Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/ecf3f8c8-0406-4b38-a7a8-dcb15e41f2b7/0/3135372e31302e39312e302f32342d3234203d3e20313532303836.roa
File: 3135372e31302e39312e302f32342d3234203d3e20313532303836.roa (raw, json)
Hash identifier: aoRUG5CQtzRZGdloOpfTrb2fX3fCFwbxN1OMSRI1BYY=
Subject key identifier: 8F:A4:39:90:CB:BF:2D:10:E4:0E:79:7B:CB:E0:88:A8:F6:52:7A:5A
Certificate issuer: /CN=5EC928AFD73AFC70F10C468E21482031920DF521
Certificate serial: 73D167EDC95BDD1248D049A758AC3FC11925E89E
Authority key identifier: 5E:C9:28:AF:D7:3A:FC:70:F1:0C:46:8E:21:48:20:31:92:0D:F5:21
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5EC928AFD73AFC70F10C468E21482031920DF521.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/ecf3f8c8-0406-4b38-a7a8-dcb15e41f2b7/0/3135372e31302e39312e302f32342d3234203d3e20313532303836.roa
Signing time: Sun 19 Jan 2025 16:00:36 +0000
ROA not before: Sun 19 Jan 2025 15:55:36 +0000
ROA not after: Sun 18 Jan 2026 16:00:36 +0000
asID: 152086
IP address blocks: 157.10.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:d1:67:ed:c9:5b:dd:12:48:d0:49:a7:58:ac:3f:c1:19:25:e8:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5EC928AFD73AFC70F10C468E21482031920DF521
Validity
Not Before: Jan 19 15:55:36 2025 GMT
Not After : Jan 18 16:00:36 2026 GMT
Subject: CN=8FA43990CBBF2D10E40E797BCBE088A8F6527A5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:e8:75:f8:c3:3f:bf:34:3c:da:86:19:29:c2:
d5:0c:cc:34:57:09:7a:bd:3a:ad:03:8f:61:a0:11:
14:2d:91:33:ad:e6:91:d2:75:6a:2d:bd:0a:bb:78:
dd:0f:18:08:bd:36:ea:71:b3:b1:14:7d:15:37:6e:
52:76:26:7d:ca:4c:34:f1:1b:f6:25:35:6e:e7:62:
78:25:09:c7:04:fa:e9:5b:f7:ab:ea:0d:d9:9d:ea:
b8:15:51:b1:81:3d:d5:97:0c:51:bf:9c:f5:00:87:
0c:06:38:fa:cd:ec:a2:82:68:ba:10:65:47:88:39:
49:c2:f4:aa:1c:de:f1:ce:dc:ab:20:91:cb:7f:ac:
c4:c6:f8:8f:5d:10:c0:99:30:7c:37:a0:9e:38:f5:
20:c0:06:47:0e:62:fe:5a:e5:d5:47:76:5d:7c:a3:
6e:05:4a:9a:aa:1d:20:24:d0:99:47:c3:12:55:98:
0d:da:99:9a:e4:de:fb:f0:1d:96:5b:4d:af:9a:5d:
ef:df:26:c7:c9:5d:d1:aa:82:b9:21:00:b3:fb:1a:
50:9f:18:7e:ca:17:ec:c9:74:69:bd:91:d7:b6:e2:
ec:bb:98:40:06:84:64:75:4b:5f:73:98:c3:99:7c:
70:8e:2d:61:03:89:de:3e:1e:ba:c9:89:59:bf:fc:
29:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:A4:39:90:CB:BF:2D:10:E4:0E:79:7B:CB:E0:88:A8:F6:52:7A:5A
X509v3 Authority Key Identifier:
keyid:5E:C9:28:AF:D7:3A:FC:70:F1:0C:46:8E:21:48:20:31:92:0D:F5:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/ecf3f8c8-0406-4b38-a7a8-dcb15e41f2b7/0/5EC928AFD73AFC70F10C468E21482031920DF521.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5EC928AFD73AFC70F10C468E21482031920DF521.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ecf3f8c8-0406-4b38-a7a8-dcb15e41f2b7/0/3135372e31302e39312e302f32342d3234203d3e20313532303836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.10.91.0/24
