Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/7a1c4c1f-7141-47d6-a7f8-e35ffe117404/0/323030313a6466323a6634303a3a2f34382d3438203d3e20313530393232.roa
File: 323030313a6466323a6634303a3a2f34382d3438203d3e20313530393232.roa (raw, json)
Hash identifier: woqtXJ7tvZtaqT4bT+mvntSsCYpQhJCgghI0AwY59dM=
Subject key identifier: 11:5E:21:C0:2E:C2:7E:2D:15:CB:9D:A3:C2:52:58:40:DB:FB:B1:65
Certificate issuer: /CN=0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79
Certificate serial: 74CF3A1E638658B0DFACDD8DD266D9213CC0472C
Authority key identifier: 03:21:C8:92:A6:AA:C0:A6:EA:4A:30:35:D8:8C:A6:BC:68:67:BF:79
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/7a1c4c1f-7141-47d6-a7f8-e35ffe117404/0/323030313a6466323a6634303a3a2f34382d3438203d3e20313530393232.roa
Signing time: Wed 08 Jan 2025 10:00:02 +0000
ROA not before: Wed 08 Jan 2025 09:55:02 +0000
ROA not after: Wed 07 Jan 2026 10:00:02 +0000
asID: 150922
IP address blocks: 2001:df2:f40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:cf:3a:1e:63:86:58:b0:df:ac:dd:8d:d2:66:d9:21:3c:c0:47:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79
Validity
Not Before: Jan 8 09:55:02 2025 GMT
Not After : Jan 7 10:00:02 2026 GMT
Subject: CN=115E21C02EC27E2D15CB9DA3C2525840DBFBB165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6c:80:53:85:87:5e:a2:13:8f:b6:d9:33:2a:
25:e0:9c:3b:5e:44:eb:76:ec:06:2b:c1:70:76:17:
ef:e6:5c:cb:91:62:b9:2b:8d:c4:ba:b2:d4:8d:e8:
3d:56:f1:68:e0:ca:f6:57:72:5e:ce:9d:85:ad:3c:
3a:e4:72:0d:33:9b:9c:ed:50:28:0f:d9:11:2f:b4:
72:f5:04:c0:02:a3:cf:10:ee:e6:40:b3:70:42:76:
d6:ee:b5:89:ea:c4:1f:11:d6:cc:85:5c:b3:3f:da:
d1:a9:c3:14:b3:00:6f:fc:89:36:fe:43:14:9a:e8:
c6:0e:fe:b2:68:d4:59:bc:f1:c0:f7:61:c9:73:81:
3e:61:ab:a9:df:35:07:a1:55:3b:fb:ae:73:10:b8:
de:6e:a7:01:95:0d:5d:2f:23:ce:7b:ba:af:fe:68:
d0:c8:26:7b:a7:5c:84:0d:18:11:0a:86:a4:8e:6a:
47:48:1e:c4:80:ef:9c:0b:79:89:0b:2b:e3:1d:d9:
d5:d3:93:d0:fe:39:8d:e4:e1:31:eb:6b:54:34:08:
f8:38:d3:ea:cf:8d:63:b2:02:fa:6c:83:b9:73:7b:
8b:e4:bd:8f:95:28:bc:35:e6:b1:52:5c:0e:92:22:
8c:a4:88:9a:d4:5e:25:5a:51:ab:9c:22:3f:f6:8e:
4b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:5E:21:C0:2E:C2:7E:2D:15:CB:9D:A3:C2:52:58:40:DB:FB:B1:65
X509v3 Authority Key Identifier:
keyid:03:21:C8:92:A6:AA:C0:A6:EA:4A:30:35:D8:8C:A6:BC:68:67:BF:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/7a1c4c1f-7141-47d6-a7f8-e35ffe117404/0/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7a1c4c1f-7141-47d6-a7f8-e35ffe117404/0/323030313a6466323a6634303a3a2f34382d3438203d3e20313530393232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:df2:f40::/48
