Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/3230322e3137332e39342e302f32342d3234203d3e203233363935.roa
File: 3230322e3137332e39342e302f32342d3234203d3e203233363935.roa (raw, json)
Hash identifier: kYREuhiT4n/pjRYISa3PHavGRxERDOS8izljvugeJrk=
Subject key identifier: 2F:D3:BB:8C:ED:AE:66:FA:57:6F:02:88:66:90:E5:69:AB:A0:1B:77
Certificate issuer: /CN=41E09326F68CE0113635EACAF4E37394AE4E2D8C
Certificate serial: 5EA9AA22108303BD376CB3B999E3AD39A7449A10
Authority key identifier: 41:E0:93:26:F6:8C:E0:11:36:35:EA:CA:F4:E3:73:94:AE:4E:2D:8C
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/41E09326F68CE0113635EACAF4E37394AE4E2D8C.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/3230322e3137332e39342e302f32342d3234203d3e203233363935.roa
Signing time: Tue 10 Sep 2024 04:00:02 +0000
ROA not before: Tue 10 Sep 2024 03:55:02 +0000
ROA not after: Tue 09 Sep 2025 04:00:02 +0000
asID: 23695
IP address blocks: 202.173.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:a9:aa:22:10:83:03:bd:37:6c:b3:b9:99:e3:ad:39:a7:44:9a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41E09326F68CE0113635EACAF4E37394AE4E2D8C
Validity
Not Before: Sep 10 03:55:02 2024 GMT
Not After : Sep 9 04:00:02 2025 GMT
Subject: CN=2FD3BB8CEDAE66FA576F02886690E569ABA01B77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:92:ac:83:4b:4f:4b:c3:db:9d:2a:9e:1e:bd:
f3:98:6b:9f:87:2f:fb:31:8d:52:a0:12:6a:06:90:
cc:7c:ba:75:19:e1:ca:05:92:9e:0a:4b:b2:10:4b:
cf:43:41:1c:0f:17:7e:3b:12:12:b3:66:f9:2c:7c:
74:6b:87:9c:6b:2b:6f:9b:19:6e:04:8e:69:0f:28:
cc:01:86:96:f1:c5:48:08:a8:86:dd:6a:d5:0a:8c:
c7:5b:b9:ce:e7:5f:e0:19:9f:68:e8:37:f2:74:18:
f8:8b:6e:2b:4a:a4:9b:86:05:15:e5:56:4d:00:0d:
22:19:bd:cd:02:13:21:07:0d:76:4b:1c:fd:9f:c2:
ef:d0:b9:eb:a1:54:f9:53:09:70:b0:31:8e:00:3f:
41:63:68:5c:12:b2:8f:ca:a2:d3:45:f5:3b:2b:e8:
bb:9a:cc:d0:d1:07:93:72:09:61:54:a5:7d:b5:be:
0e:2a:84:9e:78:15:87:ed:7d:48:d3:cd:eb:42:39:
ef:1e:fc:b6:35:88:0c:25:23:99:c9:79:99:c7:b4:
54:be:ae:75:e8:c9:54:53:2f:91:52:3e:e6:3a:28:
28:66:4b:28:6c:f2:7e:94:95:47:0b:df:94:fc:c4:
4d:7a:8a:79:5e:cd:4b:ba:bc:77:38:c6:61:d6:c5:
7e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D3:BB:8C:ED:AE:66:FA:57:6F:02:88:66:90:E5:69:AB:A0:1B:77
X509v3 Authority Key Identifier:
keyid:41:E0:93:26:F6:8C:E0:11:36:35:EA:CA:F4:E3:73:94:AE:4E:2D:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/41E09326F68CE0113635EACAF4E37394AE4E2D8C.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/41E09326F68CE0113635EACAF4E37394AE4E2D8C.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6f0f2bd9-42ae-449a-8d57-b26da04d7ee1/0/3230322e3137332e39342e302f32342d3234203d3e203233363935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.173.94.0/24