Signature Algorithm: sha256WithRSAEncryption
00:c3:bf:92:6c:bb:36:4d:2f:ad:d1:32:59:a2:5b:41:b6:9f:
0c:ed:e5:4d:ce:31:e7:8a:18:68:54:b5:a4:c2:f6:25:48:ea:
eb:d3:10:1b:d0:45:f5:d6:6e:85:02:ad:40:f6:d9:cf:38:01:
47:b7:ba:9c:11:5e:41:0e:bf:e8:3a:5b:ff:d6:fd:a6:dd:92:
5e:1e:6a:49:4d:13:88:67:a7:c4:b1:ae:68:f0:44:7e:33:35:
dc:7f:ae:61:87:ef:a5:44:c1:b8:83:42:09:3a:40:4e:19:dd:
c4:9a:63:bc:02:37:71:6c:ae:6c:15:d4:b9:a9:a1:6e:23:6f:
80:67:dc:bb:fe:31:42:3f:96:88:6b:c2:0c:e1:08:4b:92:dc:
3c:df:6c:4b:7a:71:c1:aa:0b:09:76:b9:fa:1f:33:ca:30:b8:
2a:d0:ee:0d:67:9d:a4:5e:2c:81:e9:db:23:ce:4a:3b:8e:c8:
4d:d5:91:f1:9d:77:3c:3c:21:95:69:ae:97:0a:32:48:92:34:
4d:98:69:c1:09:b2:8f:52:a4:26:8f:5b:cf:29:1e:60:f5:2b:
34:d8:3c:64:be:76:9e:47:9c:9d:76:87:c9:49:38:6b:62:c2:
69:61:f4:2e:49:4c:59:05:67:2b:bf:47:df:a4:ba:68:6e:f7:
f1:b0:42:43
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUc9Fn7clb3RJI0EmnWKw/wRkl6J4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUVDOTI4QUZENzNBRkM3MEYxMEM0NjhFMjE0ODIwMzE5
MjBERjUyMTAeFw0yNTAxMTkxNTU1MzZaFw0yNjAxMTgxNjAwMzZaMDMxMTAvBgNV
BAMTKDhGQTQzOTkwQ0JCRjJEMTBFNDBFNzk3QkNCRTA4OEE4RjY1MjdBNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDw6HX4wz+/NDzahhkpwtUMzDRX
CXq9Oq0Dj2GgERQtkTOt5pHSdWotvQq7eN0PGAi9Nupxs7EUfRU3blJ2Jn3KTDTx
G/YlNW7nYnglCccE+ulb96vqDdmd6rgVUbGBPdWXDFG/nPUAhwwGOPrN7KKCaLoQ
ZUeIOUnC9Koc3vHO3Ksgkct/rMTG+I9dEMCZMHw3oJ449SDABkcOYv5a5dVHdl18
o24FSpqqHSAk0JlHwxJVmA3amZrk3vvwHZZbTa+aXe/fJsfJXdGqgrkhALP7GlCf
GH7KF+zJdGm9kde24uy7mEAGhGR1S19zmMOZfHCOLWEDid4+HrrJiVm//ClnAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUj6Q5kMu/LRDkDnl7y+CIqPZSelowHwYDVR0j
BBgwFoAUXskor9c6/HDxDEaOIUggMZIN9SEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
Y2YzZjhjOC0wNDA2LTRiMzgtYTdhOC1kY2IxNWU0MWYyYjcvMC81RUM5MjhBRkQ3
M0FGQzcwRjEwQzQ2OEUyMTQ4MjAzMTkyMERGNTIxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvNUVDOTI4QUZENzNBRkM3MEYxMEM0NjhFMjE0ODIwMzE5MjBE
RjUyMS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2VjZjNmOGM4LTA0MDYtNGIzOC1h
N2E4LWRjYjE1ZTQxZjJiNy8wLzMxMzUzNzJlMzEzMDJlMzkzMTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMjMwMzgzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0KWzANBgkqhkiG
9w0BAQsFAAOCAQEAAMO/kmy7Nk0vrdEyWaJbQbafDO3lTc4x54oYaFS1pML2JUjq
69MQG9BF9dZuhQKtQPbZzzgBR7e6nBFeQQ6/6Dpb/9b9pt2SXh5qSU0TiGenxLGu
aPBEfjM13H+uYYfvpUTBuINCCTpAThndxJpjvAI3cWyubBXUuamhbiNvgGfcu/4x
Qj+WiGvCDOEIS5LcPN9sS3pxwaoLCXa5+h8zyjC4KtDuDWedpF4sgenbI85KO47I
TdWR8Z13PDwhlWmulwoySJI0TZhpwQmyj1KkJo9bzykeYPUrNNg8ZL52nkecnXaH
yUk4a2LCaWH0LklMWQVnK79H36S6aG738bBCQw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:41:43 2025 by rpki-client