Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: xcy8vpx44Bcxa9j76ZB7lYaxT9dVv0zlGgh8RATynoo=
Subject key identifier: ED:E5:F8:5C:7A:61:4C:E5:E6:CF:FB:03:D1:4C:53:2A:E3:1B:8B:6E
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 04ABA8DE92EA10A2B98DC24F06ACB07540961CA8
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa
Signing time: Tue 28 Apr 2026 09:45:12 +0000
ROA not before: Tue 28 Apr 2026 09:40:12 +0000
ROA not after: Tue 27 Apr 2027 09:45:12 +0000
asID: 0
IP address blocks: 157.10.212.0/23 maxlen: 24
157.10.237.0/24 maxlen: 24
157.15.68.0/24 maxlen: 24
157.15.170.0/23 maxlen: 24
157.20.120.0/23 maxlen: 24
157.20.167.0/24 maxlen: 24
157.20.232.0/24 maxlen: 24
157.66.34.0/23 maxlen: 24
157.66.54.0/23 maxlen: 24
157.66.126.0/23 maxlen: 24
157.66.192.0/23 maxlen: 24
160.19.186.0/23 maxlen: 24
160.20.78.0/24 maxlen: 24
160.20.250.0/24 maxlen: 24
160.22.4.0/23 maxlen: 24
160.22.10.0/23 maxlen: 24
160.22.98.0/23 maxlen: 24
160.22.187.0/24 maxlen: 24
160.22.250.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:ab:a8:de:92:ea:10:a2:b9:8d:c2:4f:06:ac:b0:75:40:96:1c:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Validity
Not Before: Apr 28 09:40:12 2026 GMT
Not After : Apr 27 09:45:12 2027 GMT
Subject: CN=EDE5F85C7A614CE5E6CFFB03D14C532AE31B8B6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:55:9e:32:d6:8a:cc:d4:a3:bc:46:0d:b0:0e:
c5:f0:0a:8b:91:74:28:c8:dc:bc:5f:7d:01:89:2e:
72:b9:35:97:68:5c:e5:2d:a9:bc:6d:6e:44:c2:fd:
e2:58:e6:56:57:6e:5b:86:bb:a1:a7:c1:80:24:ac:
90:3c:ed:b6:7c:85:a4:a3:85:d5:3c:1c:fe:ed:59:
98:55:b1:f9:e8:1d:a3:15:0b:20:14:17:51:eb:b9:
4e:cc:99:cc:50:b8:2e:38:36:b4:14:83:40:17:f0:
cf:f2:b3:49:20:d5:9f:8a:87:a8:0c:7e:27:72:79:
f7:47:1d:4b:1b:ba:3b:79:79:a9:fb:e4:11:1f:83:
f9:c3:78:90:4e:33:df:df:ef:65:b3:22:ff:57:bd:
0c:f7:0b:1f:df:8d:2e:39:74:4c:df:a4:41:2d:1d:
59:e7:6b:b2:cd:1d:2c:d6:e1:c3:a2:1d:c2:70:2d:
3c:09:33:86:07:f7:65:d7:55:aa:38:a6:68:6c:d9:
24:71:dc:c7:e5:c8:78:4a:a0:92:7e:df:0a:51:97:
4d:74:1b:1f:cc:ae:47:51:ca:b8:ec:aa:b1:1a:bf:
e9:cc:62:e7:9e:79:78:6d:69:fa:09:bb:13:0b:29:
41:fe:e9:a1:99:14:ab:31:d8:38:c0:dc:29:6f:75:
ff:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:E5:F8:5C:7A:61:4C:E5:E6:CF:FB:03:D1:4C:53:2A:E3:1B:8B:6E
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.10.212.0/23
157.10.237.0/24
157.15.68.0/24
157.15.170.0/23
157.20.120.0/23
157.20.167.0/24
157.20.232.0/24
157.66.34.0/23
157.66.54.0/23
157.66.126.0/23
