Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/ccf1706b-6c17-4786-abd9-47a3844da8f8/0/323430353a386363303a3a2f33322d3332203d3e20313339343530.roa
File: 323430353a386363303a3a2f33322d3332203d3e20313339343530.roa (raw, json)
Hash identifier: QqyJNASMZtjn96t+A2cpl22xR0g97zOoHQCrnEWX+Fo=
Subject key identifier: 4C:89:90:7A:AC:73:1B:3B:CD:47:E3:CE:DE:C8:FE:C0:0D:BC:20:EB
Certificate issuer: /CN=789C41F8FF72D4E00F36194AF24A543B3264FF5C
Certificate serial: 64834E1A96095FF383741D89751A10132AC8DC1F
Authority key identifier: 78:9C:41:F8:FF:72:D4:E0:0F:36:19:4A:F2:4A:54:3B:32:64:FF:5C
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/789C41F8FF72D4E00F36194AF24A543B3264FF5C.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/ccf1706b-6c17-4786-abd9-47a3844da8f8/0/323430353a386363303a3a2f33322d3332203d3e20313339343530.roa
Signing time: Thu 20 Feb 2025 06:00:01 +0000
ROA not before: Thu 20 Feb 2025 05:55:01 +0000
ROA not after: Thu 19 Feb 2026 06:00:01 +0000
asID: 139450
IP address blocks: 2405:8cc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:83:4e:1a:96:09:5f:f3:83:74:1d:89:75:1a:10:13:2a:c8:dc:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=789C41F8FF72D4E00F36194AF24A543B3264FF5C
Validity
Not Before: Feb 20 05:55:01 2025 GMT
Not After : Feb 19 06:00:01 2026 GMT
Subject: CN=4C89907AAC731B3BCD47E3CEDEC8FEC00DBC20EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:11:b9:0a:37:62:0f:af:33:a7:99:66:63:80:
84:5b:56:96:bf:36:79:59:be:81:b9:c2:89:39:f0:
cf:25:e7:65:e8:73:49:12:60:ec:6b:57:5c:45:f5:
4e:8f:ea:86:ee:3e:86:fb:00:74:0b:43:b5:6c:dd:
d4:10:b0:8c:99:b8:fe:5c:8a:a5:f1:a9:2d:39:5b:
26:12:5d:f3:c1:a6:a8:2e:60:ac:3e:ee:0a:5e:ac:
a1:26:bf:dd:6a:4a:b6:36:0b:eb:b0:7d:61:76:df:
0b:67:81:f2:f2:b0:8d:c3:81:ce:bc:97:97:16:85:
bc:ac:10:bb:98:47:c4:da:ee:d0:a8:85:30:17:93:
5f:da:c3:ba:49:6a:da:d6:65:cd:dc:6f:6a:ad:c1:
7f:53:d5:1b:dc:37:3a:4f:c4:ce:3f:29:9d:fa:5a:
25:fb:d7:f5:f2:47:c1:b0:a6:87:09:b3:df:b7:6c:
d2:5b:a3:03:27:df:07:9a:07:c5:96:e9:3a:c9:7e:
a6:6e:46:3f:55:31:41:fc:46:8e:64:a1:99:64:1d:
30:b3:d1:13:ac:57:0f:f1:01:53:e0:1e:d6:7c:18:
ea:f8:3d:dc:dc:97:1e:a1:c8:b7:27:fa:f2:a5:23:
f1:6f:01:4f:8d:93:2d:65:fa:e0:a6:6a:74:bd:e1:
71:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:89:90:7A:AC:73:1B:3B:CD:47:E3:CE:DE:C8:FE:C0:0D:BC:20:EB
X509v3 Authority Key Identifier:
keyid:78:9C:41:F8:FF:72:D4:E0:0F:36:19:4A:F2:4A:54:3B:32:64:FF:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/ccf1706b-6c17-4786-abd9-47a3844da8f8/0/789C41F8FF72D4E00F36194AF24A543B3264FF5C.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/789C41F8FF72D4E00F36194AF24A543B3264FF5C.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ccf1706b-6c17-4786-abd9-47a3844da8f8/0/323430353a386363303a3a2f33322d3332203d3e20313339343530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2405:8cc0::/32
