Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58404.roa
File: AS58404.roa (raw, json)
Hash identifier: B+7fQDgK9OwNA0tRYm4vtsuvtgleGCSjVHxDJB1/WKE=
Subject key identifier: AC:02:C5:04:FA:42:A8:C3:3E:9C:F7:50:10:1B:99:6D:34:7D:3E:63
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 43FC2DEFC2A975DDD1CC0EFB2714162110AD79B3
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58404.roa
Signing time: Tue 10 Dec 2024 05:00:26 +0000
ROA not before: Tue 10 Dec 2024 04:55:26 +0000
ROA not after: Tue 09 Dec 2025 05:00:26 +0000
asID: 58404
IP address blocks: 123.253.28.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:fc:2d:ef:c2:a9:75:dd:d1:cc:0e:fb:27:14:16:21:10:ad:79:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Dec 10 04:55:26 2024 GMT
Not After : Dec 9 05:00:26 2025 GMT
Subject: CN=AC02C504FA42A8C33E9CF750101B996D347D3E63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5d:ad:90:12:ae:bd:23:d5:18:72:8e:e9:99:
65:5b:44:6c:61:92:c4:d1:0b:62:f7:5b:8b:72:35:
07:45:f1:8e:48:8f:f0:e6:3b:f9:68:6a:e8:c3:ff:
87:f8:27:e4:1a:2e:9a:d5:0c:fd:82:00:49:0b:ed:
5d:8c:65:c3:a5:d6:e7:c6:f9:21:8c:6e:01:16:e6:
ee:c9:b6:e6:4e:04:3a:9e:87:ec:a4:b5:79:8a:80:
84:9f:88:e1:ff:be:93:70:81:69:a8:bf:84:bd:a1:
55:0f:ce:8f:98:ea:5c:67:5b:e5:67:41:a5:da:9d:
89:a0:6b:3b:ac:4e:e1:22:96:d1:2c:43:bc:6a:75:
da:1f:34:bd:79:b7:09:ae:66:5c:54:65:be:1d:b4:
a1:23:15:13:a2:81:e7:5f:58:8a:fa:e6:3d:e5:65:
52:b4:36:4c:56:c0:48:12:6e:49:57:04:32:36:e4:
92:14:71:ad:3c:3e:93:58:2b:d0:9f:25:90:8c:c2:
56:cb:62:7f:b2:c8:24:4d:c0:2d:11:19:b0:ac:18:
18:df:1b:d4:5a:fa:23:1a:52:d9:c9:a4:20:40:9e:
af:4b:42:ed:fe:97:9b:71:ff:e3:4d:92:ae:7c:d2:
07:79:e6:f8:29:07:35:55:4a:89:0d:aa:dd:87:ed:
0a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:02:C5:04:FA:42:A8:C3:3E:9C:F7:50:10:1B:99:6D:34:7D:3E:63
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58404.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
123.253.28.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:a8:4b:53:dd:4a:44:ff:09:9a:0f:b9:a0:8d:ef:1c:30:f6:
f2:7a:02:fa:7f:74:0f:55:76:93:dc:24:dd:94:9a:38:61:03:
18:b4:2c:92:87:a5:f2:f6:ef:bf:c1:c0:58:f8:17:b3:d3:cd:
0d:e4:85:7d:52:97:13:05:78:42:58:8e:3f:1c:47:72:7c:85:
fd:74:8f:28:a4:1d:75:fe:0a:09:50:3a:1f:9e:c4:46:d6:2d:
65:34:fb:43:53:a1:57:15:b3:ce:18:a2:ed:88:b1:f1:80:72:
39:d0:8a:53:e5:6c:ca:4e:05:eb:ac:ec:b4:02:63:50:c8:9c:
12:0f:ef:c7:99:e6:b8:6a:7f:54:93:0c:df:c1:86:d7:4c:c5:
6e:fe:59:cf:b1:f8:a8:6e:46:e7:86:bd:cc:75:69:39:ab:40:
c1:57:f4:76:49:a8:75:69:9f:48:64:5c:8e:29:79:9f:01:f4:
7e:92:12:52:69:a1:7c:54:eb:60:42:98:a9:0a:95:4b:1b:e9:
4d:48:9b:cd:b7:10:49:e9:c2:bf:6c:ed:c3:6d:60:50:75:62:
ac:f3:a3:ea:45:d1:9e:d2:32:db:e6:e8:ee:4b:f7:54:4b:e1:
7e:e9:53:1f:43:a1:84:2d:af:c1:82:ae:d6:94:03:05:ca:80:
57:4b:c4:bb
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUQ/wt78Kpdd3RzA77JxQWIRCtebMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDA0NTUyNloX
DTI1MTIwOTA1MDAyNlowMzExMC8GA1UEAxMoQUMwMkM1MDRGQTQyQThDMzNFOUNG
NzUwMTAxQjk5NkQzNDdEM0U2MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJdrZASrr0j1RhyjumZZVtEbGGSxNELYvdbi3I1B0XxjkiP8OY7+Whq6MP/
h/gn5BoumtUM/YIASQvtXYxlw6XW58b5IYxuARbm7sm25k4EOp6H7KS1eYqAhJ+I
4f++k3CBaai/hL2hVQ/Oj5jqXGdb5WdBpdqdiaBrO6xO4SKW0SxDvGp12h80vXm3
Ca5mXFRlvh20oSMVE6KB519YivrmPeVlUrQ2TFbASBJuSVcEMjbkkhRxrTw+k1gr
0J8lkIzCVstif7LIJE3ALREZsKwYGN8b1Fr6IxpS2cmkIECer0tC7f6Xm3H/402S
rnzSB3nm+CkHNVVKiQ2q3YftCskCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSsAsUE
+kKowz6c91AQG5ltNH0+YzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzU4NDA0LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCe/0cMA0GCSqGSIb3DQEBCwUAA4IBAQCaqEtT3UpE/wmaD7mgje8c
MPbyegL6f3QPVXaT3CTdlJo4YQMYtCySh6Xy9u+/wcBY+Bez080N5IV9UpcTBXhC
WI4/HEdyfIX9dI8opB11/goJUDofnsRG1i1lNPtDU6FXFbPOGKLtiLHxgHI50IpT
5WzKTgXrrOy0AmNQyJwSD+/Hmea4an9UkwzfwYbXTMVu/lnPsfiobkbnhr3MdWk5
q0DBV/R2Sah1aZ9IZFyOKXmfAfR+khJSaaF8VOtgQpipCpVLG+lNSJvNtxBJ6cK/
bO3DbWBQdWKs86PqRdGe0jLb5ujuS/dUS+F+6VMfQ6GELa/Bgq7WlAMFyoBXS8S7
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:20:41 2025 by rpki-client