Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142342.roa
File: AS142342.roa (raw, json)
Hash identifier: tCz0oCiseyIkrQHmbE1z9bGj7gtmf8GM05YjoCcK5Bg=
Subject key identifier: AA:73:63:E2:13:72:34:67:C9:D6:E0:A3:67:89:7C:AD:4D:DD:99:84
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 4646DD71B499CCDD30B5D7260AE6F9598F8159CA
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142342.roa
Signing time: Fri 06 Dec 2024 07:00:00 +0000
ROA not before: Fri 06 Dec 2024 06:55:00 +0000
ROA not after: Fri 05 Dec 2025 07:00:00 +0000
asID: 142342
IP address blocks: 2001:df2:2c40::/48 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 15:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:46:dd:71:b4:99:cc:dd:30:b5:d7:26:0a:e6:f9:59:8f:81:59:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Dec 6 06:55:00 2024 GMT
Not After : Dec 5 07:00:00 2025 GMT
Subject: CN=AA7363E213723467C9D6E0A367897CAD4DDD9984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:73:4c:95:ef:87:bc:22:81:66:e5:e8:e2:d6:
f9:23:79:2d:2a:d6:f3:5e:a6:10:3c:25:8e:58:0f:
e8:79:99:9b:03:a5:d7:42:eb:2b:bb:0b:50:6e:78:
19:cf:45:de:5b:7e:65:5d:55:dd:26:26:27:78:de:
08:28:7b:46:df:0a:a6:99:1b:a7:1c:f1:5e:f8:c3:
31:59:f8:f7:1e:25:49:e5:9e:57:b6:06:0f:6f:39:
4a:37:38:3a:a4:7d:42:39:7c:9a:98:ec:89:41:c5:
64:cd:10:c3:e4:95:83:bc:d3:23:e7:b5:dc:7f:ac:
14:02:d7:f5:0d:15:4c:66:54:6a:89:44:5a:78:d5:
34:fd:6f:1b:68:f2:ec:7d:1f:4d:a4:a0:fa:e1:aa:
6b:c4:6a:fd:f0:9e:6f:59:4f:af:9e:5d:c7:72:5b:
2c:ba:0d:44:9a:17:c6:c7:9b:c2:3a:c7:1a:08:1c:
03:49:bb:64:d3:4e:de:68:1b:12:99:d2:e5:2a:e0:
18:48:71:52:9d:e3:49:45:52:31:b7:b9:63:7b:a2:
34:f8:e3:d7:5b:8a:07:a0:52:ef:3f:31:a4:60:3e:
d5:a6:0a:c9:84:f0:3c:c7:12:3a:88:89:ce:12:0a:
df:e1:ff:aa:c3:49:a4:c1:a3:0c:0f:e9:d1:ee:8e:
04:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:73:63:E2:13:72:34:67:C9:D6:E0:A3:67:89:7C:AD:4D:DD:99:84
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142342.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:df2:2c40::/48
Signature Algorithm: sha256WithRSAEncryption
90:00:35:a1:27:7f:c3:77:8d:15:8e:02:b1:08:17:49:d6:22:
14:e9:dd:e4:6e:7c:c2:50:4d:a8:be:fa:40:d5:50:ef:fc:03:
14:79:82:d0:90:f2:09:b2:e6:44:98:a8:a4:45:34:fd:43:4b:
1f:fe:9e:8b:c8:83:2e:64:c6:07:80:1a:0e:49:db:d1:b1:6a:
e3:ab:8f:d4:e0:c9:b8:f2:49:df:87:e8:3e:53:6a:d6:9c:17:
9e:c8:8c:28:fb:12:8d:68:9b:a8:c6:67:5e:b3:24:76:c6:2b:
3d:37:f1:6d:5f:11:e8:1c:91:3c:bc:57:57:ff:74:74:73:4b:
68:14:d4:c3:ee:b4:cc:5c:16:69:6d:d0:98:98:45:31:13:f6:
c5:d1:e0:fc:b2:bb:c4:a3:bc:62:d3:b6:c8:55:49:bb:95:4e:
69:ca:12:98:72:f1:ae:d2:e2:85:2e:49:10:f3:5a:5a:57:fa:
94:6e:91:10:f8:e5:05:55:41:12:a1:ae:4b:8c:fb:6e:e1:b2:
3a:59:dc:07:3c:c1:1c:5b:98:91:db:c4:ed:e3:ef:c3:40:34:
17:7e:67:a1:63:9e:d7:16:11:ae:49:a3:95:c4:2f:23:61:9e:
39:1a:ca:d9:0e:ee:09:f7:57:ca:b9:be:42:fd:76:76:76:78:
85:96:c9:20
-----BEGIN CERTIFICATE-----
MIIE4DCCA8igAwIBAgIURkbdcbSZzN0wtdcmCub5WY+BWcowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIwNjA2NTUwMFoX
DTI1MTIwNTA3MDAwMFowMzExMC8GA1UEAxMoQUE3MzYzRTIxMzcyMzQ2N0M5RDZF
MEEzNjc4OTdDQUQ0REREOTk4NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpzTJXvh7wigWbl6OLW+SN5LSrW816mEDwljlgP6HmZmwOl10LrK7sLUG54
Gc9F3lt+ZV1V3SYmJ3jeCCh7Rt8KppkbpxzxXvjDMVn49x4lSeWeV7YGD285Sjc4
OqR9Qjl8mpjsiUHFZM0Qw+SVg7zTI+e13H+sFALX9Q0VTGZUaolEWnjVNP1vG2jy
7H0fTaSg+uGqa8Rq/fCeb1lPr55dx3JbLLoNRJoXxsebwjrHGggcA0m7ZNNO3mgb
EpnS5SrgGEhxUp3jSUVSMbe5Y3uiNPjj11uKB6BS7z8xpGA+1aYKyYTwPMcSOoiJ
zhIK3+H/qsNJpMGjDA/p0e6OBPcCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSqc2Pi
E3I0Z8nW4KNniXytTd2ZhDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MjM0Mi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACABDfIsQDANBgkqhkiG9w0BAQsFAAOCAQEAkAA1oSd/w3eNFY4C
sQgXSdYiFOnd5G58wlBNqL76QNVQ7/wDFHmC0JDyCbLmRJiopEU0/UNLH/6ei8iD
LmTGB4AaDknb0bFq46uP1ODJuPJJ34foPlNq1pwXnsiMKPsSjWibqMZnXrMkdsYr
PTfxbV8R6ByRPLxXV/90dHNLaBTUw+60zFwWaW3QmJhFMRP2xdHg/LK7xKO8YtO2
yFVJu5VOacoSmHLxrtLihS5JEPNaWlf6lG6REPjlBVVBEqGuS4z7buGyOlncBzzB
HFuYkdvE7ePvw0A0F35noWOe1xYRrkmjlcQvI2GeORrK2Q7uCfdXyrm+Qv12dnZ4
hZbJIA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:13:25 2025 by rpki-client