Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/c97465e3-78a0-4965-ae14-e4cb4d0fc185/0/34332e3234392e3134302e302f32322d3234203d3e203535363533.roa
File: 34332e3234392e3134302e302f32322d3234203d3e203535363533.roa (raw, json)
Hash identifier: RAbCLxobZi0sT1mrrSFIFMMt66YKWEiZkYMYeXBiifg=
Subject key identifier: 1A:8C:E9:49:DC:32:1D:1A:FE:DD:1F:2F:FC:E6:50:8E:F4:12:B9:81
Certificate issuer: /CN=FC646066A689B77054AF95653FA324395357E6A3
Certificate serial: 7C3BE5C90883F8DA42664236A94FD3EA0CD1E543
Authority key identifier: FC:64:60:66:A6:89:B7:70:54:AF:95:65:3F:A3:24:39:53:57:E6:A3
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FC646066A689B77054AF95653FA324395357E6A3.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/c97465e3-78a0-4965-ae14-e4cb4d0fc185/0/34332e3234392e3134302e302f32322d3234203d3e203535363533.roa
Signing time: Mon 01 Jul 2024 01:05:00 +0000
ROA not before: Mon 01 Jul 2024 01:00:00 +0000
ROA not after: Mon 30 Jun 2025 01:05:00 +0000
asID: 55653
IP address blocks: 43.249.140.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:3b:e5:c9:08:83:f8:da:42:66:42:36:a9:4f:d3:ea:0c:d1:e5:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FC646066A689B77054AF95653FA324395357E6A3
Validity
Not Before: Jul 1 01:00:00 2024 GMT
Not After : Jun 30 01:05:00 2025 GMT
Subject: CN=1A8CE949DC321D1AFEDD1F2FFCE6508EF412B981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:00:e0:ab:44:ff:14:b8:b5:1f:cd:f8:8d:21:
94:72:80:d6:69:fa:74:40:7a:99:27:fa:4b:6a:e7:
c2:56:ec:0e:1a:75:1f:04:a9:9a:e9:24:de:f7:92:
10:38:2c:98:ae:e6:c5:05:7b:75:d7:eb:21:58:5f:
a7:a6:32:85:ae:2c:ea:36:c4:5f:ab:14:77:f7:81:
fe:21:75:bc:f6:a4:c0:35:fc:89:89:da:9d:47:f6:
79:6a:a7:c5:06:dd:45:50:ed:20:1d:86:4c:92:f8:
db:d7:3e:29:34:87:9c:eb:5c:f9:20:dc:44:85:80:
f8:61:b9:0b:85:15:9a:c2:84:12:08:85:89:4c:21:
1e:95:e8:92:9d:0f:c6:26:25:38:ed:81:60:12:94:
ed:5c:3b:95:82:85:f9:ab:5d:40:b6:c1:a7:b4:ce:
bf:39:76:4a:e8:56:38:7c:41:65:ab:91:9a:a8:4a:
49:e1:3e:e5:15:97:f1:cb:b7:3e:3a:35:c0:0f:74:
af:42:ff:05:0e:c8:39:d0:81:94:35:7c:87:e2:15:
b7:46:80:55:61:86:83:a3:da:89:12:85:9d:2d:66:
89:a1:81:ac:d1:ff:82:9c:64:17:bb:e4:68:df:21:
66:1c:20:ad:33:05:c2:d1:06:b6:42:29:7f:ea:a2:
fe:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:8C:E9:49:DC:32:1D:1A:FE:DD:1F:2F:FC:E6:50:8E:F4:12:B9:81
X509v3 Authority Key Identifier:
keyid:FC:64:60:66:A6:89:B7:70:54:AF:95:65:3F:A3:24:39:53:57:E6:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/c97465e3-78a0-4965-ae14-e4cb4d0fc185/0/FC646066A689B77054AF95653FA324395357E6A3.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FC646066A689B77054AF95653FA324395357E6A3.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c97465e3-78a0-4965-ae14-e4cb4d0fc185/0/34332e3234392e3134302e302f32322d3234203d3e203535363533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.249.140.0/22