157.66.192.0/23
160.19.186.0/23
160.20.78.0/24
160.20.250.0/24
160.22.4.0/23
160.22.10.0/23
160.22.98.0/23
160.22.187.0/24
160.22.250.0/23
Signature Algorithm: sha256WithRSAEncryption
29:f5:29:63:6a:2d:d1:8e:d1:44:a6:18:f5:ac:17:53:fe:75:
2d:64:c3:bc:7b:8d:32:97:49:73:8c:e9:90:2c:9f:47:f8:e4:
d7:67:5e:ab:c2:db:63:1f:cd:67:35:27:90:0c:9c:18:a8:d3:
bf:9a:a0:f7:05:cf:ee:62:a5:54:05:44:32:ab:8b:d7:4c:f9:
68:27:e1:60:1c:bf:42:4f:9c:e4:73:9c:35:90:1e:81:8d:06:
73:3f:70:b2:41:5e:5b:fd:4d:1d:44:32:9b:5c:ef:ab:a0:5b:
26:e9:dc:81:44:d6:3f:24:b7:8f:00:68:08:57:d4:f9:a2:45:
4a:51:a9:dd:a8:de:ff:d4:40:d1:e0:46:23:dd:b6:0a:24:76:
fe:d1:75:fe:87:e9:9a:a0:09:f7:0f:1b:89:24:59:5f:49:df:
51:d8:97:6c:88:f5:10:b5:31:ff:63:9e:45:fc:89:2c:34:64:
e0:b8:a0:70:2f:07:48:c5:f3:b6:3b:35:48:93:24:eb:f7:26:
08:46:6c:16:1a:65:90:42:d3:17:9a:b6:e3:7b:a5:b1:c3:0b:
95:17:e2:ac:8a:5a:b7:c7:77:21:a3:85:6e:c0:1d:02:4f:59:
e6:0c:1f:ce:81:28:24:90:0e:0c:2b:1e:db:cf:67:95:4a:f8:
29:de:f2:19
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUBKuo3pLqEKK5jcJPBqywdUCWHKgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDQyODA5NDAxMloX
DTI3MDQyNzA5NDUxMlowMzExMC8GA1UEAxMoRURFNUY4NUM3QTYxNENFNUU2Q0ZG
QjAzRDE0QzUzMkFFMzFCOEI2RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlVnjLWiszUo7xGDbAOxfAKi5F0KMjcvF99AYkucrk1l2hc5S2pvG1uRML9
4ljmVlduW4a7oafBgCSskDzttnyFpKOF1Twc/u1ZmFWx+egdoxULIBQXUeu5TsyZ
zFC4Ljg2tBSDQBfwz/KzSSDVn4qHqAx+J3J590cdSxu6O3l5qfvkER+D+cN4kE4z
39/vZbMi/1e9DPcLH9+NLjl0TN+kQS0dWedrss0dLNbhw6IdwnAtPAkzhgf3ZddV
qjimaGzZJHHcx+XIeEqgkn7fClGXTXQbH8yuR1HKuOyqsRq/6cxi5555eG1p+gm7
EwspQf7poZkUqzHYOMDcKW91/+0CAwEAAaOCAjgwggI0MB0GA1UdDgQWBBTt5fhc
emFM5ebP+wPRTFMq4xuLbjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzAucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgYsGCCsGAQUFBwEHAQH/BHwwejB4BAIA
ATByAwQBnQrUAwQAnQrtAwQAnQ9EAwQBnQ+qAwQBnRR4AwQAnRSnAwQAnRToAwQB
nUIiAwQBnUI2AwQBnUJ+AwQBnULAAwQBoBO6AwQAoBROAwQAoBT6AwQBoBYEAwQB
oBYKAwQBoBZiAwQAoBa7AwQBoBb6MA0GCSqGSIb3DQEBCwUAA4IBAQAp9Sljai3R
jtFEphj1rBdT/nUtZMO8e40yl0lzjOmQLJ9H+OTXZ16rwttjH81nNSeQDJwYqNO/
mqD3Bc/uYqVUBUQyq4vXTPloJ+FgHL9CT5zkc5w1kB6BjQZzP3CyQV5b/U0dRDKb
XO+roFsm6dyBRNY/JLePAGgIV9T5okVKUandqN7/1EDR4EYj3bYKJHb+0XX+h+ma
oAn3DxuJJFlfSd9R2JdsiPUQtTH/Y55F/IksNGTguKBwLwdIxfO2OzVIkyTr9yYI
RmwWGmWQQtMXmrbje6WxwwuVF+Ksilq3x3cho4VuwB0CT1nmDB/OgSgkkA4MKx7b
z2eVSvgp3vIZ
-----END CERTIFICATE-----
Generated at Wed Jun 24 02:52:26 2026 by rpki-client