Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/ccbcc00d-ce79-4216-a62b-e3d50cc79442/0/3132302e38392e38382e302f32342d3234203d3e203435323839.roa
File: 3132302e38392e38382e302f32342d3234203d3e203435323839.roa (raw, json)
Hash identifier: TyftOcvbZs91N5rxusfIjMZ5akc+NP+roH91JhFQg20=
Subject key identifier: FD:15:8E:60:F5:CB:59:76:CA:B1:C9:53:B6:A5:33:6F:1A:E1:ED:F3
Certificate issuer: /CN=9973E5D6F7F65DCF015E9DAFCEF394F512E4FD61
Certificate serial: 48AFA2A378BAC5DD4148D5EC3E933F9AB1160D3F
Authority key identifier: 99:73:E5:D6:F7:F6:5D:CF:01:5E:9D:AF:CE:F3:94:F5:12:E4:FD:61
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9973E5D6F7F65DCF015E9DAFCEF394F512E4FD61.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/ccbcc00d-ce79-4216-a62b-e3d50cc79442/0/3132302e38392e38382e302f32342d3234203d3e203435323839.roa
Signing time: Sat 15 Feb 2025 08:00:01 +0000
ROA not before: Sat 15 Feb 2025 07:55:01 +0000
ROA not after: Sat 14 Feb 2026 08:00:01 +0000
asID: 45289
IP address blocks: 120.89.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:af:a2:a3:78:ba:c5:dd:41:48:d5:ec:3e:93:3f:9a:b1:16:0d:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9973E5D6F7F65DCF015E9DAFCEF394F512E4FD61
Validity
Not Before: Feb 15 07:55:01 2025 GMT
Not After : Feb 14 08:00:01 2026 GMT
Subject: CN=FD158E60F5CB5976CAB1C953B6A5336F1AE1EDF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:84:89:db:61:ae:82:a1:27:7c:6b:55:f0:1c:
ce:85:c5:d4:1c:e6:28:4f:16:d8:1d:a7:29:5b:4a:
9c:a5:3d:80:89:b5:3b:1b:b7:c4:71:0d:64:8c:ad:
b8:f1:ba:cd:07:5e:77:54:24:97:82:5c:ef:a7:eb:
45:87:4e:27:87:37:ab:aa:c7:dc:82:6b:5d:9c:80:
b1:71:61:85:af:0e:2a:f0:2a:9d:c7:f4:9e:4e:1f:
5a:64:24:dd:f5:cd:05:e8:9a:ff:02:20:09:47:ae:
ce:88:84:77:ad:bb:df:8c:0e:00:69:ee:e4:32:f0:
68:38:97:aa:3a:8b:d6:a8:4f:6c:f2:4a:9c:d0:e6:
89:11:00:b4:2a:95:cb:5c:6c:47:46:fa:da:64:73:
96:b9:4c:ff:17:14:a8:d0:bb:b5:97:29:2a:d9:94:
5e:6b:32:bc:76:a3:d9:9b:d6:de:ac:4a:33:2d:d3:
5d:bd:fb:9c:11:47:0f:d5:e3:b5:af:01:d4:a7:e3:
70:5d:c2:d5:41:da:97:8a:73:92:38:3a:25:5e:5f:
00:67:93:b1:f8:98:fa:c4:c1:f3:80:f3:7b:db:c8:
7a:ba:df:bc:63:06:44:b8:fe:8a:c9:97:2c:24:04:
17:be:9e:44:26:d1:c0:31:9c:4f:09:de:b1:42:e6:
04:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:15:8E:60:F5:CB:59:76:CA:B1:C9:53:B6:A5:33:6F:1A:E1:ED:F3
X509v3 Authority Key Identifier:
keyid:99:73:E5:D6:F7:F6:5D:CF:01:5E:9D:AF:CE:F3:94:F5:12:E4:FD:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/ccbcc00d-ce79-4216-a62b-e3d50cc79442/0/9973E5D6F7F65DCF015E9DAFCEF394F512E4FD61.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9973E5D6F7F65DCF015E9DAFCEF394F512E4FD61.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ccbcc00d-ce79-4216-a62b-e3d50cc79442/0/3132302e38392e38382e302f32342d3234203d3e203435323839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
