Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/3230322e3137332e38392e302f32342d3234203d3e203233363935.roa
File: 3230322e3137332e38392e302f32342d3234203d3e203233363935.roa (raw, json)
Hash identifier: lhuajvGIv7rcCg6mlRyz9c9eb3L+IyDr9Q9rPP2Ha5s=
Subject key identifier: 62:8D:21:8F:CD:D9:59:17:8D:C5:C9:67:5A:29:C1:34:BC:8D:08:AE
Certificate issuer: /CN=41E09326F68CE0113635EACAF4E37394AE4E2D8C
Certificate serial: 57025DE1BA73ACA592AAD823330F97DB89F708E5
Authority key identifier: 41:E0:93:26:F6:8C:E0:11:36:35:EA:CA:F4:E3:73:94:AE:4E:2D:8C
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/41E09326F68CE0113635EACAF4E37394AE4E2D8C.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/3230322e3137332e38392e302f32342d3234203d3e203233363935.roa
Signing time: Tue 10 Sep 2024 04:00:01 +0000
ROA not before: Tue 10 Sep 2024 03:55:01 +0000
ROA not after: Tue 09 Sep 2025 04:00:01 +0000
asID: 23695
IP address blocks: 202.173.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:02:5d:e1:ba:73:ac:a5:92:aa:d8:23:33:0f:97:db:89:f7:08:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41E09326F68CE0113635EACAF4E37394AE4E2D8C
Validity
Not Before: Sep 10 03:55:01 2024 GMT
Not After : Sep 9 04:00:01 2025 GMT
Subject: CN=628D218FCDD959178DC5C9675A29C134BC8D08AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:dd:91:fa:f5:ad:06:8b:a1:b2:42:a0:c8:c9:
2b:37:b1:8b:89:34:13:79:c1:5f:61:f4:ea:fd:c8:
3a:cc:72:b4:b2:27:6b:90:37:7c:e2:7f:c8:b6:3f:
59:ab:4a:95:86:d5:0f:2d:16:72:fc:b3:e6:e4:3e:
c4:e5:47:c0:a8:5c:e5:c1:35:50:4d:a7:cb:45:49:
16:9d:f4:39:19:e2:13:b6:e8:4f:8f:27:22:26:58:
43:66:38:20:85:b3:e4:43:a9:82:e1:65:83:55:20:
88:d1:b3:ae:af:89:37:cf:44:b3:f0:de:81:b0:0d:
7c:84:9d:dd:b6:90:28:94:12:72:21:d8:82:72:01:
0f:92:1e:5f:e8:ae:d1:6d:fc:c0:e3:1c:46:7e:50:
9b:13:70:3a:f5:e8:c6:01:15:d9:1f:21:62:aa:18:
05:a4:8e:25:da:9a:0d:ce:37:18:9a:e1:e8:1b:b5:
67:48:d6:f6:c5:27:3c:0b:17:69:52:96:35:12:03:
d3:a0:2a:5e:c6:21:d5:20:ae:89:76:cc:da:68:9d:
cd:cc:03:3e:80:fc:6b:70:11:d9:d4:ac:6f:67:33:
e0:42:35:34:90:56:7e:13:e0:09:10:10:70:2f:60:
d1:44:66:96:f0:13:6a:63:12:6a:e6:b2:84:8b:fb:
f5:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:8D:21:8F:CD:D9:59:17:8D:C5:C9:67:5A:29:C1:34:BC:8D:08:AE
X509v3 Authority Key Identifier:
keyid:41:E0:93:26:F6:8C:E0:11:36:35:EA:CA:F4:E3:73:94:AE:4E:2D:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/41E09326F68CE0113635EACAF4E37394AE4E2D8C.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/41E09326F68CE0113635EACAF4E37394AE4E2D8C.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/3230322e3137332e38392e302f32342d3234203d3e203233363935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.173.89.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:b6:43:5f:2a:1e:58:a6:07:7b:88:48:39:24:36:4e:84:c9:
35:ae:c2:2f:b2:83:55:42:99:93:5f:ca:6e:a2:7c:69:85:9b:
fd:05:29:87:0a:bc:3b:54:d6:51:8d:d0:47:3e:cd:b3:e9:ac:
e2:09:38:36:3a:59:b9:14:29:26:10:15:52:bc:50:a2:c2:f1:
58:75:8f:4f:a8:a0:b3:4f:f7:2b:53:75:eb:6c:2d:ce:7d:b1:
38:41:e9:10:00:13:b4:52:a1:d7:67:f1:8c:4d:a7:fc:8e:2e:
94:a1:0c:73:f7:33:08:a8:30:48:74:1a:eb:7f:57:b8:5d:d2:
f8:4d:91:b2:40:4d:e4:e2:74:3e:a6:04:82:59:a3:ef:3c:a3:
dc:68:dd:14:e8:4d:5a:54:c2:c3:cf:dc:5c:eb:f2:44:73:c9:
78:31:1b:a8:b3:31:36:c0:e3:14:90:ca:b0:e4:b0:1a:e2:58:
86:4f:73:2c:60:cd:97:7d:ce:83:b4:c0:68:ab:a8:14:5f:0e:
7c:a4:db:80:5c:77:7d:24:f8:5a:ac:71:43:22:fa:c6:6f:db:
8d:8a:bc:1b:36:2e:85:60:75:e4:e9:26:1a:03:35:fb:98:68:
29:4a:31:97:b3:71:50:a2:c6:61:01:87:ef:fc:19:87:2d:5e:
a3:06:49:1d
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUVwJd4bpzrKWSqtgjMw+X24n3COUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFFMDkzMjZGNjhDRTAxMTM2MzVFQUNBRjRFMzczOTRB
RTRFMkQ4QzAeFw0yNDA5MTAwMzU1MDFaFw0yNTA5MDkwNDAwMDFaMDMxMTAvBgNV
BAMTKDYyOEQyMThGQ0REOTU5MTc4REM1Qzk2NzVBMjlDMTM0QkM4RDA4QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+3ZH69a0Gi6GyQqDIySs3sYuJ
NBN5wV9h9Or9yDrMcrSyJ2uQN3zif8i2P1mrSpWG1Q8tFnL8s+bkPsTlR8CoXOXB
NVBNp8tFSRad9DkZ4hO26E+PJyImWENmOCCFs+RDqYLhZYNVIIjRs66viTfPRLPw
3oGwDXyEnd22kCiUEnIh2IJyAQ+SHl/ortFt/MDjHEZ+UJsTcDr16MYBFdkfIWKq
GAWkjiXamg3ONxia4egbtWdI1vbFJzwLF2lSljUSA9OgKl7GIdUgrol2zNponc3M
Az6A/GtwEdnUrG9nM+BCNTSQVn4T4AkQEHAvYNFEZpbwE2pjEmrmsoSL+/VhAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUYo0hj83ZWReNxclnWinBNLyNCK4wHwYDVR0j
BBgwFoAUQeCTJvaM4BE2NerK9ONzlK5OLYwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
ZjBmMmJkOS00MmFlLTQ0OWEtOGQ1Ny1iMjZkYTA0ZDdlZTEvMC80MUUwOTMyNkY2
OENFMDExMzYzNUVBQ0FGNEUzNzM5NEFFNEUyRDhDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDFFMDkzMjZGNjhDRTAxMTM2MzVFQUNBRjRFMzczOTRBRTRF
MkQ4Qy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZmMGYyYmQ5LTQyYWUtNDQ5YS04
ZDU3LWIyNmRhMDRkN2VlMS8wLzMyMzAzMjJlMzEzNzMzMmUzODM5MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzIzMzM2MzkzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMqtWTANBgkqhkiG
9w0BAQsFAAOCAQEAzbZDXyoeWKYHe4hIOSQ2ToTJNa7CL7KDVUKZk1/KbqJ8aYWb
/QUphwq8O1TWUY3QRz7Ns+ms4gk4NjpZuRQpJhAVUrxQosLxWHWPT6igs0/3K1N1
62wtzn2xOEHpEAATtFKh12fxjE2n/I4ulKEMc/czCKgwSHQa639XuF3S+E2RskBN
5OJ0PqYEglmj7zyj3GjdFOhNWlTCw8/cXOvyRHPJeDEbqLMxNsDjFJDKsOSwGuJY
hk9zLGDNl33Og7TAaKuoFF8OfKTbgFx3fST4WqxxQyL6xm/bjYq8GzYuhWB15Okm
GgM1+5hoKUoxl7NxUKLGYQGH7/wZhy1eowZJHQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:57:35 2025 by rpki-client