Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/323430333a393063303a3a2f33322d3332203d3e20313430343037.roa
File: 323430333a393063303a3a2f33322d3332203d3e20313430343037.roa (raw, json)
Hash identifier: R8Z+hXBnnWiJJKdYZqlOoXUCZ71qI50sWMocZ6icaII=
Subject key identifier: 25:45:0D:F5:99:9A:B6:DB:4C:2D:38:5D:AE:18:A3:31:03:6C:26:BF
Certificate issuer: /CN=491B0EA5440563BE9B0F167DA76C05E85A9D2F95
Certificate serial: 50B14B62313122586EE4C13AB490BE214D3AB173
Authority key identifier: 49:1B:0E:A5:44:05:63:BE:9B:0F:16:7D:A7:6C:05:E8:5A:9D:2F:95
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/323430333a393063303a3a2f33322d3332203d3e20313430343037.roa
Signing time: Sat 01 Mar 2025 04:00:00 +0000
ROA not before: Sat 01 Mar 2025 03:55:00 +0000
ROA not after: Sat 28 Feb 2026 04:00:00 +0000
asID: 140407
IP address blocks: 2403:90c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:b1:4b:62:31:31:22:58:6e:e4:c1:3a:b4:90:be:21:4d:3a:b1:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=491B0EA5440563BE9B0F167DA76C05E85A9D2F95
Validity
Not Before: Mar 1 03:55:00 2025 GMT
Not After : Feb 28 04:00:00 2026 GMT
Subject: CN=25450DF5999AB6DB4C2D385DAE18A331036C26BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3c:ee:16:0c:02:b4:de:f8:70:fd:1a:cb:e4:
f7:ea:05:e6:c5:d2:99:a6:08:f8:0f:3d:34:c2:9f:
82:c5:5c:35:30:25:ce:98:c7:7b:c6:a9:5d:b8:5e:
c5:ba:3f:c6:c0:dc:5b:73:7c:03:16:37:b2:9d:b1:
f2:a0:75:87:16:68:71:8b:66:fa:f1:de:47:7a:78:
ac:32:45:51:9e:66:7c:d8:bb:e3:ee:87:c2:cf:1e:
05:ff:dc:00:15:75:ea:cd:e3:ad:9e:b6:5a:3c:7b:
07:a4:0b:99:df:b7:6d:de:eb:0f:e9:7b:d6:5e:4d:
5f:a8:c1:86:7e:08:f5:d3:72:19:0d:18:45:93:c8:
59:47:7a:27:e1:1e:74:d6:ef:93:ee:2a:56:c0:5e:
2b:66:8e:6e:0e:03:90:4e:89:78:c3:9f:8a:61:e8:
53:91:db:86:c5:90:a6:e8:42:64:c2:a4:65:df:7e:
7b:14:21:5d:d3:d9:d6:2e:d3:38:e0:c4:d3:4f:f6:
14:40:41:88:be:51:40:31:0a:93:b6:eb:99:00:1d:
b4:bf:47:12:47:7b:12:02:d2:15:13:ab:87:5b:b3:
87:4b:2a:e4:f1:83:bb:73:6b:58:18:3f:50:f2:fc:
cb:96:c1:14:ba:e9:3c:49:59:6f:13:d9:53:9b:44:
d6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:45:0D:F5:99:9A:B6:DB:4C:2D:38:5D:AE:18:A3:31:03:6C:26:BF
X509v3 Authority Key Identifier:
keyid:49:1B:0E:A5:44:05:63:BE:9B:0F:16:7D:A7:6C:05:E8:5A:9D:2F:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/323430333a393063303a3a2f33322d3332203d3e20313430343037.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:90c0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:ba:77:8f:96:16:d7:bd:79:0d:18:e5:26:fd:43:9d:32:3b:
2f:38:1c:0d:aa:13:b7:67:5e:15:06:1f:5f:b4:80:b7:b8:06:
07:08:b4:f4:5b:61:65:b6:ac:97:17:1d:7a:fd:51:a1:53:4a:
d1:8a:ed:a3:8d:33:4c:9f:05:6f:48:f4:aa:89:b4:de:47:9d:
0a:71:3b:0f:40:6e:60:fb:7c:8a:18:95:69:fd:f2:90:d8:63:
8d:c4:0e:87:a6:8c:66:a1:ec:7d:d1:06:21:39:7c:8e:35:b4:
53:f9:67:12:e0:55:cc:4d:7f:5a:b6:08:cb:a9:b6:a6:d2:7c:
8e:ae:4f:ca:8e:44:9a:a3:2e:7c:04:66:4d:88:ce:1b:c8:8d:
a2:0c:b4:f3:fe:44:51:06:9c:8d:86:3e:9d:4f:0a:96:63:d4:
70:61:7d:da:de:8f:2c:70:74:c7:82:cb:4f:fc:83:ae:76:ff:
6a:39:c0:84:1f:e3:42:b1:93:10:5f:2c:f1:e1:3f:d3:92:e4:
8d:30:b2:05:94:e6:0c:61:ff:f8:d1:a6:b9:c1:02:f3:06:14:
f0:48:3c:2d:3b:26:e5:6b:5a:d4:39:a4:2b:33:8d:d4:54:47:
1d:91:cd:6e:d5:23:d9:b3:27:53:c8:0f:f6:4c:65:b0:d0:fd:
13:3f:75:bc
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUULFLYjExIlhu5ME6tJC+IU06sXMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDkxQjBFQTU0NDA1NjNCRTlCMEYxNjdEQTc2QzA1RTg1
QTlEMkY5NTAeFw0yNTAzMDEwMzU1MDBaFw0yNjAyMjgwNDAwMDBaMDMxMTAvBgNV
BAMTKDI1NDUwREY1OTk5QUI2REI0QzJEMzg1REFFMThBMzMxMDM2QzI2QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKPO4WDAK03vhw/RrL5PfqBebF
0pmmCPgPPTTCn4LFXDUwJc6Yx3vGqV24XsW6P8bA3FtzfAMWN7KdsfKgdYcWaHGL
Zvrx3kd6eKwyRVGeZnzYu+Puh8LPHgX/3AAVderN462etlo8ewekC5nft23e6w/p
e9ZeTV+owYZ+CPXTchkNGEWTyFlHeifhHnTW75PuKlbAXitmjm4OA5BOiXjDn4ph
6FOR24bFkKboQmTCpGXffnsUIV3T2dYu0zjgxNNP9hRAQYi+UUAxCpO265kAHbS/
RxJHexIC0hUTq4dbs4dLKuTxg7tza1gYP1Dy/MuWwRS66TxJWW8T2VObRNbXAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUJUUN9ZmatttMLThdrhijMQNsJr8wHwYDVR0j
BBgwFoAUSRsOpUQFY76bDxZ9p2wF6FqdL5UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
MjI5NzgxYS04YWM5LTQ0NTItYjI1Zi01NGU3ZWRmN2Q0YTQvMC80OTFCMEVBNTQ0
MDU2M0JFOUIwRjE2N0RBNzZDMDVFODVBOUQyRjk1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDkxQjBFQTU0NDA1NjNCRTlCMEYxNjdEQTc2QzA1RTg1QTlE
MkY5NS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzcyMjk3ODFhLThhYzktNDQ1Mi1i
MjVmLTU0ZTdlZGY3ZDRhNC8wLzMyMzQzMDMzM2EzOTMwNjMzMDNhM2EyZjMzMzIy
ZDMzMzIyMDNkM2UyMDMxMzQzMDM0MzAzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQDkMAwDQYJKoZI
hvcNAQELBQADggEBAE66d4+WFte9eQ0Y5Sb9Q50yOy84HA2qE7dnXhUGH1+0gLe4
BgcItPRbYWW2rJcXHXr9UaFTStGK7aONM0yfBW9I9KqJtN5HnQpxOw9AbmD7fIoY
lWn98pDYY43EDoemjGah7H3RBiE5fI41tFP5ZxLgVcxNf1q2CMuptqbSfI6uT8qO
RJqjLnwEZk2IzhvIjaIMtPP+RFEGnI2GPp1PCpZj1HBhfdrejyxwdMeCy0/8g652
/2o5wIQf40KxkxBfLPHhP9OS5I0wsgWU5gxh//jRprnBAvMGFPBIPC07JuVrWtQ5
pCszjdRURx2RzW7VI9mzJ1PID/ZMZbDQ/RM/dbw=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:57:59 2025 by rpki-client