Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/dae13bac-91c1-463b-8333-64eec6d2797e/0/3135372e32302e39352e302f32342d3234203d3e20313431363032.roa
File: 3135372e32302e39352e302f32342d3234203d3e20313431363032.roa (raw, json)
Hash identifier: wyLlCxyolzHMcu6/RnbH2B7TLcXSzvBsv8Oe0YTLlL8=
Subject key identifier: D6:9C:86:7D:3C:F8:D7:48:23:1D:5E:79:9B:D9:A4:FB:F8:CE:B9:89
Certificate issuer: /CN=FD18E3ECB5F2285C0751C48EAF23EF210BA8FDCC
Certificate serial: 41E6F7EB360E2DD823A5EAE5591BA0103C9B54F2
Authority key identifier: FD:18:E3:EC:B5:F2:28:5C:07:51:C4:8E:AF:23:EF:21:0B:A8:FD:CC
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/FD18E3ECB5F2285C0751C48EAF23EF210BA8FDCC.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/dae13bac-91c1-463b-8333-64eec6d2797e/0/3135372e32302e39352e302f32342d3234203d3e20313431363032.roa
Signing time: Fri 24 Apr 2026 02:00:02 +0000
ROA not before: Fri 24 Apr 2026 01:55:02 +0000
ROA not after: Fri 23 Apr 2027 02:00:02 +0000
asID: 141602
IP address blocks: 157.20.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:e6:f7:eb:36:0e:2d:d8:23:a5:ea:e5:59:1b:a0:10:3c:9b:54:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FD18E3ECB5F2285C0751C48EAF23EF210BA8FDCC
Validity
Not Before: Apr 24 01:55:02 2026 GMT
Not After : Apr 23 02:00:02 2027 GMT
Subject: CN=D69C867D3CF8D748231D5E799BD9A4FBF8CEB989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8b:61:da:ba:34:15:06:08:17:3e:83:6b:54:
4e:0b:e4:21:db:3b:69:5b:e8:2e:ca:cf:10:cd:0f:
73:ec:6d:84:00:35:2a:30:bc:13:5b:e3:ca:2b:3b:
4b:20:5b:b8:06:e1:cc:d1:5b:1a:f8:fe:22:e4:8a:
6c:96:70:54:73:64:9d:d3:f1:9b:b2:df:b9:93:66:
81:96:87:26:c6:26:fa:d6:e5:5a:d9:98:98:69:83:
40:b5:3a:56:d3:78:36:5a:dc:c2:93:71:28:58:3b:
0d:93:23:40:9c:d1:37:fc:99:2d:8f:08:55:40:22:
fe:38:e6:e3:47:34:36:70:9e:13:58:a8:cb:bd:71:
e3:54:31:ee:c8:5e:79:90:27:ac:93:87:e7:6a:e3:
82:d8:51:47:46:3b:77:f5:90:a1:a3:81:3e:50:c1:
0f:49:96:9a:69:4a:78:23:8d:ac:f8:7e:14:89:f1:
59:67:62:3a:37:3e:d8:e9:23:31:84:60:7d:10:b1:
88:f9:e0:da:a4:3c:04:f3:c4:c9:65:07:f8:cf:f9:
1c:a9:bc:a6:65:36:d5:8c:f9:fa:7d:4b:c9:c2:99:
80:e2:43:2d:9f:b5:13:a3:f8:46:2d:d6:a9:07:4f:
df:e8:bb:8d:23:f2:a5:30:35:ed:0b:3f:cb:90:e1:
b5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:9C:86:7D:3C:F8:D7:48:23:1D:5E:79:9B:D9:A4:FB:F8:CE:B9:89
X509v3 Authority Key Identifier:
keyid:FD:18:E3:EC:B5:F2:28:5C:07:51:C4:8E:AF:23:EF:21:0B:A8:FD:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/dae13bac-91c1-463b-8333-64eec6d2797e/0/FD18E3ECB5F2285C0751C48EAF23EF210BA8FDCC.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/FD18E3ECB5F2285C0751C48EAF23EF210BA8FDCC.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dae13bac-91c1-463b-8333-64eec6d2797e/0/3135372e32302e39352e302f32342d3234203d3e20313431363032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.95.0/24
