Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/f7448c11-f8d3-457d-8e22-84887ab22a30/0/323430313a646363303a3a2f33322d3438203d3e203338313635.roa
File: 323430313a646363303a3a2f33322d3438203d3e203338313635.roa (raw, json)
Hash identifier: AsaRMX6QwdcLrNSwu4P7+IgUU+MNlXWLMATBfBSzkX0=
Subject key identifier: 90:BD:C4:80:39:7D:D6:03:C8:85:22:0B:B1:05:67:7A:47:F9:B4:DC
Certificate issuer: /CN=F2C22414BF08FC08B0AEBF44FAF85A85979D1053
Certificate serial: 7D0081886DED981A8863DE4190EAD00857EF5FCB
Authority key identifier: F2:C2:24:14:BF:08:FC:08:B0:AE:BF:44:FA:F8:5A:85:97:9D:10:53
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F2C22414BF08FC08B0AEBF44FAF85A85979D1053.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/f7448c11-f8d3-457d-8e22-84887ab22a30/0/323430313a646363303a3a2f33322d3438203d3e203338313635.roa
Signing time: Wed 09 Oct 2024 22:00:01 +0000
ROA not before: Wed 09 Oct 2024 21:55:01 +0000
ROA not after: Wed 08 Oct 2025 22:00:01 +0000
asID: 38165
IP address blocks: 2401:dcc0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:00:81:88:6d:ed:98:1a:88:63:de:41:90:ea:d0:08:57:ef:5f:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F2C22414BF08FC08B0AEBF44FAF85A85979D1053
Validity
Not Before: Oct 9 21:55:01 2024 GMT
Not After : Oct 8 22:00:01 2025 GMT
Subject: CN=90BDC480397DD603C885220BB105677A47F9B4DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:dc:bf:c6:8e:85:40:b1:e6:92:9d:c8:11:4e:
b1:b8:c9:73:0b:32:56:a1:78:e0:32:de:fb:0a:af:
1c:be:c2:89:25:25:02:fc:19:71:06:fc:cc:c2:f4:
a4:b0:1d:df:a7:1a:b1:08:ee:c4:6a:48:44:53:98:
8e:ed:90:e3:95:12:31:ec:2c:54:ba:7e:4b:4b:15:
cb:0f:59:f7:1e:7e:41:6c:1b:4f:09:81:7f:2a:f4:
74:7b:d2:47:fa:48:13:cf:c8:e5:d4:67:c5:f6:f1:
d5:0e:41:6e:6a:c7:ea:2a:d3:93:29:97:d5:33:9a:
77:f1:59:5b:28:b7:1d:d3:b7:6c:a1:c9:75:f2:d4:
ae:87:2e:7d:06:76:3b:90:4b:ab:19:40:da:b0:cc:
44:ec:1f:26:b6:f7:d7:0c:60:2c:81:29:ff:2b:d7:
c6:84:01:61:69:8a:7e:36:ed:e1:92:e1:3d:c6:a4:
bd:ed:56:01:0e:a1:b1:ed:ad:26:69:41:3f:0f:11:
ea:81:3a:78:4d:0b:9f:d5:bb:e4:e3:3d:17:3e:15:
8f:7b:e6:03:de:f6:c6:62:3c:37:4c:c9:f7:fd:02:
5c:37:c9:53:3b:d6:3e:3d:4d:46:76:47:1f:c1:60:
c2:44:4c:2f:5c:08:a7:de:ce:75:d8:d0:4d:5f:b5:
64:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:BD:C4:80:39:7D:D6:03:C8:85:22:0B:B1:05:67:7A:47:F9:B4:DC
X509v3 Authority Key Identifier:
keyid:F2:C2:24:14:BF:08:FC:08:B0:AE:BF:44:FA:F8:5A:85:97:9D:10:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/f7448c11-f8d3-457d-8e22-84887ab22a30/0/F2C22414BF08FC08B0AEBF44FAF85A85979D1053.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F2C22414BF08FC08B0AEBF44FAF85A85979D1053.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f7448c11-f8d3-457d-8e22-84887ab22a30/0/323430313a646363303a3a2f33322d3438203d3e203338313635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2401:dcc0::/32
