Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/c3d2f2f8-3512-43e5-be17-b11b58f96083/0/323430323a613630303a3a2f33322d3332203d3e203137393936.roa
File: 323430323a613630303a3a2f33322d3332203d3e203137393936.roa (raw, json)
Hash identifier: /TZEssOQL6bexQSKNfpVz7ktDMF+gupTdwtToy7re70=
Subject key identifier: 43:7C:F7:EE:7F:C9:04:F8:CE:29:E1:2A:EB:E3:D2:8B:33:CB:0A:0B
Certificate issuer: /CN=E530A7B43C0C79FD8707007080E2F7AEA478FD1C
Certificate serial: 5A0C66905FB175D8EDDE398377AB25ABBD909CF5
Authority key identifier: E5:30:A7:B4:3C:0C:79:FD:87:07:00:70:80:E2:F7:AE:A4:78:FD:1C
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E530A7B43C0C79FD8707007080E2F7AEA478FD1C.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/c3d2f2f8-3512-43e5-be17-b11b58f96083/0/323430323a613630303a3a2f33322d3332203d3e203137393936.roa
Signing time: Mon 01 Jul 2024 01:05:03 +0000
ROA not before: Mon 01 Jul 2024 01:00:03 +0000
ROA not after: Mon 30 Jun 2025 01:05:03 +0000
asID: 17996
IP address blocks: 2402:a600::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:0c:66:90:5f:b1:75:d8:ed:de:39:83:77:ab:25:ab:bd:90:9c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E530A7B43C0C79FD8707007080E2F7AEA478FD1C
Validity
Not Before: Jul 1 01:00:03 2024 GMT
Not After : Jun 30 01:05:03 2025 GMT
Subject: CN=437CF7EE7FC904F8CE29E12AEBE3D28B33CB0A0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ea:ba:87:12:25:0b:b3:ea:dd:e7:a5:76:42:
89:a9:30:fe:61:bf:99:fc:bc:99:a9:9b:f4:69:34:
61:8b:13:ce:c2:6d:5a:a4:28:24:4e:95:d7:a8:2b:
bf:3b:c0:52:10:ec:fa:84:5c:af:01:0e:6e:8f:f9:
e0:f6:0b:f4:50:a5:d8:5f:45:8b:8d:2d:05:49:35:
e6:f9:72:db:32:6d:c7:15:3b:57:c8:9b:54:e6:5c:
3a:eb:a4:24:55:01:c2:b5:8f:d9:d8:1e:7d:81:1c:
25:9b:3f:88:10:c9:81:0e:de:53:bb:10:cb:3c:de:
92:c6:c9:03:4f:ec:9a:65:f1:55:e2:8c:c4:40:f1:
6a:a4:47:7e:de:20:70:d1:c8:d4:31:de:18:7d:ee:
3a:fc:13:90:05:3f:3b:35:70:14:ba:4b:35:dc:b2:
e7:4c:e2:50:63:c8:f3:d0:21:a4:c6:6f:61:54:41:
d2:15:fc:76:0c:c8:b5:c5:d6:ee:db:4a:07:4a:b3:
3e:95:cb:dc:be:16:61:f8:52:5c:17:a6:0f:d1:c4:
e9:87:9a:d2:b7:6b:89:72:4e:e3:34:77:be:92:3f:
1d:e0:6f:93:02:46:a0:f4:d9:2f:10:70:17:e5:b5:
30:fb:f4:b9:a7:63:93:33:e2:05:33:8c:4f:98:3c:
e1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:7C:F7:EE:7F:C9:04:F8:CE:29:E1:2A:EB:E3:D2:8B:33:CB:0A:0B
X509v3 Authority Key Identifier:
keyid:E5:30:A7:B4:3C:0C:79:FD:87:07:00:70:80:E2:F7:AE:A4:78:FD:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/c3d2f2f8-3512-43e5-be17-b11b58f96083/0/E530A7B43C0C79FD8707007080E2F7AEA478FD1C.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E530A7B43C0C79FD8707007080E2F7AEA478FD1C.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c3d2f2f8-3512-43e5-be17-b11b58f96083/0/323430323a613630303a3a2f33322d3332203d3e203137393936.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2402:a600::/32
