Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/dc34eed9-187e-4f46-a5bb-0ea8f669ae90/0/3135372e31352e34372e302f32342d3234203d3e20313532333936.roa
File: 3135372e31352e34372e302f32342d3234203d3e20313532333936.roa (raw, json)
Hash identifier: 2sgMNPvdPKPmSXukXACjrwvtdQ3QHDjRcB3RK3DeklA=
Subject key identifier: D6:47:52:85:6B:48:48:CD:C7:5B:80:5A:FB:22:A0:5D:78:CF:23:B7
Certificate issuer: /CN=3008AF948C4742A525201F3FDA7EFB1800D52D64
Certificate serial: 62F251E5BED84A440D119CBF0EFFECA5DADB1F8C
Authority key identifier: 30:08:AF:94:8C:47:42:A5:25:20:1F:3F:DA:7E:FB:18:00:D5:2D:64
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3008AF948C4742A525201F3FDA7EFB1800D52D64.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/dc34eed9-187e-4f46-a5bb-0ea8f669ae90/0/3135372e31352e34372e302f32342d3234203d3e20313532333936.roa
Signing time: Wed 22 Jan 2025 04:00:02 +0000
ROA not before: Wed 22 Jan 2025 03:55:02 +0000
ROA not after: Wed 21 Jan 2026 04:00:02 +0000
asID: 152396
IP address blocks: 157.15.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:f2:51:e5:be:d8:4a:44:0d:11:9c:bf:0e:ff:ec:a5:da:db:1f:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3008AF948C4742A525201F3FDA7EFB1800D52D64
Validity
Not Before: Jan 22 03:55:02 2025 GMT
Not After : Jan 21 04:00:02 2026 GMT
Subject: CN=D64752856B4848CDC75B805AFB22A05D78CF23B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d5:b2:03:f5:3c:1e:3c:fd:5c:2b:32:29:83:
64:ba:38:5e:7a:da:fb:55:80:f8:3e:23:cf:a5:ee:
48:0f:53:39:95:75:86:e7:d0:86:70:ef:98:e8:9c:
48:17:aa:d3:83:6f:b2:4f:2a:81:92:50:18:4f:82:
2d:5d:59:c5:b7:f9:27:61:96:46:6f:ec:cd:ba:d3:
40:4b:86:58:dd:f2:84:09:f4:7b:20:6a:a2:ab:56:
02:a1:e2:bb:48:92:c2:6a:91:3d:a7:09:88:6c:9b:
5c:98:5b:4a:a3:92:dc:d2:ee:44:e6:6e:db:97:1f:
d2:f8:8b:34:2d:d2:d6:12:ea:43:38:23:d2:65:53:
99:4f:bc:94:78:c2:06:43:f8:d3:c5:10:14:ad:11:
48:c8:81:dd:95:7b:10:8a:48:df:58:e2:8a:61:5e:
54:a8:03:87:65:28:6b:5e:8e:44:9c:9c:b4:36:f5:
8c:a9:fa:45:60:a7:25:2b:e7:37:c6:54:60:cc:d9:
f4:be:e4:ad:42:fa:6b:cd:1d:54:7a:7f:08:64:a9:
3a:ba:6e:25:80:be:77:7f:95:c2:79:96:00:5d:3c:
57:49:c3:29:11:de:8a:22:f6:b0:7f:1d:cb:aa:d6:
c3:96:39:23:80:35:ab:a7:72:49:91:66:dd:ce:96:
a8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:47:52:85:6B:48:48:CD:C7:5B:80:5A:FB:22:A0:5D:78:CF:23:B7
X509v3 Authority Key Identifier:
keyid:30:08:AF:94:8C:47:42:A5:25:20:1F:3F:DA:7E:FB:18:00:D5:2D:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/dc34eed9-187e-4f46-a5bb-0ea8f669ae90/0/3008AF948C4742A525201F3FDA7EFB1800D52D64.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3008AF948C4742A525201F3FDA7EFB1800D52D64.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dc34eed9-187e-4f46-a5bb-0ea8f669ae90/0/3135372e31352e34372e302f32342d3234203d3e20313532333936.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.15.47.0/24
