Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139952.roa
File: AS139952.roa (raw, json)
Hash identifier: HnB/Zn+IPpObpsHKYbuCcU6fkajCX6POeg8Sb5YLbZU=
Subject key identifier: D8:AF:31:24:0C:BA:F3:4D:A2:4F:DD:23:81:D4:1C:86:EB:35:8C:31
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 28C2205B48880F2DBA19D06D05AD69F57EE2D955
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139952.roa
Signing time: Wed 29 Apr 2026 06:31:45 +0000
ROA not before: Wed 29 Apr 2026 06:26:45 +0000
ROA not after: Wed 28 Apr 2027 06:31:45 +0000
asID: 139952
IP address blocks: 157.15.40.0/23 maxlen: 24
157.20.122.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:c2:20:5b:48:88:0f:2d:ba:19:d0:6d:05:ad:69:f5:7e:e2:d9:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Validity
Not Before: Apr 29 06:26:45 2026 GMT
Not After : Apr 28 06:31:45 2027 GMT
Subject: CN=D8AF31240CBAF34DA24FDD2381D41C86EB358C31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:07:26:70:15:26:3e:34:ba:bb:a1:d6:eb:49:
dd:c7:5f:e7:30:23:47:9f:9e:bf:3a:2c:56:61:cf:
d1:bc:37:58:ce:6c:b2:08:1c:29:25:80:23:47:45:
fa:3d:94:63:47:e2:87:d7:d1:ba:46:4a:6b:51:f7:
bf:46:fc:77:23:80:ae:76:bd:a2:17:9c:90:1a:16:
c1:32:86:32:38:fe:e9:52:dd:ec:d9:2b:6b:c0:1d:
b6:42:ce:ba:24:52:69:fa:e0:3a:68:21:4e:92:85:
9c:3e:a8:bb:1a:8c:15:31:8f:db:0b:89:73:96:f9:
25:4d:e4:c0:f0:9a:e2:4a:ee:c2:49:e5:0e:c7:9e:
2b:7d:cf:d7:8e:bd:a0:d7:a7:ae:cb:29:9b:91:69:
b6:9e:a3:1b:79:0d:6f:30:eb:f7:3e:fe:b8:da:9f:
aa:3b:13:a8:36:22:80:44:5a:49:2b:74:7c:f2:4e:
4a:91:35:61:a8:b2:91:ad:bb:a8:6c:86:91:2b:29:
3f:05:9d:32:02:e3:61:16:7a:20:a5:6d:58:40:0a:
73:cf:85:ab:9b:95:0a:99:c5:65:b4:92:8d:6f:5a:
88:62:61:a0:fc:ae:c3:62:94:ed:64:9d:dd:3b:5b:
03:32:80:d2:ad:ed:64:aa:85:9a:43:ab:02:43:33:
46:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:AF:31:24:0C:BA:F3:4D:A2:4F:DD:23:81:D4:1C:86:EB:35:8C:31
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139952.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.15.40.0/23
157.20.122.0/23
Signature Algorithm: sha256WithRSAEncryption
96:11:4b:d3:97:f9:0a:b0:04:67:57:90:1e:9d:76:de:df:e9:
b9:18:5f:a2:a3:b5:bd:14:18:8c:f3:00:f5:ff:7b:48:70:66:
34:1e:b6:ea:8d:71:ad:91:c2:0b:f8:b4:89:69:83:59:88:de:
96:c0:86:7a:ad:e9:3c:8a:0c:02:85:a0:63:e1:63:f9:bf:4f:
c9:11:1f:0b:8f:47:62:5d:7a:d8:f6:cc:a6:67:c3:8c:d1:01:
a5:bb:d0:a7:44:9d:6a:f1:b8:c3:54:ce:db:21:8c:5a:30:33:
94:b5:4b:f4:94:7e:b2:1f:78:da:0c:c8:a3:47:06:1f:d9:54:
35:41:0c:b4:78:67:2e:98:dd:a5:d9:ae:f9:08:df:62:9f:7a:
e6:2a:5c:98:b6:e1:3a:53:76:45:bf:6d:da:ec:6c:c7:24:0b:
76:27:5e:f7:c7:5e:b1:a5:5f:a5:fb:9c:04:cd:44:58:ba:43:
e1:84:4e:01:c1:26:14:ad:5e:be:88:81:22:af:b1:54:1e:6b:
9f:4a:d1:fc:b2:89:9b:ba:e7:89:1d:2f:8b:a6:e5:1d:fd:6a:
55:a4:cc:9b:a9:d4:1f:c6:aa:fa:26:89:4a:b3:bb:37:97:72:
c9:6c:39:94:2e:1f:b6:67:48:db:6d:16:90:3d:38:07:a2:b6:
90:0d:1c:1d
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgIUKMIgW0iIDy26GdBtBa1p9X7i2VUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDQyOTA2MjY0NVoX
DTI3MDQyODA2MzE0NVowMzExMC8GA1UEAxMoRDhBRjMxMjQwQ0JBRjM0REEyNEZE
RDIzODFENDFDODZFQjM1OEMzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUHJnAVJj40uruh1utJ3cdf5zAjR5+evzosVmHP0bw3WM5ssggcKSWAI0dF
+j2UY0fih9fRukZKa1H3v0b8dyOArna9oheckBoWwTKGMjj+6VLd7Nkra8AdtkLO
uiRSafrgOmghTpKFnD6ouxqMFTGP2wuJc5b5JU3kwPCa4kruwknlDseeK33P1469
oNenrsspm5Fptp6jG3kNbzDr9z7+uNqfqjsTqDYigERaSSt0fPJOSpE1Yaiyka27
qGyGkSspPwWdMgLjYRZ6IKVtWEAKc8+Fq5uVCpnFZbSSjW9aiGJhoPyuw2KU7WSd
3TtbAzKA0q3tZKqFmkOrAkMzRokCAwEAAaOCAdYwggHSMB0GA1UdDgQWBBTYrzEk
DLrzTaJP3SOB1ByG6zWMMTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzOTk1Mi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQw
EgQCAAEwDAMEAZ0PKAMEAZ0UejANBgkqhkiG9w0BAQsFAAOCAQEAlhFL05f5CrAE
Z1eQHp123t/puRhfoqO1vRQYjPMA9f97SHBmNB626o1xrZHCC/i0iWmDWYjelsCG
eq3pPIoMAoWgY+Fj+b9PyREfC49HYl162PbMpmfDjNEBpbvQp0SdavG4w1TO2yGM
WjAzlLVL9JR+sh942gzIo0cGH9lUNUEMtHhnLpjdpdmu+QjfYp965ipcmLbhOlN2
Rb9t2uxsxyQLdide98desaVfpfucBM1EWLpD4YROAcEmFK1evoiBIq+xVB5rn0rR
/LKJm7rniR0vi6blHf1qVaTMm6nUH8aq+iaJSrO7N5dyyWw5lC4ftmdI220WkD04
B6K2kA0cHQ==
-----END CERTIFICATE-----
Generated at Wed Jun 24 02:56:47 2026 by rpki-client