Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/caf50383-7d04-47c8-aaeb-f7e766937731/0/323430353a666134303a3a2f33322d3438203d3e20313430333930.roa
File: 323430353a666134303a3a2f33322d3438203d3e20313430333930.roa (raw, json)
Hash identifier: /tgMP3qpTllWANVJztTHaFQZOo0xw/JDtcJozDIog/4=
Subject key identifier: AC:20:70:9C:E2:BD:04:04:98:1B:F1:B5:13:A7:22:0A:96:7B:E4:34
Certificate issuer: /CN=034E0FA5B6C1B4E1564924CEE0DCB6A16352DFF9
Certificate serial: 3EB29F1ED050B01B19A1310DEAEB86F176975FE3
Authority key identifier: 03:4E:0F:A5:B6:C1:B4:E1:56:49:24:CE:E0:DC:B6:A1:63:52:DF:F9
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/034E0FA5B6C1B4E1564924CEE0DCB6A16352DFF9.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/caf50383-7d04-47c8-aaeb-f7e766937731/0/323430353a666134303a3a2f33322d3438203d3e20313430333930.roa
Signing time: Mon 06 May 2024 20:00:01 +0000
ROA not before: Mon 06 May 2024 19:55:01 +0000
ROA not after: Mon 05 May 2025 20:00:01 +0000
asID: 140390
IP address blocks: 2405:fa40::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:b2:9f:1e:d0:50:b0:1b:19:a1:31:0d:ea:eb:86:f1:76:97:5f:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=034E0FA5B6C1B4E1564924CEE0DCB6A16352DFF9
Validity
Not Before: May 6 19:55:01 2024 GMT
Not After : May 5 20:00:01 2025 GMT
Subject: CN=AC20709CE2BD0404981BF1B513A7220A967BE434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ac:f8:0d:1e:04:59:b6:07:b2:1a:c5:5b:2e:
d2:98:3a:65:fb:97:0a:05:ee:66:ee:9a:ce:ab:68:
52:00:0e:80:0a:3d:7a:f7:84:f8:95:6a:8d:4d:c6:
e7:84:f9:e8:ae:ba:54:dd:c2:7c:38:15:c2:3f:e7:
b9:cd:bf:ba:f6:af:9f:c2:54:1e:24:d1:18:ba:78:
d7:9a:14:1e:e0:4b:64:8d:df:28:be:98:e4:8c:af:
61:58:3a:4e:13:a8:ef:0c:57:0d:7a:83:47:38:e8:
60:38:96:2e:f2:34:9c:c2:9d:46:e7:59:76:d1:32:
79:23:87:d0:ca:de:16:b8:89:28:16:0c:d5:0c:7a:
9d:9e:42:c4:92:88:83:74:ce:0f:8b:c0:06:3b:f3:
55:2a:b2:a8:7c:e6:c0:df:5f:ea:21:b2:cf:ec:b5:
c2:4f:2c:af:47:c4:2c:4e:ae:db:27:9f:72:e0:fd:
f9:ec:90:6b:9c:50:fb:e6:51:b4:46:ed:c7:7f:ff:
62:ba:79:91:f5:17:a5:1e:73:31:d7:d2:69:49:76:
d9:19:3f:48:d3:b6:f8:67:40:9d:62:fe:09:4e:00:
37:91:c1:74:6f:d2:35:e4:c1:97:d5:6e:fe:82:df:
21:3a:e2:30:ef:e4:86:09:19:3e:9b:5f:30:9c:7f:
7b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:20:70:9C:E2:BD:04:04:98:1B:F1:B5:13:A7:22:0A:96:7B:E4:34
X509v3 Authority Key Identifier:
keyid:03:4E:0F:A5:B6:C1:B4:E1:56:49:24:CE:E0:DC:B6:A1:63:52:DF:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/caf50383-7d04-47c8-aaeb-f7e766937731/0/034E0FA5B6C1B4E1564924CEE0DCB6A16352DFF9.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/034E0FA5B6C1B4E1564924CEE0DCB6A16352DFF9.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/caf50383-7d04-47c8-aaeb-f7e766937731/0/323430353a666134303a3a2f33322d3438203d3e20313430333930.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2405:fa40::/32
