Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35322e31312e302f32342d3234203d3e203137363731.roa
File: 3230322e35322e31312e302f32342d3234203d3e203137363731.roa (raw, json)
Hash identifier: i/ZN/2d1sjBQt7UOzrDbp67enJWRkpM3GSuifWr9YQI=
Subject key identifier: 60:FF:1D:F4:0E:7E:17:F2:8E:1E:D4:CD:6B:2D:03:E7:46:70:0B:69
Certificate issuer: /CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Certificate serial: 7DDF05122A30E7115D8088E08F79DDEF8C0C28C5
Authority key identifier: D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35322e31312e302f32342d3234203d3e203137363731.roa
Signing time: Thu 13 Jun 2024 11:00:02 +0000
ROA not before: Thu 13 Jun 2024 10:55:02 +0000
ROA not after: Thu 12 Jun 2025 11:00:02 +0000
asID: 17671
IP address blocks: 202.52.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:df:05:12:2a:30:e7:11:5d:80:88:e0:8f:79:dd:ef:8c:0c:28:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Validity
Not Before: Jun 13 10:55:02 2024 GMT
Not After : Jun 12 11:00:02 2025 GMT
Subject: CN=60FF1DF40E7E17F28E1ED4CD6B2D03E746700B69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:07:f9:a8:45:46:4c:74:c7:51:b5:ef:1e:02:
dd:97:8f:a7:ef:64:91:f3:0e:d9:fc:88:35:c5:f8:
3f:ed:84:e0:44:ea:81:3c:84:ca:02:a2:40:62:2b:
0c:4a:d6:14:27:24:93:a2:06:b3:04:6e:ee:3c:8a:
29:dc:08:ea:a5:24:49:22:f9:43:70:0e:e1:d8:26:
cc:1a:8e:9c:ea:54:f1:02:c8:87:fe:73:3d:25:28:
6e:52:fe:80:b4:f4:26:bf:98:e6:75:63:33:25:af:
06:7f:ce:04:c7:23:9c:96:31:f2:2f:f4:61:d1:c9:
da:74:89:e8:e1:3f:aa:cb:44:bd:01:1d:90:a0:98:
94:3c:94:9a:52:b6:69:c4:6a:4b:e0:85:eb:bc:6e:
a9:28:85:30:47:91:79:b3:6f:52:65:f4:c3:49:d9:
fa:c0:fb:08:e4:35:57:8c:b6:5d:91:09:d1:b5:18:
b3:a7:d7:75:35:08:43:a8:5c:3d:23:b9:c6:cb:9c:
ce:8c:d1:dd:fb:cd:9d:8b:1f:98:7a:24:e6:f5:fd:
fd:d6:5c:8e:30:5d:11:a7:38:cf:f2:e8:98:5f:e0:
73:4a:ff:e0:15:54:15:99:0e:d0:b1:be:63:ee:0f:
2e:3b:85:e7:ca:24:d0:42:2e:8c:5c:aa:56:9f:42:
1f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FF:1D:F4:0E:7E:17:F2:8E:1E:D4:CD:6B:2D:03:E7:46:70:0B:69
X509v3 Authority Key Identifier:
keyid:D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35322e31312e302f32342d3234203d3e203137363731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.52.11.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:f9:84:11:83:35:4b:1b:00:2f:90:c8:40:9a:05:0b:58:03:
4f:81:cd:29:36:97:83:f5:31:fe:37:12:81:d4:7e:6b:0c:c8:
90:03:07:1b:88:6d:a2:39:61:e4:d9:4a:e4:ca:41:a8:0b:a0:
82:7c:04:2d:0b:e1:fd:1f:fb:8b:08:35:0c:66:cc:bd:15:eb:
3d:19:d4:fb:35:70:ad:8c:0b:30:fd:df:05:76:da:4d:82:4a:
61:97:a6:d7:7b:c0:ed:2e:84:5f:ec:19:fb:bb:3f:c9:07:cd:
0f:03:58:cc:c8:31:10:78:b0:8d:2c:54:14:1d:11:6c:a7:b2:
bd:6e:a7:97:8c:3c:31:3a:a7:44:e3:88:40:64:99:62:62:3e:
2b:e1:a2:50:2f:14:89:32:79:da:b8:11:71:2e:31:2d:38:05:
87:32:b4:6a:8d:86:45:5b:8c:b1:36:22:8c:5b:29:32:54:7f:
79:d1:ec:b8:68:ed:62:d2:66:78:78:a8:ce:30:92:0e:d1:80:
5d:52:1c:44:32:63:51:8c:23:93:68:bb:f0:a1:56:54:f0:69:
63:22:cb:9f:c3:97:2d:06:02:b7:3f:89:57:59:34:45:5b:52:
4e:05:0c:f4:14:08:f3:3d:fd:de:56:c3:ff:7a:c9:43:2a:60:
70:c8:b5:76
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUfd8FEiow5xFdgIjgj3nd74wMKMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIw
NTY0QUIyNTAeFw0yNDA2MTMxMDU1MDJaFw0yNTA2MTIxMTAwMDJaMDMxMTAvBgNV
BAMTKDYwRkYxREY0MEU3RTE3RjI4RTFFRDRDRDZCMkQwM0U3NDY3MDBCNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6B/moRUZMdMdRte8eAt2Xj6fv
ZJHzDtn8iDXF+D/thOBE6oE8hMoCokBiKwxK1hQnJJOiBrMEbu48iincCOqlJEki
+UNwDuHYJswajpzqVPECyIf+cz0lKG5S/oC09Ca/mOZ1YzMlrwZ/zgTHI5yWMfIv
9GHRydp0iejhP6rLRL0BHZCgmJQ8lJpStmnEakvgheu8bqkohTBHkXmzb1Jl9MNJ
2frA+wjkNVeMtl2RCdG1GLOn13U1CEOoXD0jucbLnM6M0d37zZ2LH5h6JOb1/f3W
XI4wXRGnOM/y6Jhf4HNK/+AVVBWZDtCxvmPuDy47hefKJNBCLoxcqlafQh8vAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUYP8d9A5+F/KOHtTNay0D50ZwC2kwHwYDVR0j
BBgwFoAU0MkEB8zVNxff6iHVGokh8gVkqyUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
Y2ViZjExNi1mZTJhLTQ5MWItYWFjOC0yMjBlYWQwYjU0ZTIvMC9EMEM5MDQwN0ND
RDUzNzE3REZFQTIxRDUxQTg5MjFGMjA1NjRBQjI1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIwNTY0
QUIyNS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhjZWJmMTE2LWZlMmEtNDkxYi1h
YWM4LTIyMGVhZDBiNTRlMi8wLzMyMzAzMjJlMzUzMjJlMzEzMTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczNjM3MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKNAswDQYJKoZIhvcN
AQELBQADggEBAK35hBGDNUsbAC+QyECaBQtYA0+BzSk2l4P1Mf43EoHUfmsMyJAD
BxuIbaI5YeTZSuTKQagLoIJ8BC0L4f0f+4sINQxmzL0V6z0Z1Ps1cK2MCzD93wV2
2k2CSmGXptd7wO0uhF/sGfu7P8kHzQ8DWMzIMRB4sI0sVBQdEWynsr1up5eMPDE6
p0TjiEBkmWJiPivholAvFIkyedq4EXEuMS04BYcytGqNhkVbjLE2IoxbKTJUf3nR
7Lho7WLSZnh4qM4wkg7RgF1SHEQyY1GMI5Nou/ChVlTwaWMiy5/Dly0GArc/iVdZ
NEVbUk4FDPQUCPM9/d5Ww/96yUMqYHDItXY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:30:37 2025 by rpki-client