Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/d07471a3-ee53-499c-9f2d-cf16b1e4a353/0/323430313a313063303a3a2f33322d3332203d3e20313331373137.roa
File: 323430313a313063303a3a2f33322d3332203d3e20313331373137.roa (raw, json)
Hash identifier: +orAdsz6eB8/rfzFzwo7jDI03fKrjW+cdaqzhCiMpmg=
Subject key identifier: 2D:70:75:C6:F2:70:92:01:D3:9C:0D:40:25:DC:72:15:7C:61:61:FD
Certificate issuer: /CN=882209E37356E0512FBE4E81B00E4F2481865087
Certificate serial: 4040B571B5E30F498159E67A87C6CA56CF477632
Authority key identifier: 88:22:09:E3:73:56:E0:51:2F:BE:4E:81:B0:0E:4F:24:81:86:50:87
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/882209E37356E0512FBE4E81B00E4F2481865087.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/d07471a3-ee53-499c-9f2d-cf16b1e4a353/0/323430313a313063303a3a2f33322d3332203d3e20313331373137.roa
Signing time: Mon 01 Jul 2024 01:02:45 +0000
ROA not before: Mon 01 Jul 2024 00:57:45 +0000
ROA not after: Mon 30 Jun 2025 01:02:45 +0000
asID: 131717
IP address blocks: 2401:10c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:40:b5:71:b5:e3:0f:49:81:59:e6:7a:87:c6:ca:56:cf:47:76:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=882209E37356E0512FBE4E81B00E4F2481865087
Validity
Not Before: Jul 1 00:57:45 2024 GMT
Not After : Jun 30 01:02:45 2025 GMT
Subject: CN=2D7075C6F2709201D39C0D4025DC72157C6161FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:23:c1:19:55:42:68:13:88:46:12:fc:9a:6e:
ab:19:95:be:2d:fa:86:6e:d0:fe:b7:e1:3f:25:0d:
7c:51:44:12:35:8a:ff:33:bb:be:41:6f:10:3c:c8:
61:87:bc:da:56:d4:61:53:94:e3:c5:3d:d2:da:2a:
99:6f:af:5a:20:fb:18:3b:2b:ec:33:54:d8:6f:9d:
0b:f3:29:ea:5b:f5:c9:11:4e:cd:1a:67:1f:cc:38:
43:ce:93:b1:3c:19:68:74:60:4e:c0:8f:a9:7e:b5:
4c:68:fd:e2:61:0d:6a:ab:be:a2:00:1b:49:95:5d:
be:8b:69:11:28:82:82:77:66:09:ba:4e:7b:a0:ac:
ea:fc:02:a2:49:da:3f:d7:68:0a:26:98:17:4f:25:
95:bb:83:ec:5a:d1:97:ec:11:f1:0c:36:9f:54:dc:
da:11:a9:87:7c:69:66:03:53:ae:70:a5:c6:1e:e4:
51:bf:7b:a6:00:00:8f:f4:46:29:b1:c7:ac:ca:b4:
79:da:a2:f4:13:ae:c7:86:5e:fa:04:5d:aa:52:ba:
ea:8b:84:ec:7b:8e:58:16:42:74:8a:13:fe:5c:7b:
7a:42:0c:f4:46:63:d6:87:b9:64:ac:64:53:ad:2c:
cf:7a:7d:79:0c:3c:be:62:aa:ab:b1:cd:63:3d:8c:
3f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:70:75:C6:F2:70:92:01:D3:9C:0D:40:25:DC:72:15:7C:61:61:FD
X509v3 Authority Key Identifier:
keyid:88:22:09:E3:73:56:E0:51:2F:BE:4E:81:B0:0E:4F:24:81:86:50:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/d07471a3-ee53-499c-9f2d-cf16b1e4a353/0/882209E37356E0512FBE4E81B00E4F2481865087.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/882209E37356E0512FBE4E81B00E4F2481865087.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d07471a3-ee53-499c-9f2d-cf16b1e4a353/0/323430313a313063303a3a2f33322d3332203d3e20313331373137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2401:10c0::/32