Signature Algorithm: sha256WithRSAEncryption
6e:fe:f1:b0:4c:fd:45:a3:ef:62:9d:ff:bd:17:52:2f:1d:ef:
2e:b5:11:3c:3c:f1:f3:72:58:89:d0:f7:86:85:5b:bf:26:77:
74:01:e1:5e:5b:e1:78:fc:10:33:0c:97:a8:a8:ef:3a:ec:f1:
6d:09:66:6a:d3:30:8c:e6:6d:5e:b3:f9:8d:42:11:bb:80:0b:
32:39:a8:ed:b4:55:80:ff:5d:38:ac:03:91:6b:11:ff:af:43:
c3:55:8c:0c:62:1c:a8:69:da:f9:2f:62:d0:28:9c:58:00:64:
ae:2f:0c:74:f6:bd:f9:85:d8:9d:53:2c:20:da:59:c1:cb:15:
d3:d6:87:25:e6:ce:8d:5d:8a:5f:e8:7c:0d:13:2d:33:89:4c:
83:c7:db:2c:ff:6d:81:1b:ad:d5:ba:5a:b0:92:43:60:f4:73:
29:36:04:ce:b1:9e:41:07:d0:d5:9e:7f:22:b2:c8:00:5a:21:
89:c4:c8:e9:e9:19:4c:7b:f4:52:b9:34:b1:11:ad:4a:60:25:
7a:48:d9:ca:7c:96:d2:84:8b:e1:85:d4:e2:40:c2:32:ce:97:
80:9b:64:d1:0c:16:c1:62:e9:92:cb:1b:0b:ac:a8:11:95:65:
25:95:90:21:b3:fc:fd:72:5a:d4:9d:43:c3:ab:3f:7c:3e:5e:
b9:f4:03:01
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUdM86HmOGWLDfrN2N0mbZITzARywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDMyMUM4OTJBNkFBQzBBNkVBNEEzMDM1RDg4Q0E2QkM2
ODY3QkY3OTAeFw0yNTAxMDgwOTU1MDJaFw0yNjAxMDcxMDAwMDJaMDMxMTAvBgNV
BAMTKDExNUUyMUMwMkVDMjdFMkQxNUNCOURBM0MyNTI1ODQwREJGQkIxNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCebIBThYdeohOPttkzKiXgnDte
ROt27AYrwXB2F+/mXMuRYrkrjcS6stSN6D1W8WjgyvZXcl7OnYWtPDrkcg0zm5zt
UCgP2REvtHL1BMACo88Q7uZAs3BCdtbutYnqxB8R1syFXLM/2tGpwxSzAG/8iTb+
QxSa6MYO/rJo1Fm88cD3YclzgT5hq6nfNQehVTv7rnMQuN5upwGVDV0vI857uq/+
aNDIJnunXIQNGBEKhqSOakdIHsSA75wLeYkLK+Md2dXTk9D+OY3k4THra1Q0CPg4
0+rPjWOyAvpsg7lze4vkvY+VKLw15rFSXA6SIoykiJrUXiVaUaucIj/2jks/AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUEV4hwC7Cfi0Vy52jwlJYQNv7sWUwHwYDVR0j
BBgwFoAUAyHIkqaqwKbqSjA12IymvGhnv3kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
YTFjNGMxZi03MTQxLTQ3ZDYtYTdmOC1lMzVmZmUxMTc0MDQvMC8wMzIxQzg5MkE2
QUFDMEE2RUE0QTMwMzVEODhDQTZCQzY4NjdCRjc5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDMyMUM4OTJBNkFBQzBBNkVBNEEzMDM1RDg4Q0E2QkM2ODY3
QkY3OS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdhMWM0YzFmLTcxNDEtNDdkNi1h
N2Y4LWUzNWZmZTExNzQwNC8wLzMyMzAzMDMxM2E2NDY2MzIzYTY2MzQzMDNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzUzMDM5MzIzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABDfIP
QDANBgkqhkiG9w0BAQsFAAOCAQEAbv7xsEz9RaPvYp3/vRdSLx3vLrURPDzx83JY
idD3hoVbvyZ3dAHhXlvhePwQMwyXqKjvOuzxbQlmatMwjOZtXrP5jUIRu4ALMjmo
7bRVgP9dOKwDkWsR/69Dw1WMDGIcqGna+S9i0CicWABkri8MdPa9+YXYnVMsINpZ
wcsV09aHJebOjV2KX+h8DRMtM4lMg8fbLP9tgRut1bpasJJDYPRzKTYEzrGeQQfQ
1Z5/IrLIAFohicTI6ekZTHv0Urk0sRGtSmAlekjZynyW0oSL4YXU4kDCMs6XgJtk
0QwWwWLpkssbC6yoEZVlJZWQIbP8/XJa1J1Dw6s/fD5eufQDAQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:43:52 2025 by rpki-client