Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/c4547104-939e-40e3-8fc8-42522642044b/0/3230322e37352e31362e302f32302d3234203d3e203338373834.roa
File: 3230322e37352e31362e302f32302d3234203d3e203338373834.roa (raw, json)
Hash identifier: C3Y5TVjlMMx3bj7loYa7CuUDY/TXp19dghaSZKbxk0g=
Subject key identifier: 76:14:06:53:0D:EE:EF:03:BC:81:A2:62:FC:ED:DD:EB:C0:E3:9F:EC
Certificate issuer: /CN=20B00D67B048DAE581FE60A498995A27878149A7
Certificate serial: 39323AE9A4FDFB7E7681DD2A45167C208D06DB50
Authority key identifier: 20:B0:0D:67:B0:48:DA:E5:81:FE:60:A4:98:99:5A:27:87:81:49:A7
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B00D67B048DAE581FE60A498995A27878149A7.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/c4547104-939e-40e3-8fc8-42522642044b/0/3230322e37352e31362e302f32302d3234203d3e203338373834.roa
Signing time: Wed 27 Nov 2024 10:00:32 +0000
ROA not before: Wed 27 Nov 2024 09:55:32 +0000
ROA not after: Wed 26 Nov 2025 10:00:32 +0000
asID: 38784
IP address blocks: 202.75.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:32:3a:e9:a4:fd:fb:7e:76:81:dd:2a:45:16:7c:20:8d:06:db:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20B00D67B048DAE581FE60A498995A27878149A7
Validity
Not Before: Nov 27 09:55:32 2024 GMT
Not After : Nov 26 10:00:32 2025 GMT
Subject: CN=761406530DEEEF03BC81A262FCEDDDEBC0E39FEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:85:46:0c:4f:ca:33:73:50:2f:7d:32:c2:96:
eb:a3:76:6c:37:9b:0f:1c:0d:d5:c0:f6:eb:51:ef:
df:a3:98:5f:34:a9:83:6f:67:1d:21:3e:4a:85:03:
e5:89:b9:ab:2a:01:f4:1d:f4:d9:f3:a4:8f:5c:a4:
55:06:b2:95:2f:b0:26:e4:3d:f8:ee:33:12:bc:e7:
14:b3:ff:2d:1e:c6:3f:00:a3:42:22:e2:fe:8f:e8:
bf:01:36:c3:d3:23:76:04:a9:b2:f3:91:bb:24:7b:
ab:cb:6e:7b:f8:33:d6:88:ff:1d:70:50:b5:e9:61:
87:fa:fc:74:b9:af:13:01:78:b9:83:a9:05:2f:f3:
44:c7:24:b1:dc:ff:b6:0b:b6:f6:8a:03:0b:d5:2f:
3e:de:af:45:48:f4:37:05:d2:c7:4e:08:35:aa:a4:
75:d0:76:c9:35:db:23:bf:06:f7:f0:d1:89:ff:11:
7f:ee:26:27:6f:df:4d:30:c0:6f:4d:cb:3c:1a:83:
bd:ef:69:21:0e:71:06:a7:f9:11:d5:61:10:e7:a4:
3e:31:fb:b9:6c:9e:fa:63:7e:cc:4b:02:d3:a1:43:
9a:d1:ba:e4:5f:1b:03:f5:a2:9f:d8:11:9a:9e:7c:
b9:c2:fd:f9:66:2a:f9:f6:c5:63:70:c1:a4:5e:47:
1c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:14:06:53:0D:EE:EF:03:BC:81:A2:62:FC:ED:DD:EB:C0:E3:9F:EC
X509v3 Authority Key Identifier:
keyid:20:B0:0D:67:B0:48:DA:E5:81:FE:60:A4:98:99:5A:27:87:81:49:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/c4547104-939e-40e3-8fc8-42522642044b/0/20B00D67B048DAE581FE60A498995A27878149A7.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B00D67B048DAE581FE60A498995A27878149A7.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c4547104-939e-40e3-8fc8-42522642044b/0/3230322e37352e31362e302f32302d3234203d3e203338373834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.75.16.0/20
