Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/74e1f370-f31f-47ed-8a41-b28bc8daf435/0/3230322e39302e3139382e302f32332d3234203d3e203338373739.roa
File: 3230322e39302e3139382e302f32332d3234203d3e203338373739.roa (raw, json)
Hash identifier: j+SkNC2jU7ZKCx7WNLHkcABxxG0uZTHYVDpXSnYoRAs=
Subject key identifier: 3A:5C:8C:6D:F4:76:EB:0D:27:42:D5:FE:84:04:86:24:F6:C2:9C:AE
Certificate issuer: /CN=9C11A28FECE27B65C7E6475906C6CCB974C04C40
Certificate serial: 17F1C1FC23D7F76098576F8928834975AD514FF4
Authority key identifier: 9C:11:A2:8F:EC:E2:7B:65:C7:E6:47:59:06:C6:CC:B9:74:C0:4C:40
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9C11A28FECE27B65C7E6475906C6CCB974C04C40.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/74e1f370-f31f-47ed-8a41-b28bc8daf435/0/3230322e39302e3139382e302f32332d3234203d3e203338373739.roa
Signing time: Tue 20 Aug 2024 02:54:17 +0000
ROA not before: Tue 20 Aug 2024 02:49:17 +0000
ROA not after: Tue 19 Aug 2025 02:54:17 +0000
asID: 38779
IP address blocks: 202.90.198.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:f1:c1:fc:23:d7:f7:60:98:57:6f:89:28:83:49:75:ad:51:4f:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9C11A28FECE27B65C7E6475906C6CCB974C04C40
Validity
Not Before: Aug 20 02:49:17 2024 GMT
Not After : Aug 19 02:54:17 2025 GMT
Subject: CN=3A5C8C6DF476EB0D2742D5FE84048624F6C29CAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:45:7e:1d:a4:77:38:7e:25:df:3e:79:f8:e6:
0d:55:10:24:ae:c5:5e:c6:13:3f:22:fe:78:81:1f:
1e:7a:b0:4c:4e:55:6a:d3:81:09:f5:4f:2c:5f:f8:
9f:37:ac:a1:ae:35:50:c3:04:cb:da:3f:69:c0:35:
ee:fb:0f:09:b9:7b:1d:b6:c6:bb:38:66:59:1c:52:
ea:90:4f:52:f5:1c:24:a3:11:a4:88:9f:28:95:c1:
7f:54:75:78:58:8e:2a:26:ba:40:dc:91:a7:84:b2:
f1:8a:ca:c8:c5:d9:ea:8b:e6:e9:7f:ec:82:9d:79:
29:46:30:ca:1c:10:8b:a1:74:7a:95:27:37:45:a9:
d6:9b:e7:0c:93:63:c7:9e:42:f0:ec:94:ee:78:6d:
86:43:93:b9:39:d0:31:9d:20:55:db:34:c4:bf:31:
24:69:f5:b2:83:11:04:8a:c7:2b:26:aa:33:05:6c:
a6:b8:c3:0d:d1:bc:28:94:09:41:01:cd:80:63:5a:
2b:e5:c6:ca:ba:87:e5:e3:ee:d4:10:ae:28:c9:f4:
67:46:11:03:46:53:88:3d:2b:90:b3:58:01:6c:f7:
99:d1:e9:7d:19:8f:92:40:db:82:2c:e9:2d:db:1a:
80:7e:4a:50:c2:75:13:01:9d:ce:13:69:96:f4:b6:
30:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5C:8C:6D:F4:76:EB:0D:27:42:D5:FE:84:04:86:24:F6:C2:9C:AE
X509v3 Authority Key Identifier:
keyid:9C:11:A2:8F:EC:E2:7B:65:C7:E6:47:59:06:C6:CC:B9:74:C0:4C:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/74e1f370-f31f-47ed-8a41-b28bc8daf435/0/9C11A28FECE27B65C7E6475906C6CCB974C04C40.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9C11A28FECE27B65C7E6475906C6CCB974C04C40.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/74e1f370-f31f-47ed-8a41-b28bc8daf435/0/3230322e39302e3139382e302f32332d3234203d3e203338373739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.90.198.0/23
