Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139408.roa
File: AS139408.roa (raw, json)
Hash identifier: tmRCwhcIrPE8YFOBKha8g9cHkdDPU6+QqMFS0FFPJQo=
Subject key identifier: 25:5A:B0:BF:D2:FB:AE:3D:C8:DC:BE:B1:76:74:32:15:16:8A:3B:DD
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 1D77204DE3E795BF51E91C1C616C25EA8BD4DDF2
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139408.roa
Signing time: Thu 06 Feb 2025 10:44:48 +0000
ROA not before: Thu 06 Feb 2025 10:39:48 +0000
ROA not after: Thu 05 Feb 2026 10:44:48 +0000
asID: 139408
IP address blocks: 160.22.68.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:77:20:4d:e3:e7:95:bf:51:e9:1c:1c:61:6c:25:ea:8b:d4:dd:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 6 10:39:48 2025 GMT
Not After : Feb 5 10:44:48 2026 GMT
Subject: CN=255AB0BFD2FBAE3DC8DCBEB176743215168A3BDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:00:d6:cf:fc:ad:8d:8f:f6:b9:f8:b0:d0:a7:
05:4e:a6:a1:20:b2:72:bc:97:c9:ab:45:8b:eb:44:
f5:76:a6:55:fe:0a:c7:7c:22:aa:b1:8f:d5:c5:66:
67:da:5e:fa:37:69:67:c3:91:25:a0:8c:0f:92:5e:
8b:f6:7f:20:06:32:de:90:e6:3b:2d:cb:80:f8:c9:
be:a9:42:ee:aa:47:e9:81:70:68:53:f2:da:bb:3c:
b9:76:c7:c3:05:e9:be:64:05:cb:6f:7f:be:36:7f:
ed:48:f5:dd:39:0c:3e:ed:32:0d:37:6a:7e:71:39:
be:bc:98:5a:3c:d7:e4:00:6a:a1:f2:92:5d:8e:43:
12:f8:bc:8e:08:98:b7:6f:e0:de:4a:9f:9c:ab:dd:
0d:5a:fa:8c:cb:8c:0e:b3:e6:e0:68:0b:7c:20:37:
5a:2a:7b:d3:32:3c:1c:a8:e1:38:c2:b5:70:d8:91:
d4:a5:27:69:ea:30:8d:2a:26:24:28:62:dd:47:07:
95:03:11:12:61:42:25:b2:84:23:22:bc:98:74:4a:
61:da:f9:a8:b1:fc:d1:c1:61:e4:7d:dd:1e:69:e7:
e5:93:3e:2a:8c:3a:86:cc:77:02:57:0e:26:64:15:
53:5b:23:99:4a:5a:3d:38:8a:84:7b:31:aa:70:f4:
25:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5A:B0:BF:D2:FB:AE:3D:C8:DC:BE:B1:76:74:32:15:16:8A:3B:DD
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139408.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.22.68.0/23
Signature Algorithm: sha256WithRSAEncryption
37:c8:1e:a1:9b:dc:d8:fc:d7:58:ab:44:6c:68:37:43:91:a3:
b7:bd:b5:6e:d7:4c:0d:2c:e9:eb:8d:ee:f0:0a:85:12:27:07:
87:34:d8:74:21:69:6e:49:1a:a9:38:d1:b6:c9:4f:f4:ca:57:
05:b3:df:4b:74:23:18:c9:f3:2c:c9:a8:9c:72:eb:41:43:b2:
b3:45:7e:8d:b6:75:4d:ee:d8:44:c7:4c:eb:cc:23:3c:a6:1d:
06:84:48:8b:f6:62:8a:75:d0:11:9e:0b:67:87:f2:eb:34:aa:
a3:1f:e9:13:1a:fd:61:de:1c:49:63:37:3a:2c:27:9a:f1:86:
22:d2:85:a2:cc:a9:b9:58:38:ed:71:8d:07:2f:31:67:20:e4:
6c:0d:1e:8a:6e:c4:ab:81:97:83:11:48:47:37:e4:94:e7:59:
c7:51:83:2a:5b:46:9e:af:08:06:6f:a8:9f:36:34:37:f1:f8:
f2:11:ff:2b:9e:85:bc:d6:1c:18:c3:9d:bf:78:96:e4:75:f7:
fa:04:ce:ad:d9:da:11:cc:30:3f:7a:e9:8b:89:f2:14:93:11:
a0:cc:06:74:d2:07:a5:b8:35:4a:49:2d:87:7e:56:dc:2d:12:
c0:52:19:75:cf:8b:e5:9b:61:92:e1:d9:c5:c0:e9:28:e1:8d:
ed:2e:38:09
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUHXcgTePnlb9R6RwcYWwl6ovU3fIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk0OFoX
DTI2MDIwNTEwNDQ0OFowMzExMC8GA1UEAxMoMjU1QUIwQkZEMkZCQUUzREM4RENC
RUIxNzY3NDMyMTUxNjhBM0JERDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8A1s/8rY2P9rn4sNCnBU6moSCycryXyatFi+tE9XamVf4Kx3wiqrGP1cVm
Z9pe+jdpZ8ORJaCMD5Jei/Z/IAYy3pDmOy3LgPjJvqlC7qpH6YFwaFPy2rs8uXbH
wwXpvmQFy29/vjZ/7Uj13TkMPu0yDTdqfnE5vryYWjzX5ABqofKSXY5DEvi8jgiY
t2/g3kqfnKvdDVr6jMuMDrPm4GgLfCA3Wip70zI8HKjhOMK1cNiR1KUnaeowjSom
JChi3UcHlQMREmFCJbKEIyK8mHRKYdr5qLH80cFh5H3dHmnn5ZM+Kow6hsx3AlcO
JmQVU1sjmUpaPTiKhHsxqnD0JTkCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQlWrC/
0vuuPcjcvrF2dDIVFoo73TAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzOTQwOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaAWRDANBgkqhkiG9w0BAQsFAAOCAQEAN8geoZvc2PzXWKtEbGg3
Q5Gjt721btdMDSzp643u8AqFEicHhzTYdCFpbkkaqTjRtslP9MpXBbPfS3QjGMnz
LMmonHLrQUOys0V+jbZ1Te7YRMdM68wjPKYdBoRIi/ZiinXQEZ4LZ4fy6zSqox/p
Exr9Yd4cSWM3OiwnmvGGItKFosypuVg47XGNBy8xZyDkbA0eim7Eq4GXgxFIRzfk
lOdZx1GDKltGnq8IBm+onzY0N/H48hH/K56FvNYcGMOdv3iW5HX3+gTOrdnaEcww
P3rpi4nyFJMRoMwGdNIHpbg1Skkth35W3C0SwFIZdc+L5ZthkuHZxcDpKOGN7S44
CQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:24 2025 by rpki-client