Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e34372e37322e302f32342d3234203d3e203137363731.roa
File: 3230322e34372e37322e302f32342d3234203d3e203137363731.roa (raw, json)
Hash identifier: oTpeDHLE0BbLAd5SFqqOs16N3fCt7c9jkbJpnv+ROE0=
Subject key identifier: 30:03:26:5B:CD:27:27:68:E2:C3:80:20:48:43:28:3A:8F:BA:0D:76
Certificate issuer: /CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Certificate serial: 31C6E2FC3B19B838ED98CA5833C1EB0FF40AF05A
Authority key identifier: D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e34372e37322e302f32342d3234203d3e203137363731.roa
Signing time: Sat 15 Jun 2024 12:01:55 +0000
ROA not before: Sat 15 Jun 2024 11:56:55 +0000
ROA not after: Sat 14 Jun 2025 12:01:55 +0000
asID: 17671
IP address blocks: 202.47.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:c6:e2:fc:3b:19:b8:38:ed:98:ca:58:33:c1:eb:0f:f4:0a:f0:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Validity
Not Before: Jun 15 11:56:55 2024 GMT
Not After : Jun 14 12:01:55 2025 GMT
Subject: CN=3003265BCD272768E2C380204843283A8FBA0D76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c6:09:2b:d9:69:c6:d5:e0:2c:73:b5:a9:92:
53:f2:cb:c5:b6:7e:55:67:2a:67:cc:43:7b:f7:9d:
49:d2:ab:cc:bc:91:c7:4f:8f:76:c8:c8:08:7f:50:
e1:81:a9:af:3d:d8:c3:bf:cc:a8:96:da:cc:90:6a:
a3:59:15:b1:ce:61:95:3a:4d:ce:ba:6b:28:f2:d5:
36:c5:a3:17:b5:ab:4f:e2:cc:7c:20:10:7c:8d:fb:
0e:7e:01:67:b5:a7:69:3e:14:fb:5c:c6:02:69:2b:
c2:3c:17:f5:fa:3a:93:aa:29:f5:8b:9f:5d:27:4a:
53:23:38:74:0f:a0:e9:27:b5:c3:fd:68:a1:71:22:
d8:e7:c8:6b:07:28:ce:06:72:eb:d6:b2:58:2d:74:
92:08:8a:b9:17:61:be:97:2a:f6:5a:6a:03:2e:46:
7b:c9:d4:e8:6b:26:64:80:bc:57:e9:64:1b:d8:0b:
c4:ee:48:ae:25:83:48:81:3b:32:de:72:a3:4b:dc:
a7:42:ec:9a:5b:e0:0b:38:76:df:26:81:cc:7c:8b:
43:68:ea:69:f4:a9:51:29:f3:17:d5:fc:a4:74:2c:
82:79:f4:da:ed:28:e2:33:c9:3f:50:d8:a9:dc:8b:
b0:45:66:57:5a:51:bf:68:06:92:31:2b:cf:30:52:
c8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:03:26:5B:CD:27:27:68:E2:C3:80:20:48:43:28:3A:8F:BA:0D:76
X509v3 Authority Key Identifier:
keyid:D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e34372e37322e302f32342d3234203d3e203137363731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.47.72.0/24
Signature Algorithm: sha256WithRSAEncryption
80:cb:14:46:f5:bf:2d:e6:63:55:c0:84:6e:c0:3b:a3:22:87:
5a:8a:db:68:6c:24:b1:64:65:d1:d7:fd:38:7a:58:d8:c8:78:
