Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/acaccf26-8354-49c8-998a-0a44a64eb909/0/3135372e32302e3233362e302f32342d3234203d3e203538333639.roa
File: 3135372e32302e3233362e302f32342d3234203d3e203538333639.roa (raw, json)
Hash identifier: bfQroZp46y/yg4SRsgG4Dw7Km0ZcaitbZyshPVWtdM8=
Subject key identifier: C6:08:38:C7:FA:62:BB:18:07:31:3C:17:5A:B1:16:05:84:40:4A:B3
Certificate issuer: /CN=92E0AE79CBF46A2DC24CDD3A7FD48A842BCFEE8D
Certificate serial: 200A875B4F328DB6E2624C4D49F813119FD8B3BB
Authority key identifier: 92:E0:AE:79:CB:F4:6A:2D:C2:4C:DD:3A:7F:D4:8A:84:2B:CF:EE:8D
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/92E0AE79CBF46A2DC24CDD3A7FD48A842BCFEE8D.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/acaccf26-8354-49c8-998a-0a44a64eb909/0/3135372e32302e3233362e302f32342d3234203d3e203538333639.roa
Signing time: Tue 04 Mar 2025 08:02:20 +0000
ROA not before: Tue 04 Mar 2025 07:57:20 +0000
ROA not after: Tue 03 Mar 2026 08:02:20 +0000
asID: 58369
IP address blocks: 157.20.236.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:0a:87:5b:4f:32:8d:b6:e2:62:4c:4d:49:f8:13:11:9f:d8:b3:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92E0AE79CBF46A2DC24CDD3A7FD48A842BCFEE8D
Validity
Not Before: Mar 4 07:57:20 2025 GMT
Not After : Mar 3 08:02:20 2026 GMT
Subject: CN=C60838C7FA62BB1807313C175AB1160584404AB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:56:40:88:db:66:51:8f:9a:2a:85:c7:e4:82:
4c:81:d8:79:94:e6:d0:08:fd:a6:bf:af:66:d3:fc:
0c:17:a6:7d:78:88:f2:fb:94:cf:e2:e4:75:c0:a1:
55:aa:33:68:88:3a:7f:32:e0:8b:6c:b8:65:e7:6d:
48:c8:85:b9:89:6f:17:2f:a3:46:0c:5d:9f:ec:eb:
f4:13:f0:e2:ae:d4:37:3d:1d:9a:00:a3:3e:6c:63:
fa:77:02:29:01:d8:51:03:c4:e6:17:0f:a4:91:2c:
19:75:f0:45:0c:9c:6d:85:53:98:86:be:f4:15:ba:
54:b7:a8:d7:ff:b4:40:f4:23:a9:36:ba:fe:71:c4:
0d:b3:f2:9e:02:07:88:39:8a:86:57:0f:4a:6e:10:
b7:d7:c3:71:08:da:7c:67:2b:bf:3e:29:c9:eb:50:
00:b7:fc:e7:16:28:d8:ce:5b:37:45:a8:d9:3b:9c:
bd:be:9b:50:92:68:1a:ec:b9:1b:45:1a:4c:97:76:
96:ea:df:1d:3b:16:7f:a6:f7:f7:7f:a2:b1:3f:05:
34:d5:51:ab:4c:07:ec:68:5e:09:f8:47:2a:ba:20:
4c:a2:0a:7d:17:5a:4d:bf:e7:f6:68:a8:43:2c:7c:
77:83:dd:38:e1:dc:56:a7:35:5d:2d:21:9d:ba:5d:
46:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:08:38:C7:FA:62:BB:18:07:31:3C:17:5A:B1:16:05:84:40:4A:B3
X509v3 Authority Key Identifier:
keyid:92:E0:AE:79:CB:F4:6A:2D:C2:4C:DD:3A:7F:D4:8A:84:2B:CF:EE:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/acaccf26-8354-49c8-998a-0a44a64eb909/0/92E0AE79CBF46A2DC24CDD3A7FD48A842BCFEE8D.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/92E0AE79CBF46A2DC24CDD3A7FD48A842BCFEE8D.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/acaccf26-8354-49c8-998a-0a44a64eb909/0/3135372e32302e3233362e302f32342d3234203d3e203538333639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.236.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:2b:7d:a9:f7:5c:46:1f:ea:33:63:59:c6:0a:3a:08:d0:92:
57:fd:e8:9b:c5:5f:32:6f:6c:d5:8c:37:83:ca:07:e7:69:5f:
44:a1:85:ec:c4:bb:e5:4c:48:05:65:55:de:6b:9c:3e:ae:8b:
17:aa:73:2d:0a:8a:dc:ce:5a:f5:10:1d:5d:9a:4c:77:cc:87:
7e:f9:cc:e5:9b:eb:5f:ca:4d:30:88:3d:97:c8:a4:66:3d:8d:
aa:45:d7:8b:c6:cf:3d:8c:9c:aa:ba:07:66:26:0a:c5:7e:da:
8a:5f:bd:26:a8:7d:84:80:0f:70:33:a1:e2:a7:84:6a:53:43:
94:0e:0a:1d:db:d9:39:58:a0:66:03:b9:15:2d:4d:8c:4b:65:
b1:21:5e:c3:0e:a4:4b:00:d7:32:d0:9b:3d:05:40:f1:9d:b8:
7d:80:0c:7b:45:7d:fc:a1:43:44:53:88:87:23:86:ff:83:19:
76:11:c4:0c:85:61:a5:17:4c:7d:67:8c:96:c0:a8:48:03:01:
0b:0b:9b:14:7e:1a:6a:6d:22:8e:7d:60:e6:34:2c:87:ac:0e:
1b:ed:f6:e0:8f:ba:00:ba:bc:2b:ab:f8:4c:f9:39:e2:b7:fa:
41:bf:42:ec:44:8a:fc:34:32:30:b6:65:32:07:30:63:50:82:
f2:4e:78:36
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUIAqHW08yjbbiYkxNSfgTEZ/Ys7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJFMEFFNzlDQkY0NkEyREMyNENERDNBN0ZENDhBODQy
QkNGRUU4RDAeFw0yNTAzMDQwNzU3MjBaFw0yNjAzMDMwODAyMjBaMDMxMTAvBgNV
BAMTKEM2MDgzOEM3RkE2MkJCMTgwNzMxM0MxNzVBQjExNjA1ODQ0MDRBQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1VkCI22ZRj5oqhcfkgkyB2HmU
5tAI/aa/r2bT/AwXpn14iPL7lM/i5HXAoVWqM2iIOn8y4ItsuGXnbUjIhbmJbxcv
o0YMXZ/s6/QT8OKu1Dc9HZoAoz5sY/p3AikB2FEDxOYXD6SRLBl18EUMnG2FU5iG
vvQVulS3qNf/tED0I6k2uv5xxA2z8p4CB4g5ioZXD0puELfXw3EI2nxnK78+Kcnr
UAC3/OcWKNjOWzdFqNk7nL2+m1CSaBrsuRtFGkyXdpbq3x07Fn+m9/d/orE/BTTV
UatMB+xoXgn4Ryq6IEyiCn0XWk2/5/ZoqEMsfHeD3Tjh3FanNV0tIZ26XUalAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUxgg4x/piuxgHMTwXWrEWBYRASrMwHwYDVR0j
BBgwFoAUkuCuecv0ai3CTN06f9SKhCvP7o0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
Y2FjY2YyNi04MzU0LTQ5YzgtOTk4YS0wYTQ0YTY0ZWI5MDkvMC85MkUwQUU3OUNC
RjQ2QTJEQzI0Q0REM0E3RkQ0OEE4NDJCQ0ZFRThELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvOTJFMEFFNzlDQkY0NkEyREMyNENERDNBN0ZENDhBODQyQkNG
RUU4RC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2FjYWNjZjI2LTgzNTQtNDljOC05
OThhLTBhNDRhNjRlYjkwOS8wLzMxMzUzNzJlMzIzMDJlMzIzMzM2MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzODMzMzYzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0U7DANBgkqhkiG
9w0BAQsFAAOCAQEADyt9qfdcRh/qM2NZxgo6CNCSV/3om8VfMm9s1Yw3g8oH52lf
RKGF7MS75UxIBWVV3mucPq6LF6pzLQqK3M5a9RAdXZpMd8yHfvnM5ZvrX8pNMIg9
l8ikZj2NqkXXi8bPPYycqroHZiYKxX7ail+9Jqh9hIAPcDOh4qeEalNDlA4KHdvZ
OVigZgO5FS1NjEtlsSFeww6kSwDXMtCbPQVA8Z24fYAMe0V9/KFDRFOIhyOG/4MZ
dhHEDIVhpRdMfWeMlsCoSAMBCwubFH4aam0ijn1g5jQsh6wOG+324I+6ALq8K6v4
TPk54rf6Qb9C7ESK/DQyMLZlMgcwY1CC8k54Ng==
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:34:27 2025 by rpki-client