Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e31302e3136302e302f32332d3234203d3e20313336303532.roa
File: 3135372e31302e3136302e302f32332d3234203d3e20313336303532.roa (raw, json)
Hash identifier: V9a9NQnt9K/1ydInIfRgFWNigVZMBArEuRgLP9+dYzE=
Subject key identifier: 25:FF:6E:D7:76:7A:EA:21:A4:CB:CB:1A:F2:95:E3:8C:51:29:9C:F0
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 445A0A6329D26D1153006DDFEB28A7B0C55F9A6D
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e31302e3136302e302f32332d3234203d3e20313336303532.roa
Signing time: Thu 12 Dec 2024 03:00:00 +0000
ROA not before: Thu 12 Dec 2024 02:55:00 +0000
ROA not after: Thu 11 Dec 2025 03:00:00 +0000
asID: 136052
IP address blocks: 157.10.160.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:5a:0a:63:29:d2:6d:11:53:00:6d:df:eb:28:a7:b0:c5:5f:9a:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Dec 12 02:55:00 2024 GMT
Not After : Dec 11 03:00:00 2025 GMT
Subject: CN=25FF6ED7767AEA21A4CBCB1AF295E38C51299CF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e4:0e:7a:9e:8a:d6:e5:4a:5d:f1:a3:3a:a5:
93:2b:ff:f3:ee:57:01:af:46:07:6f:62:ca:5a:fa:
b2:85:1d:a0:26:75:32:bf:0e:0c:51:9f:a4:43:c3:
46:e3:7b:69:35:81:23:08:b4:dd:e0:ef:5a:9f:b3:
49:f1:ee:3e:c5:f3:e3:50:33:85:b7:80:fc:c1:5b:
48:83:d7:6e:7d:ac:52:2a:5b:bb:c2:f1:44:d4:fe:
36:fa:0b:dc:5b:49:f9:94:4c:b7:1f:cf:4e:37:e7:
a7:d1:f3:38:8c:5f:bb:ec:dd:db:39:86:28:f3:c5:
29:64:ed:bd:67:1b:8b:cb:a2:f1:78:1e:e3:03:c2:
db:36:20:79:a4:f1:b3:c3:02:3a:4b:e5:a4:13:c3:
60:3b:19:c2:77:6b:02:8d:e1:bd:cd:95:64:3e:62:
b2:05:48:39:53:b5:80:c5:85:61:40:b3:26:d2:da:
2f:23:1d:49:78:a3:2a:04:27:f5:e3:52:dd:6e:98:
06:b6:ab:d4:18:fc:cd:cc:3c:3f:c6:db:26:af:dd:
73:4c:0b:f9:81:56:0d:e9:fe:8b:ea:6b:92:ad:e3:
70:12:a8:27:d5:f0:b3:45:07:ab:ba:26:c0:b7:d8:
79:7e:11:a4:5d:15:b2:f1:50:c1:06:e8:1c:18:40:
d4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:FF:6E:D7:76:7A:EA:21:A4:CB:CB:1A:F2:95:E3:8C:51:29:9C:F0
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e31302e3136302e302f32332d3234203d3e20313336303532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.10.160.0/23
Signature Algorithm: sha256WithRSAEncryption
16:4c:31:b4:77:45:c4:e1:ab:4f:89:e2:ac:e3:69:08:b2:37:
eb:4a:d0:ef:c2:46:39:2d:b0:f2:36:67:33:7a:7e:43:52:8d:
29:ef:23:5a:bc:51:c6:6b:19:96:1e:7c:41:cc:38:c0:a6:7e:
f4:92:f7:d1:0b:9e:50:cc:05:9c:83:28:6a:45:e3:21:3c:42:
2b:3d:a4:16:ce:fa:d9:82:ac:8f:27:f5:56:e7:20:16:79:74:
c2:68:d1:2d:7f:e7:85:90:dc:1b:24:78:34:f5:a4:70:bb:5b:
80:2d:23:09:5e:84:b2:f2:81:32:70:e2:b1:49:d0:6b:9d:d6:
b7:4c:b8:dd:8c:ff:96:0f:99:fa:ad:b3:37:2f:3c:3c:a1:7d:
9f:59:96:26:ad:c6:f6:c5:f7:d0:06:97:e9:7d:4e:49:2e:ef:
ab:e1:37:e1:19:cd:25:33:94:ed:59:0f:13:a1:fe:0d:18:da:
d6:19:89:86:33:8b:a7:93:af:71:de:d1:82:1d:b3:e6:e4:ed:
cc:a3:7b:a6:bf:03:47:0d:5b:36:62:fe:e9:f9:58:6c:46:75:
7e:03:5c:b7:6b:8e:2c:97:d4:53:1a:10:0b:6f:4c:47:7e:16:
6a:d7:45:3d:a3:aa:0d:4d:e6:45:31:ee:f3:b4:6e:62:db:cf:
65:59:22:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIURFoKYynSbRFTAG3f6yinsMVfmm0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MTIxMjAyNTUwMFoX
DTI1MTIxMTAzMDAwMFowMzExMC8GA1UEAxMoMjVGRjZFRDc3NjdBRUEyMUE0Q0JD
QjFBRjI5NUUzOEM1MTI5OUNGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnkDnqeitblSl3xozqlkyv/8+5XAa9GB29iylr6soUdoCZ1Mr8ODFGfpEPD
RuN7aTWBIwi03eDvWp+zSfHuPsXz41AzhbeA/MFbSIPXbn2sUipbu8LxRNT+NvoL
3FtJ+ZRMtx/PTjfnp9HzOIxfu+zd2zmGKPPFKWTtvWcbi8ui8Xge4wPC2zYgeaTx
s8MCOkvlpBPDYDsZwndrAo3hvc2VZD5isgVIOVO1gMWFYUCzJtLaLyMdSXijKgQn
9eNS3W6YBrar1Bj8zcw8P8bbJq/dc0wL+YFWDen+i+prkq3jcBKoJ9Xws0UHq7om
wLfYeX4RpF0VsvFQwQboHBhA1PsCAwEAAaOCAgEwggH9MB0GA1UdDgQWBBQl/27X
dnrqIaTLyxryleOMUSmc8DAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMIGEBggrBgEFBQcBCwR4MHYwdAYIKwYBBQUHMAuGaHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzEvMzEzNTM3MmUz
MTMwMmUzMTM2MzAyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMTMzMzYzMDM1MzIu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAGdCqAwDQYJKoZIhvcNAQELBQADggEBABZMMbR3RcThq0+J4qzj
aQiyN+tK0O/CRjktsPI2ZzN6fkNSjSnvI1q8UcZrGZYefEHMOMCmfvSS99ELnlDM
BZyDKGpF4yE8Qis9pBbO+tmCrI8n9VbnIBZ5dMJo0S1/54WQ3BskeDT1pHC7W4At
IwlehLLygTJw4rFJ0Gud1rdMuN2M/5YPmfqtszcvPDyhfZ9ZliatxvbF99AGl+l9
Tkku76vhN+EZzSUzlO1ZDxOh/g0Y2tYZiYYzi6eTr3He0YIds+bk7cyje6a/A0cN
WzZi/un5WGxGdX4DXLdrjiyX1FMaEAtvTEd+FmrXRT2jqg1N5kUx7vO0bmLbz2VZ
ImA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:53:39 2025 by rpki-client