Signature Algorithm: sha256WithRSAEncryption
99:46:81:fd:85:4b:e5:39:4d:d1:11:e6:fd:0f:6c:08:b0:a8:
59:c7:25:67:06:d1:0b:f8:7e:6d:bb:81:07:65:53:84:ad:35:
3a:1e:39:c6:04:01:34:c8:6e:58:5c:9b:49:df:f0:62:63:bc:
d2:31:55:9f:37:11:29:e6:eb:e1:7f:a8:99:d5:29:f4:d5:8a:
1c:e5:47:aa:66:e7:6d:c7:c3:14:f7:3d:8e:80:1b:8d:7e:02:
e8:dc:36:6a:77:5c:60:8e:09:0c:cd:eb:7f:a0:72:a5:16:20:
09:16:cc:3f:1c:60:99:31:4e:86:88:a5:c5:c4:d1:69:0b:8c:
cb:db:cf:fa:54:d9:d5:12:59:08:4e:4d:01:da:fe:c9:16:dc:
48:7f:9c:47:81:8d:ba:a2:2f:35:62:94:fe:95:57:bd:88:1d:
d6:86:3d:30:cb:3f:c4:1d:32:af:11:70:08:b7:b4:b1:e4:b9:
90:ca:9b:53:63:f4:d4:e1:c6:98:db:aa:f9:71:e6:ed:30:4a:
48:83:07:15:73:19:db:85:e7:09:70:ba:ab:91:63:b4:db:59:
ce:1f:5b:67:71:de:27:fa:dc:6e:a2:2c:fa:93:a8:6e:22:9a:
e0:3f:c4:d8:f7:c2:8c:74:9b:85:ad:aa:44:34:86:35:05:0b:
49:13:15:a7
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIUfQCBiG3tmBqIY95BkOrQCFfvX8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjJDMjI0MTRCRjA4RkMwOEIwQUVCRjQ0RkFGODVBODU5
NzlEMTA1MzAeFw0yNDEwMDkyMTU1MDFaFw0yNTEwMDgyMjAwMDFaMDMxMTAvBgNV
BAMTKDkwQkRDNDgwMzk3REQ2MDNDODg1MjIwQkIxMDU2NzdBNDdGOUI0REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD3L/GjoVAseaSncgRTrG4yXML
MlaheOAy3vsKrxy+woklJQL8GXEG/MzC9KSwHd+nGrEI7sRqSERTmI7tkOOVEjHs
LFS6fktLFcsPWfcefkFsG08JgX8q9HR70kf6SBPPyOXUZ8X28dUOQW5qx+oq05Mp
l9UzmnfxWVsotx3Tt2yhyXXy1K6HLn0GdjuQS6sZQNqwzETsHya299cMYCyBKf8r
18aEAWFpin427eGS4T3GpL3tVgEOobHtrSZpQT8PEeqBOnhNC5/Vu+TjPRc+FY97
5gPe9sZiPDdMyff9Alw3yVM71j49TUZ2Rx/BYMJETC9cCKfeznXY0E1ftWStAgMB
AAGjggIxMIICLTAdBgNVHQ4EFgQUkL3EgDl91gPIhSILsQVnekf5tNwwHwYDVR0j
BBgwFoAU8sIkFL8I/Aiwrr9E+vhahZedEFMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m
NzQ0OGMxMS1mOGQzLTQ1N2QtOGUyMi04NDg4N2FiMjJhMzAvMC9GMkMyMjQxNEJG
MDhGQzA4QjBBRUJGNDRGQUY4NUE4NTk3OUQxMDUzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjJDMjI0MTRCRjA4RkMwOEIwQUVCRjQ0RkFGODVBODU5NzlE
MTA1My5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Y3NDQ4YzExLWY4ZDMtNDU3ZC04
ZTIyLTg0ODg3YWIyMmEzMC8wLzMyMzQzMDMxM2E2NDYzNjMzMDNhM2EyZjMzMzIy
ZDM0MzgyMDNkM2UyMDMzMzgzMTM2MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAdzAMA0GCSqGSIb3
DQEBCwUAA4IBAQCZRoH9hUvlOU3REeb9D2wIsKhZxyVnBtEL+H5tu4EHZVOErTU6
HjnGBAE0yG5YXJtJ3/BiY7zSMVWfNxEp5uvhf6iZ1Sn01Yoc5UeqZudtx8MU9z2O
gBuNfgLo3DZqd1xgjgkMzet/oHKlFiAJFsw/HGCZMU6GiKXFxNFpC4zL28/6VNnV
ElkITk0B2v7JFtxIf5xHgY26oi81YpT+lVe9iB3Whj0wyz/EHTKvEXAIt7Sx5LmQ
yptTY/TU4caY26r5cebtMEpIgwcVcxnbhecJcLqrkWO021nOH1tncd4n+txuoiz6
k6huIprgP8TY98KMdJuFrapENIY1BQtJExWn
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:48:12 2025 by rpki-client