Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a12f228c-df20-4728-9f96-8faa1340017a/0/323030313a6436383a3a2f34382d3438203d3e2037353837.roa
File: 323030313a6436383a3a2f34382d3438203d3e2037353837.roa (raw, json)
Hash identifier: i3mVHxINJY1wBocmEZCE7W5aPr3/40jKREEXnt4p3Fs=
Subject key identifier: 7D:F7:64:50:E3:DE:8A:14:73:1A:1F:FC:73:4F:0E:C3:62:B5:48:DE
Certificate issuer: /CN=42042E672B688C3072FD4743B3E7DD81EC7CA306
Certificate serial: 2CBABC7B33FEC9612623B698F8350FB04AE9462B
Authority key identifier: 42:04:2E:67:2B:68:8C:30:72:FD:47:43:B3:E7:DD:81:EC:7C:A3:06
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/42042E672B688C3072FD4743B3E7DD81EC7CA306.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a12f228c-df20-4728-9f96-8faa1340017a/0/323030313a6436383a3a2f34382d3438203d3e2037353837.roa
Signing time: Thu 18 Jul 2024 09:00:01 +0000
ROA not before: Thu 18 Jul 2024 08:55:01 +0000
ROA not after: Thu 17 Jul 2025 09:00:01 +0000
asID: 7587
IP address blocks: 2001:d68::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:ba:bc:7b:33:fe:c9:61:26:23:b6:98:f8:35:0f:b0:4a:e9:46:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42042E672B688C3072FD4743B3E7DD81EC7CA306
Validity
Not Before: Jul 18 08:55:01 2024 GMT
Not After : Jul 17 09:00:01 2025 GMT
Subject: CN=7DF76450E3DE8A14731A1FFC734F0EC362B548DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:32:24:ec:aa:b9:33:d6:3a:b7:79:2a:2b:ba:
6f:88:74:b5:dd:15:3e:52:a0:89:e0:03:ed:00:e6:
52:25:20:40:20:20:20:24:d8:d8:ef:37:f3:97:ff:
e4:01:6b:4a:74:65:cb:2f:bf:50:8d:fe:4d:8b:8d:
9e:aa:3f:b9:96:9d:2e:6e:8f:cd:96:b2:bf:d6:98:
4f:64:45:89:09:00:2d:ed:b7:bb:96:2a:d4:a4:a1:
e1:3c:b9:a6:ea:38:88:35:d0:75:d4:03:7b:9b:e2:
bf:1f:21:88:6e:4e:c5:da:e9:ea:18:9c:4d:1a:26:
7e:bd:10:7f:d4:b8:31:14:ab:d2:14:53:55:27:45:
24:8e:53:94:31:b3:6c:32:5b:14:80:0f:1c:9f:90:
c7:c4:d8:21:ff:dd:cc:9d:14:35:94:39:22:f6:d9:
fd:57:a5:d1:ee:05:0f:24:cb:02:bb:9a:5f:45:80:
67:4d:fe:e7:81:62:ae:ab:2b:c3:07:29:1d:85:4f:
16:8e:28:58:5b:12:70:2e:dc:dd:55:fa:ca:15:48:
16:3e:39:e2:c1:44:04:23:81:be:bd:48:46:f3:49:
27:07:fe:22:8e:6d:3e:d3:23:0a:7e:a1:e3:aa:5d:
53:9a:78:1c:3b:24:bc:0a:f1:4a:02:9d:65:6c:d1:
4a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F7:64:50:E3:DE:8A:14:73:1A:1F:FC:73:4F:0E:C3:62:B5:48:DE
X509v3 Authority Key Identifier:
keyid:42:04:2E:67:2B:68:8C:30:72:FD:47:43:B3:E7:DD:81:EC:7C:A3:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a12f228c-df20-4728-9f96-8faa1340017a/0/42042E672B688C3072FD4743B3E7DD81EC7CA306.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/42042E672B688C3072FD4743B3E7DD81EC7CA306.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a12f228c-df20-4728-9f96-8faa1340017a/0/323030313a6436383a3a2f34382d3438203d3e2037353837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:d68::/48