Signature Algorithm: sha256WithRSAEncryption
37:79:40:46:0d:c4:9f:87:c7:2a:96:3a:77:93:4f:35:4b:cf:
40:4b:79:8c:25:60:36:dc:59:0e:c9:e4:55:b8:d0:d1:d0:d3:
39:f5:36:38:87:19:e3:9f:73:5e:da:8e:7f:8d:56:dd:ce:63:
09:0e:88:d6:79:95:e5:ea:b2:c0:96:f9:12:ad:6d:38:e5:84:
7d:04:57:4a:32:6d:11:fb:72:c4:83:fe:e8:43:41:46:f0:02:
72:81:a1:49:af:dd:07:5a:cb:2d:db:6e:4f:03:39:24:e0:fa:
d4:d8:4c:bf:fa:7a:6e:32:3f:51:c1:3b:98:55:91:8b:fd:ab:
a6:8c:52:3d:27:c5:5c:0d:1e:6e:75:39:40:75:46:24:2e:40:
c0:4b:77:53:e3:80:9f:b9:ad:47:f5:af:a1:8f:d6:5d:8f:45:
9d:03:4a:30:bd:a3:af:d5:57:b0:bd:18:a9:3c:b1:cc:50:40:
1f:3a:e7:52:cc:c7:8f:e1:9d:bb:3b:51:32:ac:a9:93:e5:60:
15:2d:63:a3:46:b4:44:9a:e8:2c:a1:b7:2f:5d:c9:b4:d0:c3:
06:16:30:c0:46:db:59:5e:2e:26:58:d0:83:82:8e:fd:d0:51:
dd:fc:a7:c4:4b:2c:13:34:02:d0:db:17:03:b1:df:d3:ce:31:
74:b1:6a:f1
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUF/HB/CPX92CYV2+JKINJda1RT/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUMxMUEyOEZFQ0UyN0I2NUM3RTY0NzU5MDZDNkNDQjk3
NEMwNEM0MDAeFw0yNDA4MjAwMjQ5MTdaFw0yNTA4MTkwMjU0MTdaMDMxMTAvBgNV
BAMTKDNBNUM4QzZERjQ3NkVCMEQyNzQyRDVGRTg0MDQ4NjI0RjZDMjlDQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYRX4dpHc4fiXfPnn45g1VECSu
xV7GEz8i/niBHx56sExOVWrTgQn1Tyxf+J83rKGuNVDDBMvaP2nANe77Dwm5ex22
xrs4ZlkcUuqQT1L1HCSjEaSInyiVwX9UdXhYjiomukDckaeEsvGKysjF2eqL5ul/
7IKdeSlGMMocEIuhdHqVJzdFqdab5wyTY8eeQvDslO54bYZDk7k50DGdIFXbNMS/
MSRp9bKDEQSKxysmqjMFbKa4ww3RvCiUCUEBzYBjWivlxsq6h+Xj7tQQrijJ9GdG
EQNGU4g9K5CzWAFs95nR6X0Zj5JA24Is6S3bGoB+SlDCdRMBnc4TaZb0tjBVAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUOlyMbfR26w0nQtX+hASGJPbCnK4wHwYDVR0j
BBgwFoAUnBGij+zie2XH5kdZBsbMuXTATEAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
NGUxZjM3MC1mMzFmLTQ3ZWQtOGE0MS1iMjhiYzhkYWY0MzUvMC85QzExQTI4RkVD
RTI3QjY1QzdFNjQ3NTkwNkM2Q0NCOTc0QzA0QzQwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOUMxMUEyOEZFQ0UyN0I2NUM3RTY0NzU5MDZDNkNDQjk3NEMw
NEM0MC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzc0ZTFmMzcwLWYzMWYtNDdlZC04
YTQxLWIyOGJjOGRhZjQzNS8wLzMyMzAzMjJlMzkzMDJlMzEzOTM4MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzMzODM3MzczOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcpaxjANBgkqhkiG
9w0BAQsFAAOCAQEAN3lARg3En4fHKpY6d5NPNUvPQEt5jCVgNtxZDsnkVbjQ0dDT
OfU2OIcZ459zXtqOf41W3c5jCQ6I1nmV5eqywJb5Eq1tOOWEfQRXSjJtEftyxIP+
6ENBRvACcoGhSa/dB1rLLdtuTwM5JOD61NhMv/p6bjI/UcE7mFWRi/2rpoxSPSfF
XA0ebnU5QHVGJC5AwEt3U+OAn7mtR/WvoY/WXY9FnQNKML2jr9VXsL0YqTyxzFBA
HzrnUszHj+GduztRMqypk+VgFS1jo0a0RJroLKG3L13JtNDDBhYwwEbbWV4uJljQ
g4KO/dBR3fynxEssEzQC0NsXA7Hf084xdLFq8Q==
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:57:35 2025 by rpki-client