Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS149337.roa
File: AS149337.roa (raw, json)
Hash identifier: t/nzTgE4Q8SjzUrCcUw5lNo942wr+Ge8gbZw23nXfe8=
Subject key identifier: CB:D7:4C:81:C3:C1:74:D6:4B:05:C3:5A:A2:F3:65:2F:53:AA:B8:3A
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 4743A023185CBCB0213772D95BEB82FC332AA13C
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS149337.roa
Signing time: Thu 06 Feb 2025 10:44:53 +0000
ROA not before: Thu 06 Feb 2025 10:39:53 +0000
ROA not after: Thu 05 Feb 2026 10:44:53 +0000
asID: 149337
IP address blocks: 157.10.236.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:43:a0:23:18:5c:bc:b0:21:37:72:d9:5b:eb:82:fc:33:2a:a1:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 6 10:39:53 2025 GMT
Not After : Feb 5 10:44:53 2026 GMT
Subject: CN=CBD74C81C3C174D64B05C35AA2F3652F53AAB83A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e0:0b:39:11:26:dc:68:10:c2:52:eb:2b:2e:
15:7d:ac:6d:b1:7a:32:5d:39:82:61:48:d2:5e:22:
7b:a6:41:de:86:c3:d1:bf:67:23:5e:b8:6e:de:b0:
9e:5c:5b:19:f9:d0:c9:c3:18:27:c8:b0:c1:10:2b:
3b:10:67:27:eb:02:39:ef:fd:aa:d7:0c:88:f1:41:
ac:29:02:94:50:f9:c4:db:42:20:ee:11:67:6e:bd:
0d:9a:88:ea:70:6a:91:af:39:b4:68:f8:14:84:30:
b2:9d:71:31:0d:34:66:de:87:cd:a0:bb:ba:cd:3e:
69:38:8e:aa:3b:17:f1:c1:60:ef:77:88:e4:3f:a8:
c7:94:a8:73:24:7a:96:3b:69:0e:09:f8:0d:df:24:
4f:46:44:b1:83:54:10:17:1b:d8:10:1e:02:4a:20:
55:e7:7c:d4:3b:21:8a:9e:8b:1f:fc:cb:2c:9d:6b:
80:64:5e:c2:bd:49:f4:17:74:2e:4d:48:17:e6:6c:
6f:89:1b:07:fb:75:5e:be:8b:b2:dc:6b:b6:65:82:
e3:06:6a:68:18:34:89:b9:ba:1d:69:d7:53:aa:40:
09:d5:aa:62:f3:19:bc:30:ff:db:01:20:62:d1:cd:
36:f2:d1:05:fa:96:86:28:ab:38:19:9a:6a:ef:74:
c0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D7:4C:81:C3:C1:74:D6:4B:05:C3:5A:A2:F3:65:2F:53:AA:B8:3A
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS149337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.10.236.0/24
Signature Algorithm: sha256WithRSAEncryption
70:e7:4b:c6:50:de:46:ef:e9:99:4a:d1:5a:18:03:a0:7c:4e:
24:37:bd:a4:fc:2d:65:fc:36:0c:6c:35:36:80:71:7a:41:89:
97:0c:b2:0a:23:75:8a:42:90:97:bd:a3:42:6a:a9:0e:e9:86:
98:ae:9d:02:4a:cc:0e:c4:02:6e:04:85:02:fd:95:c2:50:27:
32:46:ce:da:29:c8:91:a6:f8:04:4f:4b:e7:fa:99:ff:9f:02:
2e:0d:15:54:86:d1:44:33:85:e5:9e:18:d9:45:d8:a6:20:91:
8b:e3:40:f9:d8:21:2d:8a:49:3a:c0:0a:5b:bc:eb:c0:17:18:
88:7b:3b:4b:26:2c:0c:fe:30:70:bd:68:b8:78:28:75:94:ad:
6a:4a:ec:39:dc:f5:78:7c:25:7f:e7:3d:ab:af:a3:fd:78:ce:
1e:f2:90:72:6f:9c:eb:8f:c1:f5:fb:fa:40:eb:3f:99:79:04:
5c:b2:48:c2:2d:84:fa:64:3e:aa:65:7e:ee:39:e0:10:59:04:
29:51:94:47:fe:d8:31:50:9e:5b:34:9b:4c:3f:4d:9e:64:e3:
7c:e4:3e:0c:bd:5b:31:9f:57:20:96:83:ac:1d:ae:31:4d:b8:
89:4e:b5:9c:3d:1b:10:57:86:32:9e:17:a2:32:13:77:a2:7d:
a5:a2:1f:71
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUR0OgIxhcvLAhN3LZW+uC/DMqoTwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1M1oX
DTI2MDIwNTEwNDQ1M1owMzExMC8GA1UEAxMoQ0JENzRDODFDM0MxNzRENjRCMDVD
MzVBQTJGMzY1MkY1M0FBQjgzQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvgCzkRJtxoEMJS6ysuFX2sbbF6Ml05gmFI0l4ie6ZB3obD0b9nI164bt6w
nlxbGfnQycMYJ8iwwRArOxBnJ+sCOe/9qtcMiPFBrCkClFD5xNtCIO4RZ269DZqI
6nBqka85tGj4FIQwsp1xMQ00Zt6HzaC7us0+aTiOqjsX8cFg73eI5D+ox5SocyR6
ljtpDgn4Dd8kT0ZEsYNUEBcb2BAeAkogVed81Dship6LH/zLLJ1rgGRewr1J9Bd0
Lk1IF+Zsb4kbB/t1Xr6LstxrtmWC4wZqaBg0ibm6HWnXU6pACdWqYvMZvDD/2wEg
YtHNNvLRBfqWhiirOBmaau90wEUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTL10yB
w8F01ksFw1qi82UvU6q4OjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE0OTMzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAJ0K7DANBgkqhkiG9w0BAQsFAAOCAQEAcOdLxlDeRu/pmUrRWhgD
oHxOJDe9pPwtZfw2DGw1NoBxekGJlwyyCiN1ikKQl72jQmqpDumGmK6dAkrMDsQC
bgSFAv2VwlAnMkbO2inIkab4BE9L5/qZ/58CLg0VVIbRRDOF5Z4Y2UXYpiCRi+NA
+dghLYpJOsAKW7zrwBcYiHs7SyYsDP4wcL1ouHgodZStakrsOdz1eHwlf+c9q6+j
/XjOHvKQcm+c64/B9fv6QOs/mXkEXLJIwi2E+mQ+qmV+7jngEFkEKVGUR/7YMVCe
WzSbTD9NnmTjfOQ+DL1bMZ9XIJaDrB2uMU24iU61nD0bEFeGMp4XojITd6J9paIf
cQ==
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:57:40 2025 by rpki-client