Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/3230332e3230312e3137302e302f32332d3233203d3e203338373738.roa
File: 3230332e3230312e3137302e302f32332d3233203d3e203338373738.roa (raw, json)
Hash identifier: zNPh6jm1Aeq/gtjv+lViGcAtUmosTpR9Xo6SUPgAy7Y=
Subject key identifier: 4E:EA:03:EC:4D:7D:12:4B:56:80:81:02:E5:76:D1:18:E6:44:1D:2C
Certificate issuer: /CN=09A6F1FA4FC532D6B4E13462FC234C9C763CF361
Certificate serial: 476A7870CDB03BF243AE76F3E721C3E8903BBC31
Authority key identifier: 09:A6:F1:FA:4F:C5:32:D6:B4:E1:34:62:FC:23:4C:9C:76:3C:F3:61
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/09A6F1FA4FC532D6B4E13462FC234C9C763CF361.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/3230332e3230312e3137302e302f32332d3233203d3e203338373738.roa
Signing time: Mon 01 Jul 2024 01:02:56 +0000
ROA not before: Mon 01 Jul 2024 00:57:56 +0000
ROA not after: Mon 30 Jun 2025 01:02:56 +0000
asID: 38778
IP address blocks: 203.201.170.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:6a:78:70:cd:b0:3b:f2:43:ae:76:f3:e7:21:c3:e8:90:3b:bc:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09A6F1FA4FC532D6B4E13462FC234C9C763CF361
Validity
Not Before: Jul 1 00:57:56 2024 GMT
Not After : Jun 30 01:02:56 2025 GMT
Subject: CN=4EEA03EC4D7D124B56808102E576D118E6441D2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2d:82:f3:3c:20:19:04:fd:cb:4c:55:2c:d2:
23:bb:cf:7a:d2:5e:f4:90:60:2a:53:d0:9e:ba:d1:
70:ee:49:14:76:6b:9d:40:1c:f8:2d:44:18:ab:d6:
16:54:a2:bb:1f:61:4f:c1:ae:7a:95:7f:af:f7:83:
0c:bf:6d:22:0c:45:50:a9:18:48:3e:1c:c4:16:22:
b8:53:6c:90:3f:ed:a2:1e:49:15:58:90:23:86:6d:
4a:2f:b2:4c:8b:11:d6:ee:36:49:37:e5:a5:b7:81:
88:13:df:29:f0:d9:59:69:06:5b:59:53:95:c5:3f:
3a:48:3e:db:6c:00:18:97:1f:1b:bd:fe:76:5e:3f:
67:f0:e8:96:74:1a:be:61:35:80:1f:df:56:d5:9f:
5c:ab:7c:08:43:71:34:48:12:ce:98:1e:99:22:dd:
39:18:71:ee:7c:1b:ad:8d:7b:09:ff:2d:49:54:4b:
21:5d:5c:8b:29:59:6c:4e:32:8e:03:cb:7c:aa:34:
98:5e:57:02:71:99:0b:ea:d1:4f:70:90:69:5a:1c:
4b:c2:48:54:6d:19:4c:31:40:0e:57:31:7e:b1:24:
86:e0:7b:6f:73:8d:d0:db:99:03:d0:7a:b5:cb:6f:
c1:21:5f:47:31:e7:34:6b:e6:27:70:9a:7d:e2:ae:
80:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:EA:03:EC:4D:7D:12:4B:56:80:81:02:E5:76:D1:18:E6:44:1D:2C
X509v3 Authority Key Identifier:
keyid:09:A6:F1:FA:4F:C5:32:D6:B4:E1:34:62:FC:23:4C:9C:76:3C:F3:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/09A6F1FA4FC532D6B4E13462FC234C9C763CF361.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/09A6F1FA4FC532D6B4E13462FC234C9C763CF361.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/3230332e3230312e3137302e302f32332d3233203d3e203338373738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.201.170.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:fc:9c:2b:b7:21:a3:95:c7:df:09:62:b4:9f:90:14:d2:29:
