Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e36362e3230302e302f32332d3234203d3e2034383030.roa
File: 3135372e36362e3230302e302f32332d3234203d3e2034383030.roa (raw, json)
Hash identifier: VI5Jg16EYemZAVWp6vJrvSWh6OZPDQap2E8dqXt3t5Y=
Subject key identifier: CA:88:B3:A0:43:F6:1C:95:92:E9:44:B3:D8:32:66:E3:2B:03:BF:64
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 3DF00BA0909904486C99489F2B33B24665C8357B
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e36362e3230302e302f32332d3234203d3e2034383030.roa
Signing time: Sun 30 Jun 2024 01:59:53 +0000
ROA not before: Sun 30 Jun 2024 01:54:53 +0000
ROA not after: Sun 29 Jun 2025 01:59:53 +0000
asID: 4800
IP address blocks: 157.66.200.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:f0:0b:a0:90:99:04:48:6c:99:48:9f:2b:33:b2:46:65:c8:35:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Jun 30 01:54:53 2024 GMT
Not After : Jun 29 01:59:53 2025 GMT
Subject: CN=CA88B3A043F61C9592E944B3D83266E32B03BF64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0f:e3:fd:ec:61:dd:96:fa:44:f9:b0:0b:bc:
4d:9f:da:ae:d8:45:ce:ca:fe:e5:40:88:be:81:44:
d2:31:b2:03:72:54:9c:3e:31:a8:59:1a:60:c2:25:
5a:c5:4e:f1:48:b3:69:8f:49:ef:38:8d:3c:d7:4e:
1b:76:4d:df:de:77:5e:4f:76:9b:65:25:a1:06:2c:
2a:17:fe:ab:23:cf:77:18:8a:30:b4:60:55:8c:7d:
f0:5d:68:6a:a0:36:9d:fa:02:c7:e9:22:04:b6:56:
3d:c2:67:32:d6:bb:34:f7:37:34:27:46:4f:75:2b:
e1:28:d0:44:21:6e:24:be:f4:c8:31:12:3a:cd:45:
b6:08:bf:6c:fe:b1:4c:b5:73:be:c5:8e:92:d4:c9:
b0:9f:2e:6d:14:31:03:7a:a3:e7:fb:8c:d3:79:7f:
3f:ea:4e:d2:01:c9:99:d0:66:55:e5:40:e8:b5:f3:
b1:ae:9e:c2:c0:e2:8d:90:37:4c:c1:3d:21:15:7e:
93:bf:1f:d4:7a:3e:87:ad:83:e9:6b:d9:4d:4b:dc:
b0:eb:35:07:1f:f8:b1:64:09:48:da:fa:cb:59:1a:
3e:ec:4d:85:42:54:b3:45:e2:b0:5f:9f:c5:1c:3a:
31:54:45:41:6d:a8:23:10:b2:32:fc:1f:ca:9e:9b:
db:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:88:B3:A0:43:F6:1C:95:92:E9:44:B3:D8:32:66:E3:2B:03:BF:64
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e36362e3230302e302f32332d3234203d3e2034383030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.66.200.0/23
Signature Algorithm: sha256WithRSAEncryption
53:1d:76:57:88:00:76:1a:a5:4b:24:26:87:3d:54:27:ab:e3:
87:c9:12:38:12:88:38:76:df:2d:ae:10:e8:fc:1a:2e:2e:7c:
8b:81:7f:be:b8:4f:3d:59:2d:52:ba:cc:bc:cb:a1:9c:a3:23:
be:f4:46:16:b1:ca:43:c9:77:66:d8:99:6f:78:9f:24:4f:98:
6d:75:59:22:40:ef:d5:76:ef:8b:68:66:be:d2:81:4d:25:d8:
5c:4d:9a:c7:63:8a:a6:25:21:b1:e8:9f:72:00:ea:55:8b:1e:
c3:47:14:f1:07:34:58:ef:cc:a2:87:d9:ca:f6:f6:8b:86:78:
fc:1e:b2:25:5c:6c:e8:ba:cd:9b:d2:c9:97:28:55:bc:d3:36:
a0:d0:86:30:28:58:61:ba:32:2c:3f:b9:f4:73:64:54:9e:d3:
4c:04:e0:55:41:43:95:32:f5:20:18:51:2e:0f:4d:cb:34:89:
e6:c6:60:85:cf:2c:09:37:76:80:7b:4b:9a:78:1f:8b:2c:1c:
f1:d4:02:90:61:75:de:16:75:43:8d:44:97:b3:80:df:1b:99:
1f:1f:2e:b9:77:50:8b:90:09:9e:15:32:b7:8a:f9:77:d8:d4:
f4:cf:62:bf:ff:9b:f2:a0:71:f8:16:30:21:41:f6:a4:23:5c:
7e:e5:8a:c4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIUPfALoJCZBEhsmUifKzOyRmXINXswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDYzMDAxNTQ1M1oX
DTI1MDYyOTAxNTk1M1owMzExMC8GA1UEAxMoQ0E4OEIzQTA0M0Y2MUM5NTkyRTk0
NEIzRDgzMjY2RTMyQjAzQkY2NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8P4/3sYd2W+kT5sAu8TZ/arthFzsr+5UCIvoFE0jGyA3JUnD4xqFkaYMIl
WsVO8UizaY9J7ziNPNdOG3ZN3953Xk92m2UloQYsKhf+qyPPdxiKMLRgVYx98F1o
aqA2nfoCx+kiBLZWPcJnMta7NPc3NCdGT3Ur4SjQRCFuJL70yDESOs1Ftgi/bP6x
TLVzvsWOktTJsJ8ubRQxA3qj5/uM03l/P+pO0gHJmdBmVeVA6LXzsa6ewsDijZA3
TME9IRV+k78f1Ho+h62D6WvZTUvcsOs1Bx/4sWQJSNr6y1kaPuxNhUJUs0XisF+f
xRw6MVRFQW2oIxCyMvwfyp6b22sCAwEAAaOCAf0wggH5MB0GA1UdDgQWBBTKiLOg
Q/YclZLpRLPYMmbjKwO/ZDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMIGABggrBgEFBQcBCwR0MHIwcAYIKwYBBQUHMAuGZHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzEvMzEzNTM3MmUz
NjM2MmUzMjMwMzAyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNDM4MzAzMC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAZ1CyDANBgkqhkiG9w0BAQsFAAOCAQEAUx12V4gAdhqlSyQmhz1UJ6vj
h8kSOBKIOHbfLa4Q6PwaLi58i4F/vrhPPVktUrrMvMuhnKMjvvRGFrHKQ8l3ZtiZ
b3ifJE+YbXVZIkDv1Xbvi2hmvtKBTSXYXE2ax2OKpiUhseifcgDqVYsew0cU8Qc0
WO/MoofZyvb2i4Z4/B6yJVxs6LrNm9LJlyhVvNM2oNCGMChYYboyLD+59HNkVJ7T
TATgVUFDlTL1IBhRLg9NyzSJ5sZghc8sCTd2gHtLmngfiywc8dQCkGF13hZ1Q41E
l7OA3xuZHx8uuXdQi5AJnhUyt4r5d9jU9M9iv/+b8qBx+BYwIUH2pCNcfuWKxA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:58:59 2025 by rpki-client