Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/732e4f86-48e7-48c7-ba91-e25968378e95/0/3135372e31302e38392e302f32342d3234203d3e20313532303832.roa
File: 3135372e31302e38392e302f32342d3234203d3e20313532303832.roa (raw, json)
Hash identifier: bSxzudI9OYvmZ5EdGZhQqubuN+mAmlNw8OprHgwvC2c=
Subject key identifier: D3:45:C0:A3:70:E2:E9:91:16:99:59:F5:8D:C9:F0:74:3C:4D:EF:02
Certificate issuer: /CN=C88864DD3C1E6D0D5FA91467F03B266DF5F79255
Certificate serial: 55E8A94E56D57A4AA278CCB69626BA4C0763FC8D
Authority key identifier: C8:88:64:DD:3C:1E:6D:0D:5F:A9:14:67:F0:3B:26:6D:F5:F7:92:55
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/C88864DD3C1E6D0D5FA91467F03B266DF5F79255.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/732e4f86-48e7-48c7-ba91-e25968378e95/0/3135372e31302e38392e302f32342d3234203d3e20313532303832.roa
Signing time: Thu 12 Dec 2024 04:00:06 +0000
ROA not before: Thu 12 Dec 2024 03:55:06 +0000
ROA not after: Thu 11 Dec 2025 04:00:06 +0000
asID: 152082
IP address blocks: 157.10.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:e8:a9:4e:56:d5:7a:4a:a2:78:cc:b6:96:26:ba:4c:07:63:fc:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C88864DD3C1E6D0D5FA91467F03B266DF5F79255
Validity
Not Before: Dec 12 03:55:06 2024 GMT
Not After : Dec 11 04:00:06 2025 GMT
Subject: CN=D345C0A370E2E991169959F58DC9F0743C4DEF02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e6:5e:39:8f:20:0b:a1:a2:07:82:17:71:87:
02:55:4c:95:48:d8:7a:7f:eb:02:73:7a:57:a6:7b:
49:eb:c9:29:c7:e6:99:d2:1a:1e:8b:02:b7:0a:6a:
be:c3:9e:40:61:94:52:aa:54:52:7a:b7:5a:f9:3a:
8f:0a:a9:11:88:a1:29:b2:4f:a8:cc:e7:31:a4:ae:
2a:d0:50:80:c5:d9:56:49:7a:b4:dc:25:47:e1:38:
d2:da:00:60:28:7c:2b:03:41:43:9c:81:3d:a3:d8:
c6:3e:6b:c8:54:2c:7b:9c:78:67:31:82:39:b5:8b:
8c:4e:0e:87:0e:ce:2e:e9:5a:7b:8a:75:4e:ac:88:
10:9c:18:25:f7:b0:37:d4:e3:d8:f2:2f:f7:fc:3d:
ea:07:bc:02:ab:0c:5f:ee:20:6a:bb:b8:2b:79:83:
78:9f:78:e1:5b:ee:42:d5:1d:08:1d:c1:2f:ad:d8:
20:1a:97:08:db:93:2f:62:f2:65:b8:c1:1f:96:00:
6d:bd:f1:52:41:2f:ee:80:d3:a1:23:4a:56:21:99:
08:2e:c3:5d:c5:7d:3a:a2:15:f6:80:b6:f6:51:3f:
a6:04:aa:6b:05:50:c6:94:94:e3:3e:43:8a:35:03:
1e:db:68:df:20:70:fd:51:da:f2:74:9b:41:a1:69:
ff:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:45:C0:A3:70:E2:E9:91:16:99:59:F5:8D:C9:F0:74:3C:4D:EF:02
X509v3 Authority Key Identifier:
keyid:C8:88:64:DD:3C:1E:6D:0D:5F:A9:14:67:F0:3B:26:6D:F5:F7:92:55
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/732e4f86-48e7-48c7-ba91-e25968378e95/0/C88864DD3C1E6D0D5FA91467F03B266DF5F79255.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/C88864DD3C1E6D0D5FA91467F03B266DF5F79255.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/732e4f86-48e7-48c7-ba91-e25968378e95/0/3135372e31302e38392e302f32342d3234203d3e20313532303832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.10.89.0/24
