Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/6fc3cbc4-8883-411c-876e-e9e23a8d8ad9/0/34332e3235322e3138342e302f32342d3234203d3e203538383136.roa
File: 34332e3235322e3138342e302f32342d3234203d3e203538383136.roa (raw, json)
Hash identifier: zkaOl3WDUKt7L8bc11OX90l50YOHPUCk7N8DGiMpczs=
Subject key identifier: 77:01:C2:4F:83:E8:C8:FB:02:3A:74:FC:B4:15:EC:7E:14:76:CD:B2
Certificate issuer: /CN=2042008AEC80152F373D2A04DFD3893EE2F92166
Certificate serial: 351C529DFD8D5BF98B539BA614EBC74E23742845
Authority key identifier: 20:42:00:8A:EC:80:15:2F:37:3D:2A:04:DF:D3:89:3E:E2:F9:21:66
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2042008AEC80152F373D2A04DFD3893EE2F92166.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/6fc3cbc4-8883-411c-876e-e9e23a8d8ad9/0/34332e3235322e3138342e302f32342d3234203d3e203538383136.roa
Signing time: Thu 13 Mar 2025 11:01:37 +0000
ROA not before: Thu 13 Mar 2025 10:56:37 +0000
ROA not after: Thu 12 Mar 2026 11:01:37 +0000
asID: 58816
IP address blocks: 43.252.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:1c:52:9d:fd:8d:5b:f9:8b:53:9b:a6:14:eb:c7:4e:23:74:28:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2042008AEC80152F373D2A04DFD3893EE2F92166
Validity
Not Before: Mar 13 10:56:37 2025 GMT
Not After : Mar 12 11:01:37 2026 GMT
Subject: CN=7701C24F83E8C8FB023A74FCB415EC7E1476CDB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f8:06:ad:82:c4:96:b5:61:e6:92:ce:d0:54:
03:d1:1c:68:0b:2c:93:cc:9e:ef:d3:98:45:fc:77:
87:c2:8b:93:1e:06:c8:97:81:47:b1:21:3a:ac:4b:
34:5e:67:52:c5:0b:c6:2e:56:ed:d1:56:84:d2:73:
5a:73:b3:cb:50:e6:3f:92:6c:cd:b5:33:67:4e:d4:
3c:b2:fb:71:48:72:10:da:ef:d6:b1:ed:09:c9:5c:
dd:78:82:8e:a5:79:fb:0d:13:b1:d1:49:e9:a0:8e:
9f:05:2d:b2:41:16:8f:ef:a3:c9:24:77:8a:05:53:
50:c9:e7:e7:73:44:a6:00:38:eb:ac:29:65:3b:81:
87:d3:20:3a:aa:17:6c:dd:d9:fb:cf:bd:84:59:73:
e1:0f:46:4f:74:c1:1b:c2:5b:75:37:26:10:ec:8a:
bc:54:cb:46:7e:5e:e1:17:a7:fe:27:4d:89:85:b7:
59:63:07:c3:29:f0:f5:f4:da:12:4b:0c:f4:bb:df:
af:8f:af:1f:f2:05:53:87:22:b3:fb:4f:e1:32:df:
9b:ed:67:6f:25:8a:b8:0e:8f:10:ce:77:bb:54:7a:
4a:48:ed:69:2a:7b:20:f5:85:b0:07:6a:07:12:6d:
bd:95:70:34:54:4b:39:a9:51:76:8f:b3:ef:63:90:
b3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:01:C2:4F:83:E8:C8:FB:02:3A:74:FC:B4:15:EC:7E:14:76:CD:B2
X509v3 Authority Key Identifier:
keyid:20:42:00:8A:EC:80:15:2F:37:3D:2A:04:DF:D3:89:3E:E2:F9:21:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/6fc3cbc4-8883-411c-876e-e9e23a8d8ad9/0/2042008AEC80152F373D2A04DFD3893EE2F92166.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2042008AEC80152F373D2A04DFD3893EE2F92166.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6fc3cbc4-8883-411c-876e-e9e23a8d8ad9/0/34332e3235322e3138342e302f32342d3234203d3e203538383136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.252.184.0/24
