Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS17538.roa
File: AS17538.roa (raw, json)
Hash identifier: gmrFZcJJwvn+k1ehM7VZ/yHmA45CXRdW2loTdppg4fw=
Subject key identifier: 57:CE:89:98:8E:77:7B:66:5B:3F:C7:31:90:01:00:DF:76:E1:CE:47
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 240A689418604DBED7681E02E97CEB5FD952022C
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS17538.roa
Signing time: Tue 10 Dec 2024 05:00:04 +0000
ROA not before: Tue 10 Dec 2024 04:55:04 +0000
ROA not after: Tue 09 Dec 2025 05:00:04 +0000
asID: 17538
IP address blocks: 2407:55c0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:0a:68:94:18:60:4d:be:d7:68:1e:02:e9:7c:eb:5f:d9:52:02:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Dec 10 04:55:04 2024 GMT
Not After : Dec 9 05:00:04 2025 GMT
Subject: CN=57CE89988E777B665B3FC731900100DF76E1CE47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:45:b8:27:37:ef:78:71:84:83:09:c9:90:b3:
37:5f:0f:77:56:01:18:71:b1:e6:eb:fa:10:c4:8f:
15:2b:49:c9:8f:45:d8:2e:a3:e7:66:bf:8f:bd:54:
83:a2:00:25:64:8b:00:db:1b:d8:8f:14:e9:58:3c:
c6:53:68:c7:8d:aa:8b:bf:94:5d:cb:8c:b8:7d:72:
5f:b7:a0:ce:ef:8e:d1:2d:87:5c:3f:b1:3e:76:99:
4f:55:a7:ec:5a:4d:37:9d:51:dd:76:87:05:2a:5e:
e7:a9:25:67:c3:30:55:9f:80:36:13:97:d0:dd:4b:
54:cc:05:63:63:06:5c:77:12:d7:1b:d8:35:60:b5:
c2:6c:aa:80:40:5c:9d:1b:70:d4:0a:ba:ec:61:a5:
b4:71:14:ce:8f:53:c2:30:1c:86:45:3c:2d:b1:7b:
0d:86:bb:57:68:37:8f:31:3d:f4:70:d2:35:d4:80:
64:4e:a3:8d:00:8f:a2:81:a6:9a:1e:82:dd:c9:93:
0b:03:29:65:d1:fd:bf:df:75:f4:c8:5f:44:70:93:
1c:bf:19:83:9a:c9:72:6c:00:69:20:fe:15:17:fa:
ce:37:ce:12:68:a8:a3:6c:62:12:0d:86:97:a0:16:
35:21:eb:21:82:d3:a4:e3:49:2b:de:f9:ff:2b:41:
e3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:CE:89:98:8E:77:7B:66:5B:3F:C7:31:90:01:00:DF:76:E1:CE:47
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS17538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2407:55c0::/32
Signature Algorithm: sha256WithRSAEncryption
40:c0:99:d4:08:9a:9d:ff:50:f7:70:6e:a9:5e:c1:96:e3:9a:
08:84:59:8d:cb:65:98:a9:5b:74:31:3a:05:ea:31:e1:6e:b6:
64:88:e0:a0:a9:f1:90:76:95:8f:8d:f3:01:e5:34:a4:49:16:
b0:4c:d2:62:e4:53:5a:c4:5e:0c:c1:c6:f7:9d:b7:52:bc:5b:
85:57:bc:70:78:74:c0:1d:0b:97:98:a9:0a:c7:67:d1:d0:66:
5c:17:1c:db:15:fb:02:36:38:66:bf:35:4a:57:d5:43:07:28:
1a:ec:4a:e9:da:70:21:de:e7:a0:17:18:78:14:14:94:17:2b:
32:7a:69:45:e3:c2:b9:fe:83:e1:ea:4a:61:cf:b6:e1:d2:a4:
b1:b3:60:bd:4f:8b:3c:da:21:e5:2b:7d:f1:82:01:f0:8c:7a:
9d:fe:db:f3:06:24:9d:5d:05:54:e2:51:62:4f:44:10:8a:77:
51:1b:94:8f:cc:bf:1a:a7:f9:bc:19:89:a8:92:3a:95:8b:1d:
98:e3:83:61:ae:ef:e6:a1:e3:76:0d:3d:b0:a0:13:91:ba:b3:
ab:15:3e:bd:9c:ff:70:ce:1f:2c:42:f1:76:13:19:5c:75:55:
3d:e5:02:3d:20:54:9f:3c:53:6a:35:a9:1c:58:a9:ac:31:e2:
50:54:9b:4c
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUJApolBhgTb7XaB4C6XzrX9lSAiwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDA0NTUwNFoX
DTI1MTIwOTA1MDAwNFowMzExMC8GA1UEAxMoNTdDRTg5OTg4RTc3N0I2NjVCM0ZD
NzMxOTAwMTAwREY3NkUxQ0U0NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN9FuCc373hxhIMJyZCzN18Pd1YBGHGx5uv6EMSPFStJyY9F2C6j52a/j71U
g6IAJWSLANsb2I8U6Vg8xlNox42qi7+UXcuMuH1yX7egzu+O0S2HXD+xPnaZT1Wn
7FpNN51R3XaHBSpe56klZ8MwVZ+ANhOX0N1LVMwFY2MGXHcS1xvYNWC1wmyqgEBc
nRtw1Aq67GGltHEUzo9TwjAchkU8LbF7DYa7V2g3jzE99HDSNdSAZE6jjQCPooGm
mh6C3cmTCwMpZdH9v9919MhfRHCTHL8Zg5rJcmwAaSD+FRf6zjfOEmioo2xiEg2G
l6AWNSHrIYLTpONJK975/ytB4ykCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRXzomY
jnd7Zls/xzGQAQDfduHORzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE3NTM4LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJAdVwDANBgkqhkiG9w0BAQsFAAOCAQEAQMCZ1Aianf9Q93BuqV7B
luOaCIRZjctlmKlbdDE6Beox4W62ZIjgoKnxkHaVj43zAeU0pEkWsEzSYuRTWsRe
DMHG9523UrxbhVe8cHh0wB0Ll5ipCsdn0dBmXBcc2xX7AjY4Zr81SlfVQwcoGuxK
6dpwId7noBcYeBQUlBcrMnppRePCuf6D4epKYc+24dKksbNgvU+LPNoh5St98YIB
8Ix6nf7b8wYknV0FVOJRYk9EEIp3URuUj8y/Gqf5vBmJqJI6lYsdmOODYa7v5qHj
dg09sKATkbqzqxU+vZz/cM4fLELxdhMZXHVVPeUCPSBUnzxTajWpHFiprDHiUFSb
TA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:22:37 2025 by rpki-client