Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/e5413ff4-202b-4999-b45d-73c972f10116/0/323430343a636163303a3a2f33322d3332203d3e20313339343137.roa
File: 323430343a636163303a3a2f33322d3332203d3e20313339343137.roa (raw, json)
Hash identifier: U8X775Erg4KvjSwclcGWHuukxGyQmMyExSHIbSXOqZk=
Subject key identifier: 3B:43:DB:00:3F:FA:9A:57:28:30:DD:6A:9F:F5:D7:3C:AA:7C:65:E3
Certificate issuer: /CN=8FC4899CA3D612A45C1C1DC02A21F63372DAEDD6
Certificate serial: 335C03F71F0773AF69E2432698867DEB8A30FBFB
Authority key identifier: 8F:C4:89:9C:A3:D6:12:A4:5C:1C:1D:C0:2A:21:F6:33:72:DA:ED:D6
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8FC4899CA3D612A45C1C1DC02A21F63372DAEDD6.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/e5413ff4-202b-4999-b45d-73c972f10116/0/323430343a636163303a3a2f33322d3332203d3e20313339343137.roa
Signing time: Sat 21 Dec 2024 11:00:01 +0000
ROA not before: Sat 21 Dec 2024 10:55:01 +0000
ROA not after: Sat 20 Dec 2025 11:00:01 +0000
asID: 139417
IP address blocks: 2404:cac0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:5c:03:f7:1f:07:73:af:69:e2:43:26:98:86:7d:eb:8a:30:fb:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8FC4899CA3D612A45C1C1DC02A21F63372DAEDD6
Validity
Not Before: Dec 21 10:55:01 2024 GMT
Not After : Dec 20 11:00:01 2025 GMT
Subject: CN=3B43DB003FFA9A572830DD6A9FF5D73CAA7C65E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:eb:08:6c:d6:1a:70:e1:3f:00:59:d9:da:a8:
0b:74:75:6d:d7:fb:6b:5f:3d:b0:d1:fa:ad:67:29:
43:91:5f:0d:a7:72:1b:d7:89:ab:d4:7e:ea:81:57:
8e:a0:2b:0e:bc:86:5e:de:79:3b:3f:be:48:bb:05:
8e:01:a8:19:24:37:e8:c4:25:c8:f9:89:47:1b:93:
a6:ed:ae:49:69:87:cf:b2:03:d5:4f:cb:c6:a6:48:
3c:82:6f:f7:3c:cb:15:09:59:12:58:55:22:e1:ce:
c0:9c:a3:cc:02:4f:a0:f0:ef:ae:17:71:3b:a0:f5:
c7:3c:bc:cc:72:10:0b:99:f8:27:5f:28:3e:d8:52:
c3:88:73:84:72:fd:0f:59:b0:a4:81:ec:a8:a8:ff:
d4:dd:ed:39:bd:da:90:58:7f:a6:09:d6:b0:2b:b7:
b2:bd:d5:a0:89:08:7a:29:e4:44:d4:13:6c:2a:af:
27:b9:06:8f:d2:ec:dc:d6:07:9a:2e:a8:ca:3f:1d:
ae:f6:36:fb:75:94:4e:af:08:15:a3:d0:a7:1e:2b:
34:10:c2:03:41:0a:23:bd:54:e3:27:9f:db:f2:d7:
f1:c7:95:86:c1:34:2a:90:92:a2:d7:1d:8d:90:b3:
ef:8f:ec:a0:29:55:95:1b:8e:3a:a9:25:a0:ec:a9:
7b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:43:DB:00:3F:FA:9A:57:28:30:DD:6A:9F:F5:D7:3C:AA:7C:65:E3
X509v3 Authority Key Identifier:
keyid:8F:C4:89:9C:A3:D6:12:A4:5C:1C:1D:C0:2A:21:F6:33:72:DA:ED:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/e5413ff4-202b-4999-b45d-73c972f10116/0/8FC4899CA3D612A45C1C1DC02A21F63372DAEDD6.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8FC4899CA3D612A45C1C1DC02A21F63372DAEDD6.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e5413ff4-202b-4999-b45d-73c972f10116/0/323430343a636163303a3a2f33322d3332203d3e20313339343137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2404:cac0::/32