Signature Algorithm: sha256WithRSAEncryption
01:04:5a:08:9b:7a:0e:a1:40:53:28:a9:d7:a7:bf:4f:fa:00:
40:13:83:e5:31:f8:c8:5a:db:26:78:6f:b3:d7:bb:75:62:2d:
ef:f6:3f:9b:c4:e1:23:17:1b:9b:5c:1f:e8:e0:c2:7b:d3:52:
24:ea:8a:29:b6:da:df:64:1b:ec:43:b7:72:c4:9c:34:62:24:
e7:68:bd:a3:47:58:7c:ef:ce:ff:1e:97:bc:4b:ad:f5:0c:9c:
ff:77:c8:23:02:b5:13:7f:51:1d:97:33:44:5c:58:57:af:69:
a5:b6:55:25:d8:f5:21:ff:14:78:c5:00:96:34:39:fb:9b:f0:
9f:73:cf:3e:a8:3e:ab:f7:32:66:ca:e7:a9:91:13:98:df:88:
c7:39:68:f9:07:bd:3d:6f:90:29:d4:19:13:1b:5a:e5:aa:5b:
a2:ee:b2:6f:58:8c:39:e7:16:97:d7:0a:19:06:5f:2b:41:3c:
eb:27:f3:fc:6e:3a:2b:84:07:14:2e:03:64:2a:ff:10:29:d0:
84:7e:49:a9:f4:ca:aa:bf:30:16:5c:5d:94:83:75:3b:84:d6:
dc:23:15:41:49:35:52:11:28:5d:70:4a:93:b2:b6:90:ff:7a:
04:ac:4b:c7:82:6b:9a:6a:48:52:f8:8d:d8:7b:e0:43:de:b6:
a0:6b:65:dd
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIUWgxmkF+xddjt3jmDd6slq72QnPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTUzMEE3QjQzQzBDNzlGRDg3MDcwMDcwODBFMkY3QUVB
NDc4RkQxQzAeFw0yNDA3MDEwMTAwMDNaFw0yNTA2MzAwMTA1MDNaMDMxMTAvBgNV
BAMTKDQzN0NGN0VFN0ZDOTA0RjhDRTI5RTEyQUVCRTNEMjhCMzNDQjBBMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG6rqHEiULs+rd56V2QompMP5h
v5n8vJmpm/RpNGGLE87CbVqkKCROldeoK787wFIQ7PqEXK8BDm6P+eD2C/RQpdhf
RYuNLQVJNeb5ctsybccVO1fIm1TmXDrrpCRVAcK1j9nYHn2BHCWbP4gQyYEO3lO7
EMs83pLGyQNP7Jpl8VXijMRA8WqkR37eIHDRyNQx3hh97jr8E5AFPzs1cBS6SzXc
sudM4lBjyPPQIaTGb2FUQdIV/HYMyLXF1u7bSgdKsz6Vy9y+FmH4UlwXpg/RxOmH
mtK3a4lyTuM0d76SPx3gb5MCRqD02S8QcBfltTD79LmnY5Mz4gUzjE+YPOEDAgMB
AAGjggIxMIICLTAdBgNVHQ4EFgQUQ3z37n/JBPjOKeEq6+PSizPLCgswHwYDVR0j
BBgwFoAU5TCntDwMef2HBwBwgOL3rqR4/RwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
M2QyZjJmOC0zNTEyLTQzZTUtYmUxNy1iMTFiNThmOTYwODMvMC9FNTMwQTdCNDND
MEM3OUZEODcwNzAwNzA4MEUyRjdBRUE0NzhGRDFDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRTUzMEE3QjQzQzBDNzlGRDg3MDcwMDcwODBFMkY3QUVBNDc4
RkQxQy5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2MzZDJmMmY4LTM1MTItNDNlNS1i
ZTE3LWIxMWI1OGY5NjA4My8wLzMyMzQzMDMyM2E2MTM2MzAzMDNhM2EyZjMzMzIy
ZDMzMzIyMDNkM2UyMDMxMzczOTM5MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAqYAMA0GCSqGSIb3
DQEBCwUAA4IBAQABBFoIm3oOoUBTKKnXp79P+gBAE4PlMfjIWtsmeG+z17t1Yi3v
9j+bxOEjFxubXB/o4MJ701Ik6oopttrfZBvsQ7dyxJw0YiTnaL2jR1h8787/Hpe8
S631DJz/d8gjArUTf1EdlzNEXFhXr2mltlUl2PUh/xR4xQCWNDn7m/Cfc88+qD6r
9zJmyuepkROY34jHOWj5B709b5Ap1BkTG1rlqlui7rJvWIw55xaX1woZBl8rQTzr
J/P8bjorhAcULgNkKv8QKdCEfkmp9MqqvzAWXF2Ug3U7hNbcIxVBSTVSEShdcEqT
sraQ/3oErEvHgmuaakhS+I3Ye+BD3raga2Xd
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:35:02 2025 by rpki-client