Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS59796.roa
File: AS59796.roa (raw, json)
Hash identifier: z2raJPaNINOixg9qvr/VttMn+UU/rzov5woYc7W8KqU=
Subject key identifier: B9:12:94:C9:E2:F1:D3:36:AB:E1:37:4D:AF:40:3D:D1:DC:47:C7:CF
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 646F6D6176023B33A1A9640BC9F31EF1AE37DDDE
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS59796.roa
Signing time: Wed 12 Feb 2025 08:56:27 +0000
ROA not before: Wed 12 Feb 2025 08:51:27 +0000
ROA not after: Wed 11 Feb 2026 08:56:27 +0000
asID: 59796
IP address blocks: 160.25.252.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 13:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:6f:6d:61:76:02:3b:33:a1:a9:64:0b:c9:f3:1e:f1:ae:37:dd:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 12 08:51:27 2025 GMT
Not After : Feb 11 08:56:27 2026 GMT
Subject: CN=B91294C9E2F1D336ABE1374DAF403DD1DC47C7CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:15:38:f5:b6:96:97:28:84:6c:dd:0d:64:d7:
81:12:78:eb:bd:7b:8c:0c:4c:ab:a1:28:2f:4a:c1:
fb:90:f4:ef:cc:98:31:a7:14:63:ef:d6:ad:51:98:
55:10:06:ee:60:d9:5f:d9:e1:09:fa:b3:68:70:d8:
8f:91:bf:84:36:9b:6f:05:a6:18:d3:cc:7c:56:94:
b0:10:27:fe:5e:95:7b:8d:48:1c:30:81:65:4f:b7:
01:f6:51:f3:7b:71:c9:83:fb:1b:62:1d:f2:12:96:
19:70:5c:28:aa:3a:c7:bc:a4:b1:d7:a6:9b:74:58:
07:a4:d6:4b:8c:65:5a:12:9b:2f:b4:b5:17:03:b8:
e6:c5:a7:58:e8:64:03:ff:12:e0:45:62:7b:cb:6f:
7e:dd:53:93:3f:9d:f5:dc:66:bf:b0:94:e6:0f:c3:
b1:5f:61:e4:2a:94:28:9d:a8:7c:61:b0:e9:39:05:
92:fd:18:91:b9:df:05:d5:9a:ab:89:f6:cc:f0:d4:
5b:e1:a4:29:92:85:38:75:4b:b6:41:a6:b8:dc:e8:
a9:07:9d:4a:4b:b1:20:6c:52:a0:6c:62:d4:76:8f:
3f:52:6f:fc:37:ec:a8:8a:a6:19:40:ac:08:3d:06:
2f:4e:e4:a2:f3:fc:30:13:68:33:a9:1e:4e:af:bb:
95:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:12:94:C9:E2:F1:D3:36:AB:E1:37:4D:AF:40:3D:D1:DC:47:C7:CF
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS59796.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.25.252.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:b3:4c:6d:54:0d:8f:35:43:2c:79:16:f7:83:24:60:09:67:
0b:02:dc:87:93:58:02:a7:ac:e3:0a:5f:25:90:d0:7d:4b:08:
f3:ca:d5:56:a0:ca:22:72:7b:88:ea:fe:23:db:f2:ae:59:7a:
e3:8c:42:33:76:af:80:cb:f3:a2:2f:76:f3:2e:74:8e:fa:a4:
0c:12:ef:ca:cc:40:6c:29:f4:89:3f:66:39:ea:7e:d2:18:98:
1b:91:6d:e0:64:51:f4:bc:1a:93:d2:92:2c:ef:76:26:7e:24:
79:05:12:25:f6:d3:c3:05:be:0d:be:43:ea:e3:e6:2b:ba:30:
02:7f:07:70:e3:38:83:a1:0b:af:d5:77:2d:b0:72:28:98:57:
b5:22:99:7c:1d:b3:c3:23:d1:e6:90:c0:fe:16:f3:2f:a4:4f:
29:0b:0d:c3:2b:0f:f2:bf:e5:9b:1a:2f:b5:97:61:ba:52:82:
b8:02:f7:32:0d:13:f1:b3:a6:58:be:66:b3:97:44:9a:c5:60:
7a:fa:40:1a:9f:48:28:0e:fc:34:93:03:b3:28:e3:db:c4:91:
03:3e:98:76:8c:4f:16:17:e8:2a:d1:af:2e:38:fa:f9:bd:0b:
6f:32:90:d2:66:5d:63:14:57:21:44:c9:ef:6d:c0:bb:f7:22:
35:1b:75:90
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUZG9tYXYCOzOhqWQLyfMe8a433d4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIxMjA4NTEyN1oX
DTI2MDIxMTA4NTYyN1owMzExMC8GA1UEAxMoQjkxMjk0QzlFMkYxRDMzNkFCRTEz
NzREQUY0MDNERDFEQzQ3QzdDRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwVOPW2lpcohGzdDWTXgRJ46717jAxMq6EoL0rB+5D078yYMacUY+/WrVGY
VRAG7mDZX9nhCfqzaHDYj5G/hDabbwWmGNPMfFaUsBAn/l6Ve41IHDCBZU+3AfZR
83txyYP7G2Id8hKWGXBcKKo6x7yksdemm3RYB6TWS4xlWhKbL7S1FwO45sWnWOhk
A/8S4EVie8tvft1Tkz+d9dxmv7CU5g/DsV9h5CqUKJ2ofGGw6TkFkv0YkbnfBdWa
q4n2zPDUW+GkKZKFOHVLtkGmuNzoqQedSkuxIGxSoGxi1HaPP1Jv/DfsqIqmGUCs
CD0GL07kovP8MBNoM6keTq+7lYcCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBS5EpTJ
4vHTNqvhN02vQD3R3EfHzzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzU5Nzk2LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBoBn8MA0GCSqGSIb3DQEBCwUAA4IBAQAus0xtVA2PNUMseRb3gyRg
CWcLAtyHk1gCp6zjCl8lkNB9SwjzytVWoMoicnuI6v4j2/KuWXrjjEIzdq+Ay/Oi
L3bzLnSO+qQMEu/KzEBsKfSJP2Y56n7SGJgbkW3gZFH0vBqT0pIs73YmfiR5BRIl
9tPDBb4NvkPq4+YrujACfwdw4ziDoQuv1XctsHIomFe1Ipl8HbPDI9HmkMD+FvMv
pE8pCw3DKw/yv+WbGi+1l2G6UoK4AvcyDRPxs6ZYvmazl0SaxWB6+kAan0goDvw0
kwOzKOPbxJEDPph2jE8WF+gq0a8uOPr5vQtvMpDSZl1jFFchRMnvbcC79yI1G3WQ
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:21:59 2025 by rpki-client