b9:f4:62:ad:3b:66:f9:38:64:c1:83:6e:e0:c1:e9:e1:04:2d:
05:93:06:a4:b0:9b:41:c4:1d:26:85:e2:d2:7c:ae:82:a0:3b:
93:84:af:39:8e:72:0f:e4:83:91:75:51:7b:00:1d:c5:19:76:
74:0d:2b:e5:36:03:ad:03:63:e8:a5:6e:21:d5:43:dd:74:38:
60:55:72:5f:d4:a2:79:02:11:68:45:ea:93:b4:c2:70:e5:62:
dc:f2:8e:78:71:a2:b2:a4:ed:02:19:77:30:a4:64:ee:a4:be:
69:23:3f:13:ad:0e:24:b0:9e:39:da:fb:c3:fe:ad:65:d9:b8:
ef:c3:a1:08:0d:47:8e:d9:81:fc:f7:2a:e3:6e:59:24:01:2d:
a6:69:c2:89:b2:95:a7:38:d6:cc:12:a2:0b:8d:29:27:84:b6:
2c:7f:10:cf:18:72:ae:b5:12:c4:98:b4:81:4f:d0:09:16:e4:
6c:8f:84:a0:0b:09:69:ba:cc:23:d1:b8:7f:dc:86:1f:d4:fc:
84:37:20:54:9a:6f:6c:e5:f3:50:3d:da:22:f7:eb:2e:4a:44:
af:59:c0:8f
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUMcbi/DsZuDjtmMpYM8HrD/QK8FowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIw
NTY0QUIyNTAeFw0yNDA2MTUxMTU2NTVaFw0yNTA2MTQxMjAxNTVaMDMxMTAvBgNV
BAMTKDMwMDMyNjVCQ0QyNzI3NjhFMkMzODAyMDQ4NDMyODNBOEZCQTBENzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLxgkr2WnG1eAsc7WpklPyy8W2
flVnKmfMQ3v3nUnSq8y8kcdPj3bIyAh/UOGBqa892MO/zKiW2syQaqNZFbHOYZU6
Tc66ayjy1TbFoxe1q0/izHwgEHyN+w5+AWe1p2k+FPtcxgJpK8I8F/X6OpOqKfWL
n10nSlMjOHQPoOkntcP9aKFxItjnyGsHKM4GcuvWslgtdJIIirkXYb6XKvZaagMu
RnvJ1OhrJmSAvFfpZBvYC8TuSK4lg0iBOzLecqNL3KdC7Jpb4As4dt8mgcx8i0No
6mn0qVEp8xfV/KR0LIJ59NrtKOIzyT9Q2Knci7BFZldaUb9oBpIxK88wUsgjAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUMAMmW80nJ2jiw4AgSEMoOo+6DXYwHwYDVR0j
BBgwFoAU0MkEB8zVNxff6iHVGokh8gVkqyUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
Y2ViZjExNi1mZTJhLTQ5MWItYWFjOC0yMjBlYWQwYjU0ZTIvMC9EMEM5MDQwN0ND
RDUzNzE3REZFQTIxRDUxQTg5MjFGMjA1NjRBQjI1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIwNTY0
QUIyNS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhjZWJmMTE2LWZlMmEtNDkxYi1h
YWM4LTIyMGVhZDBiNTRlMi8wLzMyMzAzMjJlMzQzNzJlMzczMjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczNjM3MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKL0gwDQYJKoZIhvcN
AQELBQADggEBAIDLFEb1vy3mY1XAhG7AO6Mih1qK22hsJLFkZdHX/Th6WNjIeLn0
Yq07Zvk4ZMGDbuDB6eEELQWTBqSwm0HEHSaF4tJ8roKgO5OErzmOcg/kg5F1UXsA
HcUZdnQNK+U2A60DY+ilbiHVQ910OGBVcl/UonkCEWhF6pO0wnDlYtzyjnhxorKk
7QIZdzCkZO6kvmkjPxOtDiSwnjna+8P+rWXZuO/DoQgNR47Zgfz3KuNuWSQBLaZp
womylac41swSoguNKSeEtix/EM8Ycq61EsSYtIFP0AkW5GyPhKALCWm6zCPRuH/c
hh/U/IQ3IFSab2zl81A92iL36y5KRK9ZwI8=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:57:59 2025 by rpki-client