Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: hEU3ohSFSOisVnXe+NRabI+6ddZ5ydfMIYMMp7KnXf4=
Subject key identifier: 1A:7A:D7:B3:EE:D7:3A:08:C2:46:A5:0E:08:62:57:32:4D:F9:C9:6A
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 2AC63FFAD0EA7F68D8DED7B1B894DA1D64153080
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa
Signing time: Wed 05 Mar 2025 04:23:40 +0000
ROA not before: Wed 05 Mar 2025 04:18:40 +0000
ROA not after: Wed 04 Mar 2026 04:23:40 +0000
asID: 0
IP address blocks: 157.66.126.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:c6:3f:fa:d0:ea:7f:68:d8:de:d7:b1:b8:94:da:1d:64:15:30:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Mar 5 04:18:40 2025 GMT
Not After : Mar 4 04:23:40 2026 GMT
Subject: CN=1A7AD7B3EED73A08C246A50E086257324DF9C96A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ed:a5:95:c5:72:17:74:87:3b:68:37:6f:01:
c0:fe:56:ef:00:2a:d8:3f:bf:f0:0b:d5:2a:b8:30:
0c:32:a1:1e:2a:97:9e:25:69:63:a8:27:90:2c:e7:
ad:8f:7b:4a:26:54:6e:8f:d3:bd:a6:df:34:5d:74:
7c:1a:75:9b:78:57:68:03:b7:e1:6c:bd:a5:13:2f:
a0:30:cb:bc:18:79:8a:9b:be:a7:31:f5:37:bf:71:
0b:c0:c4:c9:56:45:f6:00:73:7d:04:aa:d5:56:d5:
c4:77:f6:74:06:d7:b5:14:7a:09:45:c8:d7:76:44:
67:60:f0:f3:f0:54:2e:a2:85:92:5c:05:06:e1:6f:
34:86:91:d6:4d:83:3f:25:8d:cb:33:c2:b7:67:8b:
9c:a2:14:f1:bc:98:28:10:fb:de:a2:d5:f6:ad:18:
37:42:0b:67:9f:db:00:8d:6f:7a:be:cc:5a:b6:96:
a2:8f:db:74:74:bc:26:84:46:bb:f3:67:79:89:f9:
1f:dc:86:9e:31:19:55:2e:94:39:57:ba:2b:49:9f:
5c:5f:d8:d5:47:54:f4:4e:45:99:4e:0e:b4:8f:06:
ec:b9:de:1e:ab:cc:35:96:a6:52:a6:10:37:de:9e:
27:88:0f:6f:85:75:64:7d:d2:3d:66:4c:97:2a:50:
0a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:7A:D7:B3:EE:D7:3A:08:C2:46:A5:0E:08:62:57:32:4D:F9:C9:6A
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.66.126.0/23
Signature Algorithm: sha256WithRSAEncryption
36:44:8f:c7:52:8d:23:af:f4:ee:78:12:c9:91:5d:82:db:66:
0f:3f:1b:18:9c:78:bd:19:fe:16:e3:52:ac:2b:7f:6a:d2:1b:
36:30:20:2b:e2:f0:b5:df:25:5f:94:e5:77:71:61:83:b2:c3:
ed:3b:59:ca:96:0a:64:69:f2:ea:b2:6f:e4:67:99:d2:61:12:
39:88:1c:28:04:c3:61:31:12:fb:60:b6:1e:18:df:c1:a0:96:
70:25:6a:a7:36:dd:34:67:1d:fe:34:7e:a8:83:d6:d2:3f:55:
7d:14:33:5c:4d:7d:0e:fd:78:76:70:66:c8:d6:fb:db:de:79:
8b:04:0a:df:d6:7b:f3:61:ee:6b:78:92:15:b8:9c:0a:c5:b7:
93:a3:ec:6e:a1:46:af:8b:e2:00:9f:21:be:aa:48:7b:79:7e:
4a:69:c7:ea:d7:57:b9:62:1c:42:a7:48:4f:38:46:65:2c:ec:
2b:fe:1b:e0:b1:00:64:49:8f:05:ee:ea:e1:60:69:9b:a5:af:
9f:e5:99:83:47:f1:68:22:1e:bc:b0:2a:43:60:4f:bc:35:b2:
d8:26:08:31:4b:73:ae:ac:f5:45:7c:41:89:fc:e9:29:43:76:
18:17:74:65:c1:ee:38:14:24:93:26:3d:53:78:48:cd:22:db:
a3:f7:05:1c
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgIUKsY/+tDqf2jY3texuJTaHWQVMIAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDMwNTA0MTg0MFoX
DTI2MDMwNDA0MjM0MFowMzExMC8GA1UEAxMoMUE3QUQ3QjNFRUQ3M0EwOEMyNDZB
NTBFMDg2MjU3MzI0REY5Qzk2QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJjtpZXFchd0hztoN28BwP5W7wAq2D+/8AvVKrgwDDKhHiqXniVpY6gnkCzn
rY97SiZUbo/TvabfNF10fBp1m3hXaAO34Wy9pRMvoDDLvBh5ipu+pzH1N79xC8DE
yVZF9gBzfQSq1VbVxHf2dAbXtRR6CUXI13ZEZ2Dw8/BULqKFklwFBuFvNIaR1k2D
PyWNyzPCt2eLnKIU8byYKBD73qLV9q0YN0ILZ5/bAI1ver7MWraWoo/bdHS8JoRG
u/NneYn5H9yGnjEZVS6UOVe6K0mfXF/Y1UdU9E5FmU4OtI8G7LneHqvMNZamUqYQ
N96eJ4gPb4V1ZH3SPWZMlypQCiMCAwEAAaOCAcswggHHMB0GA1UdDgQWBBQaetez
7tc6CMJGpQ4IYlcyTfnJajAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzAucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAGdQn4wDQYJKoZIhvcNAQELBQADggEBADZEj8dSjSOv9O54EsmRXYLbZg8/
GxiceL0Z/hbjUqwrf2rSGzYwICvi8LXfJV+U5XdxYYOyw+07WcqWCmRp8uqyb+Rn
mdJhEjmIHCgEw2ExEvtgth4Y38GglnAlaqc23TRnHf40fqiD1tI/VX0UM1xNfQ79
eHZwZsjW+9veeYsECt/We/Nh7mt4khW4nArFt5Oj7G6hRq+L4gCfIb6qSHt5fkpp
x+rXV7liHEKnSE84RmUs7Cv+G+CxAGRJjwXu6uFgaZulr5/lmYNH8WgiHrywKkNg
T7w1stgmCDFLc66s9UV8QYn86SlDdhgXdGXB7jgUJJMmPVN4SM0i26P3BRw=
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:29:50 2025 by rpki-client