Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138091.roa
File: AS138091.roa (raw, json)
Hash identifier: XeXpNesk7QY2VATg1aednobmnh83TAksXjBd6Gz+lvk=
Subject key identifier: F8:FF:2C:80:91:3E:53:2E:33:23:31:72:E3:84:86:CC:40:1B:E8:64
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 26368C88BB338F6D48C6B7290B2BB5DD0053B0A3
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138091.roa
Signing time: Thu 06 Feb 2025 10:44:54 +0000
ROA not before: Thu 06 Feb 2025 10:39:54 +0000
ROA not after: Thu 05 Feb 2026 10:44:54 +0000
asID: 138091
IP address blocks: 157.20.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:36:8c:88:bb:33:8f:6d:48:c6:b7:29:0b:2b:b5:dd:00:53:b0:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 6 10:39:54 2025 GMT
Not After : Feb 5 10:44:54 2026 GMT
Subject: CN=F8FF2C80913E532E33233172E38486CC401BE864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:36:41:75:5f:d4:c1:73:86:d2:fd:82:35:1f:
83:27:96:ec:e2:65:33:6c:7a:25:81:17:71:08:fe:
db:44:c8:27:be:3a:e8:62:6b:a5:e3:d9:71:d7:d2:
33:ba:bf:87:08:e9:f4:47:8f:be:60:17:f7:07:a5:
7c:54:46:13:4b:8f:7b:0f:3e:97:59:fa:2c:25:35:
70:c0:0c:bf:75:66:fb:62:f9:ad:41:2d:52:9e:67:
36:9b:63:18:94:26:28:f6:50:ff:c5:0b:81:04:bd:
f1:53:05:47:5f:76:56:a4:80:a6:fb:63:c1:c5:f8:
fd:d0:a6:10:7b:11:94:60:f2:2a:98:ce:4c:25:ab:
2a:88:ff:c7:13:18:11:15:f1:1d:a2:3a:d8:27:be:
b8:85:97:27:69:9d:57:2b:8a:cf:7e:32:e8:e5:8f:
ff:51:a3:45:91:fe:5b:0c:e3:56:db:94:8d:b1:da:
0e:9e:23:a7:88:43:1c:89:5d:a3:d0:5d:74:96:6d:
8e:e0:73:b5:0a:f4:89:ba:b9:75:b9:25:b5:0e:5c:
55:e1:0d:e8:f3:b2:21:2b:f7:8f:99:8e:22:36:2b:
fd:47:fa:82:68:bd:e5:0c:e5:e4:35:35:e0:1b:e1:
74:f8:33:7d:e3:46:76:a4:cd:f4:e8:94:21:53:80:
5a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:FF:2C:80:91:3E:53:2E:33:23:31:72:E3:84:86:CC:40:1B:E8:64
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138091.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.243.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:66:4c:9e:b1:46:7a:86:68:67:da:15:ae:56:40:26:e8:96:
ce:6e:d1:fe:12:35:fb:e3:03:a7:a4:1b:7a:ed:b7:f9:c2:ad:
88:83:b5:4a:ed:02:fc:ec:a2:97:d4:31:ec:39:1c:00:96:e7:
4b:2a:e7:12:2f:bc:7d:9e:16:31:b0:2a:99:bf:45:2d:8a:b2:
8f:bf:cd:3e:ea:ea:97:e5:74:76:80:aa:34:76:d3:07:6c:3d:
31:22:1b:ee:6e:fc:26:cc:7d:1b:37:5e:4d:ec:86:45:e5:00:
a3:f9:43:b5:a0:d7:c0:e5:b8:a3:60:08:ce:79:1c:88:d2:f5:
45:b9:37:2e:20:57:7d:05:b6:51:73:74:04:d0:2b:8c:b1:4e:
8c:d1:26:d4:7e:24:29:7c:50:3f:5b:42:14:be:6a:7a:cb:c6:
8b:e8:9c:b5:80:06:24:5a:80:eb:35:3b:1b:ca:49:bd:31:89:
d8:2f:ca:d0:12:26:be:0e:34:3e:05:bd:bb:f2:f3:07:ec:e7:
1a:68:0f:41:6e:49:8a:e5:98:94:ce:8c:5a:0b:fa:06:54:0f:
8b:a5:ec:11:c8:52:47:e5:ca:a5:52:eb:2a:53:d7:93:d1:fa:
1b:10:ba:b7:0d:1e:d9:e8:79:66:df:6d:fa:36:76:e1:40:47:
4b:e4:96:42
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUJjaMiLszj21IxrcpCyu13QBTsKMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1NFoX
DTI2MDIwNTEwNDQ1NFowMzExMC8GA1UEAxMoRjhGRjJDODA5MTNFNTMyRTMzMjMz
MTcyRTM4NDg2Q0M0MDFCRTg2NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPI2QXVf1MFzhtL9gjUfgyeW7OJlM2x6JYEXcQj+20TIJ7466GJrpePZcdfS
M7q/hwjp9EePvmAX9welfFRGE0uPew8+l1n6LCU1cMAMv3Vm+2L5rUEtUp5nNptj
GJQmKPZQ/8ULgQS98VMFR192VqSApvtjwcX4/dCmEHsRlGDyKpjOTCWrKoj/xxMY
ERXxHaI62Ce+uIWXJ2mdVyuKz34y6OWP/1GjRZH+WwzjVtuUjbHaDp4jp4hDHIld
o9BddJZtjuBztQr0ibq5dbkltQ5cVeEN6POyISv3j5mOIjYr/Uf6gmi95Qzl5DU1
4BvhdPgzfeNGdqTN9OiUIVOAWqsCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBT4/yyA
kT5TLjMjMXLjhIbMQBvoZDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzODA5MS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAJ0U8zANBgkqhkiG9w0BAQsFAAOCAQEAjmZMnrFGeoZoZ9oVrlZA
JuiWzm7R/hI1++MDp6Qbeu23+cKtiIO1Su0C/Oyil9Qx7DkcAJbnSyrnEi+8fZ4W
MbAqmb9FLYqyj7/NPurql+V0doCqNHbTB2w9MSIb7m78Jsx9GzdeTeyGReUAo/lD
taDXwOW4o2AIznkciNL1Rbk3LiBXfQW2UXN0BNArjLFOjNEm1H4kKXxQP1tCFL5q
esvGi+ictYAGJFqA6zU7G8pJvTGJ2C/K0BImvg40PgW9u/LzB+znGmgPQW5JiuWY
lM6MWgv6BlQPi6XsEchSR+XKpVLrKlPXk9H6GxC6tw0e2eh5Zt9t+jZ24UBHS+SW
Qg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:31:44 2025 by rpki-client