Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/acb9a4b9-4ae3-467a-b919-410e142b679f/0/3230322e3136392e3235352e302f32342d3234203d3e203338313433.roa
File: 3230322e3136392e3235352e302f32342d3234203d3e203338313433.roa (raw, json)
Hash identifier: t1evpHl6PIJgH7imBaMLuvcB1G24zNoEPdmCXtsm9LE=
Subject key identifier: C6:0C:20:5E:96:A8:AC:59:CB:96:66:6B:A3:8B:BF:C3:44:31:AE:20
Certificate issuer: /CN=342061B97FF97E5180511F38B0A0DCBAB1CE0325
Certificate serial: 762488872E82CED98AC1DE1031E7060CA244A7F9
Authority key identifier: 34:20:61:B9:7F:F9:7E:51:80:51:1F:38:B0:A0:DC:BA:B1:CE:03:25
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/342061B97FF97E5180511F38B0A0DCBAB1CE0325.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/acb9a4b9-4ae3-467a-b919-410e142b679f/0/3230322e3136392e3235352e302f32342d3234203d3e203338313433.roa
Signing time: Tue 18 Jun 2024 06:00:00 +0000
ROA not before: Tue 18 Jun 2024 05:55:00 +0000
ROA not after: Tue 17 Jun 2025 06:00:00 +0000
asID: 38143
IP address blocks: 202.169.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:24:88:87:2e:82:ce:d9:8a:c1:de:10:31:e7:06:0c:a2:44:a7:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=342061B97FF97E5180511F38B0A0DCBAB1CE0325
Validity
Not Before: Jun 18 05:55:00 2024 GMT
Not After : Jun 17 06:00:00 2025 GMT
Subject: CN=C60C205E96A8AC59CB96666BA38BBFC34431AE20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5f:80:f7:39:c3:2d:1c:5d:7e:46:0e:69:1f:
69:56:70:3a:68:9e:51:89:05:f1:68:1c:60:ab:67:
bf:c3:4e:cc:15:bb:9b:ae:88:be:c3:0e:52:46:e6:
9b:a4:7a:37:a5:ce:b1:d3:34:16:1c:27:2c:14:4e:
c5:28:60:58:9d:54:c6:fb:75:a6:c7:fb:7a:97:a8:
21:d6:e4:9e:d2:c8:39:b2:cb:f1:ed:26:05:3c:ee:
e7:3b:7b:d3:d5:19:f1:c8:82:1a:3b:c7:fd:19:ea:
74:f6:b8:93:65:ae:8c:a6:d3:6c:51:53:8f:b1:07:
ec:38:74:3d:28:b5:18:37:7e:9d:cf:f4:e5:91:f5:
1f:fb:ad:a4:02:67:f5:81:f4:11:82:29:14:e7:f5:
b7:c3:cb:12:68:8c:0f:fd:b9:b0:e4:44:f9:f8:63:
5e:2d:40:3a:17:53:8e:81:20:65:25:bd:60:93:1a:
e8:9d:35:8c:a4:19:1b:61:cb:a9:8a:1c:1b:90:0a:
65:e1:24:65:e3:0a:46:07:16:1f:27:6b:54:f0:2d:
32:7a:d7:06:6a:c1:c1:d3:89:68:5e:e1:7b:70:b1:
18:76:02:e2:81:99:a6:77:c5:22:60:00:f8:15:cf:
3b:f0:80:e4:68:ca:e0:0d:74:01:bb:5f:c1:85:f2:
72:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:0C:20:5E:96:A8:AC:59:CB:96:66:6B:A3:8B:BF:C3:44:31:AE:20
X509v3 Authority Key Identifier:
keyid:34:20:61:B9:7F:F9:7E:51:80:51:1F:38:B0:A0:DC:BA:B1:CE:03:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/acb9a4b9-4ae3-467a-b919-410e142b679f/0/342061B97FF97E5180511F38B0A0DCBAB1CE0325.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/342061B97FF97E5180511F38B0A0DCBAB1CE0325.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/acb9a4b9-4ae3-467a-b919-410e142b679f/0/3230322e3136392e3235352e302f32342d3234203d3e203338313433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.169.255.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:b3:a1:4b:e4:91:51:55:f1:80:f8:5d:5a:c5:af:b1:90:4b:
91:b2:38:c7:b1:8c:7d:f5:20:b4:88:92:94:10:73:24:d1:4a:
9b:4a:52:ce:74:ca:52:e7:e4:1a:f0:1b:56:e1:a2:2c:ac:b1:
1b:88:f5:4a:03:a4:cc:4d:d3:99:78:c6:b6:e2:6e:92:39:aa:
91:5b:b3:41:66:80:95:3a:85:ba:73:61:c4:8c:35:93:e0:69:
95:5d:dd:12:ba:af:c4:71:ed:bf:d7:67:12:4c:e3:50:40:f4:
4d:17:d0:77:df:4d:14:13:41:38:1d:df:86:d0:ab:c7:ab:24:
5a:91:5d:9a:2a:79:ee:ef:97:7a:42:b5:59:24:ba:44:c1:fb:
5c:cd:ce:94:e0:c0:d6:ab:c2:08:dc:f1:29:9a:e9:06:53:4f:
18:ed:6c:72:4e:d6:e5:ea:be:e5:3e:4b:cd:37:0b:b4:56:44:
9d:33:4d:7a:85:b8:c8:93:64:40:65:a3:8e:11:f9:c9:e8:f5:
de:14:8a:42:09:df:07:71:6b:d2:ff:0f:70:d4:20:dc:a8:00:
89:91:64:d5:a2:a7:c6:8e:cb:72:74:d8:ec:e7:cd:be:94:a6:
a2:1a:5a:f3:d0:36:61:c3:c5:ea:77:bc:34:8d:28:4e:b7:4c:
89:91:0f:cd
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUdiSIhy6CztmKwd4QMecGDKJEp/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzQyMDYxQjk3RkY5N0U1MTgwNTExRjM4QjBBMERDQkFC
MUNFMDMyNTAeFw0yNDA2MTgwNTU1MDBaFw0yNTA2MTcwNjAwMDBaMDMxMTAvBgNV
BAMTKEM2MEMyMDVFOTZBOEFDNTlDQjk2NjY2QkEzOEJCRkMzNDQzMUFFMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWX4D3OcMtHF1+Rg5pH2lWcDpo
nlGJBfFoHGCrZ7/DTswVu5uuiL7DDlJG5pukejelzrHTNBYcJywUTsUoYFidVMb7
dabH+3qXqCHW5J7SyDmyy/HtJgU87uc7e9PVGfHIgho7x/0Z6nT2uJNlroym02xR
U4+xB+w4dD0otRg3fp3P9OWR9R/7raQCZ/WB9BGCKRTn9bfDyxJojA/9ubDkRPn4
Y14tQDoXU46BIGUlvWCTGuidNYykGRthy6mKHBuQCmXhJGXjCkYHFh8na1TwLTJ6
1wZqwcHTiWhe4XtwsRh2AuKBmaZ3xSJgAPgVzzvwgORoyuANdAG7X8GF8nL3AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUxgwgXpaorFnLlmZro4u/w0QxriAwHwYDVR0j
BBgwFoAUNCBhuX/5flGAUR84sKDcurHOAyUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
Y2I5YTRiOS00YWUzLTQ2N2EtYjkxOS00MTBlMTQyYjY3OWYvMC8zNDIwNjFCOTdG
Rjk3RTUxODA1MTFGMzhCMEEwRENCQUIxQ0UwMzI1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMzQyMDYxQjk3RkY5N0U1MTgwNTExRjM4QjBBMERDQkFCMUNF
MDMyNS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2FjYjlhNGI5LTRhZTMtNDY3YS1i
OTE5LTQxMGUxNDJiNjc5Zi8wLzMyMzAzMjJlMzEzNjM5MmUzMjM1MzUyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMzM4MzEzNDMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyqn/MA0GCSqG
SIb3DQEBCwUAA4IBAQBKs6FL5JFRVfGA+F1axa+xkEuRsjjHsYx99SC0iJKUEHMk
0UqbSlLOdMpS5+Qa8BtW4aIsrLEbiPVKA6TMTdOZeMa24m6SOaqRW7NBZoCVOoW6
c2HEjDWT4GmVXd0Suq/Ece2/12cSTONQQPRNF9B3300UE0E4Hd+G0KvHqyRakV2a
Knnu75d6QrVZJLpEwftczc6U4MDWq8II3PEpmukGU08Y7WxyTtbl6r7lPkvNNwu0
VkSdM016hbjIk2RAZaOOEfnJ6PXeFIpCCd8HcWvS/w9w1CDcqACJkWTVoqfGjsty
dNjs582+lKaiGlrz0DZhw8Xqd7w0jShOt0yJkQ/N
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:17:41 2025 by rpki-client