Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/953666e1-1e41-42ed-abbc-a8c087f3f339/0/3230332e31342e31382e302f32342d3234203d3e20313532303834.roa
File: 3230332e31342e31382e302f32342d3234203d3e20313532303834.roa (raw, json)
Hash identifier: EPZc5s6xGmEkYEwc1m25H5UKqHqXdKO9ob+h/evRrWo=
Subject key identifier: 33:94:42:FD:BB:88:88:42:C6:5E:F2:19:2C:C9:62:AB:4B:84:4C:F1
Certificate issuer: /CN=C35ED85B36F5D519D2CD1D474BE51C13F49A7E47
Certificate serial: 599A804B327644B5C7BA1412A0A3D8751E757CCF
Authority key identifier: C3:5E:D8:5B:36:F5:D5:19:D2:CD:1D:47:4B:E5:1C:13:F4:9A:7E:47
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C35ED85B36F5D519D2CD1D474BE51C13F49A7E47.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/953666e1-1e41-42ed-abbc-a8c087f3f339/0/3230332e31342e31382e302f32342d3234203d3e20313532303834.roa
Signing time: Sat 18 Jan 2025 11:00:03 +0000
ROA not before: Sat 18 Jan 2025 10:55:03 +0000
ROA not after: Sat 17 Jan 2026 11:00:03 +0000
asID: 152084
IP address blocks: 203.14.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:9a:80:4b:32:76:44:b5:c7:ba:14:12:a0:a3:d8:75:1e:75:7c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C35ED85B36F5D519D2CD1D474BE51C13F49A7E47
Validity
Not Before: Jan 18 10:55:03 2025 GMT
Not After : Jan 17 11:00:03 2026 GMT
Subject: CN=339442FDBB888842C65EF2192CC962AB4B844CF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:5b:e5:26:73:b8:b6:6f:ab:8e:63:5c:de:99:
b5:9f:4a:d8:b0:d9:69:34:37:60:48:44:9e:5a:20:
e7:9e:0f:ed:3d:8d:c1:fd:90:0d:e5:41:98:f4:17:
ea:00:16:d6:a6:4e:cd:8c:07:15:74:5e:74:6b:9d:
87:9d:a8:25:c1:b2:01:78:ab:0c:a9:52:fc:45:f9:
77:18:91:75:da:54:f4:27:d4:cb:85:e1:7d:31:9a:
c3:1d:1f:22:a0:03:21:79:8f:bc:73:ca:a7:12:34:
1e:7d:58:74:70:1a:2d:6b:5b:5c:6c:21:f0:58:c0:
9c:6a:79:c0:91:6a:d5:c8:fa:3b:f2:13:51:ad:83:
0c:5e:8e:a4:c0:cf:9b:c3:d0:b0:10:66:65:c7:8b:
cc:27:4a:84:b4:4e:d7:86:97:03:04:83:c0:67:20:
82:70:5c:a5:27:43:27:5f:5e:65:b0:1c:9f:d9:d0:
f7:52:65:28:81:0e:83:58:36:e0:93:84:ef:5c:89:
e6:3c:75:d1:51:91:65:74:4a:e2:fa:8e:f1:bc:e1:
e2:92:14:7b:b8:94:0d:ad:88:57:83:e2:9e:21:b6:
2a:4a:c8:40:5d:ae:ea:91:a5:d6:4b:f5:e2:23:0f:
54:89:76:1a:cf:18:0c:6e:d5:ef:6e:19:31:74:50:
08:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:94:42:FD:BB:88:88:42:C6:5E:F2:19:2C:C9:62:AB:4B:84:4C:F1
X509v3 Authority Key Identifier:
keyid:C3:5E:D8:5B:36:F5:D5:19:D2:CD:1D:47:4B:E5:1C:13:F4:9A:7E:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/953666e1-1e41-42ed-abbc-a8c087f3f339/0/C35ED85B36F5D519D2CD1D474BE51C13F49A7E47.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C35ED85B36F5D519D2CD1D474BE51C13F49A7E47.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/953666e1-1e41-42ed-abbc-a8c087f3f339/0/3230332e31342e31382e302f32342d3234203d3e20313532303834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.14.18.0/24