Signature Algorithm: sha256WithRSAEncryption
83:b4:a2:81:ba:e5:90:17:e9:9d:81:a0:ed:be:11:78:48:c2:
2a:09:09:63:52:5b:4b:24:26:84:a7:17:cd:92:ee:0e:1f:33:
a5:41:10:07:1e:f7:c2:ab:71:52:5b:ea:d5:21:3a:d2:e7:5c:
d9:2e:c3:73:59:46:f0:d6:3f:86:8b:df:f0:47:9f:14:49:4a:
29:a0:29:77:82:b6:5c:6d:fe:97:a5:ef:37:ab:ec:49:11:4a:
9d:09:9e:7d:1d:5d:3a:af:6a:79:16:42:f9:d4:9c:70:99:3e:
e4:8e:88:4e:d3:a7:bc:19:2a:ec:66:d1:3e:8c:ec:9b:d4:21:
ca:2c:3a:de:df:ac:4c:c9:0b:00:71:02:e0:02:6d:95:79:0c:
3b:db:42:0d:8c:66:75:a6:98:e0:34:16:e8:4b:99:cb:58:94:
9f:f5:43:b2:d7:b5:21:8e:72:27:f3:2c:74:18:5a:96:53:33:
3c:20:cf:e6:24:36:81:fd:3c:6b:90:f6:9e:55:17:da:f3:81:
9f:04:fd:0d:6a:eb:44:c4:f6:0c:5b:a4:6e:3f:d6:4f:35:99:
36:0d:02:b6:19:87:cb:24:aa:f4:32:41:a6:96:ec:db:d1:69:
a3:56:bd:9c:48:1f:e4:c9:54:82:07:cf:79:7e:ef:f6:ea:ef:
f3:48:56:15
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUYvJR5b7YSkQNEZy/Dv/spdrbH4wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzAwOEFGOTQ4QzQ3NDJBNTI1MjAxRjNGREE3RUZCMTgw
MEQ1MkQ2NDAeFw0yNTAxMjIwMzU1MDJaFw0yNjAxMjEwNDAwMDJaMDMxMTAvBgNV
BAMTKEQ2NDc1Mjg1NkI0ODQ4Q0RDNzVCODA1QUZCMjJBMDVENzhDRjIzQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl1bID9TwePP1cKzIpg2S6OF56
2vtVgPg+I8+l7kgPUzmVdYbn0IZw75jonEgXqtODb7JPKoGSUBhPgi1dWcW3+Sdh
lkZv7M2600BLhljd8oQJ9HsgaqKrVgKh4rtIksJqkT2nCYhsm1yYW0qjktzS7kTm
btuXH9L4izQt0tYS6kM4I9JlU5lPvJR4wgZD+NPFEBStEUjIgd2VexCKSN9Y4oph
XlSoA4dlKGtejkScnLQ29Yyp+kVgpyUr5zfGVGDM2fS+5K1C+mvNHVR6fwhkqTq6
biWAvnd/lcJ5lgBdPFdJwykR3ooi9rB/Hcuq1sOWOSOANaunckmRZt3OlqiZAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU1kdShWtISM3HW4Ba+yKgXXjPI7cwHwYDVR0j
BBgwFoAUMAivlIxHQqUlIB8/2n77GADVLWQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
YzM0ZWVkOS0xODdlLTRmNDYtYTViYi0wZWE4ZjY2OWFlOTAvMC8zMDA4QUY5NDhD
NDc0MkE1MjUyMDFGM0ZEQTdFRkIxODAwRDUyRDY0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvMzAwOEFGOTQ4QzQ3NDJBNTI1MjAxRjNGREE3RUZCMTgwMEQ1
MkQ2NC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2RjMzRlZWQ5LTE4N2UtNGY0Ni1h
NWJiLTBlYThmNjY5YWU5MC8wLzMxMzUzNzJlMzEzNTJlMzQzNzJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMjMzMzkzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0PLzANBgkqhkiG
9w0BAQsFAAOCAQEAg7SigbrlkBfpnYGg7b4ReEjCKgkJY1JbSyQmhKcXzZLuDh8z
pUEQBx73wqtxUlvq1SE60udc2S7Dc1lG8NY/hovf8EefFElKKaApd4K2XG3+l6Xv
N6vsSRFKnQmefR1dOq9qeRZC+dSccJk+5I6ITtOnvBkq7GbRPozsm9Qhyiw63t+s
TMkLAHEC4AJtlXkMO9tCDYxmdaaY4DQW6EuZy1iUn/VDste1IY5yJ/MsdBhallMz
PCDP5iQ2gf08a5D2nlUX2vOBnwT9DWrrRMT2DFukbj/WTzWZNg0CthmHyySq9DJB
ppbs29Fpo1a9nEgf5MlUggfPeX7v9urv80hWFQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:31:32 2025 by rpki-client