Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/6fc3cbc4-8883-411c-876e-e9e23a8d8ad9/0/34332e3235322e3138362e302f32342d3234203d3e203538383136.roa
File: 34332e3235322e3138362e302f32342d3234203d3e203538383136.roa (raw, json)
Hash identifier: cEeTKWmwIc5D8VRx4Wjyqi25fM0+EqJrs6oXdMSObyg=
Subject key identifier: 1E:D7:2E:FD:86:B4:DC:92:44:82:A4:23:DB:EC:71:BE:A3:D7:D4:D8
Certificate issuer: /CN=2042008AEC80152F373D2A04DFD3893EE2F92166
Certificate serial: 335745D04FBDCFBAF317191BA07C4FF09DA329BE
Authority key identifier: 20:42:00:8A:EC:80:15:2F:37:3D:2A:04:DF:D3:89:3E:E2:F9:21:66
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2042008AEC80152F373D2A04DFD3893EE2F92166.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/6fc3cbc4-8883-411c-876e-e9e23a8d8ad9/0/34332e3235322e3138362e302f32342d3234203d3e203538383136.roa
Signing time: Thu 13 Mar 2025 11:01:36 +0000
ROA not before: Thu 13 Mar 2025 10:56:36 +0000
ROA not after: Thu 12 Mar 2026 11:01:36 +0000
asID: 58816
IP address blocks: 43.252.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:57:45:d0:4f:bd:cf:ba:f3:17:19:1b:a0:7c:4f:f0:9d:a3:29:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2042008AEC80152F373D2A04DFD3893EE2F92166
Validity
Not Before: Mar 13 10:56:36 2025 GMT
Not After : Mar 12 11:01:36 2026 GMT
Subject: CN=1ED72EFD86B4DC924482A423DBEC71BEA3D7D4D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ce:b3:2e:f8:d2:46:74:79:03:48:0a:0d:3d:
ce:b6:98:9c:14:a4:24:f5:f3:8b:f9:cd:f5:c2:06:
ff:d4:6e:55:bf:55:3a:e8:60:12:73:c7:e9:cd:87:
ce:4c:1a:fd:f2:2c:47:3a:8e:2e:b0:c7:d1:f2:be:
d5:92:ef:ce:ee:ec:2e:c9:85:0e:de:55:ff:b5:54:
9e:7d:52:13:62:18:bc:cc:bb:ba:c9:97:bb:7e:3c:
2c:fa:a6:b8:69:19:b3:78:a3:24:b9:bc:61:87:45:
76:88:10:12:2f:a5:54:c9:39:1c:e3:3f:70:c3:96:
f1:f3:c6:ca:bd:65:b4:8d:32:57:02:bd:c9:28:d0:
8a:a6:cf:a5:0d:5c:d8:96:d0:c8:7f:a5:80:c7:c1:
67:67:24:29:be:c3:70:fd:37:a0:51:53:7a:12:03:
c5:bb:9d:42:3d:05:de:6a:8f:c7:93:47:41:8c:44:
a5:56:d4:ad:b3:ff:22:84:e1:1f:1f:47:5e:0a:6e:
d0:23:ea:fb:3a:a3:d8:14:79:75:ab:93:42:aa:d1:
b1:e2:33:4d:8d:c3:d6:44:f8:96:a3:d9:d2:6b:88:
a8:41:fd:24:b0:92:d6:15:8f:56:f4:d0:de:2d:cc:
c1:15:38:e8:4b:7c:74:f1:66:64:70:51:58:8a:16:
8c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D7:2E:FD:86:B4:DC:92:44:82:A4:23:DB:EC:71:BE:A3:D7:D4:D8
X509v3 Authority Key Identifier:
keyid:20:42:00:8A:EC:80:15:2F:37:3D:2A:04:DF:D3:89:3E:E2:F9:21:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/6fc3cbc4-8883-411c-876e-e9e23a8d8ad9/0/2042008AEC80152F373D2A04DFD3893EE2F92166.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2042008AEC80152F373D2A04DFD3893EE2F92166.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6fc3cbc4-8883-411c-876e-e9e23a8d8ad9/0/34332e3235322e3138362e302f32342d3234203d3e203538383136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.252.186.0/24
