Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139426.roa
File: AS139426.roa (raw, json)
Hash identifier: ni6eDYC7VK6bDW5gYsUw+IlCeo2YWZ4ZQgcw7/oAq1w=
Subject key identifier: 1D:4A:AD:1E:7A:52:D2:16:F5:B7:80:B7:1D:8A:DA:91:82:34:4B:64
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 2533495E32E178D0C5B7B53669F87E4E5B5B1929
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139426.roa
Signing time: Tue 10 Dec 2024 02:13:30 +0000
ROA not before: Tue 10 Dec 2024 02:08:30 +0000
ROA not after: Tue 09 Dec 2025 02:13:30 +0000
asID: 139426
IP address blocks: 103.144.144.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 15:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:33:49:5e:32:e1:78:d0:c5:b7:b5:36:69:f8:7e:4e:5b:5b:19:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Dec 10 02:08:30 2024 GMT
Not After : Dec 9 02:13:30 2025 GMT
Subject: CN=1D4AAD1E7A52D216F5B780B71D8ADA9182344B64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4b:e0:e1:e0:f8:66:97:21:18:8f:2e:21:e2:
1a:70:47:26:8f:37:0d:8d:99:b6:71:a7:91:e9:94:
f3:68:7a:79:40:77:2b:79:bb:b8:a3:77:f2:38:2c:
c3:f8:4e:a1:75:3d:7b:25:6c:0e:d9:3f:2b:fe:4c:
5b:f2:73:3b:d3:4c:02:72:ca:95:5c:5a:97:5c:08:
bf:f6:ae:d0:4d:fe:5e:31:ab:45:b0:07:9f:9c:43:
0e:f9:52:e6:04:71:53:30:fa:a3:7c:5b:44:e8:dd:
d9:17:8f:76:92:ba:c0:c7:7d:91:08:8d:a3:3e:a1:
28:3d:b5:7e:3b:6f:97:f7:91:ce:eb:2e:6c:b6:b1:
f0:30:86:94:42:3e:09:f7:b4:3a:96:2d:80:2d:83:
f8:4e:76:14:40:8c:af:a3:74:32:8a:16:75:96:b4:
70:59:b3:96:62:8a:b8:3d:80:23:28:e5:f7:86:2d:
07:60:49:d6:68:e2:29:65:d0:50:0d:2c:aa:aa:50:
a0:2b:aa:2b:ef:1e:e7:1a:4a:85:5d:54:06:67:95:
af:78:b4:58:ab:f4:02:4e:0b:b1:d5:e4:3e:1f:56:
43:67:c6:ef:e6:26:ee:31:9b:39:7f:8d:6a:cd:f4:
c6:e7:4f:66:41:c4:96:80:8b:c6:42:0c:e0:e7:0d:
a6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:4A:AD:1E:7A:52:D2:16:F5:B7:80:B7:1D:8A:DA:91:82:34:4B:64
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139426.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.144.144.0/23
Signature Algorithm: sha256WithRSAEncryption
17:f4:0e:49:cc:42:de:0e:69:d2:cc:c8:72:6c:6c:f9:fd:a0:
5f:4a:b5:e1:8b:47:c3:9c:69:99:2f:ef:e2:2d:89:2a:a1:c3:
57:68:09:e5:e8:cf:5c:f6:46:c2:5e:d1:34:cc:8d:b1:31:81:
ac:c7:99:e3:85:59:7b:5c:d1:0d:99:2f:7a:a7:cd:7f:79:67:
23:2e:75:d1:75:a1:e1:cb:c5:e3:95:ca:48:af:ca:83:c6:d3:
aa:a7:9e:20:88:f9:a0:d2:35:cf:71:22:98:b2:19:fd:67:c8:
9d:c2:03:aa:71:e3:b4:e7:e2:b6:6e:e5:6f:a5:c1:3c:92:91:
70:85:a2:0d:c9:63:0a:15:c0:6a:6d:32:57:fc:b6:c3:af:41:
33:40:81:f6:61:60:de:01:00:8a:34:63:bb:4f:95:81:bf:84:
8d:8c:24:39:49:ce:48:75:e2:5c:2a:e8:d8:30:ab:d4:f1:9b:
be:dc:d7:aa:e7:82:db:60:af:f1:50:af:e0:68:5a:0e:3e:26:
4b:34:14:8c:b1:2c:3d:1f:d6:00:e5:62:17:81:8b:92:a4:67:
e7:6e:45:54:a4:6f:26:42:d0:b1:3a:d2:dc:f2:a0:c4:63:00:
83:29:95:c1:db:c4:03:36:a7:df:ce:10:d0:29:a4:80:d8:b7:
03:6b:c8:8e
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUJTNJXjLheNDFt7U2afh+TltbGSkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDAyMDgzMFoX
DTI1MTIwOTAyMTMzMFowMzExMC8GA1UEAxMoMUQ0QUFEMUU3QTUyRDIxNkY1Qjc4
MEI3MUQ4QURBOTE4MjM0NEI2NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1L4OHg+GaXIRiPLiHiGnBHJo83DY2ZtnGnkemU82h6eUB3K3m7uKN38jgs
w/hOoXU9eyVsDtk/K/5MW/JzO9NMAnLKlVxal1wIv/au0E3+XjGrRbAHn5xDDvlS
5gRxUzD6o3xbROjd2RePdpK6wMd9kQiNoz6hKD21fjtvl/eRzusubLax8DCGlEI+
Cfe0OpYtgC2D+E52FECMr6N0MooWdZa0cFmzlmKKuD2AIyjl94YtB2BJ1mjiKWXQ
UA0sqqpQoCuqK+8e5xpKhV1UBmeVr3i0WKv0Ak4LsdXkPh9WQ2fG7+Ym7jGbOX+N
as30xudPZkHEloCLxkIM4OcNpgkCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQdSq0e
elLSFvW3gLcditqRgjRLZDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzOTQyNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAWeQkDANBgkqhkiG9w0BAQsFAAOCAQEAF/QOScxC3g5p0szIcmxs
+f2gX0q14YtHw5xpmS/v4i2JKqHDV2gJ5ejPXPZGwl7RNMyNsTGBrMeZ44VZe1zR
DZkveqfNf3lnIy510XWh4cvF45XKSK/Kg8bTqqeeIIj5oNI1z3EimLIZ/WfIncID
qnHjtOfitm7lb6XBPJKRcIWiDcljChXAam0yV/y2w69BM0CB9mFg3gEAijRju0+V
gb+EjYwkOUnOSHXiXCro2DCr1PGbvtzXqueC22Cv8VCv4GhaDj4mSzQUjLEsPR/W
AOViF4GLkqRn525FVKRvJkLQsTrS3PKgxGMAgymVwdvEAzan384Q0CmkgNi3A2vI
jg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:46:35 2025 by rpki-client