Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/b3991f7a-0a71-4f0d-933f-ecf813530274/0/3135372e36362e3234382e302f32332d3234203d3e20313532373937.roa
File: 3135372e36362e3234382e302f32332d3234203d3e20313532373937.roa (raw, json)
Hash identifier: VzGwWiecdkU/7ZI85LKO4D8EXCs37tQzfvtVWeOGoeM=
Subject key identifier: BB:F2:33:C6:05:63:EF:84:25:CD:C1:D0:CF:05:1B:8A:52:5F:9C:5B
Certificate issuer: /CN=A4B631C8CFE0EE72ACD5F208FC1239064F6CDE44
Certificate serial: 5D6B93CD770440697FC4D08BE4086D74B298438A
Authority key identifier: A4:B6:31:C8:CF:E0:EE:72:AC:D5:F2:08:FC:12:39:06:4F:6C:DE:44
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A4B631C8CFE0EE72ACD5F208FC1239064F6CDE44.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/b3991f7a-0a71-4f0d-933f-ecf813530274/0/3135372e36362e3234382e302f32332d3234203d3e20313532373937.roa
Signing time: Sun 26 Apr 2026 10:00:00 +0000
ROA not before: Sun 26 Apr 2026 09:55:00 +0000
ROA not after: Sun 25 Apr 2027 10:00:00 +0000
asID: 152797
IP address blocks: 157.66.248.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:6b:93:cd:77:04:40:69:7f:c4:d0:8b:e4:08:6d:74:b2:98:43:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A4B631C8CFE0EE72ACD5F208FC1239064F6CDE44
Validity
Not Before: Apr 26 09:55:00 2026 GMT
Not After : Apr 25 10:00:00 2027 GMT
Subject: CN=BBF233C60563EF8425CDC1D0CF051B8A525F9C5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f7:c8:94:99:ba:b5:20:58:35:cc:30:79:30:
25:01:04:31:f8:08:90:3d:55:81:66:9d:e4:be:30:
6e:60:96:d0:5f:b3:ba:01:52:b1:bd:b4:bf:58:21:
b9:64:48:c2:b8:65:7d:2a:31:9a:22:3a:a3:39:49:
af:af:09:68:59:5e:31:d0:61:66:ec:9b:9b:91:41:
db:49:5c:9c:83:ae:82:68:2e:6c:2e:58:bd:fa:be:
72:e8:e4:3c:97:f1:81:72:f5:ee:d4:19:d5:67:c6:
6f:93:7d:db:f7:49:cc:50:55:07:e3:59:4e:1e:24:
af:d0:db:e4:17:cf:28:81:1f:0a:e5:7b:b7:23:7e:
23:4d:09:aa:3d:7c:bd:47:00:ee:c2:52:79:89:28:
57:90:01:11:8d:ed:00:a2:a8:61:ba:2f:22:d5:e0:
b3:b2:05:36:3f:f9:20:da:6e:3c:85:3e:54:36:bd:
0d:91:a2:43:6a:ad:fd:8e:ae:60:6a:4d:8f:3c:7e:
dc:68:7a:b3:11:53:33:8e:35:2d:d3:72:9e:14:89:
31:13:72:2b:65:9b:ac:2c:ec:84:8d:3b:f2:39:fb:
b8:27:15:b6:03:e6:5f:59:2d:21:77:6c:3e:e4:56:
7b:11:28:47:9a:cd:3a:1b:0a:62:e5:a2:ed:2b:55:
c9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:F2:33:C6:05:63:EF:84:25:CD:C1:D0:CF:05:1B:8A:52:5F:9C:5B
X509v3 Authority Key Identifier:
keyid:A4:B6:31:C8:CF:E0:EE:72:AC:D5:F2:08:FC:12:39:06:4F:6C:DE:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/b3991f7a-0a71-4f0d-933f-ecf813530274/0/A4B631C8CFE0EE72ACD5F208FC1239064F6CDE44.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A4B631C8CFE0EE72ACD5F208FC1239064F6CDE44.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b3991f7a-0a71-4f0d-933f-ecf813530274/0/3135372e36362e3234382e302f32332d3234203d3e20313532373937.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.66.248.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:84:c5:18:79:ab:55:cf:c7:43:88:b7:8c:3d:97:64:f2:d4:
04:16:1c:2e:87:04:82:a8:7e:1d:19:5f:8c:cb:9b:e6:05:d4:
b9:05:2b:6e:86:92:ee:95:01:19:f9:30:5d:14:76:cd:b0:fd:
8d:60:98:48:79:fb:3d:8e:a1:c0:ba:0d:40:3c:b1:da:c2:a2:
88:46:49:53:33:f0:2e:4c:67:4e:f4:f1:7a:7c:21:28:a0:ec:
a5:9c:a2:9b:07:ca:99:a2:3c:73:32:61:c3:ec:ba:e8:74:6a:
ed:62:7f:61:d9:f2:46:5e:df:2c:98:d2:87:f2:95:2e:67:41:
36:57:07:a1:30:c5:47:af:df:13:0f:06:82:86:76:6e:42:0d:
17:6d:24:5e:4a:c0:10:f7:29:2a:88:cc:bb:80:2b:7b:a7:fd:
c4:f1:48:8f:9b:c2:ba:d0:0c:7b:fb:0c:e4:0d:58:a3:7d:1e:
e3:fc:4d:ac:2d:12:3e:16:97:8d:20:53:88:ca:25:a2:a8:58:
2b:36:fc:39:6f:ee:95:8d:02:9d:d7:69:f4:ca:d8:d6:87:91:
6e:4b:96:71:42:f5:1d:5d:69:53:ab:f9:40:5c:7d:8e:52:26:
8b:eb:21:9b:58:72:5f:e0:d8:15:d1:b8:6e:66:8e:3b:df:ef:
76:0e:bc:6c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUXWuTzXcEQGl/xNCL5AhtdLKYQ4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTRCNjMxQzhDRkUwRUU3MkFDRDVGMjA4RkMxMjM5MDY0
RjZDREU0NDAeFw0yNjA0MjYwOTU1MDBaFw0yNzA0MjUxMDAwMDBaMDMxMTAvBgNV
BAMTKEJCRjIzM0M2MDU2M0VGODQyNUNEQzFEMENGMDUxQjhBNTI1RjlDNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC998iUmbq1IFg1zDB5MCUBBDH4
CJA9VYFmneS+MG5gltBfs7oBUrG9tL9YIblkSMK4ZX0qMZoiOqM5Sa+vCWhZXjHQ
YWbsm5uRQdtJXJyDroJoLmwuWL36vnLo5DyX8YFy9e7UGdVnxm+Tfdv3ScxQVQfj
WU4eJK/Q2+QXzyiBHwrle7cjfiNNCao9fL1HAO7CUnmJKFeQARGN7QCiqGG6LyLV
4LOyBTY/+SDabjyFPlQ2vQ2RokNqrf2OrmBqTY88ftxoerMRUzOONS3Tcp4UiTET
citlm6ws7ISNO/I5+7gnFbYD5l9ZLSF3bD7kVnsRKEeazTobCmLlou0rVclPAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUu/IzxgVj74QlzcHQzwUbilJfnFswHwYDVR0j
BBgwFoAUpLYxyM/g7nKs1fII/BI5Bk9s3kQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
Mzk5MWY3YS0wYTcxLTRmMGQtOTMzZi1lY2Y4MTM1MzAyNzQvMC9BNEI2MzFDOENG
RTBFRTcyQUNENUYyMDhGQzEyMzkwNjRGNkNERTQ0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvQTRCNjMxQzhDRkUwRUU3MkFDRDVGMjA4RkMxMjM5MDY0RjZD
REU0NC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2IzOTkxZjdhLTBhNzEtNGYwZC05
MzNmLWVjZjgxMzUzMDI3NC8wLzMxMzUzNzJlMzYzNjJlMzIzNDM4MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzNTMyMzczOTM3LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnUL4MA0GCSqG
SIb3DQEBCwUAA4IBAQALhMUYeatVz8dDiLeMPZdk8tQEFhwuhwSCqH4dGV+My5vm
BdS5BStuhpLulQEZ+TBdFHbNsP2NYJhIefs9jqHAug1APLHawqKIRklTM/AuTGdO
9PF6fCEooOylnKKbB8qZojxzMmHD7LrodGrtYn9h2fJGXt8smNKH8pUuZ0E2Vweh
MMVHr98TDwaChnZuQg0XbSReSsAQ9ykqiMy7gCt7p/3E8UiPm8K60Ax7+wzkDVij
fR7j/E2sLRI+FpeNIFOIyiWiqFgrNvw5b+6VjQKd12n0ytjWh5FuS5ZxQvUdXWlT
q/lAXH2OUiaL6yGbWHJf4NgV0bhuZo473+92Drxs
-----END CERTIFICATE-----
Generated at Wed Jun 24 05:35:40 2026 by rpki-client