Signature Algorithm: sha256WithRSAEncryption
97:36:86:bd:b3:9f:9c:79:1d:5e:a1:e3:75:c3:c1:10:b2:d5:
de:b7:6a:cf:b9:1a:bc:ba:bd:68:60:74:18:2d:a4:89:c3:b6:
4b:ca:fc:59:57:88:ea:f1:37:43:39:c9:99:a3:59:02:fa:7a:
ee:fc:55:7e:72:b8:10:e0:92:1e:f2:d0:cb:52:45:f4:84:90:
3c:ad:69:bb:51:59:c8:0f:bc:f2:ea:8b:e9:fb:d3:14:10:d0:
13:35:41:4e:62:7b:5b:37:71:c8:58:23:5c:f7:3d:68:74:77:
7a:d9:e4:50:0c:52:92:36:e2:07:63:34:8b:00:ea:fa:ff:3c:
4f:11:5a:0e:eb:9d:c5:e1:61:d7:56:18:d8:df:a8:2e:37:95:
21:64:aa:d3:95:a1:e3:1e:f4:7b:75:34:32:db:a4:73:cd:fa:
ea:57:61:65:7c:f2:27:fc:f9:f2:2f:a9:ee:78:a9:db:6e:62:
66:99:a1:bf:7b:7d:82:85:24:bf:a2:ad:5a:b2:c5:3a:ba:12:
67:87:46:fb:03:e8:76:c8:2d:cc:24:24:de:ed:14:59:79:0a:
3e:f8:ba:df:18:2b:3c:aa:30:7e:bd:87:b8:36:ad:73:38:29:
3a:bd:c7:dd:a3:b1:39:aa:a2:a5:11:2d:17:4b:1b:ab:95:04:
4b:cf:22:97
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUM1wD9x8Hc69p4kMmmIZ964ow+/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEZDNDg5OUNBM0Q2MTJBNDVDMUMxREMwMkEyMUY2MzM3
MkRBRURENjAeFw0yNDEyMjExMDU1MDFaFw0yNTEyMjAxMTAwMDFaMDMxMTAvBgNV
BAMTKDNCNDNEQjAwM0ZGQTlBNTcyODMwREQ2QTlGRjVENzNDQUE3QzY1RTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS6whs1hpw4T8AWdnaqAt0dW3X
+2tfPbDR+q1nKUORXw2nchvXiavUfuqBV46gKw68hl7eeTs/vki7BY4BqBkkN+jE
Jcj5iUcbk6btrklph8+yA9VPy8amSDyCb/c8yxUJWRJYVSLhzsCco8wCT6Dw764X
cTug9cc8vMxyEAuZ+CdfKD7YUsOIc4Ry/Q9ZsKSB7Kio/9Td7Tm92pBYf6YJ1rAr
t7K91aCJCHop5ETUE2wqrye5Bo/S7NzWB5ouqMo/Ha72Nvt1lE6vCBWj0KceKzQQ
wgNBCiO9VOMnn9vy1/HHlYbBNCqQkqLXHY2Qs++P7KApVZUbjjqpJaDsqXt5AgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUO0PbAD/6mlcoMN1qn/XXPKp8ZeMwHwYDVR0j
BBgwFoAUj8SJnKPWEqRcHB3AKiH2M3La7dYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
NTQxM2ZmNC0yMDJiLTQ5OTktYjQ1ZC03M2M5NzJmMTAxMTYvMC84RkM0ODk5Q0Ez
RDYxMkE0NUMxQzFEQzAyQTIxRjYzMzcyREFFREQ2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOEZDNDg5OUNBM0Q2MTJBNDVDMUMxREMwMkEyMUY2MzM3MkRB
RURENi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U1NDEzZmY0LTIwMmItNDk5OS1i
NDVkLTczYzk3MmYxMDExNi8wLzMyMzQzMDM0M2E2MzYxNjMzMDNhM2EyZjMzMzIy
ZDMzMzIyMDNkM2UyMDMxMzMzOTM0MzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQEysAwDQYJKoZI
hvcNAQELBQADggEBAJc2hr2zn5x5HV6h43XDwRCy1d63as+5Gry6vWhgdBgtpInD
tkvK/FlXiOrxN0M5yZmjWQL6eu78VX5yuBDgkh7y0MtSRfSEkDytabtRWcgPvPLq
i+n70xQQ0BM1QU5ie1s3cchYI1z3PWh0d3rZ5FAMUpI24gdjNIsA6vr/PE8RWg7r
ncXhYddWGNjfqC43lSFkqtOVoeMe9Ht1NDLbpHPN+upXYWV88if8+fIvqe54qdtu
YmaZob97fYKFJL+irVqyxTq6EmeHRvsD6HbILcwkJN7tFFl5Cj74ut8YKzyqMH69
h7g2rXM4KTq9x92jsTmqoqURLRdLG6uVBEvPIpc=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:08:24 2025 by rpki-client