Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/6fc3cbc4-8883-411c-876e-e9e23a8d8ad9/0/3230322e37332e31382e302f32342d3234203d3e203538383136.roa
File: 3230322e37332e31382e302f32342d3234203d3e203538383136.roa (raw, json)
Hash identifier: 2KzZDAzCYvLDGmuyMQTwS12UkngL2r4uYLx3E6PowDU=
Subject key identifier: 26:7F:77:6D:C9:90:4F:DB:E7:A4:38:6D:85:47:F1:02:42:50:B4:2D
Certificate issuer: /CN=2042008AEC80152F373D2A04DFD3893EE2F92166
Certificate serial: 01CABE87C629477EEDD5D0DA357779AA2FFBD878
Authority key identifier: 20:42:00:8A:EC:80:15:2F:37:3D:2A:04:DF:D3:89:3E:E2:F9:21:66
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2042008AEC80152F373D2A04DFD3893EE2F92166.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/6fc3cbc4-8883-411c-876e-e9e23a8d8ad9/0/3230322e37332e31382e302f32342d3234203d3e203538383136.roa
Signing time: Thu 13 Mar 2025 11:01:36 +0000
ROA not before: Thu 13 Mar 2025 10:56:36 +0000
ROA not after: Thu 12 Mar 2026 11:01:36 +0000
asID: 58816
IP address blocks: 202.73.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:ca:be:87:c6:29:47:7e:ed:d5:d0:da:35:77:79:aa:2f:fb:d8:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2042008AEC80152F373D2A04DFD3893EE2F92166
Validity
Not Before: Mar 13 10:56:36 2025 GMT
Not After : Mar 12 11:01:36 2026 GMT
Subject: CN=267F776DC9904FDBE7A4386D8547F1024250B42D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fc:32:06:cb:0e:d0:81:c2:88:5c:a2:26:d6:
76:bd:a4:28:b8:aa:3f:77:72:6d:6c:8f:7a:8d:32:
51:57:1a:e8:a0:7c:09:bd:fe:34:0b:1e:d7:b3:07:
c9:1e:72:ec:84:ba:bf:24:71:12:60:13:21:74:13:
e5:ee:71:65:fd:c9:ba:6d:e5:b1:b5:51:d6:2e:a7:
67:b2:07:d7:c0:72:43:ca:30:7f:08:56:41:d3:34:
a9:80:54:10:ff:63:06:30:a7:0a:36:f5:23:b5:7a:
c5:28:40:5c:40:a8:d9:00:60:6c:3b:83:84:8a:20:
a4:11:0c:15:a1:97:94:1d:6d:22:1c:38:6a:56:67:
e1:f0:13:db:49:3e:2d:c8:48:a2:0c:76:58:e0:e8:
48:66:4f:b0:e5:fe:38:20:9f:d3:89:bc:a7:e0:1f:
cd:81:50:62:58:9d:17:ab:e5:62:0f:75:2e:06:5d:
42:8f:48:71:fc:df:f1:f7:a8:62:67:4e:87:8e:c7:
dd:77:d3:23:71:4c:c7:04:05:07:13:36:04:a7:70:
fc:5f:0a:74:b9:b3:b5:8b:e8:11:cf:bc:77:62:22:
5e:a6:8a:e6:76:47:22:10:da:2a:bb:bc:29:ba:9b:
2c:45:8f:8e:45:cf:07:3c:bc:29:05:37:d9:b8:78:
04:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:7F:77:6D:C9:90:4F:DB:E7:A4:38:6D:85:47:F1:02:42:50:B4:2D
X509v3 Authority Key Identifier:
keyid:20:42:00:8A:EC:80:15:2F:37:3D:2A:04:DF:D3:89:3E:E2:F9:21:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/6fc3cbc4-8883-411c-876e-e9e23a8d8ad9/0/2042008AEC80152F373D2A04DFD3893EE2F92166.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2042008AEC80152F373D2A04DFD3893EE2F92166.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6fc3cbc4-8883-411c-876e-e9e23a8d8ad9/0/3230322e37332e31382e302f32342d3234203d3e203538383136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.73.18.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:ae:0a:f9:8b:33:97:bd:73:84:7f:20:35:d3:34:28:30:0a:
67:05:10:a5:f1:0b:ae:dc:19:3f:18:0d:fb:d1:4d:89:4f:ca:
71:cf:ee:0b:87:db:c1:7c:f1:d9:54:1b:ab:08:cb:1c:2b:e1:
e7:1c:86:93:e9:f7:9c:e7:17:f2:28:ca:63:a9:15:a8:82:5b:
93:56:d7:59:c8:a0:27:3e:35:eb:96:1c:e4:8d:ce:c4:14:b3:
d7:ae:2e:94:90:c8:d3:62:50:aa:89:9c:d5:af:c2:79:44:38:
85:15:2f:a2:42:16:24:d2:d1:b7:e1:b4:ed:4b:9d:d1:46:af:
10:f5:ad:38:49:e2:5a:07:35:44:d4:4f:bb:f9:81:09:aa:af:
41:73:2a:b2:56:32:21:1f:b6:c7:f5:aa:af:66:a5:05:aa:aa:
df:cc:d3:ea:02:e2:ce:f5:ae:50:7a:f9:71:06:2f:66:9e:95:
a1:07:0e:5b:86:9c:96:44:08:65:f2:30:ec:30:12:6d:fb:d3:
8a:77:5c:93:76:5f:44:8c:80:dc:34:4b:cc:e9:17:63:c6:e5:
5f:97:65:2e:49:df:73:3d:54:07:7b:0d:09:e3:b2:64:f3:d3:
63:52:a6:bb:49:4b:48:9e:b3:09:6b:e0:6e:97:54:02:88:dd:
a1:c1:0c:6d
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUAcq+h8YpR37t1dDaNXd5qi/72HgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjA0MjAwOEFFQzgwMTUyRjM3M0QyQTA0REZEMzg5M0VF
MkY5MjE2NjAeFw0yNTAzMTMxMDU2MzZaFw0yNjAzMTIxMTAxMzZaMDMxMTAvBgNV
BAMTKDI2N0Y3NzZEQzk5MDRGREJFN0E0Mzg2RDg1NDdGMTAyNDI1MEI0MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC/DIGyw7QgcKIXKIm1na9pCi4
qj93cm1sj3qNMlFXGuigfAm9/jQLHtezB8kecuyEur8kcRJgEyF0E+XucWX9ybpt
5bG1UdYup2eyB9fAckPKMH8IVkHTNKmAVBD/YwYwpwo29SO1esUoQFxAqNkAYGw7
g4SKIKQRDBWhl5QdbSIcOGpWZ+HwE9tJPi3ISKIMdljg6EhmT7Dl/jggn9OJvKfg
H82BUGJYnRer5WIPdS4GXUKPSHH83/H3qGJnToeOx9130yNxTMcEBQcTNgSncPxf
CnS5s7WL6BHPvHdiIl6miuZ2RyIQ2iq7vCm6myxFj45Fzwc8vCkFN9m4eATvAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUJn93bcmQT9vnpDhthUfxAkJQtC0wHwYDVR0j
BBgwFoAUIEIAiuyAFS83PSoE39OJPuL5IWYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
ZmMzY2JjNC04ODgzLTQxMWMtODc2ZS1lOWUyM2E4ZDhhZDkvMC8yMDQyMDA4QUVD
ODAxNTJGMzczRDJBMDRERkQzODkzRUUyRjkyMTY2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjA0MjAwOEFFQzgwMTUyRjM3M0QyQTA0REZEMzg5M0VFMkY5
MjE2Ni5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZmYzNjYmM0LTg4ODMtNDExYy04
NzZlLWU5ZTIzYThkOGFkOS8wLzMyMzAzMjJlMzczMzJlMzEzODJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDM1MzgzODMxMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKSRIwDQYJKoZIhvcN
AQELBQADggEBAKOuCvmLM5e9c4R/IDXTNCgwCmcFEKXxC67cGT8YDfvRTYlPynHP
7guH28F88dlUG6sIyxwr4ecchpPp95znF/IoymOpFaiCW5NW11nIoCc+NeuWHOSN
zsQUs9euLpSQyNNiUKqJnNWvwnlEOIUVL6JCFiTS0bfhtO1LndFGrxD1rThJ4loH
NUTUT7v5gQmqr0FzKrJWMiEftsf1qq9mpQWqqt/M0+oC4s71rlB6+XEGL2aelaEH
DluGnJZECGXyMOwwEm3704p3XJN2X0SMgNw0S8zpF2PG5V+XZS5J33M9VAd7DQnj
smTz02NSprtJS0ieswlr4G6XVAKI3aHBDG0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:41:28 2025 by rpki-client