Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/3231302e38372e3132342e302f32332d3234203d3e20313532303539.roa
File: 3231302e38372e3132342e302f32332d3234203d3e20313532303539.roa (raw, json)
Hash identifier: bZtCXaxnCo0kXFhv+UgtkdHVo3axHOoHwsSEN85b1Nc=
Subject key identifier: 38:90:D5:B5:E6:31:F4:DD:5F:6D:82:E0:1A:3D:19:23:C6:ED:39:A9
Certificate issuer: /CN=843FDF32A52D11795BBFB0918ABF926E0A210870
Certificate serial: 31579EAE3D9E25F90BE07B7C02BDCDCA100B7BCB
Authority key identifier: 84:3F:DF:32:A5:2D:11:79:5B:BF:B0:91:8A:BF:92:6E:0A:21:08:70
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/843FDF32A52D11795BBFB0918ABF926E0A210870.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/3231302e38372e3132342e302f32332d3234203d3e20313532303539.roa
Signing time: Thu 16 Jan 2025 10:00:02 +0000
ROA not before: Thu 16 Jan 2025 09:55:02 +0000
ROA not after: Thu 15 Jan 2026 10:00:02 +0000
asID: 152059
IP address blocks: 210.87.124.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:57:9e:ae:3d:9e:25:f9:0b:e0:7b:7c:02:bd:cd:ca:10:0b:7b:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843FDF32A52D11795BBFB0918ABF926E0A210870
Validity
Not Before: Jan 16 09:55:02 2025 GMT
Not After : Jan 15 10:00:02 2026 GMT
Subject: CN=3890D5B5E631F4DD5F6D82E01A3D1923C6ED39A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:1f:49:0d:fa:be:a8:89:ce:9f:d3:ca:e9:3e:
66:ff:2a:0a:5b:23:25:bc:18:1b:52:66:b5:81:5b:
39:fb:06:88:32:8d:15:4b:6b:dc:5f:81:7d:3f:0f:
20:19:95:53:f8:9b:aa:93:42:53:d3:15:c2:19:54:
35:be:ac:1b:0b:2e:7c:55:2a:4f:26:f0:d5:03:e9:
fe:1c:6d:ba:35:42:da:e2:c2:69:1f:4c:1e:5c:dd:
76:47:04:04:4d:cc:58:2c:fd:fa:49:d3:be:e4:fc:
48:c0:6b:a5:48:4d:8e:0c:bf:7d:ce:9b:24:f7:72:
78:a6:2f:35:6b:d8:9d:66:bb:95:fc:f8:ca:b0:8f:
fe:a8:e7:df:e3:ca:8c:c7:2a:db:be:c0:1e:bf:70:
4c:f2:52:b3:10:8f:f0:d9:1d:f1:45:c3:c5:26:ea:
04:ed:8a:81:17:bc:c2:b2:6e:5c:52:10:2f:76:fe:
d5:25:92:ab:44:22:e9:eb:53:16:44:01:7d:39:de:
b4:98:1a:45:56:b0:75:c3:5f:3e:4b:99:ad:5b:b0:
43:10:ff:c0:d2:d6:ee:ea:b8:d2:6c:73:c0:f8:4c:
12:14:54:43:4d:f9:85:07:1f:ac:59:ea:7a:a6:df:
e4:1d:5c:db:99:a3:90:90:8f:aa:32:c9:0c:7a:b2:
95:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:90:D5:B5:E6:31:F4:DD:5F:6D:82:E0:1A:3D:19:23:C6:ED:39:A9
X509v3 Authority Key Identifier:
keyid:84:3F:DF:32:A5:2D:11:79:5B:BF:B0:91:8A:BF:92:6E:0A:21:08:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/843FDF32A52D11795BBFB0918ABF926E0A210870.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/3231302e38372e3132342e302f32332d3234203d3e20313532303539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
