Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/b4b0bf5b-456d-4e62-9f48-6192149d52c2/0/323430333a636238303a3a2f33322d3438203d3e203633353038.roa
File: 323430333a636238303a3a2f33322d3438203d3e203633353038.roa (raw, json)
Hash identifier: IasrF8V4s0d2B0vH274O5WAbANIOwdyhR553jezvbtg=
Subject key identifier: B0:71:A0:E8:0E:7C:21:4A:3D:55:B1:80:F6:EA:EB:37:00:12:2B:5D
Certificate issuer: /CN=35526D55C5F4431129EA7CE9304705CE395693D9
Certificate serial: 6E35708E301AA1260BC1BD2174646945060CD644
Authority key identifier: 35:52:6D:55:C5:F4:43:11:29:EA:7C:E9:30:47:05:CE:39:56:93:D9
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/35526D55C5F4431129EA7CE9304705CE395693D9.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/b4b0bf5b-456d-4e62-9f48-6192149d52c2/0/323430333a636238303a3a2f33322d3438203d3e203633353038.roa
Signing time: Tue 21 Jan 2025 15:00:01 +0000
ROA not before: Tue 21 Jan 2025 14:55:01 +0000
ROA not after: Tue 20 Jan 2026 15:00:01 +0000
asID: 63508
IP address blocks: 2403:cb80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:35:70:8e:30:1a:a1:26:0b:c1:bd:21:74:64:69:45:06:0c:d6:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35526D55C5F4431129EA7CE9304705CE395693D9
Validity
Not Before: Jan 21 14:55:01 2025 GMT
Not After : Jan 20 15:00:01 2026 GMT
Subject: CN=B071A0E80E7C214A3D55B180F6EAEB3700122B5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e4:d7:8d:bb:7e:55:25:ba:6c:da:1c:dc:06:
66:14:16:e1:43:c2:3d:86:79:14:9b:e7:35:5f:8e:
67:ac:37:60:c2:d2:e0:66:46:d2:46:94:9d:6a:64:
8d:9b:55:69:5b:e6:db:98:1e:3c:ea:7f:ef:42:00:
18:fa:1f:81:ec:47:82:86:45:08:eb:21:0a:88:d0:
10:be:ff:ce:8c:ad:4a:fd:c6:08:0d:08:0f:90:62:
be:b8:1f:4a:46:3b:c8:ac:7d:e6:70:43:3b:25:1f:
f1:c0:64:04:34:75:b2:fd:6f:f6:5e:3e:d7:df:ce:
f2:b8:44:5b:60:81:e9:b2:37:3d:14:2e:ff:1f:78:
85:7c:5a:93:99:d4:a5:b7:2b:e5:cd:0c:78:a2:54:
bc:cc:75:6b:70:a4:eb:34:56:a0:6e:56:65:a6:bf:
14:4f:f8:67:72:63:fc:18:3c:46:4c:5e:f6:27:17:
a2:f0:81:cc:4c:0a:bf:a5:f1:be:02:5d:94:3a:95:
02:3c:04:96:50:32:61:15:30:36:1c:91:cb:20:8b:
7c:0d:a4:65:68:fd:45:cf:90:cb:80:fb:5d:90:65:
55:ca:f6:88:a8:65:44:73:a0:09:7b:00:0d:73:00:
c6:9c:d5:cb:a0:b7:08:a5:9e:91:2a:52:d3:24:34:
57:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:71:A0:E8:0E:7C:21:4A:3D:55:B1:80:F6:EA:EB:37:00:12:2B:5D
X509v3 Authority Key Identifier:
keyid:35:52:6D:55:C5:F4:43:11:29:EA:7C:E9:30:47:05:CE:39:56:93:D9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/b4b0bf5b-456d-4e62-9f48-6192149d52c2/0/35526D55C5F4431129EA7CE9304705CE395693D9.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/35526D55C5F4431129EA7CE9304705CE395693D9.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b4b0bf5b-456d-4e62-9f48-6192149d52c2/0/323430333a636238303a3a2f33322d3438203d3e203633353038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:cb80::/32