Signature Algorithm: sha256WithRSAEncryption
59:8c:e4:81:4a:f5:b3:ea:1f:0f:7d:63:97:8a:c1:99:ff:ef:
94:d8:d1:bb:c3:bc:66:0c:25:0b:60:58:5e:bd:7b:5c:ec:51:
92:2a:53:2a:5c:3d:b8:09:00:2e:e5:62:44:c4:6b:3f:44:51:
f4:9d:c6:4d:70:2b:9a:04:ac:19:7f:0b:94:07:f8:e1:cb:74:
0e:5f:96:ec:9e:45:98:da:db:bd:3c:95:0f:a0:7c:fc:20:61:
a9:de:7b:fb:04:f5:60:8c:8a:2e:03:bf:dc:c2:87:01:9c:23:
f2:69:cf:f9:03:a4:ac:fb:55:cd:ed:95:0d:91:4e:c3:e6:37:
ff:77:4c:14:6f:a0:3c:50:9c:89:be:66:df:0a:27:75:a3:35:
e2:21:8d:32:b5:e0:8b:ff:ad:34:06:eb:18:44:5a:5f:8f:4a:
63:3d:5b:ca:1f:a3:04:a3:9e:25:a7:8e:cf:e9:61:9f:44:a8:
88:b1:c1:46:74:6e:98:da:bb:3e:b7:94:81:39:bf:88:8f:8c:
42:5a:85:77:7e:76:ca:f8:84:cf:a4:3a:b7:9e:6d:6d:0a:a1:
93:f4:a3:07:ab:f8:5f:02:bc:86:ae:3b:b0:d6:22:46:21:94:
b0:8a:93:eb:ea:15:cd:36:6d:25:30:c6:32:3e:c2:f5:58:24:
58:84:74:36
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUWZqASzJ2RLXHuhQSoKPYdR51fM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzM1RUQ4NUIzNkY1RDUxOUQyQ0QxRDQ3NEJFNTFDMTNG
NDlBN0U0NzAeFw0yNTAxMTgxMDU1MDNaFw0yNjAxMTcxMTAwMDNaMDMxMTAvBgNV
BAMTKDMzOTQ0MkZEQkI4ODg4NDJDNjVFRjIxOTJDQzk2MkFCNEI4NDRDRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvW+Umc7i2b6uOY1zembWfStiw
2Wk0N2BIRJ5aIOeeD+09jcH9kA3lQZj0F+oAFtamTs2MBxV0XnRrnYedqCXBsgF4
qwypUvxF+XcYkXXaVPQn1MuF4X0xmsMdHyKgAyF5j7xzyqcSNB59WHRwGi1rW1xs
IfBYwJxqecCRatXI+jvyE1GtgwxejqTAz5vD0LAQZmXHi8wnSoS0TteGlwMEg8Bn
IIJwXKUnQydfXmWwHJ/Z0PdSZSiBDoNYNuCThO9cieY8ddFRkWV0SuL6jvG84eKS
FHu4lA2tiFeD4p4htipKyEBdruqRpdZL9eIjD1SJdhrPGAxu1e9uGTF0UAhJAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUM5RC/buIiELGXvIZLMliq0uETPEwHwYDVR0j
BBgwFoAUw17YWzb11RnSzR1HS+UcE/SafkcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
NTM2NjZlMS0xZTQxLTQyZWQtYWJiYy1hOGMwODdmM2YzMzkvMC9DMzVFRDg1QjM2
RjVENTE5RDJDRDFENDc0QkU1MUMxM0Y0OUE3RTQ3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzM1RUQ4NUIzNkY1RDUxOUQyQ0QxRDQ3NEJFNTFDMTNGNDlB
N0U0Ny5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk1MzY2NmUxLTFlNDEtNDJlZC1h
YmJjLWE4YzA4N2YzZjMzOS8wLzMyMzAzMzJlMzEzNDJlMzEzODJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMjMwMzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMsOEjANBgkqhkiG
9w0BAQsFAAOCAQEAWYzkgUr1s+ofD31jl4rBmf/vlNjRu8O8ZgwlC2BYXr17XOxR
kipTKlw9uAkALuViRMRrP0RR9J3GTXArmgSsGX8LlAf44ct0Dl+W7J5FmNrbvTyV
D6B8/CBhqd57+wT1YIyKLgO/3MKHAZwj8mnP+QOkrPtVze2VDZFOw+Y3/3dMFG+g
PFCcib5m3wondaM14iGNMrXgi/+tNAbrGERaX49KYz1byh+jBKOeJaeOz+lhn0So
iLHBRnRumNq7PreUgTm/iI+MQlqFd352yviEz6Q6t55tbQqhk/SjB6v4XwK8hq47
sNYiRiGUsIqT6+oVzTZtJTDGMj7C9VgkWIR0Ng==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:41:21 2025 by rpki-client