Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138131.roa
File: AS138131.roa (raw, json)
Hash identifier: HKxQQVs+naMZQYvXmNBkFYYdJaHcIMwNznMZE9CfWVk=
Subject key identifier: 49:CA:DE:33:6D:7F:40:85:55:85:3A:DA:EC:B8:DD:6C:67:1F:CE:B3
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 5733F354B3086AB0D5D547FFE124CF8686DB575B
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138131.roa
Signing time: Thu 06 Feb 2025 10:44:47 +0000
ROA not before: Thu 06 Feb 2025 10:39:47 +0000
ROA not after: Thu 05 Feb 2026 10:44:47 +0000
asID: 138131
IP address blocks: 160.187.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:33:f3:54:b3:08:6a:b0:d5:d5:47:ff:e1:24:cf:86:86:db:57:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 6 10:39:47 2025 GMT
Not After : Feb 5 10:44:47 2026 GMT
Subject: CN=49CADE336D7F408555853ADAECB8DD6C671FCEB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d9:a0:6d:0f:69:03:05:dd:74:66:7a:4f:cb:
3b:7e:ff:f3:7b:7f:52:72:37:0b:53:c9:1a:a5:7d:
dc:2f:95:5f:1e:71:86:12:7b:d0:49:e2:d3:84:59:
df:ff:1b:15:3a:11:45:6b:f3:52:e2:a6:5c:04:d1:
20:4b:17:c4:43:62:b8:c0:1e:34:a8:18:fe:63:15:
48:e5:23:99:8b:84:a7:67:28:93:03:bd:98:14:1f:
84:8c:bf:91:8f:a4:41:0a:c7:d2:16:60:2b:f0:0a:
fb:f0:f7:f8:6e:38:e6:6e:88:32:c8:f4:84:07:21:
e4:e8:06:b4:2e:f2:f8:41:14:eb:38:be:4a:65:ca:
d3:23:3b:5a:86:0e:68:7a:b0:0d:7f:ac:6d:75:52:
2c:bc:d8:dd:47:f1:e2:92:5d:21:6c:2f:d8:d4:98:
95:55:1b:32:30:b8:ac:dc:a9:ab:be:9e:ec:7c:a0:
8f:4a:82:56:d1:73:7a:a7:21:26:5f:db:52:d4:27:
7d:06:47:17:d7:e4:33:1f:8c:0d:6d:ae:e9:61:ef:
73:d2:57:3b:2f:53:b3:4b:5c:34:25:0f:f8:a9:2b:
a0:58:4c:a9:ff:05:0f:de:87:4f:32:95:c1:e3:3d:
2a:fd:29:80:e4:02:9b:41:ea:fa:e7:96:5f:10:88:
10:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:CA:DE:33:6D:7F:40:85:55:85:3A:DA:EC:B8:DD:6C:67:1F:CE:B3
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.187.143.0/24
Signature Algorithm: sha256WithRSAEncryption
91:11:75:5d:bf:96:aa:85:3b:75:f1:62:f1:d0:1b:77:c4:6e:
b0:d1:91:8d:94:92:f4:37:45:a2:c5:41:3c:28:f6:32:c2:01:
0a:21:9f:a8:79:5f:93:21:a7:5a:cf:b7:4e:21:5f:ba:5e:e5:
51:e2:7e:cd:0f:58:14:5c:e7:52:f4:1f:78:31:1e:df:e8:a0:
ae:b3:7e:ee:4f:36:44:a9:64:14:19:14:62:15:b3:ac:1d:b6:
6a:8a:36:7d:44:d9:63:64:a4:6d:a8:b2:7d:8d:93:cf:39:df:
8b:63:83:74:6d:3b:f7:2b:83:0c:4a:68:91:ac:a3:90:5c:94:
e0:81:88:c3:4f:5a:d5:e4:03:87:6e:c5:cc:c5:1a:dd:f7:df:
ef:21:04:7c:36:1e:42:d3:a9:06:76:09:09:ad:3c:b6:0c:d2:
da:d9:95:cb:de:3a:73:ae:68:72:ca:c1:98:d7:46:ac:1a:98:
44:9d:de:ac:50:f1:ef:12:49:3f:a8:5b:bb:82:88:66:44:a1:
59:fd:5b:c8:8b:c3:f4:f5:ca:d7:7c:90:1c:cb:17:21:e9:a6:
19:cb:d6:57:6d:17:94:1a:fa:30:a8:15:eb:22:5d:63:b4:fd:
86:ae:c3:e5:3e:96:73:27:c2:a7:03:61:63:84:67:48:18:ed:
ef:7e:86:3a
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUVzPzVLMIarDV1Uf/4STPhobbV1swDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk0N1oX
DTI2MDIwNTEwNDQ0N1owMzExMC8GA1UEAxMoNDlDQURFMzM2RDdGNDA4NTU1ODUz
QURBRUNCOERENkM2NzFGQ0VCMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjZoG0PaQMF3XRmek/LO37/83t/UnI3C1PJGqV93C+VXx5xhhJ70Eni04RZ
3/8bFToRRWvzUuKmXATRIEsXxENiuMAeNKgY/mMVSOUjmYuEp2cokwO9mBQfhIy/
kY+kQQrH0hZgK/AK+/D3+G445m6IMsj0hAch5OgGtC7y+EEU6zi+SmXK0yM7WoYO
aHqwDX+sbXVSLLzY3Ufx4pJdIWwv2NSYlVUbMjC4rNypq76e7Hygj0qCVtFzeqch
Jl/bUtQnfQZHF9fkMx+MDW2u6WHvc9JXOy9Ts0tcNCUP+KkroFhMqf8FD96HTzKV
weM9Kv0pgOQCm0Hq+ueWXxCIEF8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRJyt4z
bX9AhVWFOtrsuN1sZx/OszAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzODEzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKC7jzANBgkqhkiG9w0BAQsFAAOCAQEAkRF1Xb+WqoU7dfFi8dAb
d8RusNGRjZSS9DdFosVBPCj2MsIBCiGfqHlfkyGnWs+3TiFful7lUeJ+zQ9YFFzn
UvQfeDEe3+igrrN+7k82RKlkFBkUYhWzrB22aoo2fUTZY2SkbaiyfY2Tzznfi2OD
dG079yuDDEpokayjkFyU4IGIw09a1eQDh27FzMUa3fff7yEEfDYeQtOpBnYJCa08
tgzS2tmVy946c65ocsrBmNdGrBqYRJ3erFDx7xJJP6hbu4KIZkShWf1byIvD9PXK
13yQHMsXIemmGcvWV20XlBr6MKgV6yJdY7T9hq7D5T6WcyfCpwNhY4RnSBjt736G
Og==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:21:08 2025 by rpki-client