Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149350.roa
File: AS149350.roa (raw, json)
Hash identifier: 5cxQOs8JTxg/SJhxOJC3jZXtkVOiv1HXQSbygPRi1ck=
Subject key identifier: 8A:81:5C:B1:7E:9C:75:38:E0:FF:AF:B2:B8:9A:1E:59:27:EE:3D:CD
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 143E5031026F4D6E5F5885D1C790987B4459E151
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149350.roa
Signing time: Tue 17 Dec 2024 10:00:00 +0000
ROA not before: Tue 17 Dec 2024 09:55:00 +0000
ROA not after: Tue 16 Dec 2025 10:00:00 +0000
asID: 149350
IP address blocks: 103.179.252.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 15:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:3e:50:31:02:6f:4d:6e:5f:58:85:d1:c7:90:98:7b:44:59:e1:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Dec 17 09:55:00 2024 GMT
Not After : Dec 16 10:00:00 2025 GMT
Subject: CN=8A815CB17E9C7538E0FFAFB2B89A1E5927EE3DCD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3b:ac:fb:a2:ac:ad:49:19:9a:f5:a4:54:97:
2a:a1:df:fb:f4:45:e5:dc:f8:75:02:6c:c9:30:82:
46:82:5b:21:5b:a5:dd:86:dd:6c:77:d8:dc:1f:f9:
eb:c7:bc:59:71:ac:01:dd:f4:ea:b6:00:d7:c5:ea:
94:c5:2d:b8:21:dd:1a:8f:a2:11:a6:1a:b8:a4:55:
84:fd:63:91:c5:ef:8a:50:c8:fc:e0:ec:b9:75:6d:
89:9c:00:5b:74:25:c1:9f:5a:43:18:89:db:d5:fc:
42:e2:26:27:0c:9b:5a:f3:50:50:60:d0:75:12:39:
42:51:2e:11:4b:e2:54:3a:9e:66:5a:c2:0a:f6:c8:
5f:f4:51:9e:cc:93:19:e4:fb:d6:1c:3c:68:c8:77:
60:12:78:19:11:40:c6:c8:7f:2c:32:1d:c1:46:45:
fb:03:b3:32:85:f8:b7:26:15:59:28:c8:ef:49:42:
b3:b1:d4:d7:2e:b2:e3:ff:a7:c7:1c:63:2a:83:55:
d0:01:3f:9f:f8:47:4e:09:54:c5:c5:b9:be:82:34:
be:4b:4b:fa:06:f4:48:3a:21:e5:8e:27:fd:e4:0c:
30:87:fe:a6:14:57:0e:8e:39:40:39:f3:1d:f3:f8:
1b:3e:03:bb:58:a1:6d:3e:d8:de:22:b3:36:ee:ec:
24:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:81:5C:B1:7E:9C:75:38:E0:FF:AF:B2:B8:9A:1E:59:27:EE:3D:CD
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149350.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.179.252.0/23
Signature Algorithm: sha256WithRSAEncryption
61:8c:09:1c:d5:2c:1a:00:b7:bb:03:3b:8b:8e:e8:8a:a4:45:
6b:28:64:da:2e:6c:8e:3c:e3:d9:60:97:3a:c5:e7:ba:8c:15:
0d:57:8f:fb:eb:63:db:5d:69:cc:10:0d:2c:9d:67:83:9c:99:
78:ac:20:c0:cd:a4:46:df:09:d7:c4:d8:88:18:b9:56:ae:d7:
67:15:a7:97:31:22:88:d0:bc:9f:1f:95:f1:7e:af:1b:b3:6c:
b9:ee:6d:9f:3f:d5:89:46:d5:dd:9c:6f:ec:50:88:6c:b1:c7:
cc:56:79:19:04:e0:05:f6:c0:61:9e:c7:f2:78:66:e1:ae:09:
4d:6f:00:77:da:3c:85:cc:2d:05:a1:14:07:25:63:3c:2d:5e:
1a:39:65:db:b1:d0:41:27:e4:0a:f4:61:ed:88:d5:91:0b:99:
0a:6e:ab:81:d0:36:25:4c:56:3e:4d:54:76:33:8d:cf:39:e2:
56:9e:40:06:68:64:5e:1b:56:dd:2e:9b:ea:06:37:be:05:a9:
a2:78:ca:56:d2:21:9e:02:28:35:6e:11:2d:c8:b0:9e:c5:1c:
01:dd:6a:cd:ae:95:d2:70:f7:47:4b:1a:a0:f8:bc:bd:83:d7:
90:24:01:a0:e5:5d:9e:39:f0:86:51:55:fa:02:d6:e4:08:ce:
59:5b:39:1b
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUFD5QMQJvTW5fWIXRx5CYe0RZ4VEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxNzA5NTUwMFoX
DTI1MTIxNjEwMDAwMFowMzExMC8GA1UEAxMoOEE4MTVDQjE3RTlDNzUzOEUwRkZB
RkIyQjg5QTFFNTkyN0VFM0RDRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOU7rPuirK1JGZr1pFSXKqHf+/RF5dz4dQJsyTCCRoJbIVul3YbdbHfY3B/5
68e8WXGsAd306rYA18XqlMUtuCHdGo+iEaYauKRVhP1jkcXvilDI/ODsuXVtiZwA
W3QlwZ9aQxiJ29X8QuImJwybWvNQUGDQdRI5QlEuEUviVDqeZlrCCvbIX/RRnsyT
GeT71hw8aMh3YBJ4GRFAxsh/LDIdwUZF+wOzMoX4tyYVWSjI70lCs7HU1y6y4/+n
xxxjKoNV0AE/n/hHTglUxcW5voI0vktL+gb0SDoh5Y4n/eQMMIf+phRXDo45QDnz
HfP4Gz4Du1ihbT7Y3iKzNu7sJNcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSKgVyx
fpx1OOD/r7K4mh5ZJ+49zTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTM1MC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAWez/DANBgkqhkiG9w0BAQsFAAOCAQEAYYwJHNUsGgC3uwM7i47o
iqRFayhk2i5sjjzj2WCXOsXnuowVDVeP++tj211pzBANLJ1ng5yZeKwgwM2kRt8J
18TYiBi5Vq7XZxWnlzEiiNC8nx+V8X6vG7Nsue5tnz/ViUbV3Zxv7FCIbLHHzFZ5
GQTgBfbAYZ7H8nhm4a4JTW8Ad9o8hcwtBaEUByVjPC1eGjll27HQQSfkCvRh7YjV
kQuZCm6rgdA2JUxWPk1UdjONzzniVp5ABmhkXhtW3S6b6gY3vgWponjKVtIhngIo
NW4RLciwnsUcAd1qza6V0nD3R0saoPi8vYPXkCQBoOVdnjnwhlFV+gLW5AjOWVs5
Gw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:35:05 2025 by rpki-client