Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24209.roa
File: AS24209.roa (raw, json)
Hash identifier: z+Ij+dd4CBxBIgieHJa8vSuLYK+IgRg7VyoTDK+RRVU=
Subject key identifier: 49:F6:2F:F5:52:6D:71:6A:DB:18:D2:CF:53:32:23:53:B0:69:59:F2
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 53BBDA56FE46FAD7D0856ED28E42A4014C8AE6EB
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24209.roa
Signing time: Tue 10 Dec 2024 05:00:04 +0000
ROA not before: Tue 10 Dec 2024 04:55:04 +0000
ROA not after: Tue 09 Dec 2025 05:00:04 +0000
asID: 24209
IP address blocks: 202.122.8.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:bb:da:56:fe:46:fa:d7:d0:85:6e:d2:8e:42:a4:01:4c:8a:e6:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Dec 10 04:55:04 2024 GMT
Not After : Dec 9 05:00:04 2025 GMT
Subject: CN=49F62FF5526D716ADB18D2CF53322353B06959F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:95:ea:b9:39:68:53:04:77:b6:e5:7e:da:fd:
78:1f:30:2b:a9:5f:72:00:da:47:0f:b1:a0:96:a1:
04:b3:17:b1:65:35:bf:f0:5a:7e:a8:3d:ee:8a:f9:
10:a4:c6:af:fb:df:e9:e0:18:38:0e:2e:e6:18:fc:
cf:eb:93:30:1b:f2:34:af:6b:88:67:0c:ab:6d:f2:
58:5f:02:10:b2:d3:9c:e2:82:a0:f8:25:b3:39:fa:
9c:74:42:3e:10:73:2d:e0:90:87:38:ba:e7:cb:b6:
2e:74:58:bd:f0:07:b4:fa:28:01:80:c1:63:9c:19:
f5:01:ca:e8:14:32:f6:60:a3:cb:31:ff:d6:61:84:
60:79:52:28:16:0f:54:fd:26:fd:92:62:ee:7f:b7:
01:21:94:78:05:9e:f8:0b:c1:c2:2d:a6:2a:fc:3d:
10:a3:f6:cb:18:93:2f:c5:8f:c6:ed:cc:62:ec:fa:
8d:21:e4:27:d2:8a:b8:90:0d:8a:93:50:9a:69:4b:
95:3f:36:13:6a:41:64:f5:2f:59:42:bd:75:ee:9f:
e5:72:f4:75:ba:8c:56:f6:3d:ef:2a:31:2c:a9:55:
a5:03:1b:de:f6:42:3d:a8:89:52:aa:9e:9a:f8:5a:
da:4f:b8:b3:bf:fe:f1:a0:41:cf:0a:64:6c:c5:20:
d3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F6:2F:F5:52:6D:71:6A:DB:18:D2:CF:53:32:23:53:B0:69:59:F2
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24209.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.122.8.0/21
Signature Algorithm: sha256WithRSAEncryption
33:0d:84:40:3c:3e:bd:11:43:db:1c:58:4e:90:1b:5f:c3:c4:
5d:c9:e4:05:a7:0b:c7:ca:6a:03:c1:a6:aa:cc:95:bf:06:a4:
d6:5c:31:9b:c0:22:0b:3b:b6:7d:22:e3:c0:95:e7:72:8d:72:
04:24:69:25:ac:fc:e6:3f:ea:00:4f:45:20:8e:32:81:e3:51:
6e:d2:88:46:5f:a2:4a:70:a0:19:31:87:14:07:3e:21:a3:1d:
92:86:d3:27:da:6e:81:81:79:8d:a5:1b:9e:90:c9:cd:b4:55:
6b:83:dd:d2:39:ec:c1:f9:ca:b8:fd:55:d4:c2:b4:1f:52:19:
50:b8:19:f8:74:b9:60:73:80:11:03:32:22:6b:dc:63:e1:1e:
ca:58:98:e3:f1:93:44:33:78:16:97:01:bc:0b:ec:59:08:ca:
35:06:df:88:26:1e:b4:65:09:6b:88:36:89:bf:1c:bc:04:7e:
15:56:46:5a:63:8f:b5:e9:2f:90:2c:96:fa:58:61:5f:8c:0a:
1c:43:cb:d8:53:ed:b3:00:38:6a:63:63:04:8d:a4:a0:48:04:
5b:89:31:94:5d:e3:c2:08:59:80:05:13:7e:58:f4:97:7a:14:
00:0e:2e:1d:7c:7b:5f:15:92:86:e8:1e:b9:76:a8:9c:1e:35:
bc:67:e4:f3
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUU7vaVv5G+tfQhW7SjkKkAUyK5uswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDA0NTUwNFoX
DTI1MTIwOTA1MDAwNFowMzExMC8GA1UEAxMoNDlGNjJGRjU1MjZENzE2QURCMThE
MkNGNTMzMjIzNTNCMDY5NTlGMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmV6rk5aFMEd7blftr9eB8wK6lfcgDaRw+xoJahBLMXsWU1v/Bafqg97or5
EKTGr/vf6eAYOA4u5hj8z+uTMBvyNK9riGcMq23yWF8CELLTnOKCoPglszn6nHRC
PhBzLeCQhzi658u2LnRYvfAHtPooAYDBY5wZ9QHK6BQy9mCjyzH/1mGEYHlSKBYP
VP0m/ZJi7n+3ASGUeAWe+AvBwi2mKvw9EKP2yxiTL8WPxu3MYuz6jSHkJ9KKuJAN
ipNQmmlLlT82E2pBZPUvWUK9de6f5XL0dbqMVvY97yoxLKlVpQMb3vZCPaiJUqqe
mvha2k+4s7/+8aBBzwpkbMUg05sCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRJ9i/1
Um1xatsY0s9TMiNTsGlZ8jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzI0MjA5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDynoIMA0GCSqGSIb3DQEBCwUAA4IBAQAzDYRAPD69EUPbHFhOkBtf
w8RdyeQFpwvHymoDwaaqzJW/BqTWXDGbwCILO7Z9IuPAledyjXIEJGklrPzmP+oA
T0UgjjKB41Fu0ohGX6JKcKAZMYcUBz4hox2ShtMn2m6BgXmNpRuekMnNtFVrg93S
OezB+cq4/VXUwrQfUhlQuBn4dLlgc4ARAzIia9xj4R7KWJjj8ZNEM3gWlwG8C+xZ
CMo1Bt+IJh60ZQlriDaJvxy8BH4VVkZaY4+16S+QLJb6WGFfjAocQ8vYU+2zADhq
Y2MEjaSgSARbiTGUXePCCFmABRN+WPSXehQADi4dfHtfFZKG6B65dqicHjW8Z+Tz
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:32:11 2025 by rpki-client