Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/e47cd5a2-a742-450c-b190-500e754520de/1/323030313a6466333a356263303a3a2f34382d3438203d3e20313532303832.roa
File: 323030313a6466333a356263303a3a2f34382d3438203d3e20313532303832.roa (raw, json)
Hash identifier: CPvUwm70xz0Zan3lOCIYHo9DBeIR2F+H1Vf/c92c+cs=
Subject key identifier: 01:CB:68:DD:86:DB:53:6D:F4:B9:DC:E7:F4:EE:B0:74:2F:D5:6F:A7
Certificate issuer: /CN=DF3717861F6521730921F11365C5A826CFF24DAA
Certificate serial: 18C76084050D773D9E63F21CA07172287D958BA3
Authority key identifier: DF:37:17:86:1F:65:21:73:09:21:F1:13:65:C5:A8:26:CF:F2:4D:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF3717861F6521730921F11365C5A826CFF24DAA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/e47cd5a2-a742-450c-b190-500e754520de/1/323030313a6466333a356263303a3a2f34382d3438203d3e20313532303832.roa
Signing time: Thu 12 Dec 2024 05:00:02 +0000
ROA not before: Thu 12 Dec 2024 04:55:02 +0000
ROA not after: Thu 11 Dec 2025 05:00:02 +0000
asID: 152082
IP address blocks: 2001:df3:5bc0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:c7:60:84:05:0d:77:3d:9e:63:f2:1c:a0:71:72:28:7d:95:8b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DF3717861F6521730921F11365C5A826CFF24DAA
Validity
Not Before: Dec 12 04:55:02 2024 GMT
Not After : Dec 11 05:00:02 2025 GMT
Subject: CN=01CB68DD86DB536DF4B9DCE7F4EEB0742FD56FA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f4:09:ea:9c:17:9f:7a:ea:e2:9f:24:c8:84:
13:a3:62:23:ec:ae:a3:8e:73:6c:42:2e:67:ed:06:
30:89:a1:9e:5a:ad:ee:df:71:4b:2d:27:05:7e:43:
4f:b1:e0:62:98:f1:83:cd:7b:07:c4:10:51:34:6f:
e8:08:de:27:a3:d2:2d:45:5f:91:7f:53:21:1b:99:
bb:63:d9:67:d7:b3:f1:25:1e:a9:4d:db:73:6b:a7:
01:0a:b3:b8:f2:bc:a7:9d:d2:a1:d9:d4:24:9a:19:
f5:40:d1:b0:0e:68:60:e3:28:95:3b:57:59:39:86:
c3:7f:df:8f:d2:bb:94:23:bc:5c:9d:92:70:a7:13:
57:b2:78:57:3b:6e:b7:07:21:e8:b5:57:2e:07:9e:
04:16:9c:44:64:21:0a:3c:b2:54:44:a9:85:34:88:
ef:10:60:24:d8:27:3e:5a:4e:43:c3:ff:3f:da:1f:
e3:87:44:e2:7a:6f:88:0d:5a:5f:44:d1:91:9c:12:
0b:9d:6b:e6:71:1d:19:b0:2f:cf:18:02:50:71:da:
af:8a:37:7e:0d:f9:e1:2a:fc:4b:26:1b:1d:0a:63:
34:1c:4f:13:b4:4b:96:e1:c9:06:48:cf:f6:df:4f:
a9:e4:7f:59:46:d5:b1:9d:c4:38:b2:b6:17:6a:51:
56:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:CB:68:DD:86:DB:53:6D:F4:B9:DC:E7:F4:EE:B0:74:2F:D5:6F:A7
X509v3 Authority Key Identifier:
keyid:DF:37:17:86:1F:65:21:73:09:21:F1:13:65:C5:A8:26:CF:F2:4D:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/e47cd5a2-a742-450c-b190-500e754520de/1/DF3717861F6521730921F11365C5A826CFF24DAA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF3717861F6521730921F11365C5A826CFF24DAA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e47cd5a2-a742-450c-b190-500e754520de/1/323030313a6466333a356263303a3a2f34382d3438203d3e20313532303832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:5bc0::/48
