Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/e9c15b78-2071-44d1-9a1d-ad6eb09fae08/0/3135372e32302e3133322e302f32332d3233203d3e20313532343033.roa
File: 3135372e32302e3133322e302f32332d3233203d3e20313532343033.roa (raw, json)
Hash identifier: 8j1+acCdsJVbTJGY7uHwLQICxHIGJ/neg6B/vDw5bQ0=
Subject key identifier: 75:1F:36:85:FF:2E:0E:93:C8:C8:80:26:1F:41:C7:83:96:02:6F:D1
Certificate issuer: /CN=D4688B55FB8C00F6AEC284E5BCB81E227C512DED
Certificate serial: 03CB918A0395F8E48B2BAD82022986A2B6C1545C
Authority key identifier: D4:68:8B:55:FB:8C:00:F6:AE:C2:84:E5:BC:B8:1E:22:7C:51:2D:ED
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D4688B55FB8C00F6AEC284E5BCB81E227C512DED.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/e9c15b78-2071-44d1-9a1d-ad6eb09fae08/0/3135372e32302e3133322e302f32332d3233203d3e20313532343033.roa
Signing time: Fri 06 Dec 2024 04:29:13 +0000
ROA not before: Fri 06 Dec 2024 04:24:13 +0000
ROA not after: Fri 05 Dec 2025 04:29:13 +0000
asID: 152403
IP address blocks: 157.20.132.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:cb:91:8a:03:95:f8:e4:8b:2b:ad:82:02:29:86:a2:b6:c1:54:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4688B55FB8C00F6AEC284E5BCB81E227C512DED
Validity
Not Before: Dec 6 04:24:13 2024 GMT
Not After : Dec 5 04:29:13 2025 GMT
Subject: CN=751F3685FF2E0E93C8C880261F41C78396026FD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8d:b9:6a:10:03:04:d9:5d:4d:4e:ea:f6:84:
30:3e:5c:cb:64:ca:4a:ef:2a:76:83:c5:22:41:23:
58:e1:3b:4c:c6:49:e5:05:eb:23:07:54:be:db:c0:
43:3b:4c:b6:24:a0:41:5a:f3:35:f0:75:d3:81:a5:
60:80:cb:a7:4d:3e:fa:22:7e:71:3f:ad:ab:92:02:
f1:80:0f:08:b4:5b:d0:72:f4:d4:33:df:94:d4:f4:
24:f3:5e:ce:8d:f5:18:22:12:84:fc:75:8f:51:74:
40:3e:b1:8c:39:95:15:5e:9d:fd:33:d3:e3:2f:c3:
65:6a:67:74:71:ca:f1:f5:5a:a0:a4:ce:01:88:4a:
86:e1:5e:66:60:b0:8a:66:7e:fb:79:b4:a3:eb:32:
5d:fc:3f:82:62:ed:c2:fc:51:b9:9f:d3:94:1f:7e:
c5:f9:89:4c:f6:55:44:93:d9:86:48:57:d5:97:4a:
1f:de:4c:56:35:ea:c9:ba:db:3c:08:7a:b0:46:d1:
25:9a:b0:a4:28:c9:d3:a2:09:03:b9:56:69:5b:c8:
7c:70:72:54:70:43:9f:e9:18:27:99:6f:56:e6:0d:
43:c2:ca:2d:2f:f8:e2:fe:30:23:2d:c4:24:2b:e1:
47:7a:ea:2e:19:88:32:18:c8:b2:1e:c5:5f:b4:5a:
66:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:1F:36:85:FF:2E:0E:93:C8:C8:80:26:1F:41:C7:83:96:02:6F:D1
X509v3 Authority Key Identifier:
keyid:D4:68:8B:55:FB:8C:00:F6:AE:C2:84:E5:BC:B8:1E:22:7C:51:2D:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/e9c15b78-2071-44d1-9a1d-ad6eb09fae08/0/D4688B55FB8C00F6AEC284E5BCB81E227C512DED.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D4688B55FB8C00F6AEC284E5BCB81E227C512DED.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e9c15b78-2071-44d1-9a1d-ad6eb09fae08/0/3135372e32302e3133322e302f32332d3233203d3e20313532343033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.132.0/23