Signature Algorithm: sha256WithRSAEncryption
77:42:63:38:25:52:14:7f:e4:7b:9b:b7:25:9e:22:c4:d5:cf:
a1:79:b0:c2:03:05:60:cd:d3:63:27:9f:95:97:35:d6:d3:f2:
46:ed:d8:6f:da:e7:89:43:94:37:89:84:58:6d:69:4b:90:2c:
b7:9d:c9:0c:e7:18:d3:34:0a:61:6d:c0:74:c9:a4:89:bd:64:
55:12:86:bb:58:00:cf:61:9c:31:e8:d5:7b:58:88:e1:68:22:
dc:c8:96:88:e7:9b:6d:8a:1b:fd:77:dc:33:bc:33:83:b0:f0:
13:cb:56:1d:d7:46:92:01:7f:3b:eb:12:3b:c0:ae:55:f9:d0:
ec:78:6d:68:55:72:fc:80:96:45:70:a5:da:a1:e8:64:dd:d1:
29:97:b2:e4:8f:41:b6:73:a4:d9:dc:31:f2:9b:08:dd:1d:51:
7b:1d:42:2c:a4:4b:79:f4:a6:70:de:66:b1:11:1d:25:e4:ae:
55:5a:87:11:b1:55:ab:05:a2:f7:30:7c:2c:12:25:fe:a7:f1:
39:9d:82:7f:22:b1:53:29:00:0f:a3:61:8f:02:6c:bd:68:12:
08:ae:34:29:95:53:40:f9:09:cb:f4:cb:c3:3e:5a:ac:f3:6b:
79:9f:a0:fd:70:a3:e0:75:33:40:6d:f0:ab:e2:fa:a2:89:38:
9f:5b:cf:4a
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUfDvlyQiD+NpCZkI2qU/T6gzR5UMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkM2NDYwNjZBNjg5Qjc3MDU0QUY5NTY1M0ZBMzI0Mzk1
MzU3RTZBMzAeFw0yNDA3MDEwMTAwMDBaFw0yNTA2MzAwMTA1MDBaMDMxMTAvBgNV
BAMTKDFBOENFOTQ5REMzMjFEMUFGRUREMUYyRkZDRTY1MDhFRjQxMkI5ODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClAOCrRP8UuLUfzfiNIZRygNZp
+nRAepkn+ktq58JW7A4adR8EqZrpJN73khA4LJiu5sUFe3XX6yFYX6emMoWuLOo2
xF+rFHf3gf4hdbz2pMA1/ImJ2p1H9nlqp8UG3UVQ7SAdhkyS+NvXPik0h5zrXPkg
3ESFgPhhuQuFFZrChBIIhYlMIR6V6JKdD8YmJTjtgWASlO1cO5WChfmrXUC2wae0
zr85dkroVjh8QWWrkZqoSknhPuUVl/HLtz46NcAPdK9C/wUOyDnQgZQ1fIfiFbdG
gFVhhoOj2okShZ0tZomhgazR/4KcZBe75GjfIWYcIK0zBcLRBrZCKX/qov7FAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUGozpSdwyHRr+3R8v/OZQjvQSuYEwHwYDVR0j
BBgwFoAU/GRgZqaJt3BUr5VlP6MkOVNX5qMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
OTc0NjVlMy03OGEwLTQ5NjUtYWUxNC1lNGNiNGQwZmMxODUvMC9GQzY0NjA2NkE2
ODlCNzcwNTRBRjk1NjUzRkEzMjQzOTUzNTdFNkEzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRkM2NDYwNjZBNjg5Qjc3MDU0QUY5NTY1M0ZBMzI0Mzk1MzU3
RTZBMy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M5NzQ2NWUzLTc4YTAtNDk2NS1h
ZTE0LWU0Y2I0ZDBmYzE4NS8wLzM0MzMyZTMyMzQzOTJlMzEzNDMwMmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzUzNTM2MzUzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAiv5jDANBgkqhkiG
9w0BAQsFAAOCAQEAd0JjOCVSFH/ke5u3JZ4ixNXPoXmwwgMFYM3TYyeflZc11tPy
Ru3Yb9rniUOUN4mEWG1pS5Ast53JDOcY0zQKYW3AdMmkib1kVRKGu1gAz2GcMejV
e1iI4Wgi3MiWiOebbYob/XfcM7wzg7DwE8tWHddGkgF/O+sSO8CuVfnQ7HhtaFVy
/ICWRXCl2qHoZN3RKZey5I9BtnOk2dwx8psI3R1Rex1CLKRLefSmcN5msREdJeSu
VVqHEbFVqwWi9zB8LBIl/qfxOZ2CfyKxUykAD6NhjwJsvWgSCK40KZVTQPkJy/TL
wz5arPNreZ+g/XCj4HUzQG3wq+L6ook4n1vPSg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:52:14 2025 by rpki-client