120.89.88.0/24
Signature Algorithm: sha256WithRSAEncryption
58:ad:d5:f8:ae:e7:49:99:b1:e0:fa:54:ad:54:5a:2c:65:df:
94:d0:b1:dd:f3:c0:66:eb:ca:b3:2a:c0:4c:0c:07:c4:07:ae:
53:84:7a:8c:7b:87:1c:33:98:41:7b:d5:16:33:76:40:34:17:
9a:3d:9d:06:fe:b7:51:d7:0e:50:41:3a:09:53:3e:8f:32:4b:
48:04:ed:cb:4a:d1:65:d9:b8:fd:85:15:e8:e3:bd:01:5e:16:
4c:4f:66:9f:75:46:16:76:9c:82:ff:5b:10:04:6c:11:90:01:
2b:94:ed:64:f2:7c:83:79:45:45:87:86:03:66:df:e1:90:bc:
a3:d3:17:2e:bc:ef:ba:20:dc:fc:aa:53:a0:fe:2a:a2:52:5d:
1e:ed:ee:7c:48:cf:8a:54:48:c3:77:27:ab:de:ef:50:6c:7d:
c2:c2:01:65:b2:d5:ca:69:1d:47:d3:d3:76:77:9c:35:b1:f2:
87:15:38:20:a4:e6:5a:37:b8:de:70:1b:2d:39:a2:a6:d1:29:
0e:10:61:fc:bf:2b:c2:74:ad:c8:39:c5:0f:f8:a8:d4:40:a8:
79:56:65:d8:a8:1a:c4:cd:f1:2f:e5:58:d2:77:6c:be:df:b4:
5d:66:41:90:1e:04:42:55:04:31:90:57:a1:a0:ce:49:e4:67:
4d:cf:b3:f0
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUSK+io3i6xd1BSNXsPpM/mrEWDT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTk3M0U1RDZGN0Y2NURDRjAxNUU5REFGQ0VGMzk0RjUx
MkU0RkQ2MTAeFw0yNTAyMTUwNzU1MDFaFw0yNjAyMTQwODAwMDFaMDMxMTAvBgNV
BAMTKEZEMTU4RTYwRjVDQjU5NzZDQUIxQzk1M0I2QTUzMzZGMUFFMUVERjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzhInbYa6CoSd8a1XwHM6FxdQc
5ihPFtgdpylbSpylPYCJtTsbt8RxDWSMrbjxus0HXndUJJeCXO+n60WHTieHN6uq
x9yCa12cgLFxYYWvDirwKp3H9J5OH1pkJN31zQXomv8CIAlHrs6IhHetu9+MDgBp
7uQy8Gg4l6o6i9aoT2zySpzQ5okRALQqlctcbEdG+tpkc5a5TP8XFKjQu7WXKSrZ
lF5rMrx2o9mb1t6sSjMt0129+5wRRw/V47WvAdSn43BdwtVB2peKc5I4OiVeXwBn
k7H4mPrEwfOA83vbyHq637xjBkS4/orJlywkBBe+nkQm0cAxnE8J3rFC5gSxAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU/RWOYPXLWXbKsclTtqUzbxrh7fMwHwYDVR0j
BBgwFoAUmXPl1vf2Xc8BXp2vzvOU9RLk/WEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
Y2JjYzAwZC1jZTc5LTQyMTYtYTYyYi1lM2Q1MGNjNzk0NDIvMC85OTczRTVENkY3
RjY1RENGMDE1RTlEQUZDRUYzOTRGNTEyRTRGRDYxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTk3M0U1RDZGN0Y2NURDRjAxNUU5REFGQ0VGMzk0RjUxMkU0
RkQ2MS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NjYmNjMDBkLWNlNzktNDIxNi1h
NjJiLWUzZDUwY2M3OTQ0Mi8wLzMxMzIzMDJlMzgzOTJlMzgzODJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDM0MzUzMjM4Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB4WVgwDQYJKoZIhvcN
AQELBQADggEBAFit1fiu50mZseD6VK1UWixl35TQsd3zwGbryrMqwEwMB8QHrlOE
eox7hxwzmEF71RYzdkA0F5o9nQb+t1HXDlBBOglTPo8yS0gE7ctK0WXZuP2FFejj
vQFeFkxPZp91RhZ2nIL/WxAEbBGQASuU7WTyfIN5RUWHhgNm3+GQvKPTFy6877og
3PyqU6D+KqJSXR7t7nxIz4pUSMN3J6ve71BsfcLCAWWy1cppHUfT03Z3nDWx8ocV
OCCk5lo3uN5wGy05oqbRKQ4QYfy/K8J0rcg5xQ/4qNRAqHlWZdioGsTN8S/lWNJ3
bL7ftF1mQZAeBEJVBDGQV6GgzknkZ03Ps/A=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:57:38 2025 by rpki-client