Signature Algorithm: sha256WithRSAEncryption
6c:95:7c:aa:0a:f0:b4:75:71:a9:b6:45:e7:77:50:04:cc:5d:
b7:30:df:1e:3e:e8:af:8c:4c:22:d8:97:12:9d:c4:40:e7:46:
70:5e:58:63:ae:de:30:ea:7d:fd:41:10:e0:21:5d:07:74:99:
e0:a9:86:b1:e2:ac:8b:5b:40:a5:a1:1e:96:6c:3b:13:fd:96:
34:b4:ec:09:aa:64:db:8d:c9:5d:71:db:d9:27:27:26:25:6a:
6b:28:59:e4:4c:cd:50:3e:fd:ee:3e:2d:0c:d5:91:17:6e:77:
b0:80:bf:78:bc:5a:e0:af:01:49:b9:e7:2d:6c:f6:c9:89:62:
3d:f2:7d:16:04:ac:e1:7a:8c:99:9e:c4:90:5f:b3:be:04:44:
13:f1:73:d5:16:2e:76:a9:30:67:3e:96:34:e5:f6:69:01:c3:
96:be:6f:43:85:73:c7:70:1a:16:4a:6d:75:c2:5e:3e:e8:c8:
f4:77:40:3e:25:b3:ed:26:6c:e6:a8:c4:b9:a9:10:d3:21:e1:
3f:cc:5e:d9:e7:af:b3:37:83:57:03:b3:30:73:6e:b2:8a:a2:
c5:c4:67:6b:40:8f:39:3a:f6:2e:0c:ed:ec:c0:04:52:27:14:
c5:cd:bd:58:bf:e3:85:5c:8c:fb:5d:dc:59:a8:d4:67:77:8e:
3c:73:4a:7e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUPrKfHtBQsBsZoTEN6uuG8XaXX+MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDM0RTBGQTVCNkMxQjRFMTU2NDkyNENFRTBEQ0I2QTE2
MzUyREZGOTAeFw0yNDA1MDYxOTU1MDFaFw0yNTA1MDUyMDAwMDFaMDMxMTAvBgNV
BAMTKEFDMjA3MDlDRTJCRDA0MDQ5ODFCRjFCNTEzQTcyMjBBOTY3QkU0MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjrPgNHgRZtgeyGsVbLtKYOmX7
lwoF7mbums6raFIADoAKPXr3hPiVao1NxueE+eiuulTdwnw4FcI/57nNv7r2r5/C
VB4k0Ri6eNeaFB7gS2SN3yi+mOSMr2FYOk4TqO8MVw16g0c46GA4li7yNJzCnUbn
WXbRMnkjh9DK3ha4iSgWDNUMep2eQsSSiIN0zg+LwAY781Uqsqh85sDfX+ohss/s
tcJPLK9HxCxOrtsnn3Lg/fnskGucUPvmUbRG7cd//2K6eZH1F6UeczHX0mlJdtkZ
P0jTtvhnQJ1i/glOADeRwXRv0jXkwZfVbv6C3yE64jDv5IYJGT6bXzCcf3tHAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUrCBwnOK9BASYG/G1E6ciCpZ75DQwHwYDVR0j
BBgwFoAUA04PpbbBtOFWSSTO4Ny2oWNS3/kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
YWY1MDM4My03ZDA0LTQ3YzgtYWFlYi1mN2U3NjY5Mzc3MzEvMC8wMzRFMEZBNUI2
QzFCNEUxNTY0OTI0Q0VFMERDQjZBMTYzNTJERkY5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDM0RTBGQTVCNkMxQjRFMTU2NDkyNENFRTBEQ0I2QTE2MzUy
REZGOS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NhZjUwMzgzLTdkMDQtNDdjOC1h
YWViLWY3ZTc2NjkzNzczMS8wLzMyMzQzMDM1M2E2NjYxMzQzMDNhM2EyZjMzMzIy
ZDM0MzgyMDNkM2UyMDMxMzQzMDMzMzkzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQF+kAwDQYJKoZI
hvcNAQELBQADggEBAGyVfKoK8LR1cam2Red3UATMXbcw3x4+6K+MTCLYlxKdxEDn
RnBeWGOu3jDqff1BEOAhXQd0meCphrHirItbQKWhHpZsOxP9ljS07AmqZNuNyV1x
29knJyYlamsoWeRMzVA+/e4+LQzVkRdud7CAv3i8WuCvAUm55y1s9smJYj3yfRYE
rOF6jJmexJBfs74ERBPxc9UWLnapMGc+ljTl9mkBw5a+b0OFc8dwGhZKbXXCXj7o
yPR3QD4ls+0mbOaoxLmpENMh4T/MXtnnr7M3g1cDszBzbrKKosXEZ2tAjzk69i4M
7ezABFInFMXNvVi/44VcjPtd3Fmo1Gd3jjxzSn4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:33:13 2025 by rpki-client