Signature Algorithm: sha256WithRSAEncryption
73:c0:e5:35:44:3f:bf:06:b7:f5:7d:ed:9c:81:f9:c0:64:95:
05:d2:0e:17:54:2b:79:7a:9b:cb:5e:10:b5:7c:88:9d:1d:c7:
4f:89:0e:b2:29:1e:e5:be:0c:2b:0a:ac:07:50:59:55:33:e2:
72:1f:03:87:82:3e:4d:ae:13:3c:f2:1a:75:60:97:74:8f:06:
00:a2:bf:65:e4:02:9b:03:dc:f1:59:12:89:2c:54:23:5f:e5:
8c:cf:2e:3f:58:21:c9:a9:ea:f0:5c:16:94:d6:70:b3:dd:ba:
34:d5:0c:97:7a:b8:64:da:8a:d1:37:61:c3:67:05:22:a9:df:
8c:c4:e5:e2:14:66:e2:45:e2:e3:fe:05:e3:7f:12:fd:73:ff:
08:ec:8f:37:fc:b1:be:63:6e:fd:06:61:dc:ab:38:bd:00:e7:
74:66:81:32:55:95:e8:a9:0b:17:74:cd:03:02:a5:c8:cb:53:
72:18:2c:86:70:c3:0a:9c:ba:d7:94:51:8b:2d:16:f4:de:ff:
27:71:b2:95:66:63:25:38:9a:07:a2:d9:c2:ec:fc:0b:79:ca:
fd:e0:2e:d5:42:11:ed:ab:6e:c7:6c:b3:4a:c6:bd:f1:29:c1:
50:2f:65:6b:d7:ff:d7:05:58:c4:7e:b1:6a:70:fc:6b:24:d9:
ef:92:62:61
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUXqmqIhCDA703bLO5meOtOadEmhAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFFMDkzMjZGNjhDRTAxMTM2MzVFQUNBRjRFMzczOTRB
RTRFMkQ4QzAeFw0yNDA5MTAwMzU1MDJaFw0yNTA5MDkwNDAwMDJaMDMxMTAvBgNV
BAMTKDJGRDNCQjhDRURBRTY2RkE1NzZGMDI4ODY2OTBFNTY5QUJBMDFCNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFkqyDS09Lw9udKp4evfOYa5+H
L/sxjVKgEmoGkMx8unUZ4coFkp4KS7IQS89DQRwPF347EhKzZvksfHRrh5xrK2+b
GW4EjmkPKMwBhpbxxUgIqIbdatUKjMdbuc7nX+AZn2joN/J0GPiLbitKpJuGBRXl
Vk0ADSIZvc0CEyEHDXZLHP2fwu/QueuhVPlTCXCwMY4AP0FjaFwSso/KotNF9Tsr
6LuazNDRB5NyCWFUpX21vg4qhJ54FYftfUjTzetCOe8e/LY1iAwlI5nJeZnHtFS+
rnXoyVRTL5FSPuY6KChmSyhs8n6UlUcL35T8xE16inlezUu6vHc4xmHWxX71AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUL9O7jO2uZvpXbwKIZpDlaaugG3cwHwYDVR0j
BBgwFoAUQeCTJvaM4BE2NerK9ONzlK5OLYwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
ZjBmMmJkOS00MmFlLTQ0OWEtOGQ1Ny1iMjZkYTA0ZDdlZTEvMC80MUUwOTMyNkY2
OENFMDExMzYzNUVBQ0FGNEUzNzM5NEFFNEUyRDhDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDFFMDkzMjZGNjhDRTAxMTM2MzVFQUNBRjRFMzczOTRBRTRF
MkQ4Qy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZmMGYyYmQ5LTQyYWUtNDQ5YS04
ZDU3LWIyNmRhMDRkN2VlMS8wLzMyMzAzMjJlMzEzNzMzMmUzOTM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzIzMzM2MzkzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMqtXjANBgkqhkiG
9w0BAQsFAAOCAQEAc8DlNUQ/vwa39X3tnIH5wGSVBdIOF1QreXqby14QtXyInR3H
T4kOsike5b4MKwqsB1BZVTPich8Dh4I+Ta4TPPIadWCXdI8GAKK/ZeQCmwPc8VkS
iSxUI1/ljM8uP1ghyanq8FwWlNZws926NNUMl3q4ZNqK0Tdhw2cFIqnfjMTl4hRm
4kXi4/4F438S/XP/COyPN/yxvmNu/QZh3Ks4vQDndGaBMlWV6KkLF3TNAwKlyMtT
chgshnDDCpy615RRiy0W9N7/J3GylWZjJTiaB6LZwuz8C3nK/eAu1UIR7atux2yz
Ssa98SnBUC9la9f/1wVYxH6xanD8ayTZ75JiYQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:30:48 2025 by rpki-client