Signature Algorithm: sha256WithRSAEncryption
55:8d:28:c2:5d:e8:e7:71:ed:af:f3:08:0f:64:38:95:6d:33:
a8:3b:29:d7:45:78:09:55:c5:46:0c:5c:ad:24:11:7d:7a:c8:
a8:87:8e:84:9f:48:ed:68:2a:4f:75:84:5c:4e:ec:7d:1b:fc:
be:d2:0d:72:f1:e9:bf:05:9e:99:d3:68:94:57:b9:de:86:9d:
3b:a5:8f:78:37:50:31:13:4b:61:bb:67:70:aa:d7:e2:e4:96:
84:59:a6:5d:6f:7d:ba:c7:01:72:d6:06:47:19:ab:77:cd:07:
47:4b:46:52:07:7d:d3:fa:b4:bd:b2:ee:1f:d8:e5:9a:ae:ab:
95:35:d7:fc:67:60:51:b7:2f:72:3e:0c:82:04:74:98:71:4f:
68:bd:36:33:85:17:e8:57:dd:74:15:e0:23:0e:18:53:82:dc:
d2:e8:21:99:2d:1a:02:a0:e1:19:c4:4a:20:cc:a6:37:fe:60:
71:d5:02:8f:c5:f6:96:bb:c0:d2:ed:15:ca:ae:47:c9:e4:4a:
87:83:c6:50:9a:6f:c5:2b:6a:bf:f9:f8:b1:74:e5:84:54:03:
b2:8d:c9:77:21:69:31:71:60:18:0e:3f:95:5c:de:c3:5b:ca:
ee:5f:f5:39:b9:83:41:2a:e6:8d:06:d6:f8:1a:46:43:b6:8a:
ef:f0:65:6b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUNRxSnf2NW/mLU5umFOvHTiN0KEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjA0MjAwOEFFQzgwMTUyRjM3M0QyQTA0REZEMzg5M0VF
MkY5MjE2NjAeFw0yNTAzMTMxMDU2MzdaFw0yNjAzMTIxMTAxMzdaMDMxMTAvBgNV
BAMTKDc3MDFDMjRGODNFOEM4RkIwMjNBNzRGQ0I0MTVFQzdFMTQ3NkNEQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn+AatgsSWtWHmks7QVAPRHGgL
LJPMnu/TmEX8d4fCi5MeBsiXgUexITqsSzReZ1LFC8YuVu3RVoTSc1pzs8tQ5j+S
bM21M2dO1Dyy+3FIchDa79ax7QnJXN14go6lefsNE7HRSemgjp8FLbJBFo/vo8kk
d4oFU1DJ5+dzRKYAOOusKWU7gYfTIDqqF2zd2fvPvYRZc+EPRk90wRvCW3U3JhDs
irxUy0Z+XuEXp/4nTYmFt1ljB8Mp8PX02hJLDPS736+Prx/yBVOHIrP7T+Ey35vt
Z28lirgOjxDOd7tUekpI7WkqeyD1hbAHagcSbb2VcDRUSzmpUXaPs+9jkLPpAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUdwHCT4PoyPsCOnT8tBXsfhR2zbIwHwYDVR0j
BBgwFoAUIEIAiuyAFS83PSoE39OJPuL5IWYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
ZmMzY2JjNC04ODgzLTQxMWMtODc2ZS1lOWUyM2E4ZDhhZDkvMC8yMDQyMDA4QUVD
ODAxNTJGMzczRDJBMDRERkQzODkzRUUyRjkyMTY2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjA0MjAwOEFFQzgwMTUyRjM3M0QyQTA0REZEMzg5M0VFMkY5
MjE2Ni5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZmYzNjYmM0LTg4ODMtNDExYy04
NzZlLWU5ZTIzYThkOGFkOS8wLzM0MzMyZTMyMzUzMjJlMzEzODM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzODM4MzEzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACv8uDANBgkqhkiG
9w0BAQsFAAOCAQEAVY0owl3o53Htr/MID2Q4lW0zqDsp10V4CVXFRgxcrSQRfXrI
qIeOhJ9I7WgqT3WEXE7sfRv8vtINcvHpvwWemdNolFe53oadO6WPeDdQMRNLYbtn
cKrX4uSWhFmmXW99uscBctYGRxmrd80HR0tGUgd90/q0vbLuH9jlmq6rlTXX/Gdg
Ubcvcj4MggR0mHFPaL02M4UX6FfddBXgIw4YU4Lc0ughmS0aAqDhGcRKIMymN/5g
cdUCj8X2lrvA0u0Vyq5HyeRKh4PGUJpvxStqv/n4sXTlhFQDso3JdyFpMXFgGA4/
lVzew1vK7l/1ObmDQSrmjQbW+BpGQ7aK7/Blaw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:44:21 2025 by rpki-client