Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3135382e3134302e3138382e302f32332d3234203d3e20313333373938.roa
File: 3135382e3134302e3138382e302f32332d3234203d3e20313333373938.roa (raw, json)
Hash identifier: TfzaRPCV24B6JqNq+JP/KkwdzecLPLLKSzyuBZ78vOg=
Subject key identifier: 4F:01:23:B3:79:1E:FA:65:29:F0:48:32:17:A6:5B:AF:DC:AB:27:F9
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 4F856AD1BF7BC92BA0A1B89D9AB8AC2D639D2E7F
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135382e3134302e3138382e302f32332d3234203d3e20313333373938.roa
Signing time: Wed 08 Jan 2025 03:00:00 +0000
ROA not before: Wed 08 Jan 2025 02:55:00 +0000
ROA not after: Wed 07 Jan 2026 03:00:00 +0000
asID: 133798
IP address blocks: 158.140.188.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:85:6a:d1:bf:7b:c9:2b:a0:a1:b8:9d:9a:b8:ac:2d:63:9d:2e:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Jan 8 02:55:00 2025 GMT
Not After : Jan 7 03:00:00 2026 GMT
Subject: CN=4F0123B3791EFA6529F0483217A65BAFDCAB27F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9f:1b:bf:39:88:96:2d:48:b2:70:64:59:7f:
39:c3:ec:9b:40:f0:04:97:e5:89:97:94:bd:67:e0:
e5:9b:12:9e:5a:48:5e:bd:7e:ba:65:3c:e7:71:d8:
77:68:56:d3:ec:c0:6f:91:e3:f0:f7:49:78:ce:2c:
b8:b6:90:10:16:6e:7b:02:c3:bb:9f:b3:d6:1a:be:
cb:1e:49:b5:2b:cc:ff:75:0b:c5:97:26:e9:1e:cb:
a3:46:10:0c:44:09:4b:d6:42:a9:9d:7b:14:be:40:
b0:f5:e0:86:56:e9:1d:98:a4:57:9b:fa:96:8b:b2:
ad:b7:b6:0e:25:bc:e5:99:c2:d4:2e:63:46:e1:d7:
ca:fa:15:7d:da:d7:19:fb:76:50:06:08:0c:4b:20:
02:ae:94:8d:81:fd:fc:50:33:a5:5c:e7:2c:5a:7a:
c1:65:af:5a:cd:12:95:d8:01:88:0c:cd:f8:37:91:
a1:3b:fe:77:a9:c2:75:90:56:ac:92:9f:e8:46:ce:
17:a4:37:1e:a2:dd:36:e2:f7:be:f7:79:3f:6e:69:
77:91:ce:b3:8a:3f:72:cb:a5:10:73:bf:82:89:b7:
d5:4b:c1:04:fb:b9:f2:cc:6a:8f:cd:d8:ce:e0:f4:
3b:46:88:5b:84:1a:70:9f:3e:bc:8a:6f:ee:05:e9:
40:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:01:23:B3:79:1E:FA:65:29:F0:48:32:17:A6:5B:AF:DC:AB:27:F9
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135382e3134302e3138382e302f32332d3234203d3e20313333373938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.140.188.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:80:53:fa:dc:30:90:1c:fe:c1:a6:46:05:34:36:c8:0f:82:
9e:6d:07:f5:9d:d1:fe:ad:ce:66:44:a0:25:fa:61:e4:7b:2d:
f9:0a:77:da:f8:f8:6f:52:2c:65:96:57:e1:68:0a:db:00:bf:
8c:5a:ac:40:00:69:06:a5:67:0c:88:24:13:de:18:eb:14:d9:
62:4f:45:d7:21:db:a4:a9:37:fc:46:d6:9c:33:dd:3b:d8:af:
55:fd:d9:aa:27:99:93:61:73:e8:12:b1:61:0f:b7:f8:57:60:
ba:ed:46:5c:d3:48:20:37:99:52:36:d5:3b:22:54:b0:26:cb:
70:9e:ba:68:6c:04:28:2c:0a:ec:75:74:6f:14:c3:ed:bb:8e:
2c:b0:a8:ac:3c:f0:44:22:f5:21:2f:bb:c5:17:19:ab:e4:68:
63:4e:41:a5:0e:bb:6a:62:08:54:6f:2e:91:c1:cd:d8:b2:18:
44:85:3d:99:04:c5:e3:88:68:7c:50:c4:cf:17:5c:5e:84:d7:
aa:26:07:5c:a8:f2:7a:16:ee:67:8c:df:b7:27:62:80:a0:bd:
90:4a:82:6b:7f:cc:43:da:c6:86:2e:25:62:d6:5b:77:97:ab:
4f:04:1c:98:c2:da:d3:fa:e4:8e:8e:db:b5:18:e9:82:43:e1:
22:c8:6d:b0
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIUT4Vq0b97ySugobidmrisLWOdLn8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDEwODAyNTUwMFoX
DTI2MDEwNzAzMDAwMFowMzExMC8GA1UEAxMoNEYwMTIzQjM3OTFFRkE2NTI5RjA0
ODMyMTdBNjVCQUZEQ0FCMjdGOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOfG785iJYtSLJwZFl/OcPsm0DwBJfliZeUvWfg5ZsSnlpIXr1+umU853HY
d2hW0+zAb5Hj8PdJeM4suLaQEBZuewLDu5+z1hq+yx5JtSvM/3ULxZcm6R7Lo0YQ
DEQJS9ZCqZ17FL5AsPXghlbpHZikV5v6louyrbe2DiW85ZnC1C5jRuHXyvoVfdrX
Gft2UAYIDEsgAq6UjYH9/FAzpVznLFp6wWWvWs0SldgBiAzN+DeRoTv+d6nCdZBW
rJKf6EbOF6Q3HqLdNuL3vvd5P25pd5HOs4o/csulEHO/gom31UvBBPu58sxqj83Y
zuD0O0aIW4QacJ8+vIpv7gXpQPMCAwEAAaOCAgMwggH/MB0GA1UdDgQWBBRPASOz
eR76ZSnwSDIXpluv3Ksn+TAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMIGGBggrBgEFBQcBCwR6MHgwdgYIKwYBBQUHMAuGanJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzEvMzEzNTM4MmUz
MTM0MzAyZTMxMzgzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMxMzMzMzM3Mzkz
OC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ6MvDANBgkqhkiG9w0BAQsFAAOCAQEAP4BT+twwkBz+waZG
BTQ2yA+Cnm0H9Z3R/q3OZkSgJfph5Hst+Qp32vj4b1IsZZZX4WgK2wC/jFqsQABp
BqVnDIgkE94Y6xTZYk9F1yHbpKk3/EbWnDPdO9ivVf3ZqieZk2Fz6BKxYQ+3+Fdg
uu1GXNNIIDeZUjbVOyJUsCbLcJ66aGwEKCwK7HV0bxTD7buOLLCorDzwRCL1IS+7
xRcZq+RoY05BpQ67amIIVG8ukcHN2LIYRIU9mQTF44hofFDEzxdcXoTXqiYHXKjy
ehbuZ4zftydigKC9kEqCa3/MQ9rGhi4lYtZbd5erTwQcmMLa0/rkjo7btRjpgkPh
IshtsA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:18:18 2025 by rpki-client