Signature Algorithm: sha256WithRSAEncryption
26:18:aa:6c:01:e6:dc:db:82:3f:88:0d:5e:1f:3a:7d:cb:fe:
ff:ea:e0:14:4d:15:b0:e9:84:19:87:43:71:d8:a1:7a:81:2a:
96:87:bf:dd:d1:08:88:cd:f9:e2:7a:ba:a8:8a:92:46:ca:5c:
13:87:c5:88:d1:ac:35:ea:8e:a8:cc:6c:e0:65:91:0b:dc:0a:
c6:5b:ab:af:3d:65:f5:62:f4:08:d6:6f:b0:04:25:b4:62:48:
77:60:c3:cf:56:fd:6a:ec:77:39:b1:7d:eb:4b:42:42:03:c1:
48:91:dc:e3:08:51:a0:5c:0f:85:ac:94:50:91:1d:f4:1e:c7:
d6:5b:f6:f3:ec:67:0a:8c:d4:19:ff:41:d1:16:3f:50:21:e2:
f2:7b:66:ff:eb:58:7e:ed:0f:6f:b9:51:0d:f4:fd:65:84:31:
08:e1:c0:69:5c:fd:1a:ee:13:bf:51:1c:7c:40:e5:ed:8b:0e:
02:fc:1b:67:16:1d:3c:1a:e8:ea:a5:22:99:70:9b:1b:c7:11:
5e:31:df:ad:72:c1:59:f0:99:a9:a9:0d:ce:4a:bf:a8:a4:12:
04:76:e2:08:bf:2c:cb:d1:70:ab:9b:f5:76:29:92:23:7f:37:
49:57:7e:e9:01:10:c7:18:17:74:b2:c6:35:40:4b:70:cf:fa:
e5:55:ec:11
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUVeipTlbVekqieMy2lia6TAdj/I0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzg4ODY0REQzQzFFNkQwRDVGQTkxNDY3RjAzQjI2NkRG
NUY3OTI1NTAeFw0yNDEyMTIwMzU1MDZaFw0yNTEyMTEwNDAwMDZaMDMxMTAvBgNV
BAMTKEQzNDVDMEEzNzBFMkU5OTExNjk5NTlGNThEQzlGMDc0M0M0REVGMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC75l45jyALoaIHghdxhwJVTJVI
2Hp/6wJzeleme0nrySnH5pnSGh6LArcKar7DnkBhlFKqVFJ6t1r5Oo8KqRGIoSmy
T6jM5zGkrirQUIDF2VZJerTcJUfhONLaAGAofCsDQUOcgT2j2MY+a8hULHuceGcx
gjm1i4xODocOzi7pWnuKdU6siBCcGCX3sDfU49jyL/f8PeoHvAKrDF/uIGq7uCt5
g3ifeOFb7kLVHQgdwS+t2CAalwjbky9i8mW4wR+WAG298VJBL+6A06EjSlYhmQgu
w13FfTqiFfaAtvZRP6YEqmsFUMaUlOM+Q4o1Ax7baN8gcP1R2vJ0m0Ghaf8/AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU00XAo3Di6ZEWmVn1jcnwdDxN7wIwHwYDVR0j
BBgwFoAUyIhk3TwebQ1fqRRn8DsmbfX3klUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
MzJlNGY4Ni00OGU3LTQ4YzctYmE5MS1lMjU5NjgzNzhlOTUvMC9DODg4NjRERDND
MUU2RDBENUZBOTE0NjdGMDNCMjY2REY1Rjc5MjU1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvQzg4ODY0REQzQzFFNkQwRDVGQTkxNDY3RjAzQjI2NkRGNUY3
OTI1NS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzczMmU0Zjg2LTQ4ZTctNDhjNy1i
YTkxLWUyNTk2ODM3OGU5NS8wLzMxMzUzNzJlMzEzMDJlMzgzOTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMjMwMzgzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0KWTANBgkqhkiG
9w0BAQsFAAOCAQEAJhiqbAHm3NuCP4gNXh86fcv+/+rgFE0VsOmEGYdDcdiheoEq
loe/3dEIiM354nq6qIqSRspcE4fFiNGsNeqOqMxs4GWRC9wKxlurrz1l9WL0CNZv
sAQltGJId2DDz1b9aux3ObF960tCQgPBSJHc4whRoFwPhayUUJEd9B7H1lv28+xn
CozUGf9B0RY/UCHi8ntm/+tYfu0Pb7lRDfT9ZYQxCOHAaVz9Gu4Tv1EcfEDl7YsO
AvwbZxYdPBro6qUimXCbG8cRXjHfrXLBWfCZqakNzkq/qKQSBHbiCL8sy9Fwq5v1
dimSI383SVd+6QEQxxgXdLLGNUBLcM/65VXsEQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:26:50 2025 by rpki-client