Signature Algorithm: sha256WithRSAEncryption
3a:23:a7:d9:18:2b:83:d6:d6:97:4d:21:fe:3b:09:76:57:06:
52:e2:ba:08:7b:55:c3:5a:65:94:f7:bd:cd:9c:c2:df:74:a3:
61:18:a8:59:44:44:c0:54:e3:3b:cf:85:ab:3d:ea:03:a5:c7:
44:f5:95:1e:6b:79:87:69:14:a7:6c:aa:4f:f1:00:e5:91:59:
9c:62:31:38:35:de:47:90:69:fb:a5:d4:aa:73:f8:5d:46:ce:
65:f0:f6:24:16:40:03:6c:d7:77:f7:6a:7e:50:3f:b9:df:bb:
ec:95:b5:54:91:c9:dd:d2:d6:ec:62:d6:7d:be:3b:77:5e:a4:
cc:f0:af:d6:ba:d7:2e:62:09:49:52:f7:8a:11:d8:cd:47:19:
13:f1:43:ba:10:43:4d:55:6a:fa:13:35:3c:69:8a:50:1a:57:
78:08:e2:53:02:e8:f6:6b:19:b8:23:24:fb:b3:9d:6c:33:26:
a8:29:b2:73:2d:90:a3:0a:e7:96:af:91:4e:f8:df:f6:24:2c:
91:e2:f9:6b:f2:00:df:df:77:9b:29:ec:75:7c:e1:4f:85:5e:
5e:d6:ec:1d:52:e0:4e:f0:d0:40:54:ff:0f:c1:ef:b4:3e:86:
e5:29:a6:9b:00:33:9b:29:25:46:28:74:f2:e3:12:32:c3:86:
92:d1:ba:98
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUOTI66aT9+352gd0qRRZ8II0G21AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjBCMDBENjdCMDQ4REFFNTgxRkU2MEE0OTg5OTVBMjc4
NzgxNDlBNzAeFw0yNDExMjcwOTU1MzJaFw0yNTExMjYxMDAwMzJaMDMxMTAvBgNV
BAMTKDc2MTQwNjUzMERFRUVGMDNCQzgxQTI2MkZDRUREREVCQzBFMzlGRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVhUYMT8ozc1AvfTLCluujdmw3
mw8cDdXA9utR79+jmF80qYNvZx0hPkqFA+WJuasqAfQd9NnzpI9cpFUGspUvsCbk
PfjuMxK85xSz/y0exj8Ao0Ii4v6P6L8BNsPTI3YEqbLzkbske6vLbnv4M9aI/x1w
ULXpYYf6/HS5rxMBeLmDqQUv80THJLHc/7YLtvaKAwvVLz7er0VI9DcF0sdOCDWq
pHXQdsk12yO/Bvfw0Yn/EX/uJidv300wwG9Nyzwag73vaSEOcQan+RHVYRDnpD4x
+7lsnvpjfsxLAtOhQ5rRuuRfGwP1op/YEZqefLnC/flmKvn2xWNwwaReRxy1AgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUdhQGUw3u7wO8gaJi/O3d68Djn+wwHwYDVR0j
BBgwFoAUILANZ7BI2uWB/mCkmJlaJ4eBSacwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
NDU0NzEwNC05MzllLTQwZTMtOGZjOC00MjUyMjY0MjA0NGIvMC8yMEIwMEQ2N0Iw
NDhEQUU1ODFGRTYwQTQ5ODk5NUEyNzg3ODE0OUE3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjBCMDBENjdCMDQ4REFFNTgxRkU2MEE0OTg5OTVBMjc4Nzgx
NDlBNy5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M0NTQ3MTA0LTkzOWUtNDBlMy04
ZmM4LTQyNTIyNjQyMDQ0Yi8wLzMyMzAzMjJlMzczNTJlMzEzNjJlMzAyZjMyMzAy
ZDMyMzQyMDNkM2UyMDMzMzgzNzM4MzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATKSxAwDQYJKoZIhvcN
AQELBQADggEBADojp9kYK4PW1pdNIf47CXZXBlLiugh7VcNaZZT3vc2cwt90o2EY
qFlERMBU4zvPhas96gOlx0T1lR5reYdpFKdsqk/xAOWRWZxiMTg13keQaful1Kpz
+F1GzmXw9iQWQANs13f3an5QP7nfu+yVtVSRyd3S1uxi1n2+O3depMzwr9a61y5i
CUlS94oR2M1HGRPxQ7oQQ01VavoTNTxpilAaV3gI4lMC6PZrGbgjJPuznWwzJqgp
snMtkKMK55avkU743/YkLJHi+WvyAN/fd5sp7HV84U+FXl7W7B1S4E7w0EBU/w/B
77Q+huUpppsAM5spJUYodPLjEjLDhpLRupg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:50:41 2025 by rpki-client