Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/e9c15b78-2071-44d1-9a1d-ad6eb09fae08/0/3135372e32302e3133332e302f32342d3234203d3e20313532343033.roa
File: 3135372e32302e3133332e302f32342d3234203d3e20313532343033.roa (raw, json)
Hash identifier: urPap96O72bhGMnY7pKE8RIJODUHRqXobYzgJgy+CAg=
Subject key identifier: 07:0D:9E:74:3E:EB:62:A7:27:DC:98:90:0C:8E:31:53:EE:E5:67:23
Certificate issuer: /CN=D4688B55FB8C00F6AEC284E5BCB81E227C512DED
Certificate serial: 053B007A30E5F2337E4AEF5B22A7BA118FED08AA
Authority key identifier: D4:68:8B:55:FB:8C:00:F6:AE:C2:84:E5:BC:B8:1E:22:7C:51:2D:ED
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D4688B55FB8C00F6AEC284E5BCB81E227C512DED.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/e9c15b78-2071-44d1-9a1d-ad6eb09fae08/0/3135372e32302e3133332e302f32342d3234203d3e20313532343033.roa
Signing time: Fri 06 Dec 2024 04:29:00 +0000
ROA not before: Fri 06 Dec 2024 04:24:00 +0000
ROA not after: Fri 05 Dec 2025 04:29:00 +0000
asID: 152403
IP address blocks: 157.20.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:3b:00:7a:30:e5:f2:33:7e:4a:ef:5b:22:a7:ba:11:8f:ed:08:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4688B55FB8C00F6AEC284E5BCB81E227C512DED
Validity
Not Before: Dec 6 04:24:00 2024 GMT
Not After : Dec 5 04:29:00 2025 GMT
Subject: CN=070D9E743EEB62A727DC98900C8E3153EEE56723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:93:29:8b:22:88:44:0c:ca:a7:86:04:5d:3d:
65:ae:3e:9f:d7:54:f6:37:37:c6:8f:3a:dc:cd:42:
54:2d:17:2f:88:b2:bf:de:f3:e7:66:99:99:f1:ea:
f1:f4:0a:40:be:a6:19:44:d6:3e:a6:a8:74:6a:74:
bb:4c:54:4a:af:66:3c:91:55:f3:c8:ac:c1:f8:97:
b4:b3:d5:5e:1f:be:a1:44:60:1c:f8:f3:0c:08:bc:
3f:b1:9f:cc:c4:99:a8:fb:4a:39:92:b6:3d:9d:17:
9e:b4:25:d8:d7:ee:c5:57:5f:35:be:88:da:e0:f4:
c1:9d:30:01:a8:08:27:f8:25:0b:ac:1d:a7:c6:17:
b6:0c:f2:91:55:a6:38:53:be:d9:86:31:45:60:c9:
8f:a0:c4:6a:d1:ec:cc:15:4e:2c:eb:0e:99:79:0c:
be:f7:89:f1:5f:f9:59:4e:c8:ba:60:b6:0c:c6:fa:
09:7a:3b:ed:f0:84:13:a3:d9:05:ad:09:4b:bb:d0:
1a:91:61:a8:56:87:0a:b2:26:52:45:87:c7:09:60:
96:51:30:a0:80:89:ed:af:1e:01:37:71:8b:e7:22:
01:9c:34:38:b9:15:d4:b3:1f:00:ac:c3:02:46:b4:
0c:21:08:be:4b:35:38:c8:19:34:31:91:ac:9d:a1:
b0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:0D:9E:74:3E:EB:62:A7:27:DC:98:90:0C:8E:31:53:EE:E5:67:23
X509v3 Authority Key Identifier:
keyid:D4:68:8B:55:FB:8C:00:F6:AE:C2:84:E5:BC:B8:1E:22:7C:51:2D:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/e9c15b78-2071-44d1-9a1d-ad6eb09fae08/0/D4688B55FB8C00F6AEC284E5BCB81E227C512DED.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D4688B55FB8C00F6AEC284E5BCB81E227C512DED.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e9c15b78-2071-44d1-9a1d-ad6eb09fae08/0/3135372e32302e3133332e302f32342d3234203d3e20313532343033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.133.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:9b:7e:be:51:dd:db:47:0e:34:64:2c:4f:7b:76:64:a6:22:
fe:fc:12:aa:24:53:ae:cc:a2:8d:df:6b:bb:73:e6:82:d0:fa:
bb:2a:4d:3d:e9:8a:c0:82:33:b7:7b:6a:6b:ed:5c:5c:8c:d0:
c8:24:41:09:1b:04:e5:51:d2:c1:6d:0e:c5:8e:f5:b1:77:25:
ac:5b:bf:b2:dc:ec:83:18:ca:05:cb:f6:f0:ed:6b:38:63:8e:
5e:03:45:9a:62:a3:b7:58:ea:f3:18:23:23:2b:39:58:1d:ec:
aa:5c:fb:9d:15:22:cf:99:df:57:ab:7b:ff:ba:8f:ed:03:77:
5a:a6:4a:b8:4a:54:f4:a8:53:7f:6d:b7:45:6c:d0:0f:73:f0:
b6:87:d9:d1:3d:23:87:32:27:45:80:3b:50:32:6b:bd:03:9b:
71:0d:0a:19:f5:a3:14:83:3d:76:09:8a:d6:b5:d4:78:e0:b3:
3a:39:5c:f1:49:e6:20:8a:93:ef:ab:5c:57:8c:ce:31:07:8d:
bc:e1:31:0c:63:30:c5:f7:32:d1:f0:cb:d8:5d:fe:55:30:68:
6e:f9:63:65:a8:c7:72:df:77:0b:75:b2:b2:5f:64:73:31:a2:
8d:a6:38:ee:c1:dc:cb:18:e7:ad:36:dc:2a:82:16:56:ce:f8:
04:38:3c:45
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUBTsAejDl8jN+Su9bIqe6EY/tCKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDQ2ODhCNTVGQjhDMDBGNkFFQzI4NEU1QkNCODFFMjI3
QzUxMkRFRDAeFw0yNDEyMDYwNDI0MDBaFw0yNTEyMDUwNDI5MDBaMDMxMTAvBgNV
BAMTKDA3MEQ5RTc0M0VFQjYyQTcyN0RDOTg5MDBDOEUzMTUzRUVFNTY3MjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1kymLIohEDMqnhgRdPWWuPp/X
VPY3N8aPOtzNQlQtFy+Isr/e8+dmmZnx6vH0CkC+phlE1j6mqHRqdLtMVEqvZjyR
VfPIrMH4l7Sz1V4fvqFEYBz48wwIvD+xn8zEmaj7SjmStj2dF560JdjX7sVXXzW+
iNrg9MGdMAGoCCf4JQusHafGF7YM8pFVpjhTvtmGMUVgyY+gxGrR7MwVTizrDpl5
DL73ifFf+VlOyLpgtgzG+gl6O+3whBOj2QWtCUu70BqRYahWhwqyJlJFh8cJYJZR
MKCAie2vHgE3cYvnIgGcNDi5FdSzHwCswwJGtAwhCL5LNTjIGTQxkaydobAvAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUBw2edD7rYqcn3JiQDI4xU+7lZyMwHwYDVR0j
BBgwFoAU1GiLVfuMAPauwoTlvLgeInxRLe0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
OWMxNWI3OC0yMDcxLTQ0ZDEtOWExZC1hZDZlYjA5ZmFlMDgvMC9ENDY4OEI1NUZC
OEMwMEY2QUVDMjg0RTVCQ0I4MUUyMjdDNTEyREVELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvRDQ2ODhCNTVGQjhDMDBGNkFFQzI4NEU1QkNCODFFMjI3QzUx
MkRFRC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U5YzE1Yjc4LTIwNzEtNDRkMS05
YTFkLWFkNmViMDlmYWUwOC8wLzMxMzUzNzJlMzIzMDJlMzEzMzMzMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMDMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRSFMA0GCSqG
SIb3DQEBCwUAA4IBAQCrm36+Ud3bRw40ZCxPe3ZkpiL+/BKqJFOuzKKN32u7c+aC
0Pq7Kk096YrAgjO3e2pr7VxcjNDIJEEJGwTlUdLBbQ7FjvWxdyWsW7+y3OyDGMoF
y/bw7Ws4Y45eA0WaYqO3WOrzGCMjKzlYHeyqXPudFSLPmd9Xq3v/uo/tA3dapkq4
SlT0qFN/bbdFbNAPc/C2h9nRPSOHMidFgDtQMmu9A5txDQoZ9aMUgz12CYrWtdR4
4LM6OVzxSeYgipPvq1xXjM4xB4284TEMYzDF9zLR8MvYXf5VMGhu+WNlqMdy33cL
dbKyX2RzMaKNpjjuwdzLGOetNtwqghZWzvgEODxF
-----END CERTIFICATE-----
Generated at Sat Feb 22 04:58:05 2025 by rpki-client