Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142313.roa
File: AS142313.roa (raw, json)
Hash identifier: lLFD8a4fIv2Uey3nNuLkdd+h5dvK7KDa2MJnRyvhlIQ=
Subject key identifier: D9:C3:6B:5F:03:3A:10:2D:FE:EC:62:FB:69:65:AC:1B:4A:95:D8:48
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 580C0F0D5FC85A5C1D0A4FA84CAC8B21F6C136EB
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142313.roa
Signing time: Tue 10 Dec 2024 05:00:07 +0000
ROA not before: Tue 10 Dec 2024 04:55:07 +0000
ROA not after: Tue 09 Dec 2025 05:00:07 +0000
asID: 142313
IP address blocks: 103.168.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:0c:0f:0d:5f:c8:5a:5c:1d:0a:4f:a8:4c:ac:8b:21:f6:c1:36:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Dec 10 04:55:07 2024 GMT
Not After : Dec 9 05:00:07 2025 GMT
Subject: CN=D9C36B5F033A102DFEEC62FB6965AC1B4A95D848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a3:af:91:a6:75:d7:47:be:ac:77:d3:b3:5c:
40:94:08:f6:bb:ee:03:0e:db:49:c6:f3:20:b0:3c:
90:1c:27:90:a4:12:cc:1e:85:a6:11:6c:81:57:ac:
ee:0f:c8:52:0e:bc:6d:4f:67:c2:9b:90:a3:d8:6a:
cb:32:ef:0d:9e:12:0c:f6:30:5e:8f:76:98:47:e0:
93:1a:d9:dc:e9:06:e8:2a:75:e4:ab:97:b2:0b:21:
85:73:88:7c:fb:80:16:b5:b2:a8:72:8c:15:fc:98:
80:7d:b0:aa:7b:94:fe:d3:27:8a:4d:4a:6c:41:fd:
d2:4e:59:ce:d0:54:55:90:b3:36:52:16:80:01:ff:
7f:21:f8:fc:3b:75:49:13:f2:7c:bb:55:ec:7f:61:
51:43:6d:cc:08:f5:fd:b7:06:bc:9c:1d:c1:50:bc:
14:06:da:87:da:3f:a3:c7:15:1f:33:89:b7:9a:65:
b7:7e:42:e9:19:47:ad:d9:e4:83:1f:18:fd:09:34:
27:25:c9:40:04:09:96:84:88:bd:c6:ad:62:d5:a8:
55:8e:4f:15:02:ca:7f:44:21:6a:83:64:be:1e:20:
59:02:cc:81:20:12:ec:6a:9d:96:4a:16:05:57:1f:
18:17:a0:45:43:91:ef:71:4b:ce:95:80:52:1b:83:
bf:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C3:6B:5F:03:3A:10:2D:FE:EC:62:FB:69:65:AC:1B:4A:95:D8:48
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142313.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.168.153.0/24
Signature Algorithm: sha256WithRSAEncryption
89:7d:cf:18:fb:86:30:f1:94:4f:40:b6:90:bb:e6:5b:28:b7:
ae:c3:8b:25:86:a5:fb:18:8d:96:a6:c9:05:c0:93:e8:90:43:
92:46:f5:c2:f7:1d:2e:4b:0e:88:06:7e:a5:8c:7d:25:66:70:
07:e9:32:85:d6:40:ad:70:e7:11:ef:ce:ff:b2:0a:14:d3:7e:
db:a0:0f:16:1a:33:d8:85:6a:db:86:b8:e6:af:f9:20:fb:e1:
68:f0:69:76:64:89:6e:1c:57:00:19:3b:a6:4f:f8:55:d3:60:
80:32:45:02:e3:8d:08:fd:1a:f0:60:93:b1:86:3c:d0:23:c0:
42:33:2b:47:43:4f:94:19:83:59:8b:5a:8d:cf:97:c7:8c:6d:
e5:12:01:7f:ae:8c:d1:d1:58:fc:15:4e:81:58:8b:b7:62:80:
57:85:6e:67:43:7f:46:96:d4:c4:40:ab:16:a3:95:f1:89:bd:
3d:ce:8a:04:0e:92:32:ba:b3:4f:8e:4e:84:11:1a:25:45:d6:
18:14:83:f1:0d:10:24:06:81:ec:49:d3:2e:04:77:1a:f2:0e:
96:7b:0a:45:ca:34:f3:03:70:6a:dc:20:81:9d:a5:3b:8d:71:
34:db:5e:c7:a6:65:de:b3:bd:2b:33:87:83:00:61:a6:19:5d:
92:49:7b:f2
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUWAwPDV/IWlwdCk+oTKyLIfbBNuswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDA0NTUwN1oX
DTI1MTIwOTA1MDAwN1owMzExMC8GA1UEAxMoRDlDMzZCNUYwMzNBMTAyREZFRUM2
MkZCNjk2NUFDMUI0QTk1RDg0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOjr5GmdddHvqx307NcQJQI9rvuAw7bScbzILA8kBwnkKQSzB6FphFsgVes
7g/IUg68bU9nwpuQo9hqyzLvDZ4SDPYwXo92mEfgkxrZ3OkG6Cp15KuXsgshhXOI
fPuAFrWyqHKMFfyYgH2wqnuU/tMnik1KbEH90k5ZztBUVZCzNlIWgAH/fyH4/Dt1
SRPyfLtV7H9hUUNtzAj1/bcGvJwdwVC8FAbah9o/o8cVHzOJt5plt35C6RlHrdnk
gx8Y/Qk0JyXJQAQJloSIvcatYtWoVY5PFQLKf0QhaoNkvh4gWQLMgSAS7GqdlkoW
BVcfGBegRUOR73FLzpWAUhuDv7ECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTZw2tf
AzoQLf7sYvtpZawbSpXYSDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MjMxMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAGeomTANBgkqhkiG9w0BAQsFAAOCAQEAiX3PGPuGMPGUT0C2kLvm
Wyi3rsOLJYal+xiNlqbJBcCT6JBDkkb1wvcdLksOiAZ+pYx9JWZwB+kyhdZArXDn
Ee/O/7IKFNN+26APFhoz2IVq24a45q/5IPvhaPBpdmSJbhxXABk7pk/4VdNggDJF
AuONCP0a8GCTsYY80CPAQjMrR0NPlBmDWYtajc+Xx4xt5RIBf66M0dFY/BVOgViL
t2KAV4VuZ0N/RpbUxECrFqOV8Ym9Pc6KBA6SMrqzT45OhBEaJUXWGBSD8Q0QJAaB
7EnTLgR3GvIOlnsKRco08wNwatwggZ2lO41xNNtex6Zl3rO9KzOHgwBhphldkkl7
8g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:19:50 2025 by rpki-client