Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/34332e3232392e3230342e302f32322d3234203d3e203234353332.roa
File: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (raw, json)
Hash identifier: Iun52nY6O3+qxGHYtLUd/o4wD4j6UUv+WuPemCxO82w=
Subject key identifier: F6:99:97:B0:D2:75:4A:EB:B8:9D:80:52:FF:A3:E1:FE:BA:DD:10:EB
Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96
Certificate serial: 12D956D82DA0BB5F1DA0FFE068DDECB5D362CD85
Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/34332e3232392e3230342e302f32322d3234203d3e203234353332.roa
Signing time: Mon 01 Jul 2024 01:05:46 +0000
ROA not before: Mon 01 Jul 2024 01:00:46 +0000
ROA not after: Mon 30 Jun 2025 01:05:46 +0000
asID: 24532
IP address blocks: 43.229.204.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:d9:56:d8:2d:a0:bb:5f:1d:a0:ff:e0:68:dd:ec:b5:d3:62:cd:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96
Validity
Not Before: Jul 1 01:00:46 2024 GMT
Not After : Jun 30 01:05:46 2025 GMT
Subject: CN=F69997B0D2754AEBB89D8052FFA3E1FEBADD10EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6c:65:d1:18:37:7b:ba:ba:7e:cc:33:e4:fe:
56:68:d1:a3:b2:b3:88:21:0d:a0:92:73:d7:bd:5b:
91:3e:ea:99:67:8a:99:32:b4:8e:5e:00:3b:5e:da:
68:40:53:8e:dc:7a:47:e3:1f:9a:96:f7:f0:43:83:
cc:47:85:22:ea:2d:d0:d9:29:31:51:a2:d6:ba:e1:
53:78:7b:1f:02:b8:6c:fe:04:df:64:22:94:b9:98:
f5:3e:81:a9:b0:c7:ed:da:27:f8:23:4a:9b:ea:69:
91:a7:dc:53:69:59:fe:dd:4d:a4:2f:9d:8e:03:ee:
21:22:2a:b4:bc:80:da:2d:9f:43:51:2b:04:fd:d4:
c1:6b:75:f5:6e:1d:6b:33:9e:36:ba:09:5f:31:5e:
2c:1c:1e:74:61:82:9c:cf:e9:9b:6c:c2:99:44:f2:
98:e0:db:01:c6:30:14:1b:ce:7c:de:f9:8c:3d:d0:
cf:12:67:b4:85:a4:a5:c6:15:44:a7:50:5f:f8:23:
9b:39:3d:ff:40:fc:a9:bd:33:39:6a:8d:c5:67:c1:
76:c3:9d:53:22:f9:93:e6:0c:b5:5d:c7:9d:04:9b:
13:55:35:33:b7:e9:3a:9d:aa:fb:f9:ad:f9:5b:e1:
5c:00:ee:5f:16:a9:43:e3:77:3a:75:c3:24:c6:1f:
cc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:99:97:B0:D2:75:4A:EB:B8:9D:80:52:FF:A3:E1:FE:BA:DD:10:EB
X509v3 Authority Key Identifier:
keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/34332e3232392e3230342e302f32322d3234203d3e203234353332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.229.204.0/22
Signature Algorithm: sha256WithRSAEncryption
50:31:bc:b3:4f:83:9e:9a:af:19:35:89:d4:1f:13:46:f7:d7:
cb:6a:1d:31:dc:c7:27:30:1b:ad:f9:fb:48:98:14:5c:0c:70:
86:95:4b:85:c6:25:ce:83:a8:bd:8e:4c:0d:9a:3f:1b:36:06:
21:56:0d:b5:09:3a:8a:31:ca:b0:47:0f:70:77:9d:da:54:5b:
c1:e5:f1:4e:6a:6e:9c:d2:40:dc:f5:40:5d:d2:f2:be:d9:e7:
de:ba:07:aa:0b:77:04:01:12:e2:5e:c1:89:f8:9c:47:10:63:
30:a5:a7:ef:3e:45:09:a7:b3:76:8e:7f:f8:62:0a:a0:6b:06:
b0:bc:90:4f:9b:08:6a:2e:f2:cf:13:3d:40:6d:99:d7:04:b1:
28:43:cb:06:f1:3b:e7:2a:36:e2:de:52:46:84:a0:a0:d8:f5:
ba:15:f9:45:0a:68:47:fa:49:3c:65:7f:9a:63:98:2d:bc:c3:
6e:89:2d:31:09:b0:29:a4:74:de:ea:4e:33:e9:30:1a:cb:37:
36:1f:a8:98:d6:c4:d2:26:0a:2b:9b:56:a3:f9:55:b6:2c:fd:
0e:d3:f0:71:d6:f8:70:d6:e6:24:85:c4:2f:00:88:1d:26:5f:
e2:10:47:cc:02:06:5c:61:15:0e:7e:56:63:18:76:d9:5c:05:
5a:c4:f4:29
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUEtlW2C2gu18doP/gaN3stdNizYUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF
Q0M3RkU5NjAeFw0yNDA3MDEwMTAwNDZaFw0yNTA2MzAwMTA1NDZaMDMxMTAvBgNV
BAMTKEY2OTk5N0IwRDI3NTRBRUJCODlEODA1MkZGQTNFMUZFQkFERDEwRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5bGXRGDd7urp+zDPk/lZo0aOy
s4ghDaCSc9e9W5E+6plnipkytI5eADte2mhAU47cekfjH5qW9/BDg8xHhSLqLdDZ
KTFRota64VN4ex8CuGz+BN9kIpS5mPU+gamwx+3aJ/gjSpvqaZGn3FNpWf7dTaQv
nY4D7iEiKrS8gNotn0NRKwT91MFrdfVuHWsznja6CV8xXiwcHnRhgpzP6ZtswplE
8pjg2wHGMBQbznze+Yw90M8SZ7SFpKXGFUSnUF/4I5s5Pf9A/Km9MzlqjcVnwXbD
nVMi+ZPmDLVdx50EmxNVNTO36Tqdqvv5rflb4VwA7l8WqUPjdzp1wyTGH8xVAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU9pmXsNJ1Suu4nYBS/6Ph/rrdEOswHwYDVR0j
BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF
NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3
RkU5Ni5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk0M2UyZTY3LWExNzEtNGQ5ZS1h
OTM1LTQwNjkwMmIxZTEzYi8wLzM0MzMyZTMyMzIzOTJlMzIzMDM0MmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzIzNDM1MzMzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAivlzDANBgkqhkiG
9w0BAQsFAAOCAQEAUDG8s0+DnpqvGTWJ1B8TRvfXy2odMdzHJzAbrfn7SJgUXAxw
hpVLhcYlzoOovY5MDZo/GzYGIVYNtQk6ijHKsEcPcHed2lRbweXxTmpunNJA3PVA
XdLyvtnn3roHqgt3BAES4l7BificRxBjMKWn7z5FCaezdo5/+GIKoGsGsLyQT5sI
ai7yzxM9QG2Z1wSxKEPLBvE75yo24t5SRoSgoNj1uhX5RQpoR/pJPGV/mmOYLbzD
boktMQmwKaR03upOM+kwGss3Nh+omNbE0iYKK5tWo/lVtiz9DtPwcdb4cNbmJIXE
LwCIHSZf4hBHzAIGXGEVDn5WYxh22VwFWsT0KQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:53:01 2025 by rpki-client