Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38761.roa
File: AS38761.roa (raw, json)
Hash identifier: SNRzIeFl5VjprOgI5lMvr70x+cgBYTz+iCunjFwS/jc=
Subject key identifier: EC:8E:6B:6D:DF:32:4A:06:A2:05:5E:8C:F3:50:CE:4D:EA:32:1F:DA
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 3C017B420F1FB4C2B56635088294EA9A94166350
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38761.roa
Signing time: Tue 24 Dec 2024 12:26:11 +0000
ROA not before: Tue 24 Dec 2024 12:21:11 +0000
ROA not after: Tue 23 Dec 2025 12:26:11 +0000
asID: 38761
IP address blocks: 121.100.24.0/21 maxlen: 24
2406:8f00::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:01:7b:42:0f:1f:b4:c2:b5:66:35:08:82:94:ea:9a:94:16:63:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Dec 24 12:21:11 2024 GMT
Not After : Dec 23 12:26:11 2025 GMT
Subject: CN=EC8E6B6DDF324A06A2055E8CF350CE4DEA321FDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2c:10:ca:69:16:6a:1f:e3:0a:4d:fe:5f:55:
fa:a3:39:b6:93:6f:34:cf:d2:72:53:a5:76:d2:fa:
40:d4:a4:56:67:31:d7:66:e1:59:4b:52:9c:69:a4:
8c:6b:d1:f6:93:36:2d:91:a0:49:8f:60:2e:72:6b:
8e:14:0c:30:51:d4:28:2a:56:32:29:32:ae:4f:09:
9c:b2:02:cf:8c:5c:e2:53:b1:fd:e9:90:e2:9e:05:
cc:aa:6f:c0:7e:82:fa:03:33:c3:87:28:90:4b:e6:
0b:a7:69:ef:69:da:dc:17:83:ef:e3:02:5b:13:76:
88:21:8e:d7:7c:c4:db:cb:7d:c7:68:ec:c4:d4:b5:
df:e7:ca:33:76:24:d1:04:04:8a:c3:c0:ab:ac:65:
8a:e3:ff:f3:d5:5b:32:39:eb:40:bd:37:19:b3:2d:
bd:e1:f8:ec:8f:04:27:9b:08:9a:f7:f9:56:28:c6:
0a:11:df:e2:7c:aa:ec:06:01:f4:b7:19:3f:ea:25:
0d:1d:04:73:6a:85:30:8d:69:b1:d1:b0:50:73:44:
45:c5:0e:46:44:77:9c:48:40:a2:70:ae:cc:a4:e3:
3b:22:a4:59:e7:77:8c:f6:2b:70:04:9b:56:ce:cc:
05:69:6d:73:32:ac:bb:c9:e8:f9:50:65:ea:b6:a0:
85:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:8E:6B:6D:DF:32:4A:06:A2:05:5E:8C:F3:50:CE:4D:EA:32:1F:DA
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38761.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.100.24.0/21
IPv6:
2406:8f00::/32
Signature Algorithm: sha256WithRSAEncryption
91:43:85:2f:c2:82:24:86:16:9c:a0:ba:56:7b:77:3b:52:61:
0d:b1:81:da:3f:dc:e9:f2:8b:5f:6a:9b:26:9f:88:62:36:a4:
ec:49:6a:2e:67:04:f3:b5:2b:d7:64:9f:00:3b:fe:a3:d2:11:
10:c0:a2:a4:01:b7:a5:8a:f2:40:6f:10:8e:f7:89:4e:aa:de:
40:49:98:a1:85:37:c1:eb:2a:68:45:82:45:eb:d1:cb:f6:84:
91:82:00:ae:c0:72:75:cc:0f:d1:a3:73:47:a9:9c:fc:ca:1e:
b0:a5:82:74:46:ef:1b:3f:86:cb:18:6c:47:cc:af:ff:3b:67:
0d:1e:f3:13:8a:ac:ce:e0:29:05:0a:47:06:a6:0e:de:d0:2e:
dc:68:f5:65:85:06:23:2e:41:33:9b:85:72:bd:95:fe:af:e9:
b6:4b:07:8b:30:a8:e1:1b:ac:8a:67:a8:05:d3:6a:2d:59:e0:
fe:7b:2b:01:21:dc:0a:a9:49:9f:19:b3:6f:5d:7c:ad:6c:9c:
7e:15:1b:c3:d4:df:8e:7e:51:f3:d8:a6:43:dc:48:23:33:ad:
03:84:d6:fa:62:64:83:54:95:ee:8e:08:02:2f:7e:cd:d2:15:
52:8b:3a:c7:7c:56:3a:ae:a4:bb:01:cd:85:cb:29:20:d5:62:
0e:de:a7:2c
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUPAF7Qg8ftMK1ZjUIgpTqmpQWY1AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIyNDEyMjExMVoX
DTI1MTIyMzEyMjYxMVowMzExMC8GA1UEAxMoRUM4RTZCNkRERjMyNEEwNkEyMDU1
RThDRjM1MENFNERFQTMyMUZEQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANosEMppFmof4wpN/l9V+qM5tpNvNM/SclOldtL6QNSkVmcx12bhWUtSnGmk
jGvR9pM2LZGgSY9gLnJrjhQMMFHUKCpWMikyrk8JnLICz4xc4lOx/emQ4p4FzKpv
wH6C+gMzw4cokEvmC6dp72na3BeD7+MCWxN2iCGO13zE28t9x2jsxNS13+fKM3Yk
0QQEisPAq6xliuP/89VbMjnrQL03GbMtveH47I8EJ5sImvf5VijGChHf4nyq7AYB
9LcZP+olDR0Ec2qFMI1psdGwUHNERcUORkR3nEhAonCuzKTjOyKkWed3jPYrcASb
Vs7MBWltczKsu8no+VBl6raghQ0CAwEAAaOCAd4wggHaMB0GA1UdDgQWBBTsjmtt
3zJKBqIFXozzUM5N6jIf2jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzM4NzYxLnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQDeWQYMA0EAgACMAcDBQAkBo8AMA0GCSqGSIb3DQEBCwUAA4IBAQCR
Q4UvwoIkhhacoLpWe3c7UmENsYHaP9zp8otfapsmn4hiNqTsSWouZwTztSvXZJ8A
O/6j0hEQwKKkAbelivJAbxCO94lOqt5ASZihhTfB6ypoRYJF69HL9oSRggCuwHJ1
zA/Ro3NHqZz8yh6wpYJ0Ru8bP4bLGGxHzK//O2cNHvMTiqzO4CkFCkcGpg7e0C7c
aPVlhQYjLkEzm4VyvZX+r+m2SweLMKjhG6yKZ6gF02otWeD+eysBIdwKqUmfGbNv
XXytbJx+FRvD1N+OflHz2KZD3EgjM60DhNb6YmSDVJXujggCL37N0hVSizrHfFY6
rqS7Ac2Fyykg1WIO3qcs
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:20:06 2025 by rpki-client