Signature Algorithm: sha256WithRSAEncryption
48:54:60:0a:59:25:6d:6b:b9:bc:30:e8:f1:e1:e7:5d:45:ea:
ba:20:57:9f:01:1f:35:5f:62:41:24:7e:7d:19:92:a6:85:f5:
6d:ce:0a:f0:b3:88:fa:72:c7:58:23:72:b1:a9:1a:23:75:7f:
c5:84:9f:c4:09:b0:cf:be:e8:6e:f2:ee:f7:19:cf:37:c7:55:
16:d0:27:a6:3b:c5:a0:d1:73:3b:40:7e:4a:be:ae:52:0b:11:
4e:84:90:b4:5a:94:a1:7f:db:ea:1a:4c:da:7e:b3:94:d0:5f:
e9:bc:8c:82:a6:02:fe:18:83:8b:0c:4a:35:1a:24:fd:94:2e:
a2:93:4e:ca:f1:a3:a0:00:48:63:22:76:21:cb:f0:00:67:75:
b1:18:0d:7b:c0:d2:19:65:79:65:60:74:f8:63:31:f4:92:22:
9d:38:a9:1d:e3:c5:b7:d7:31:30:fe:d1:11:6e:78:0e:69:47:
83:a6:b0:c4:8e:b1:36:09:f1:e9:7c:57:30:a7:f4:10:0d:45:
d9:22:50:83:a4:6d:87:ed:ee:d3:14:1d:78:63:2a:eb:b8:7c:
fd:0d:42:d2:ce:73:1a:4c:5d:be:4a:00:66:86:3d:55:da:81:
84:11:a0:70:7a:f7:20:f7:96:ae:22:2e:7e:18:0c:07:88:c9:
85:4b:a4:d4
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUA8uRigOV+OSLK62CAimGorbBVFwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDQ2ODhCNTVGQjhDMDBGNkFFQzI4NEU1QkNCODFFMjI3
QzUxMkRFRDAeFw0yNDEyMDYwNDI0MTNaFw0yNTEyMDUwNDI5MTNaMDMxMTAvBgNV
BAMTKDc1MUYzNjg1RkYyRTBFOTNDOEM4ODAyNjFGNDFDNzgzOTYwMjZGRDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQjblqEAME2V1NTur2hDA+XMtk
ykrvKnaDxSJBI1jhO0zGSeUF6yMHVL7bwEM7TLYkoEFa8zXwddOBpWCAy6dNPvoi
fnE/rauSAvGADwi0W9By9NQz35TU9CTzXs6N9RgiEoT8dY9RdEA+sYw5lRVenf0z
0+Mvw2VqZ3RxyvH1WqCkzgGISobhXmZgsIpmfvt5tKPrMl38P4Ji7cL8Ubmf05Qf
fsX5iUz2VUST2YZIV9WXSh/eTFY16sm62zwIerBG0SWasKQoydOiCQO5VmlbyHxw
clRwQ5/pGCeZb1bmDUPCyi0v+OL+MCMtxCQr4Ud66i4ZiDIYyLIexV+0WmZRAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUdR82hf8uDpPIyIAmH0HHg5YCb9EwHwYDVR0j
BBgwFoAU1GiLVfuMAPauwoTlvLgeInxRLe0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
OWMxNWI3OC0yMDcxLTQ0ZDEtOWExZC1hZDZlYjA5ZmFlMDgvMC9ENDY4OEI1NUZC
OEMwMEY2QUVDMjg0RTVCQ0I4MUUyMjdDNTEyREVELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvRDQ2ODhCNTVGQjhDMDBGNkFFQzI4NEU1QkNCODFFMjI3QzUx
MkRFRC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U5YzE1Yjc4LTIwNzEtNDRkMS05
YTFkLWFkNmViMDlmYWUwOC8wLzMxMzUzNzJlMzIzMDJlMzEzMzMyMmUzMDJmMzIz
MzJkMzIzMzIwM2QzZTIwMzEzNTMyMzQzMDMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRSEMA0GCSqG
SIb3DQEBCwUAA4IBAQBIVGAKWSVta7m8MOjx4eddReq6IFefAR81X2JBJH59GZKm
hfVtzgrws4j6csdYI3KxqRojdX/FhJ/ECbDPvuhu8u73Gc83x1UW0CemO8Wg0XM7
QH5Kvq5SCxFOhJC0WpShf9vqGkzafrOU0F/pvIyCpgL+GIOLDEo1GiT9lC6ik07K
8aOgAEhjInYhy/AAZ3WxGA17wNIZZXllYHT4YzH0kiKdOKkd48W31zEw/tERbngO
aUeDprDEjrE2CfHpfFcwp/QQDUXZIlCDpG2H7e7TFB14YyrruHz9DULSznMaTF2+
SgBmhj1V2oGEEaBwevcg95auIi5+GAwHiMmFS6TU
-----END CERTIFICATE-----
Generated at Sat Feb 22 04:38:54 2025 by rpki-client