Signature Algorithm: sha256WithRSAEncryption
81:00:b0:da:1e:2a:31:4f:5b:7b:38:1e:f9:78:9e:1e:6f:0a:
b4:75:d4:08:a0:52:d8:c7:84:4f:9f:6d:00:cb:42:c8:08:3f:
e0:8d:9e:ca:cc:1e:de:46:5b:de:74:e7:f2:a3:35:cc:25:e8:
1e:69:82:21:a9:86:7e:c8:72:44:e1:a7:55:28:4d:5f:bd:a9:
51:a4:57:3b:0e:b5:74:be:62:e8:3d:db:f2:1b:51:52:98:be:
51:c0:e3:96:23:fb:2f:48:a3:b5:a0:38:a7:69:d1:9f:5a:68:
01:91:33:c6:14:18:c4:89:50:66:a4:a9:ba:58:0b:aa:25:79:
12:70:87:d7:61:0e:ec:b2:db:37:11:73:f5:7a:25:d9:b9:ed:
fd:56:25:9a:2b:1e:5d:76:01:84:f6:03:9e:89:c7:ff:e9:d7:
0f:65:26:8d:7f:6f:f3:70:c9:46:91:41:4d:43:47:c6:26:98:
b2:ad:09:7c:41:6f:2c:1d:65:98:64:e9:ae:b1:63:4d:15:c4:
4f:e6:75:87:57:a8:74:6c:4d:0f:75:ee:94:16:b2:f2:47:c1:
0d:35:14:cd:c8:b8:7c:10:41:2a:35:87:a1:3a:23:cb:45:6a:
b6:c5:ef:50:c6:0d:cf:ce:3a:75:31:7e:44:f8:7c:e3:49:85:
5e:08:20:30
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIUbjVwjjAaoSYLwb0hdGRpRQYM1kQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU1MjZENTVDNUY0NDMxMTI5RUE3Q0U5MzA0NzA1Q0Uz
OTU2OTNEOTAeFw0yNTAxMjExNDU1MDFaFw0yNjAxMjAxNTAwMDFaMDMxMTAvBgNV
BAMTKEIwNzFBMEU4MEU3QzIxNEEzRDU1QjE4MEY2RUFFQjM3MDAxMjJCNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC25NeNu35VJbps2hzcBmYUFuFD
wj2GeRSb5zVfjmesN2DC0uBmRtJGlJ1qZI2bVWlb5tuYHjzqf+9CABj6H4HsR4KG
RQjrIQqI0BC+/86MrUr9xggNCA+QYr64H0pGO8isfeZwQzslH/HAZAQ0dbL9b/Ze
PtffzvK4RFtggemyNz0ULv8feIV8WpOZ1KW3K+XNDHiiVLzMdWtwpOs0VqBuVmWm
vxRP+GdyY/wYPEZMXvYnF6LwgcxMCr+l8b4CXZQ6lQI8BJZQMmEVMDYckcsgi3wN
pGVo/UXPkMuA+12QZVXK9oioZURzoAl7AA1zAMac1cugtwilnpEqUtMkNFe5AgMB
AAGjggIxMIICLTAdBgNVHQ4EFgQUsHGg6A58IUo9VbGA9urrNwASK10wHwYDVR0j
BBgwFoAUNVJtVcX0QxEp6nzpMEcFzjlWk9kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
NGIwYmY1Yi00NTZkLTRlNjItOWY0OC02MTkyMTQ5ZDUyYzIvMC8zNTUyNkQ1NUM1
RjQ0MzExMjlFQTdDRTkzMDQ3MDVDRTM5NTY5M0Q5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMzU1MjZENTVDNUY0NDMxMTI5RUE3Q0U5MzA0NzA1Q0UzOTU2
OTNEOS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2I0YjBiZjViLTQ1NmQtNGU2Mi05
ZjQ4LTYxOTIxNDlkNTJjMi8wLzMyMzQzMDMzM2E2MzYyMzgzMDNhM2EyZjMzMzIy
ZDM0MzgyMDNkM2UyMDM2MzMzNTMwMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkA8uAMA0GCSqGSIb3
DQEBCwUAA4IBAQCBALDaHioxT1t7OB75eJ4ebwq0ddQIoFLYx4RPn20Ay0LICD/g
jZ7KzB7eRlvedOfyozXMJegeaYIhqYZ+yHJE4adVKE1fvalRpFc7DrV0vmLoPdvy
G1FSmL5RwOOWI/svSKO1oDinadGfWmgBkTPGFBjEiVBmpKm6WAuqJXkScIfXYQ7s
sts3EXP1eiXZue39ViWaKx5ddgGE9gOeicf/6dcPZSaNf2/zcMlGkUFNQ0fGJpiy
rQl8QW8sHWWYZOmusWNNFcRP5nWHV6h0bE0Pde6UFrLyR8ENNRTNyLh8EEEqNYeh
OiPLRWq2xe9Qxg3Pzjp1MX5E+HzjSYVeCCAw
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:41:44 2025 by rpki-client