Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e33322e302f32342d3234203d3e20313532333930.roa
File: 3135372e32302e33322e302f32342d3234203d3e20313532333930.roa (raw, json)
Hash identifier: nv699iwErOh/5GOAzOk4lGaD/kmI0+g4d/yC+tplPI8=
Subject key identifier: 2B:62:85:24:A4:CC:B3:C1:38:F1:72:17:93:69:22:6A:9C:19:9D:87
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 0603EAE7ACA220792EDB224EDC18F322A0273B08
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e33322e302f32342d3234203d3e20313532333930.roa
Signing time: Wed 29 Jan 2025 03:00:00 +0000
ROA not before: Wed 29 Jan 2025 02:55:00 +0000
ROA not after: Wed 28 Jan 2026 03:00:00 +0000
asID: 152390
IP address blocks: 157.20.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:03:ea:e7:ac:a2:20:79:2e:db:22:4e:dc:18:f3:22:a0:27:3b:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Jan 29 02:55:00 2025 GMT
Not After : Jan 28 03:00:00 2026 GMT
Subject: CN=2B628524A4CCB3C138F172179369226A9C199D87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:32:dd:98:9e:03:82:4a:91:b9:0a:10:a0:6e:
83:05:86:07:9c:28:9b:23:8c:a5:a0:98:41:6d:7e:
7e:a6:b2:73:e0:e5:17:f5:6c:cb:dd:40:32:c2:d9:
d3:35:1c:5f:d3:54:ee:c5:2e:46:41:a5:0d:48:46:
a9:f7:2f:a0:ad:25:41:1f:26:15:30:ea:a3:a6:64:
a4:ac:98:8d:fa:30:f3:c3:5f:b5:c5:a0:95:1b:3d:
92:c9:ca:51:89:26:4e:e7:cd:43:5e:2a:d7:3d:60:
de:17:b4:ba:f1:9b:00:15:32:e4:9a:e3:40:5e:21:
f8:ba:5a:e9:24:4a:53:50:48:90:ed:6d:cc:cc:94:
58:3b:8e:4f:9d:42:c4:4f:d0:41:fe:c7:7c:33:e7:
52:20:6a:eb:cf:03:5d:eb:34:24:1f:f7:2e:54:b5:
e3:ef:f5:4b:61:02:d2:49:5e:2d:a9:f6:69:37:ea:
22:98:ef:03:4c:41:89:ac:78:f1:d1:e7:59:da:f8:
75:a1:ae:68:e0:b8:08:0e:bf:3c:fa:0c:1f:fd:6f:
55:6b:b1:51:b4:7d:f9:61:6d:8d:f3:a7:ed:4a:57:
c6:9c:43:b2:b2:d8:4d:0d:b6:8a:2e:62:54:57:8f:
3b:3a:33:7b:7b:65:7e:56:33:f2:bc:62:0e:95:34:
41:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:62:85:24:A4:CC:B3:C1:38:F1:72:17:93:69:22:6A:9C:19:9D:87
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e33322e302f32342d3234203d3e20313532333930.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.32.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:37:dc:01:9c:6d:11:64:9a:df:1c:cc:3d:fd:67:8a:16:7e:
5d:52:9b:7d:db:22:4a:66:b0:d7:b2:ea:11:a9:78:04:26:6c:
6d:b2:61:17:60:cc:b6:7f:c9:d0:50:bd:c8:75:2d:41:cf:78:
a7:dd:86:0d:de:5b:5f:15:b3:e2:93:c9:bb:2c:e0:84:e2:71:
80:c8:1f:85:25:bf:27:3d:11:25:4d:ad:0a:d0:93:d4:9e:bd:
52:02:cb:4e:fb:51:1f:dd:5f:b1:9d:0d:07:8f:1e:e8:d2:e9:
ae:41:9c:6b:06:f2:d9:ec:00:03:c9:c1:2e:e3:17:4d:68:91:
29:b5:2f:9e:bf:88:84:ce:50:82:89:6c:ac:1c:0d:3e:d4:dd:
a6:7a:42:5c:4c:3f:58:b7:19:94:60:8d:d7:90:35:92:a4:43:
0f:e0:46:d0:e2:3a:ee:32:a7:78:29:87:6a:f8:4d:fd:84:8d:
04:51:86:b2:7a:3a:fe:d2:57:fe:c6:9c:ae:0e:8f:fb:4e:d7:
5c:a9:35:3d:0c:72:9a:6a:7d:9d:f3:78:6d:87:fc:6e:dc:e9:
4a:2f:f7:ff:f5:bd:38:a2:c1:2b:3b:ae:20:3d:f0:2a:79:54:
a3:25:83:eb:71:80:c0:09:98:bf:f7:90:f2:e5:86:dc:a8:bc:
d6:e6:38:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUBgPq56yiIHku2yJO3BjzIqAnOwgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDEyOTAyNTUwMFoX
DTI2MDEyODAzMDAwMFowMzExMC8GA1UEAxMoMkI2Mjg1MjRBNENDQjNDMTM4RjE3
MjE3OTM2OTIyNkE5QzE5OUQ4NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANwy3ZieA4JKkbkKEKBugwWGB5womyOMpaCYQW1+fqayc+DlF/Vsy91AMsLZ
0zUcX9NU7sUuRkGlDUhGqfcvoK0lQR8mFTDqo6ZkpKyYjfow88NftcWglRs9ksnK
UYkmTufNQ14q1z1g3he0uvGbABUy5JrjQF4h+Lpa6SRKU1BIkO1tzMyUWDuOT51C
xE/QQf7HfDPnUiBq688DXes0JB/3LlS14+/1S2EC0kleLan2aTfqIpjvA0xBiax4
8dHnWdr4daGuaOC4CA6/PPoMH/1vVWuxUbR9+WFtjfOn7UpXxpxDsrLYTQ22ii5i
VFePOzoze3tlflYz8rxiDpU0QbkCAwEAAaOCAf8wggH7MB0GA1UdDgQWBBQrYoUk
pMyzwTjxcheTaSJqnBmdhzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMIGCBggrBgEFBQcBCwR2MHQwcgYIKwYBBQUHMAuGZnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzEvMzEzNTM3MmUz
MjMwMmUzMzMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTMyMzMzOTMwLnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAnRQgMA0GCSqGSIb3DQEBCwUAA4IBAQA+N9wBnG0RZJrfHMw9/WeK
Fn5dUpt92yJKZrDXsuoRqXgEJmxtsmEXYMy2f8nQUL3IdS1Bz3in3YYN3ltfFbPi
k8m7LOCE4nGAyB+FJb8nPRElTa0K0JPUnr1SAstO+1Ef3V+xnQ0Hjx7o0umuQZxr
BvLZ7AADycEu4xdNaJEptS+ev4iEzlCCiWysHA0+1N2mekJcTD9YtxmUYI3XkDWS
pEMP4EbQ4jruMqd4KYdq+E39hI0EUYayejr+0lf+xpyuDo/7TtdcqTU9DHKaan2d
83hth/xu3OlKL/f/9b04osErO64gPfAqeVSjJYPrcYDACZi/95Dy5YbcqLzW5jg5
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:01:24 2025 by rpki-client