Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/9dacc365-e194-4ac0-953a-4df3a5900b14/0/3230332e3139302e34302e302f32312d3234203d3e203435333137.roa
File: 3230332e3139302e34302e302f32312d3234203d3e203435333137.roa (raw, json)
Hash identifier: 5MoEibiXvb7uNHyN+SG4htpl+K7LW+4UjrfmIpwFKTE=
Subject key identifier: CC:46:15:38:38:56:FA:F1:08:72:6C:3F:7E:8D:A2:FF:C4:AC:96:A0
Certificate issuer: /CN=20566897603B029812606C25ABC972BAC5BF4AFB
Certificate serial: 2B1B55403E64C92295FDC35247E819929EF449DA
Authority key identifier: 20:56:68:97:60:3B:02:98:12:60:6C:25:AB:C9:72:BA:C5:BF:4A:FB
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20566897603B029812606C25ABC972BAC5BF4AFB.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/9dacc365-e194-4ac0-953a-4df3a5900b14/0/3230332e3139302e34302e302f32312d3234203d3e203435333137.roa
Signing time: Mon 25 Nov 2024 14:00:00 +0000
ROA not before: Mon 25 Nov 2024 13:55:00 +0000
ROA not after: Mon 24 Nov 2025 14:00:00 +0000
asID: 45317
IP address blocks: 203.190.40.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:1b:55:40:3e:64:c9:22:95:fd:c3:52:47:e8:19:92:9e:f4:49:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20566897603B029812606C25ABC972BAC5BF4AFB
Validity
Not Before: Nov 25 13:55:00 2024 GMT
Not After : Nov 24 14:00:00 2025 GMT
Subject: CN=CC4615383856FAF108726C3F7E8DA2FFC4AC96A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8e:00:3d:d3:04:0a:40:09:fe:43:13:01:65:
72:dd:34:76:ad:b2:b2:69:1b:bf:74:63:f8:da:3b:
54:60:fc:79:f6:6b:01:81:de:ee:7a:1c:fb:b3:c0:
7d:1d:f2:f3:4c:87:4f:cb:3b:d6:92:06:92:a5:20:
c8:8e:c0:c6:ca:a4:02:1d:34:0d:14:7e:bb:44:d1:
0c:f4:2b:40:65:69:f8:93:be:93:09:3e:4a:74:ce:
0a:92:0c:c0:72:05:44:ca:25:cb:3f:ed:2f:67:41:
d1:9d:0c:08:56:57:75:d6:e5:0e:53:3f:fe:6d:d7:
00:6b:c7:3e:bc:2d:8b:af:f6:66:df:5e:c5:73:70:
1e:96:87:e2:39:da:cf:b1:5a:03:f5:4f:fc:bf:a5:
fe:11:31:bb:1d:95:7a:44:cb:b9:94:63:2f:85:d5:
fb:c3:95:a1:95:21:a3:68:ff:6e:e7:0d:11:60:67:
5e:3d:da:34:0d:4f:67:09:99:42:70:bd:e5:31:0a:
ea:84:8c:96:28:9f:f8:f2:7c:f0:bf:c7:29:72:a7:
c5:b0:f2:b5:c9:b8:38:05:97:ce:04:6d:64:7e:ba:
c1:49:50:e3:7c:92:cd:5c:72:f0:68:1c:8a:e9:d0:
ff:97:d7:d9:71:93:e4:14:4c:9a:b9:56:ae:63:6f:
1c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:46:15:38:38:56:FA:F1:08:72:6C:3F:7E:8D:A2:FF:C4:AC:96:A0
X509v3 Authority Key Identifier:
keyid:20:56:68:97:60:3B:02:98:12:60:6C:25:AB:C9:72:BA:C5:BF:4A:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/9dacc365-e194-4ac0-953a-4df3a5900b14/0/20566897603B029812606C25ABC972BAC5BF4AFB.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20566897603B029812606C25ABC972BAC5BF4AFB.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9dacc365-e194-4ac0-953a-4df3a5900b14/0/3230332e3139302e34302e302f32312d3234203d3e203435333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.190.40.0/21