Signature Algorithm: sha256WithRSAEncryption
1f:91:16:5f:4e:90:1f:d6:94:64:62:44:f5:d8:4b:ba:4c:3e:
c7:93:5e:7f:fc:d4:db:38:22:c1:ec:97:82:46:82:69:86:27:
3d:9e:9a:14:5d:71:20:40:86:cc:e9:8b:b9:ce:78:22:1a:8a:
e2:3b:d7:58:0a:ea:6c:9e:d7:cc:d4:d6:8b:d1:46:60:fe:64:
f7:0c:23:38:48:9e:55:11:66:2b:5a:dd:4e:0d:ba:e6:1d:4b:
42:0a:b5:d6:b6:29:ce:a3:e7:4e:cf:76:aa:f4:0b:d2:ef:15:
ab:d6:9c:e6:ec:28:f9:8d:be:dd:b7:12:ee:d4:61:69:46:ea:
e6:9b:ae:54:71:1f:21:1a:7e:7e:6b:ec:6b:85:f9:c3:08:d5:
b9:0a:1e:3d:5d:2b:e4:43:fc:17:23:d1:92:a7:b8:fe:e9:38:
10:77:6c:0b:0c:d9:2c:31:3e:34:db:c7:26:10:6d:08:76:3d:
41:3f:d4:07:b8:ca:d9:e5:85:4e:b3:bc:fb:fc:0b:bb:e1:e0:
74:53:ea:8b:55:12:1b:0c:dd:64:83:c6:26:0f:9f:75:90:94:
34:1c:f1:7b:3c:ad:9d:a1:1d:d6:31:7c:45:4d:2a:fc:7c:d8:
7e:d4:73:62:37:da:f7:b8:2f:a6:23:20:80:5c:a6:ce:23:ba:
64:d3:a5:38
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUQEC1cbXjD0mBWeZ6h8bKVs9HdjIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODgyMjA5RTM3MzU2RTA1MTJGQkU0RTgxQjAwRTRGMjQ4
MTg2NTA4NzAeFw0yNDA3MDEwMDU3NDVaFw0yNTA2MzAwMTAyNDVaMDMxMTAvBgNV
BAMTKDJENzA3NUM2RjI3MDkyMDFEMzlDMEQ0MDI1REM3MjE1N0M2MTYxRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEI8EZVUJoE4hGEvyabqsZlb4t
+oZu0P634T8lDXxRRBI1iv8zu75BbxA8yGGHvNpW1GFTlOPFPdLaKplvr1og+xg7
K+wzVNhvnQvzKepb9ckRTs0aZx/MOEPOk7E8GWh0YE7Aj6l+tUxo/eJhDWqrvqIA
G0mVXb6LaREogoJ3Zgm6TnugrOr8AqJJ2j/XaAommBdPJZW7g+xa0ZfsEfEMNp9U
3NoRqYd8aWYDU65wpcYe5FG/e6YAAI/0Rimxx6zKtHnaovQTrseGXvoEXapSuuqL
hOx7jlgWQnSKE/5ce3pCDPRGY9aHuWSsZFOtLM96fXkMPL5iqquxzWM9jD8lAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQULXB1xvJwkgHTnA1AJdxyFXxhYf0wHwYDVR0j
BBgwFoAUiCIJ43NW4FEvvk6BsA5PJIGGUIcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
MDc0NzFhMy1lZTUzLTQ5OWMtOWYyZC1jZjE2YjFlNGEzNTMvMC84ODIyMDlFMzcz
NTZFMDUxMkZCRTRFODFCMDBFNEYyNDgxODY1MDg3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODgyMjA5RTM3MzU2RTA1MTJGQkU0RTgxQjAwRTRGMjQ4MTg2
NTA4Ny5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QwNzQ3MWEzLWVlNTMtNDk5Yy05
ZjJkLWNmMTZiMWU0YTM1My8wLzMyMzQzMDMxM2EzMTMwNjMzMDNhM2EyZjMzMzIy
ZDMzMzIyMDNkM2UyMDMxMzMzMTM3MzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQBEMAwDQYJKoZI
hvcNAQELBQADggEBAB+RFl9OkB/WlGRiRPXYS7pMPseTXn/81Ns4IsHsl4JGgmmG
Jz2emhRdcSBAhszpi7nOeCIaiuI711gK6mye18zU1ovRRmD+ZPcMIzhInlURZita
3U4NuuYdS0IKtda2Kc6j507Pdqr0C9LvFavWnObsKPmNvt23Eu7UYWlG6uabrlRx
HyEafn5r7GuF+cMI1bkKHj1dK+RD/Bcj0ZKnuP7pOBB3bAsM2SwxPjTbxyYQbQh2
PUE/1Ae4ytnlhU6zvPv8C7vh4HRT6otVEhsM3WSDxiYPn3WQlDQc8Xs8rZ2hHdYx
fEVNKvx82H7Uc2I32ve4L6YjIIBcps4jumTTpTg=
-----END CERTIFICATE-----
Generated at Tue Apr 8 13:23:40 2025 by rpki-client