Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e34362e302f32332d3234203d3e20313532333934.roa
File: 3135372e32302e34362e302f32332d3234203d3e20313532333934.roa (raw, json)
Hash identifier: Vou+NB4d+xIN9fnjYgGBsh25V+gNeVd1ILf9mRJwvss=
Subject key identifier: C8:D2:DB:1B:7F:48:D8:B1:14:38:61:F1:64:1D:A8:30:D3:81:68:CC
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 065F6D958649080BB50F40E4AFE6DCE321AC6DFD
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e34362e302f32332d3234203d3e20313532333934.roa
Signing time: Fri 31 Jan 2025 04:00:00 +0000
ROA not before: Fri 31 Jan 2025 03:55:00 +0000
ROA not after: Fri 30 Jan 2026 04:00:00 +0000
asID: 152394
IP address blocks: 157.20.46.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:5f:6d:95:86:49:08:0b:b5:0f:40:e4:af:e6:dc:e3:21:ac:6d:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Jan 31 03:55:00 2025 GMT
Not After : Jan 30 04:00:00 2026 GMT
Subject: CN=C8D2DB1B7F48D8B1143861F1641DA830D38168CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:a7:c6:73:3d:9c:f9:83:ca:bc:82:cc:ca:52:
da:da:07:b7:ac:0b:91:37:63:35:05:57:6d:17:7a:
7f:76:81:c2:01:17:f3:31:ff:7d:b7:ed:ce:ce:08:
0a:5d:76:ab:fa:21:bb:8b:45:c3:c3:6c:eb:df:f6:
b9:e6:0e:f1:80:b4:e8:2a:dd:39:e0:92:09:9b:fc:
a1:e9:91:4d:25:c5:66:e9:7d:09:40:7d:ba:9e:93:
16:9d:bd:9b:05:d1:62:cf:8a:dd:88:43:22:f2:ed:
d5:22:1e:5f:51:80:d3:58:6e:c8:4e:af:18:86:3c:
90:64:c8:53:71:3b:1c:67:71:0c:2e:cb:f2:9d:d3:
c7:ad:d3:88:52:82:fb:11:76:a3:fc:8d:7e:30:14:
11:46:02:07:28:e0:d8:15:67:2a:54:ea:e6:3b:a2:
ab:f5:ec:32:26:c6:cf:5b:f5:33:74:79:13:ee:20:
af:0b:4a:ca:69:f2:bb:7f:75:8f:7b:4e:ff:64:1d:
28:c7:6b:8f:79:79:8d:c0:ea:eb:99:14:67:96:48:
d4:0e:2a:94:44:bf:34:8c:af:09:c6:7e:0b:34:e1:
92:90:fe:cc:c1:dc:a8:05:93:5b:45:f4:66:6a:d3:
cc:a9:6b:72:63:0f:6a:0a:6f:76:ea:ae:43:51:66:
35:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D2:DB:1B:7F:48:D8:B1:14:38:61:F1:64:1D:A8:30:D3:81:68:CC
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e34362e302f32332d3234203d3e20313532333934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.46.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:22:bb:dd:11:5a:96:8e:04:15:03:eb:18:34:7c:e8:27:8e:
0e:35:98:57:25:de:5d:95:0a:90:1d:5b:f7:11:72:10:e1:dc:
e3:09:63:de:d5:f4:49:4d:01:d2:69:ca:4f:ff:e7:bf:35:cf:
6c:33:32:a9:2d:bf:54:9d:1a:40:f5:f9:ec:93:f2:8f:0b:8c:
16:4d:58:d2:f7:1a:7d:0e:21:95:8a:72:bd:d5:91:ed:17:23:
6e:04:5e:6d:1f:d6:a2:be:fd:fc:98:bb:e0:fb:4b:10:dd:3d:
4f:ff:21:22:19:18:10:73:8f:e3:7d:b2:c4:1e:93:44:b7:b8:
aa:36:12:36:e2:70:58:ed:03:8e:49:4a:b2:61:e3:92:dd:5a:
c7:25:25:6c:20:20:1a:f1:ca:30:66:94:fd:b0:3b:0e:87:c5:
af:32:a9:34:5b:f7:ad:85:9f:27:1f:7d:81:18:16:30:12:b3:
24:32:8c:26:a3:19:8e:4c:cf:0f:f8:17:dc:e4:39:d1:54:82:
95:ce:da:22:6f:4c:20:fa:ee:d9:78:08:12:f3:2b:41:63:45:
7a:23:7d:e3:a2:26:66:7c:03:31:2f:4e:26:d9:b8:12:97:7a:
61:59:c4:ba:b0:b5:ff:64:c6:13:49:8b:db:14:9d:0f:a9:7c:
e7:0e:3f:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUBl9tlYZJCAu1D0Dkr+bc4yGsbf0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDEzMTAzNTUwMFoX
DTI2MDEzMDA0MDAwMFowMzExMC8GA1UEAxMoQzhEMkRCMUI3RjQ4RDhCMTE0Mzg2
MUYxNjQxREE4MzBEMzgxNjhDQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOqnxnM9nPmDyryCzMpS2toHt6wLkTdjNQVXbRd6f3aBwgEX8zH/fbftzs4I
Cl12q/ohu4tFw8Ns69/2ueYO8YC06CrdOeCSCZv8oemRTSXFZul9CUB9up6TFp29
mwXRYs+K3YhDIvLt1SIeX1GA01huyE6vGIY8kGTIU3E7HGdxDC7L8p3Tx63TiFKC
+xF2o/yNfjAUEUYCByjg2BVnKlTq5juiq/XsMibGz1v1M3R5E+4grwtKymnyu391
j3tO/2QdKMdrj3l5jcDq65kUZ5ZI1A4qlES/NIyvCcZ+CzThkpD+zMHcqAWTW0X0
ZmrTzKlrcmMPagpvduquQ1FmNRsCAwEAAaOCAf8wggH7MB0GA1UdDgQWBBTI0tsb
f0jYsRQ4YfFkHagw04FozDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMIGCBggrBgEFBQcBCwR2MHQwcgYIKwYBBQUHMAuGZnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzEvMzEzNTM3MmUz
MjMwMmUzNDM2MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzEzNTMyMzMzOTM0LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBnRQuMA0GCSqGSIb3DQEBCwUAA4IBAQCaIrvdEVqWjgQVA+sYNHzo
J44ONZhXJd5dlQqQHVv3EXIQ4dzjCWPe1fRJTQHSacpP/+e/Nc9sMzKpLb9UnRpA
9fnsk/KPC4wWTVjS9xp9DiGVinK91ZHtFyNuBF5tH9aivv38mLvg+0sQ3T1P/yEi
GRgQc4/jfbLEHpNEt7iqNhI24nBY7QOOSUqyYeOS3VrHJSVsICAa8cowZpT9sDsO
h8WvMqk0W/ethZ8nH32BGBYwErMkMowmoxmOTM8P+Bfc5DnRVIKVztoib0wg+u7Z
eAgS8ytBY0V6I33joiZmfAMxL04m2bgSl3phWcS6sLX/ZMYTSYvbFJ0PqXznDj8B
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:01:33 2025 by rpki-client