Signature Algorithm: sha256WithRSAEncryption
a8:01:a4:bb:28:a1:91:e4:cb:ae:65:d2:b7:cd:a4:95:cd:c4:
5d:bb:90:da:0c:5c:b1:cf:2e:9a:25:4d:4a:11:5c:b5:98:1c:
cc:3e:72:bc:8c:76:fb:b0:be:86:b2:89:e7:6e:a1:b1:43:6a:
03:33:7a:67:8b:11:26:9b:cb:cc:97:c5:d7:e4:0d:e1:da:00:
35:38:48:10:c3:e9:93:2e:3b:4e:fd:23:4c:d8:3e:0f:6c:b3:
40:f4:65:6b:83:72:cf:75:cb:9e:32:eb:70:bb:6c:fb:40:f9:
f1:de:dd:39:3e:87:29:95:c2:cf:3a:3a:b2:ec:8f:f3:d1:2d:
91:c6:2b:40:09:d2:cc:77:93:9b:75:a6:e6:8d:73:c6:29:d3:
5a:93:ad:c5:c5:8b:dc:92:27:c3:e4:02:54:4c:e8:b9:af:68:
3d:55:c6:55:c0:38:21:34:d5:4f:d3:b1:58:dc:e2:5f:5d:a7:
3d:55:cf:94:60:5e:f3:a9:d0:5b:fb:88:52:b0:7a:73:06:4c:
dd:84:c8:4b:b1:e0:58:0a:ac:75:96:b9:91:6b:1d:90:53:66:
2c:49:06:c6:f1:d6:a2:d6:78:7d:93:e8:a6:54:d4:44:56:76:
d2:f2:a4:f8:72:35:25:8f:a3:a8:a7:ad:41:98:8a:e1:0e:b9:
e1:f6:34:96
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUKxtVQD5kySKV/cNSR+gZkp70SdowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjA1NjY4OTc2MDNCMDI5ODEyNjA2QzI1QUJDOTcyQkFD
NUJGNEFGQjAeFw0yNDExMjUxMzU1MDBaFw0yNTExMjQxNDAwMDBaMDMxMTAvBgNV
BAMTKENDNDYxNTM4Mzg1NkZBRjEwODcyNkMzRjdFOERBMkZGQzRBQzk2QTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKjgA90wQKQAn+QxMBZXLdNHat
srJpG790Y/jaO1Rg/Hn2awGB3u56HPuzwH0d8vNMh0/LO9aSBpKlIMiOwMbKpAId
NA0UfrtE0Qz0K0BlafiTvpMJPkp0zgqSDMByBUTKJcs/7S9nQdGdDAhWV3XW5Q5T
P/5t1wBrxz68LYuv9mbfXsVzcB6Wh+I52s+xWgP1T/y/pf4RMbsdlXpEy7mUYy+F
1fvDlaGVIaNo/27nDRFgZ1492jQNT2cJmUJwveUxCuqEjJYon/jyfPC/xylyp8Ww
8rXJuDgFl84EbWR+usFJUON8ks1ccvBoHIrp0P+X19lxk+QUTJq5Vq5jbxyJAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUzEYVODhW+vEIcmw/fo2i/8SslqAwHwYDVR0j
BBgwFoAUIFZol2A7ApgSYGwlq8lyusW/SvswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
ZGFjYzM2NS1lMTk0LTRhYzAtOTUzYS00ZGYzYTU5MDBiMTQvMC8yMDU2Njg5NzYw
M0IwMjk4MTI2MDZDMjVBQkM5NzJCQUM1QkY0QUZCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjA1NjY4OTc2MDNCMDI5ODEyNjA2QzI1QUJDOTcyQkFDNUJG
NEFGQi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzlkYWNjMzY1LWUxOTQtNGFjMC05
NTNhLTRkZjNhNTkwMGIxNC8wLzMyMzAzMzJlMzEzOTMwMmUzNDMwMmUzMDJmMzIz
MTJkMzIzNDIwM2QzZTIwMzQzNTMzMzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8u+KDANBgkqhkiG
9w0BAQsFAAOCAQEAqAGkuyihkeTLrmXSt82klc3EXbuQ2gxcsc8umiVNShFctZgc
zD5yvIx2+7C+hrKJ526hsUNqAzN6Z4sRJpvLzJfF1+QN4doANThIEMPpky47Tv0j
TNg+D2yzQPRla4Nyz3XLnjLrcLts+0D58d7dOT6HKZXCzzo6suyP89EtkcYrQAnS
zHeTm3Wm5o1zxinTWpOtxcWL3JInw+QCVEzoua9oPVXGVcA4ITTVT9OxWNziX12n
PVXPlGBe86nQW/uIUrB6cwZM3YTIS7HgWAqsdZa5kWsdkFNmLEkGxvHWotZ4fZPo
plTURFZ20vKk+HI1JY+jqKetQZiK4Q654fY0lg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:51:13 2025 by rpki-client