Signature Algorithm: sha256WithRSAEncryption
78:51:18:44:c7:c1:f1:a8:ba:e8:ac:49:ed:02:29:e2:e1:de:
17:40:fe:98:92:af:e8:42:47:b1:be:44:1c:b1:66:13:6f:0d:
46:a3:c1:df:9c:fc:19:70:35:34:b7:a4:cc:d3:67:cb:00:0f:
14:33:76:46:97:df:c9:b7:2a:d6:96:2b:47:6d:56:42:9a:af:
7c:ef:a2:b6:f8:ba:fb:9c:3d:0e:5b:59:a1:c1:98:c6:8c:d8:
83:f8:77:52:78:fc:2b:d2:b8:38:77:84:45:dd:39:23:de:8f:
16:cf:bb:c1:6f:5b:42:78:25:b5:7c:50:2b:63:76:43:4c:5d:
1c:b6:c4:6b:a3:d5:73:0d:fe:c2:06:d4:aa:c1:c5:26:75:ac:
81:b1:56:c9:bb:79:bd:b8:f9:2c:b9:f6:a8:44:76:44:21:ad:
75:95:e8:44:4c:cf:19:3f:94:37:12:78:cb:4f:16:b9:c8:02:
96:73:55:02:b5:ab:5f:b0:1c:01:6f:56:9b:df:5e:e0:cf:3a:
d8:94:d5:eb:47:11:a9:7e:40:ff:6d:da:9e:a7:22:c7:09:47:
f5:2f:f2:b4:5f:11:88:06:40:e0:77:b8:15:9c:05:e7:30:08:
37:bd:71:db:e9:ad:da:e0:41:a6:27:97:8b:d9:ff:4d:07:7e:
9b:72:be:41
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUZINOGpYJX/ODdB2JdRoQEyrI3B8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzg5QzQxRjhGRjcyRDRFMDBGMzYxOTRBRjI0QTU0M0Iz
MjY0RkY1QzAeFw0yNTAyMjAwNTU1MDFaFw0yNjAyMTkwNjAwMDFaMDMxMTAvBgNV
BAMTKDRDODk5MDdBQUM3MzFCM0JDRDQ3RTNDRURFQzhGRUMwMERCQzIwRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9EbkKN2IPrzOnmWZjgIRbVpa/
NnlZvoG5wok58M8l52Xoc0kSYOxrV1xF9U6P6obuPob7AHQLQ7Vs3dQQsIyZuP5c
iqXxqS05WyYSXfPBpqguYKw+7gperKEmv91qSrY2C+uwfWF23wtngfLysI3Dgc68
l5cWhbysELuYR8Ta7tCohTAXk1/aw7pJatrWZc3cb2qtwX9T1RvcNzpPxM4/KZ36
WiX71/XyR8GwpocJs9+3bNJbowMn3weaB8WW6TrJfqZuRj9VMUH8Ro5koZlkHTCz
0ROsVw/xAVPgHtZ8GOr4Pdzclx6hyLcn+vKlI/FvAU+Nky1l+uCmanS94XETAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUTImQeqxzGzvNR+PO3sj+wA28IOswHwYDVR0j
BBgwFoAUeJxB+P9y1OAPNhlK8kpUOzJk/1wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
Y2YxNzA2Yi02YzE3LTQ3ODYtYWJkOS00N2EzODQ0ZGE4ZjgvMC83ODlDNDFGOEZG
NzJENEUwMEYzNjE5NEFGMjRBNTQzQjMyNjRGRjVDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNzg5QzQxRjhGRjcyRDRFMDBGMzYxOTRBRjI0QTU0M0IzMjY0
RkY1Qy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NjZjE3MDZiLTZjMTctNDc4Ni1h
YmQ5LTQ3YTM4NDRkYThmOC8wLzMyMzQzMDM1M2EzODYzNjMzMDNhM2EyZjMzMzIy
ZDMzMzIyMDNkM2UyMDMxMzMzOTM0MzUzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQFjMAwDQYJKoZI
hvcNAQELBQADggEBAHhRGETHwfGouuisSe0CKeLh3hdA/piSr+hCR7G+RByxZhNv
DUajwd+c/BlwNTS3pMzTZ8sADxQzdkaX38m3KtaWK0dtVkKar3zvorb4uvucPQ5b
WaHBmMaM2IP4d1J4/CvSuDh3hEXdOSPejxbPu8FvW0J4JbV8UCtjdkNMXRy2xGuj
1XMN/sIG1KrBxSZ1rIGxVsm7eb24+Sy59qhEdkQhrXWV6ERMzxk/lDcSeMtPFrnI
ApZzVQK1q1+wHAFvVpvfXuDPOtiU1etHEal+QP9t2p6nIscJR/Uv8rRfEYgGQOB3
uBWcBecwCDe9cdvprdrgQaYnl4vZ/00HfptyvkE=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:51:45 2025 by rpki-client