Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139952.roa
File: AS139952.roa (raw, json)
Hash identifier: ea3+d7bTmQJQ+nhIRVmJY33h10EbFNp8DzyG0TppguY=
Subject key identifier: CF:69:B5:10:CC:DD:CE:F6:09:D4:79:29:17:FD:8C:C5:2F:0E:3F:A7
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 29D7F6239FABB7754AC7D72372610CD6920E114F
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139952.roa
Signing time: Thu 20 Mar 2025 01:55:11 +0000
ROA not before: Thu 20 Mar 2025 01:50:11 +0000
ROA not after: Thu 19 Mar 2026 01:55:11 +0000
asID: 139952
IP address blocks: 157.15.40.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:d7:f6:23:9f:ab:b7:75:4a:c7:d7:23:72:61:0c:d6:92:0e:11:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Mar 20 01:50:11 2025 GMT
Not After : Mar 19 01:55:11 2026 GMT
Subject: CN=CF69B510CCDDCEF609D4792917FD8CC52F0E3FA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9f:e0:1f:3e:7b:fe:0c:7b:d3:c8:9c:a5:4a:
f6:ce:4e:91:25:b5:cf:36:ea:a6:e2:75:d9:47:e2:
29:e5:94:b4:4b:5c:49:83:82:21:7e:44:9a:30:22:
20:7e:3f:88:cb:52:85:0a:f6:51:ba:55:80:b6:a2:
79:33:bd:3a:81:24:99:ad:c4:14:57:bb:1d:7f:1f:
00:29:32:bd:f3:79:d5:8c:40:cd:2f:ac:62:00:2b:
41:24:b8:55:79:6c:45:b3:4b:77:89:6f:42:02:dc:
d5:91:9b:8f:81:c6:f2:95:a0:6e:3d:4f:3e:79:af:
48:81:d0:74:22:9c:6e:60:ba:06:b8:37:76:60:94:
f5:96:39:ed:02:a5:fd:0f:72:96:c1:4e:86:6b:21:
71:60:13:a9:4e:1a:c3:71:5b:b1:f1:e7:6e:6b:79:
08:0f:04:52:c0:75:af:f7:be:16:df:c5:90:08:7e:
41:1f:27:82:54:dc:de:3f:a6:57:2d:e7:d4:03:57:
33:1b:80:cb:34:2e:dd:2d:cb:a4:8c:05:0c:1c:7b:
22:bf:de:fe:59:8b:58:47:7d:08:c8:7d:24:a0:b0:
db:7a:bf:db:53:b2:28:1c:4c:93:4f:d0:ea:67:59:
fc:e1:26:06:a5:c9:f1:5c:94:89:5b:d8:80:ab:cb:
48:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:69:B5:10:CC:DD:CE:F6:09:D4:79:29:17:FD:8C:C5:2F:0E:3F:A7
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139952.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.15.40.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:32:e2:e5:a7:80:ff:39:ea:4d:30:53:81:30:d7:f7:3e:05:
c8:6f:f5:d3:87:1c:32:3c:7f:b8:f9:10:92:a9:1a:11:be:c2:
72:3d:bd:b5:0a:ef:ef:19:e9:f8:0e:07:b5:79:47:bd:21:43:
85:71:70:e4:3b:68:e1:ca:70:22:cf:5b:82:07:33:e4:ab:b7:
20:92:65:a9:2c:d5:ae:13:a0:34:e2:a6:69:9a:49:94:49:e6:
05:e2:5c:af:7b:0f:39:10:f0:3a:51:09:91:9a:fe:c7:d4:f8:
c4:8f:b3:4f:2e:c9:e0:58:6a:12:48:f4:76:30:4d:a1:ce:9e:
ef:73:4d:1c:c4:bc:5f:3f:28:7c:c5:b0:ca:a3:7a:25:d0:ba:
34:a4:7a:41:29:a8:86:61:92:fa:84:53:8a:70:31:ed:04:2d:
6b:14:2d:0c:38:15:83:f1:e1:d2:fa:cb:6e:b3:ca:e3:cc:f7:
12:7f:b8:58:4c:86:91:79:b7:b4:7b:bd:98:16:8a:ec:90:65:
bd:88:2a:d0:52:40:df:ec:86:d2:aa:0d:f5:e3:40:a2:d3:e0:
8d:dc:3a:bc:8e:05:75:9b:30:e8:d7:8e:18:49:d6:0a:d5:08:
42:18:34:c7:19:24:de:58:41:f0:d6:25:cd:d6:2d:fc:c2:ab:
8a:3c:51:bc
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUKdf2I5+rt3VKx9cjcmEM1pIOEU8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDMyMDAxNTAxMVoX
DTI2MDMxOTAxNTUxMVowMzExMC8GA1UEAxMoQ0Y2OUI1MTBDQ0REQ0VGNjA5RDQ3
OTI5MTdGRDhDQzUyRjBFM0ZBNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMuf4B8+e/4Me9PInKVK9s5OkSW1zzbqpuJ12UfiKeWUtEtcSYOCIX5EmjAi
IH4/iMtShQr2UbpVgLaieTO9OoEkma3EFFe7HX8fACkyvfN51YxAzS+sYgArQSS4
VXlsRbNLd4lvQgLc1ZGbj4HG8pWgbj1PPnmvSIHQdCKcbmC6Brg3dmCU9ZY57QKl
/Q9ylsFOhmshcWATqU4aw3FbsfHnbmt5CA8EUsB1r/e+Ft/FkAh+QR8nglTc3j+m
Vy3n1ANXMxuAyzQu3S3LpIwFDBx7Ir/e/lmLWEd9CMh9JKCw23q/21OyKBxMk0/Q
6mdZ/OEmBqXJ8VyUiVvYgKvLSGECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTPabUQ
zN3O9gnUeSkX/YzFLw4/pzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzOTk1Mi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0PKDANBgkqhkiG9w0BAQsFAAOCAQEAjzLi5aeA/znqTTBTgTDX
9z4FyG/104ccMjx/uPkQkqkaEb7Ccj29tQrv7xnp+A4HtXlHvSFDhXFw5Dto4cpw
Is9bggcz5Ku3IJJlqSzVrhOgNOKmaZpJlEnmBeJcr3sPORDwOlEJkZr+x9T4xI+z
Ty7J4FhqEkj0djBNoc6e73NNHMS8Xz8ofMWwyqN6JdC6NKR6QSmohmGS+oRTinAx
7QQtaxQtDDgVg/Hh0vrLbrPK48z3En+4WEyGkXm3tHu9mBaK7JBlvYgq0FJA3+yG
0qoN9eNAotPgjdw6vI4FdZsw6NeOGEnWCtUIQhg0xxkk3lhB8NYlzdYt/MKrijxR
vA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:12:25 2025 by rpki-client