Signature Algorithm: sha256WithRSAEncryption
a7:60:83:01:5f:7f:f1:47:59:6e:5c:97:55:ab:cf:9c:5b:3e:
c0:c6:a5:50:d1:46:62:53:9f:ed:50:08:d1:ce:40:25:b6:c8:
7c:d5:3d:9a:e4:bc:30:d1:50:8f:e9:be:f2:12:60:0e:28:5f:
d5:ab:50:9f:30:dc:a7:92:75:4d:f1:9b:b5:f4:e4:0e:54:6a:
b2:9b:26:4e:44:21:c9:3f:29:fb:ed:06:0b:0b:af:41:27:c2:
cf:56:b5:f5:e7:43:a8:74:f6:cf:4b:43:89:7a:30:be:94:56:
b6:1c:0d:7f:19:57:c0:c3:b3:05:c2:8c:5e:d7:46:5b:22:17:
04:e4:3d:95:06:8b:22:0d:52:41:74:05:36:b7:3a:b6:04:20:
bb:e8:d5:ed:7c:1f:5c:1e:7f:91:78:88:11:33:a5:2c:66:32:
70:ff:47:d0:f6:07:8e:f3:21:06:4d:e8:f0:75:fa:cc:5f:5b:
f1:3f:b0:d7:a7:d2:1a:75:fd:1e:60:1b:56:41:c7:3d:ba:45:
d0:ad:c6:72:ba:b2:1c:08:72:78:c5:e4:a8:1e:16:10:d6:2c:
e3:77:3f:b9:89:60:35:5e:56:98:5c:87:ec:5c:e6:d8:c1:71:
77:68:75:00:ff:d9:1f:fe:3d:83:93:1a:a4:99:5c:75:18:1b:
7a:ba:6a:56
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGMdghAUNdz2eY/IcoHFyKH2Vi6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREYzNzE3ODYxRjY1MjE3MzA5MjFGMTEzNjVDNUE4MjZD
RkYyNERBQTAeFw0yNDEyMTIwNDU1MDJaFw0yNTEyMTEwNTAwMDJaMDMxMTAvBgNV
BAMTKDAxQ0I2OEREODZEQjUzNkRGNEI5RENFN0Y0RUVCMDc0MkZENTZGQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv9AnqnBefeurinyTIhBOjYiPs
rqOOc2xCLmftBjCJoZ5are7fcUstJwV+Q0+x4GKY8YPNewfEEFE0b+gI3iej0i1F
X5F/UyEbmbtj2WfXs/ElHqlN23NrpwEKs7jyvKed0qHZ1CSaGfVA0bAOaGDjKJU7
V1k5hsN/34/Su5QjvFydknCnE1eyeFc7brcHIei1Vy4HngQWnERkIQo8slREqYU0
iO8QYCTYJz5aTkPD/z/aH+OHROJ6b4gNWl9E0ZGcEguda+ZxHRmwL88YAlBx2q+K
N34N+eEq/EsmGx0KYzQcTxO0S5bhyQZIz/bfT6nkf1lG1bGdxDiythdqUVaxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUActo3YbbU230udzn9O6wdC/Vb6cwHwYDVR0j
BBgwFoAU3zcXhh9lIXMJIfETZcWoJs/yTaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
NDdjZDVhMi1hNzQyLTQ1MGMtYjE5MC01MDBlNzU0NTIwZGUvMS9ERjM3MTc4NjFG
NjUyMTczMDkyMUYxMTM2NUM1QTgyNkNGRjI0REFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvREYzNzE3ODYxRjY1MjE3MzA5MjFGMTEzNjVDNUE4MjZDRkYy
NERBQS5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U0N2NkNWEyLWE3NDItNDUwYy1i
MTkwLTUwMGU3NTQ1MjBkZS8xLzMyMzAzMDMxM2E2NDY2MzMzYTM1NjI2MzMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNTMyMzAzODMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
81vAMA0GCSqGSIb3DQEBCwUAA4IBAQCnYIMBX3/xR1luXJdVq8+cWz7AxqVQ0UZi
U5/tUAjRzkAltsh81T2a5Lww0VCP6b7yEmAOKF/Vq1CfMNynknVN8Zu19OQOVGqy
myZORCHJPyn77QYLC69BJ8LPVrX150OodPbPS0OJejC+lFa2HA1/GVfAw7MFwoxe
10ZbIhcE5D2VBosiDVJBdAU2tzq2BCC76NXtfB9cHn+ReIgRM6UsZjJw/0fQ9geO
8yEGTejwdfrMX1vxP7DXp9Iadf0eYBtWQcc9ukXQrcZyurIcCHJ4xeSoHhYQ1izj
dz+5iWA1XlaYXIfsXObYwXF3aHUA/9kf/j2DkxqkmVx1GBt6umpW
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:03:37 2025 by rpki-client