Signature Algorithm: sha256WithRSAEncryption
64:00:30:a0:0e:38:54:da:4c:cf:1a:62:f9:93:29:26:0b:32:
12:73:04:1e:15:92:15:2c:5d:7a:e9:9e:be:62:c6:be:61:8e:
14:43:af:ff:e6:33:8a:f7:a8:b9:37:9b:1a:ad:c8:f4:0e:31:
5d:e9:65:6a:aa:7b:1c:c1:37:d6:af:f1:fc:2a:b1:42:1a:0b:
38:07:de:b7:18:2b:0f:e5:49:63:f1:ad:0f:82:28:b0:6d:c3:
33:d6:d4:77:35:a7:81:69:ae:56:04:02:26:65:1f:a8:50:77:
37:71:fa:b4:e5:7b:a9:c8:af:de:a1:08:aa:66:8a:f7:9b:a5:
02:35:0f:59:bb:04:54:9b:d6:0f:ae:2a:73:46:91:60:63:8f:
9c:99:8b:2a:d1:8d:0c:f0:e4:3d:39:54:60:c8:18:48:54:5d:
32:bf:72:82:f9:5b:de:5f:5c:18:73:8e:2a:89:a0:2f:d3:26:
fc:79:8c:50:64:29:ba:a0:1d:b4:0b:de:3a:e1:73:73:33:a2:
10:36:71:25:20:54:8c:cb:24:61:42:cb:d3:6c:9f:34:ae:b9:
33:d1:d4:9a:b0:98:7d:48:95:e4:e4:f7:6b:4a:7a:d9:10:dd:
8e:f9:2b:77:df:c7:68:cf:06:22:e2:59:8f:b3:fd:b1:3f:d5:
67:c8:06:1c
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUM1dF0E+9z7rzFxkboHxP8J2jKb4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjA0MjAwOEFFQzgwMTUyRjM3M0QyQTA0REZEMzg5M0VF
MkY5MjE2NjAeFw0yNTAzMTMxMDU2MzZaFw0yNjAzMTIxMTAxMzZaMDMxMTAvBgNV
BAMTKDFFRDcyRUZEODZCNERDOTI0NDgyQTQyM0RCRUM3MUJFQTNEN0Q0RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEzrMu+NJGdHkDSAoNPc62mJwU
pCT184v5zfXCBv/UblW/VTroYBJzx+nNh85MGv3yLEc6ji6wx9HyvtWS787u7C7J
hQ7eVf+1VJ59UhNiGLzMu7rJl7t+PCz6prhpGbN4oyS5vGGHRXaIEBIvpVTJORzj
P3DDlvHzxsq9ZbSNMlcCvcko0Iqmz6UNXNiW0Mh/pYDHwWdnJCm+w3D9N6BRU3oS
A8W7nUI9Bd5qj8eTR0GMRKVW1K2z/yKE4R8fR14KbtAj6vs6o9gUeXWrk0Kq0bHi
M02Nw9ZE+Jaj2dJriKhB/SSwktYVj1b00N4tzMEVOOhLfHTxZmRwUViKFoy5AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUHtcu/Ya03JJEgqQj2+xxvqPX1NgwHwYDVR0j
BBgwFoAUIEIAiuyAFS83PSoE39OJPuL5IWYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
ZmMzY2JjNC04ODgzLTQxMWMtODc2ZS1lOWUyM2E4ZDhhZDkvMC8yMDQyMDA4QUVD
ODAxNTJGMzczRDJBMDRERkQzODkzRUUyRjkyMTY2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjA0MjAwOEFFQzgwMTUyRjM3M0QyQTA0REZEMzg5M0VFMkY5
MjE2Ni5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZmYzNjYmM0LTg4ODMtNDExYy04
NzZlLWU5ZTIzYThkOGFkOS8wLzM0MzMyZTMyMzUzMjJlMzEzODM2MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzODM4MzEzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACv8ujANBgkqhkiG
9w0BAQsFAAOCAQEAZAAwoA44VNpMzxpi+ZMpJgsyEnMEHhWSFSxdeumevmLGvmGO
FEOv/+YziveouTebGq3I9A4xXellaqp7HME31q/x/CqxQhoLOAfetxgrD+VJY/Gt
D4IosG3DM9bUdzWngWmuVgQCJmUfqFB3N3H6tOV7qciv3qEIqmaK95ulAjUPWbsE
VJvWD64qc0aRYGOPnJmLKtGNDPDkPTlUYMgYSFRdMr9ygvlb3l9cGHOOKomgL9Mm
/HmMUGQpuqAdtAveOuFzczOiEDZxJSBUjMskYULL02yfNK65M9HUmrCYfUiV5OT3
a0p62RDdjvkrd9/HaM8GIuJZj7P9sT/VZ8gGHA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:48:14 2025 by rpki-client