Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/3230322e3134382e322e302f32342d3234203d3e2039373934.roa
File: 3230322e3134382e322e302f32342d3234203d3e2039373934.roa (raw, json)
Hash identifier: pr8PBBjGDtQeEUob3MfauJWX+D+erWdzff8pnd9y+lw=
Subject key identifier: A1:41:91:25:8A:29:38:B6:0C:72:CB:CA:9D:49:07:6F:B7:57:D5:F1
Certificate issuer: /CN=09A6F1FA4FC532D6B4E13462FC234C9C763CF361
Certificate serial: 1B34781453FF9C9876110682C85CB827B912FAAE
Authority key identifier: 09:A6:F1:FA:4F:C5:32:D6:B4:E1:34:62:FC:23:4C:9C:76:3C:F3:61
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/09A6F1FA4FC532D6B4E13462FC234C9C763CF361.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/3230322e3134382e322e302f32342d3234203d3e2039373934.roa
Signing time: Mon 01 Jul 2024 01:02:54 +0000
ROA not before: Mon 01 Jul 2024 00:57:54 +0000
ROA not after: Mon 30 Jun 2025 01:02:54 +0000
asID: 9794
IP address blocks: 202.148.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:34:78:14:53:ff:9c:98:76:11:06:82:c8:5c:b8:27:b9:12:fa:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09A6F1FA4FC532D6B4E13462FC234C9C763CF361
Validity
Not Before: Jul 1 00:57:54 2024 GMT
Not After : Jun 30 01:02:54 2025 GMT
Subject: CN=A14191258A2938B60C72CBCA9D49076FB757D5F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:03:74:59:c0:c7:ab:cd:fa:da:75:c8:b7:5b:
14:d0:02:79:f7:dd:ec:cc:2f:6f:c3:fe:49:77:30:
f5:74:ef:98:7b:d8:da:f4:00:f1:a6:df:1d:6e:77:
fd:d3:fb:47:01:7e:23:cb:7a:21:57:7c:f5:14:53:
f7:90:be:98:a9:9b:1d:04:29:8d:31:01:bd:a5:78:
57:87:9e:a3:c1:44:68:59:25:4b:a6:3f:5a:d8:d4:
fe:67:47:b3:2a:bf:d0:39:98:1f:0f:8b:c0:92:fd:
ed:0d:9b:e7:8a:8b:20:c0:bf:75:12:c6:d3:62:da:
7d:5c:d9:84:ff:fc:ac:de:94:4d:5f:32:d3:f0:ed:
d7:60:54:95:ca:d0:a8:bc:9f:ca:c0:6a:4e:87:b0:
ae:d4:1f:2b:ba:66:55:e5:b9:a7:4d:11:18:0e:e2:
5c:de:fb:10:2a:e6:2b:a3:a6:e7:5e:50:9c:b2:42:
29:35:b6:de:5d:91:16:14:6b:3c:4f:ea:79:9f:e4:
72:8b:ab:1f:86:7f:74:eb:c5:70:57:f5:e4:17:09:
76:27:68:48:21:ea:1c:08:bd:c3:ca:62:80:e9:6f:
0b:ee:1f:0e:48:85:d9:0e:63:4d:52:fc:ad:84:ad:
fd:76:58:14:99:b4:0b:7e:f4:9a:db:e1:80:a8:be:
6f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:41:91:25:8A:29:38:B6:0C:72:CB:CA:9D:49:07:6F:B7:57:D5:F1
X509v3 Authority Key Identifier:
keyid:09:A6:F1:FA:4F:C5:32:D6:B4:E1:34:62:FC:23:4C:9C:76:3C:F3:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/09A6F1FA4FC532D6B4E13462FC234C9C763CF361.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/09A6F1FA4FC532D6B4E13462FC234C9C763CF361.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/3230322e3134382e322e302f32342d3234203d3e2039373934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.148.2.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:24:6f:10:5a:67:8e:f2:38:1b:50:fd:8d:01:bb:5b:62:8e:
95:4e:7a:47:6d:1f:16:1f:4b:90:a5:8f:dc:79:03:d0:dd:56:
6f:03:a6:c1:8f:39:f1:99:8c:97:8e:65:c7:26:92:72:d9:9f:
7f:76:04:2a:57:d4:58:ea:41:02:e1:2d:2c:b5:f6:69:08:ea:
71:91:dc:3f:54:26:11:7f:2d:eb:75:e6:c2:9c:fb:cb:12:3e:
2e:16:0d:13:d1:1a:31:2c:ee:17:7c:c0:f5:eb:17:b5:3b:1a:
1a:b7:28:b6:da:30:c3:3f:a5:e5:2c:89:f0:bf:1b:7c:36:21:
98:10:0f:c9:ed:44:95:16:48:bb:b1:27:9f:f5:e6:d3:e5:62:
4f:df:7a:60:ed:07:5f:db:ce:ba:b3:c2:70:70:b9:ed:64:94:
41:17:23:b9:d9:99:78:9c:e5:91:45:31:07:37:f5:1d:08:1c:
9a:a4:13:43:36:71:b6:d0:10:98:db:35:eb:aa:b0:5f:ec:73:
b7:ec:a4:51:8f:b7:c8:dd:a2:51:98:c7:5d:1c:62:f1:41:6b:
05:91:1b:ac:96:c0:b3:1e:f3:de:8a:37:ff:d9:44:c3:45:1f:
71:f3:29:36:76:a7:0c:37:64:c8:ba:15:9b:16:40:43:bd:57:
13:0a:41:e9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUGzR4FFP/nJh2EQaCyFy4J7kS+q4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDlBNkYxRkE0RkM1MzJENkI0RTEzNDYyRkMyMzRDOUM3
NjNDRjM2MTAeFw0yNDA3MDEwMDU3NTRaFw0yNTA2MzAwMTAyNTRaMDMxMTAvBgNV
BAMTKEExNDE5MTI1OEEyOTM4QjYwQzcyQ0JDQTlENDkwNzZGQjc1N0Q1RjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVA3RZwMerzfradci3WxTQAnn3
3ezML2/D/kl3MPV075h72Nr0APGm3x1ud/3T+0cBfiPLeiFXfPUUU/eQvpipmx0E
KY0xAb2leFeHnqPBRGhZJUumP1rY1P5nR7Mqv9A5mB8Pi8CS/e0Nm+eKiyDAv3US
xtNi2n1c2YT//KzelE1fMtPw7ddgVJXK0Ki8n8rAak6HsK7UHyu6ZlXluadNERgO
4lze+xAq5iujpudeUJyyQik1tt5dkRYUazxP6nmf5HKLqx+Gf3TrxXBX9eQXCXYn
aEgh6hwIvcPKYoDpbwvuHw5IhdkOY01S/K2Erf12WBSZtAt+9Jrb4YCovm//AgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUoUGRJYopOLYMcsvKnUkHb7dX1fEwHwYDVR0j
BBgwFoAUCabx+k/FMta04TRi/CNMnHY882EwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m
MzRlY2M0MC02Yjg0LTQ5ZTgtYjYwYi02ZTk5MDQxMjhjYTgvMC8wOUE2RjFGQTRG
QzUzMkQ2QjRFMTM0NjJGQzIzNEM5Qzc2M0NGMzYxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDlBNkYxRkE0RkM1MzJENkI0RTEzNDYyRkMyMzRDOUM3NjND
RjM2MS5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZjM0ZWNjNDAtNmI4NC00OWU4LWI2
MGItNmU5OTA0MTI4Y2E4LzAvMzIzMDMyMmUzMTM0MzgyZTMyMmUzMDJmMzIzNDJk
MzIzNDIwM2QzZTIwMzkzNzM5MzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKlAIwDQYJKoZIhvcNAQEL
BQADggEBAH0kbxBaZ47yOBtQ/Y0Bu1tijpVOekdtHxYfS5Clj9x5A9DdVm8DpsGP
OfGZjJeOZccmknLZn392BCpX1FjqQQLhLSy19mkI6nGR3D9UJhF/Let15sKc+8sS
Pi4WDRPRGjEs7hd8wPXrF7U7Ghq3KLbaMMM/peUsifC/G3w2IZgQD8ntRJUWSLux
J5/15tPlYk/femDtB1/bzrqzwnBwue1klEEXI7nZmXic5ZFFMQc39R0IHJqkE0M2
cbbQEJjbNeuqsF/sc7fspFGPt8jdolGYx10cYvFBawWRG6yWwLMe896KN//ZRMNF
H3HzKTZ2pww3ZMi6FZsWQEO9VxMKQek=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:56:55 2025 by rpki-client