3P1hLE9ZIQovr7wNGqEJ0Ama4Qh66f
/Aure9ntttB8kOJuAVRHdzhVzbp6QkYXV/AL6n4jWiq+/PMh6P6PQbv1Nlaza2Ut
cGQtp8yd+dz6/bFrLJV8n1jpPmW3yN+Jw2QFbjppE3EQjSSLnCtJKERxiNCZKyZs
Zs/2EEn6xv1pSY/DniteXcV3wtRHK2il7avTLfSiKKit1VF1qnM/rUsAA0gXAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUHYlYcF/a25XMVF7g37yRiD5orncwHwYDVR0j
BBgwFoAUQeCTJvaM4BE2NerK9ONzlK5OLYwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
ZjBmMmJkOS00MmFlLTQ0OWEtOGQ1Ny1iMjZkYTA0ZDdlZTEvMC80MUUwOTMyNkY2
OENFMDExMzYzNUVBQ0FGNEUzNzM5NEFFNEUyRDhDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDFFMDkzMjZGNjhDRTAxMTM2MzVFQUNBRjRFMzczOTRBRTRF
MkQ4Qy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZmMGYyYmQ5LTQyYWUtNDQ5YS04
ZDU3LWIyNmRhMDRkN2VlMS8wLzMyMzAzMjJlMzEzNzMzMmUzNzMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzIzMzM2MzkzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMqtRzANBgkqhkiG
9w0BAQsFAAOCAQEAlB6B0exskc+gOv1xrEA5a4hwNAtjs4+9xiKAb+gcF7Qz+tc9
snEyScZb3k0jJqW6zpoNfEZ1ZnXcVBnKo+d2LR62R38QiaUjGfJ8q4nAePqGgPLk
LEgEKASpNix8G+aUIOnvlQyBJF4kff36cAB33uxJbYLK+tiwjNY7Evq4tTcHeebB
5ppcSpn+whkc1QXCJOhhVBQXMGrD+sBTQ7oYqr5E39hF/dnHtTG/VMp/KsZxWCrt
C6oDL6z+cvIHApcfJOdIJFcfvoJJIP8jiyVcP3TUNr5Fw/FZvQBil0u/rcRdhEYj
KYpqcsfv4XpV+/7P82TLvgPjJ2sYwboecXM6gA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:30:23 2025 by rpki-client