210.87.124.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:0f:c9:1a:96:b3:75:46:9b:73:51:cb:0a:22:5b:75:9e:75:
8e:a9:be:e9:c7:f1:55:bc:19:ea:6d:95:b5:55:ff:42:a8:ee:
e1:26:da:73:41:96:84:e9:4e:6b:12:fe:b0:d5:b5:9a:75:fd:
06:d2:d3:b6:93:e4:be:b8:43:d3:78:ef:bb:0b:f6:1b:5e:37:
e5:1c:9e:d6:3b:b9:83:10:2e:69:99:fe:e4:ff:95:b1:42:02:
47:bb:f1:61:a8:1e:e5:da:b4:40:33:52:3d:fb:ad:59:33:1d:
18:5d:ca:40:cc:90:78:65:38:87:1c:59:1e:98:22:94:47:cb:
82:81:05:d6:d1:42:22:ef:8f:81:56:e7:21:41:ae:a3:02:d8:
eb:81:54:65:48:5a:05:cb:17:ad:9b:7b:ca:6b:01:e2:2e:cf:
b4:be:e0:4d:d8:34:63:7a:26:0a:65:89:ea:1c:7f:e2:26:cd:
79:af:42:63:23:f8:45:aa:f1:d9:1b:31:3f:26:3f:8e:8b:59:
b6:f6:ac:41:7f:88:f8:21:84:29:8b:8d:f4:cc:c2:46:91:69:
c9:56:47:54:73:19:81:55:97:34:f5:99:75:9d:eb:01:5c:69:
13:80:bb:06:b2:72:dc:e7:a1:fc:a9:ad:0d:d4:ad:8f:94:e6:
b0:61:dc:1d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUMVeerj2eJfkL4Ht8Ar3NyhALe8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQzRkRGMzJBNTJEMTE3OTVCQkZCMDkxOEFCRjkyNkUw
QTIxMDg3MDAeFw0yNTAxMTYwOTU1MDJaFw0yNjAxMTUxMDAwMDJaMDMxMTAvBgNV
BAMTKDM4OTBENUI1RTYzMUY0REQ1RjZEODJFMDFBM0QxOTIzQzZFRDM5QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVH0kN+r6oic6f08rpPmb/Kgpb
IyW8GBtSZrWBWzn7BogyjRVLa9xfgX0/DyAZlVP4m6qTQlPTFcIZVDW+rBsLLnxV
Kk8m8NUD6f4cbbo1QtriwmkfTB5c3XZHBARNzFgs/fpJ077k/EjAa6VITY4Mv33O
myT3cnimLzVr2J1mu5X8+Mqwj/6o59/jyozHKtu+wB6/cEzyUrMQj/DZHfFFw8Um
6gTtioEXvMKyblxSEC92/tUlkqtEIunrUxZEAX053rSYGkVWsHXDXz5Lma1bsEMQ
/8DS1u7quNJsc8D4TBIUVENN+YUHH6xZ6nqm3+QdXNuZo5CQj6oyyQx6spVxAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUOJDVteYx9N1fbYLgGj0ZI8btOakwHwYDVR0j
BBgwFoAUhD/fMqUtEXlbv7CRir+SbgohCHAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
N2JlOGI3Yy0yMzJmLTQ3ZTgtOWNkZC04ODE3ZDM5YjcwZWEvMC84NDNGREYzMkE1
MkQxMTc5NUJCRkIwOTE4QUJGOTI2RTBBMjEwODcwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODQzRkRGMzJBNTJEMTE3OTVCQkZCMDkxOEFCRjkyNkUwQTIx
MDg3MC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU3YmU4YjdjLTIzMmYtNDdlOC05
Y2RkLTg4MTdkMzliNzBlYS8wLzMyMzEzMDJlMzgzNzJlMzEzMjM0MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzNTMyMzAzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB0ld8MA0GCSqG
SIb3DQEBCwUAA4IBAQCdD8kalrN1RptzUcsKIlt1nnWOqb7px/FVvBnqbZW1Vf9C
qO7hJtpzQZaE6U5rEv6w1bWadf0G0tO2k+S+uEPTeO+7C/YbXjflHJ7WO7mDEC5p
mf7k/5WxQgJHu/FhqB7l2rRAM1I9+61ZMx0YXcpAzJB4ZTiHHFkemCKUR8uCgQXW
0UIi74+BVuchQa6jAtjrgVRlSFoFyxetm3vKawHiLs+0vuBN2DRjeiYKZYnqHH/i
Js15r0JjI/hFqvHZGzE/Jj+Oi1m29qxBf4j4IYQpi430zMJGkWnJVkdUcxmBVZc0
9Zl1nesBXGkTgLsGsnLc56H8qa0N1K2PlOawYdwd
-----END CERTIFICATE-----
Generated at Fri Apr 25 00:05:23 2025 by rpki-client