67:d7:e0:0c:c4:14:ab:7e:19:1b:24:71:85:8e:9f:42:75:75:
c9:f0:dd:a3:1a:81:41:2d:06:0e:41:48:c9:76:c5:44:d2:82:
a7:55:b8:b8:d1:4c:9b:a0:dc:e3:ec:82:1c:99:f2:c8:22:a5:
d4:5d:a7:88:56:3d:59:d3:3d:2c:a8:22:a7:78:34:87:2a:90:
2b:23:d3:b1:79:ac:a7:05:a8:b7:74:b9:2f:4f:9d:e6:f0:9a:
2a:44:d9:c1:b6:53:39:4f:56:f7:98:1d:95:e0:77:09:50:28:
86:b1:0f:f1:95:a9:be:30:96:c9:67:bd:72:1d:24:cd:92:7f:
13:1b:b7:47:c9:a9:a8:a8:ac:15:fd:41:50:2a:a6:9d:ac:02:
ba:73:8a:54:98:14:8a:88:11:ab:c0:3b:4b:6d:ae:56:9d:16:
1f:92:b7:ce:ed:9c:21:1a:9e:d3:a0:5d:03:62:d5:ec:76:81:
cd:a5:44:d1:01:72:9a:d3:14:9c:29:df:ba:3c:fb:3b:1b:18:
ba:da:6d:b8:b8:bd:e9:2e:82:8f:0e:51:86:ce:8d:2a:43:87:
48:dd:c9:7d:9b:27:ce:0c:c1:61:ef:c6:82:b3:df:4d:36:5c:
f2:38:be:ff
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUR2p4cM2wO/JDrnbz5yHD6JA7vDEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDlBNkYxRkE0RkM1MzJENkI0RTEzNDYyRkMyMzRDOUM3
NjNDRjM2MTAeFw0yNDA3MDEwMDU3NTZaFw0yNTA2MzAwMTAyNTZaMDMxMTAvBgNV
BAMTKDRFRUEwM0VDNEQ3RDEyNEI1NjgwODEwMkU1NzZEMTE4RTY0NDFEMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYLYLzPCAZBP3LTFUs0iO7z3rS
XvSQYCpT0J660XDuSRR2a51AHPgtRBir1hZUorsfYU/BrnqVf6/3gwy/bSIMRVCp
GEg+HMQWIrhTbJA/7aIeSRVYkCOGbUovskyLEdbuNkk35aW3gYgT3ynw2VlpBltZ
U5XFPzpIPttsABiXHxu9/nZeP2fw6JZ0Gr5hNYAf31bVn1yrfAhDcTRIEs6YHpki
3TkYce58G62Newn/LUlUSyFdXIspWWxOMo4Dy3yqNJheVwJxmQvq0U9wkGlaHEvC
SFRtGUwxQA5XMX6xJIbge29zjdDbmQPQerXLb8EhX0cx5zRr5idwmn3iroANAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUTuoD7E19EktWgIEC5XbRGOZEHSwwHwYDVR0j
BBgwFoAUCabx+k/FMta04TRi/CNMnHY882EwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m
MzRlY2M0MC02Yjg0LTQ5ZTgtYjYwYi02ZTk5MDQxMjhjYTgvMC8wOUE2RjFGQTRG
QzUzMkQ2QjRFMTM0NjJGQzIzNEM5Qzc2M0NGMzYxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDlBNkYxRkE0RkM1MzJENkI0RTEzNDYyRkMyMzRDOUM3NjND
RjM2MS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2YzNGVjYzQwLTZiODQtNDllOC1i
NjBiLTZlOTkwNDEyOGNhOC8wLzMyMzAzMzJlMzIzMDMxMmUzMTM3MzAyZTMwMmYz
MjMzMmQzMjMzMjAzZDNlMjAzMzM4MzczNzM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBy8mqMA0GCSqG
SIb3DQEBCwUAA4IBAQA6/JwrtyGjlcffCWK0n5AU0iln1+AMxBSrfhkbJHGFjp9C
dXXJ8N2jGoFBLQYOQUjJdsVE0oKnVbi40UyboNzj7IIcmfLIIqXUXaeIVj1Z0z0s
qCKneDSHKpArI9OxeaynBai3dLkvT53m8JoqRNnBtlM5T1b3mB2V4HcJUCiGsQ/x
lam+MJbJZ71yHSTNkn8TG7dHyamoqKwV/UFQKqadrAK6c4pUmBSKiBGrwDtLba5W
nRYfkrfO7ZwhGp7ToF0DYtXsdoHNpUTRAXKa0xScKd+6PPs7Gxi62m24uL3pLoKP
DlGGzo0qQ4dI3cl9myfODMFh78aCs99NNlzyOL7/
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:33:13 2025 by rpki-client