Signature Algorithm: sha256WithRSAEncryption
70:a2:17:df:0c:a3:0e:54:bb:db:db:38:65:83:f0:38:cd:2f:
a4:c5:bb:0a:ec:9f:b2:eb:73:96:92:a5:07:64:86:d9:81:87:
73:4e:b0:d4:a6:e4:94:4d:0a:e2:c0:41:4c:7b:66:a3:92:7b:
d9:cd:d4:e6:63:a0:ce:27:36:de:af:cc:b1:1f:46:19:c4:f5:
42:7a:04:99:cd:98:f1:8d:25:8d:24:45:8d:c6:33:a3:23:91:
98:10:f4:ce:85:6b:40:48:c6:29:70:53:71:50:6a:0a:11:7b:
1f:61:a4:ed:01:06:84:ec:52:32:04:42:59:95:d4:28:a3:2f:
62:4a:b2:b0:28:22:71:43:34:28:a2:0b:f0:f2:fe:4a:3a:f6:
0f:0c:6b:ab:3f:f1:03:a8:b4:9b:6d:f2:07:7d:ed:cb:9d:7e:
8c:c2:6d:39:91:10:6d:60:f8:65:5b:92:0c:b8:34:c2:ce:42:
11:a1:99:35:69:1a:ec:8c:76:72:ac:32:ce:28:12:80:e1:a7:
97:da:b7:85:a2:ba:20:cc:2d:2c:db:24:81:eb:18:7f:0a:76:
2c:a0:75:37:39:32:67:7e:27:76:e6:a5:44:c1:65:03:d1:d9:
d8:f0:d2:89:4c:b1:19:44:d8:20:f7:54:2d:6b:f3:9a:91:52:
eb:64:61:2e
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUQeb36zYOLdgjperlWRugEDybVPIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkQxOEUzRUNCNUYyMjg1QzA3NTFDNDhFQUYyM0VGMjEw
QkE4RkRDQzAeFw0yNjA0MjQwMTU1MDJaFw0yNzA0MjMwMjAwMDJaMDMxMTAvBgNV
BAMTKEQ2OUM4NjdEM0NGOEQ3NDgyMzFENUU3OTlCRDlBNEZCRjhDRUI5ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDji2HaujQVBggXPoNrVE4L5CHb
O2lb6C7KzxDND3PsbYQANSowvBNb48orO0sgW7gG4czRWxr4/iLkimyWcFRzZJ3T
8Zuy37mTZoGWhybGJvrW5VrZmJhpg0C1OlbTeDZa3MKTcShYOw2TI0Cc0Tf8mS2P
CFVAIv445uNHNDZwnhNYqMu9ceNUMe7IXnmQJ6yTh+dq44LYUUdGO3f1kKGjgT5Q
wQ9JlpppSngjjaz4fhSJ8VlnYjo3PtjpIzGEYH0QsYj54NqkPATzxMllB/jP+Ryp
vKZlNtWM+fp9S8nCmYDiQy2ftROj+EYt1qkHT9/ou40j8qUwNe0LP8uQ4bVPAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU1pyGfTz410gjHV55m9mk+/jOuYkwHwYDVR0j
BBgwFoAU/Rjj7LXyKFwHUcSOryPvIQuo/cwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
YWUxM2JhYy05MWMxLTQ2M2ItODMzMy02NGVlYzZkMjc5N2UvMC9GRDE4RTNFQ0I1
RjIyODVDMDc1MUM0OEVBRjIzRUYyMTBCQThGRENDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvRkQxOEUzRUNCNUYyMjg1QzA3NTFDNDhFQUYyM0VGMjEwQkE4
RkRDQy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2RhZTEzYmFjLTkxYzEtNDYzYi04
MzMzLTY0ZWVjNmQyNzk3ZS8wLzMxMzUzNzJlMzIzMDJlMzkzNTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzQzMTM2MzAzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0UXzANBgkqhkiG
9w0BAQsFAAOCAQEAcKIX3wyjDlS729s4ZYPwOM0vpMW7CuyfsutzlpKlB2SG2YGH
c06w1KbklE0K4sBBTHtmo5J72c3U5mOgzic23q/MsR9GGcT1QnoEmc2Y8Y0ljSRF
jcYzoyORmBD0zoVrQEjGKXBTcVBqChF7H2Gk7QEGhOxSMgRCWZXUKKMvYkqysCgi
cUM0KKIL8PL+Sjr2Dwxrqz/xA6i0m23yB33ty51+jMJtOZEQbWD4ZVuSDLg0ws5C
EaGZNWka7Ix2cqwyzigSgOGnl9q3haK6IMwtLNskgesYfwp2LKB1NzkyZ34ndual
RMFlA9HZ2PDSiUyxGUTYIPdULWvzmpFS62RhLg==
-----END CERTIFICATE-----
Generated at Wed Jun 24 05:32:30 2026 by rpki-client