Signature Algorithm: sha256WithRSAEncryption
a5:e1:74:d8:65:66:bd:f6:50:32:ba:5d:c9:55:22:8f:29:e3:
0d:f9:36:5b:dd:ab:60:1d:05:85:5d:a7:1c:65:4f:bd:94:96:
ac:b0:65:29:0b:d8:82:6a:e3:57:fb:5f:19:43:e6:6c:e9:f0:
1c:22:fe:7c:e8:eb:5a:39:55:eb:fc:a8:e0:1e:28:13:96:aa:
a4:b2:73:65:e0:f0:0c:01:b8:f7:30:4a:af:8b:ac:c1:ae:52:
27:d3:17:56:a3:c1:fc:d0:41:8a:63:2d:3a:09:e5:e7:8f:f8:
0a:32:41:24:94:4a:d3:6b:6f:5e:21:13:98:0a:2d:e8:6f:80:
b3:f3:24:87:e0:2c:32:6a:24:e7:dc:18:62:92:a4:56:6c:2d:
72:1d:66:65:4b:87:1b:ba:36:2d:da:52:5e:69:95:e6:f9:5c:
d5:1e:e3:f7:da:18:f4:5d:83:31:65:12:81:19:bb:d8:6a:54:
dc:8a:b9:db:e7:f4:45:8e:69:24:dd:4b:2c:f2:dd:9a:f5:0a:
67:1c:a3:a4:89:fa:c5:f5:b5:dc:0e:1f:e0:7d:f6:7d:82:ab:
e5:51:45:2f:a5:92:e6:32:29:25:ed:19:d4:d3:8d:e5:a4:99:
95:99:fa:0f:56:09:49:90:75:c7:5f:98:62:5e:ad:7e:82:9c:
5d:e1:81:d6
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIULLq8ezP+yWEmI7aY+DUPsErpRiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDIwNDJFNjcyQjY4OEMzMDcyRkQ0NzQzQjNFN0REODFF
QzdDQTMwNjAeFw0yNDA3MTgwODU1MDFaFw0yNTA3MTcwOTAwMDFaMDMxMTAvBgNV
BAMTKDdERjc2NDUwRTNERThBMTQ3MzFBMUZGQzczNEYwRUMzNjJCNTQ4REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiMiTsqrkz1jq3eSorum+IdLXd
FT5SoIngA+0A5lIlIEAgICAk2NjvN/OX/+QBa0p0Zcsvv1CN/k2LjZ6qP7mWnS5u
j82Wsr/WmE9kRYkJAC3tt7uWKtSkoeE8uabqOIg10HXUA3ub4r8fIYhuTsXa6eoY
nE0aJn69EH/UuDEUq9IUU1UnRSSOU5Qxs2wyWxSADxyfkMfE2CH/3cydFDWUOSL2
2f1XpdHuBQ8kywK7ml9FgGdN/ueBYq6rK8MHKR2FTxaOKFhbEnAu3N1V+soVSBY+
OeLBRAQjgb69SEbzSScH/iKObT7TIwp+oeOqXVOaeBw7JLwK8UoCnWVs0UoNAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUffdkUOPeihRzGh/8c08Ow2K1SN4wHwYDVR0j
BBgwFoAUQgQuZytojDBy/UdDs+fdgex8owYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
MTJmMjI4Yy1kZjIwLTQ3MjgtOWY5Ni04ZmFhMTM0MDAxN2EvMC80MjA0MkU2NzJC
Njg4QzMwNzJGRDQ3NDNCM0U3REQ4MUVDN0NBMzA2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDIwNDJFNjcyQjY4OEMzMDcyRkQ0NzQzQjNFN0REODFFQzdD
QTMwNi5jZXIwgZsGCCsGAQUFBwELBIGOMIGLMIGIBggrBgEFBQcwC4Z8cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTEyZjIyOGMtZGYyMC00NzI4LTlm
OTYtOGZhYTEzNDAwMTdhLzAvMzIzMDMwMzEzYTY0MzYzODNhM2EyZjM0MzgyZDM0
MzgyMDNkM2UyMDM3MzUzODM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAENaAAAMA0GCSqGSIb3DQEB
CwUAA4IBAQCl4XTYZWa99lAyul3JVSKPKeMN+TZb3atgHQWFXaccZU+9lJassGUp
C9iCauNX+18ZQ+Zs6fAcIv586OtaOVXr/KjgHigTlqqksnNl4PAMAbj3MEqvi6zB
rlIn0xdWo8H80EGKYy06CeXnj/gKMkEklErTa29eIROYCi3ob4Cz8ySH4CwyaiTn
3BhikqRWbC1yHWZlS4cbujYt2lJeaZXm+VzVHuP32hj0XYMxZRKBGbvYalTcirnb
5/RFjmkk3Uss8t2a9QpnHKOkifrF9bXcDh/gffZ9gqvlUUUvpZLmMikl7RnU043l
pJmVmfoPVglJkHXHX5hiXq1+gpxd4YHW
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:38:59 2025 by rpki-client