Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152375.roa
File: AS152375.roa (raw, json)
Hash identifier: 9vVlBZ3vHBsTst+fZOdHOEGyCLc6WS0Xau6A3XuTUIQ=
Subject key identifier: CA:E0:81:84:6A:76:85:88:EA:B4:A6:20:EB:45:6E:3E:05:D6:42:13
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 687AB12FF65D4618CB744C9D9E6555BFE9D8C0C5
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152375.roa
Signing time: Thu 06 Feb 2025 10:44:52 +0000
ROA not before: Thu 06 Feb 2025 10:39:52 +0000
ROA not after: Thu 05 Feb 2026 10:44:52 +0000
asID: 152375
IP address blocks: 157.15.64.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:7a:b1:2f:f6:5d:46:18:cb:74:4c:9d:9e:65:55:bf:e9:d8:c0:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 6 10:39:52 2025 GMT
Not After : Feb 5 10:44:52 2026 GMT
Subject: CN=CAE081846A768588EAB4A620EB456E3E05D64213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:74:16:b2:94:e4:83:d1:ce:2f:8e:ad:03:41:
0e:45:25:8a:c4:c4:f5:87:1d:f8:8a:e1:e6:34:7d:
30:55:ed:82:42:3c:b3:c8:1d:6f:1b:76:33:05:81:
4f:b9:f8:31:c1:4a:53:4c:22:1d:a1:20:d2:b4:b5:
d4:cd:4b:02:5c:0a:6b:32:3d:8b:7e:bf:10:bf:b8:
39:f3:de:09:d4:9c:df:ed:bd:90:95:74:fb:be:46:
19:0e:8e:1e:47:0b:5a:32:f7:0a:c7:57:9e:90:91:
85:70:96:83:9d:69:33:b4:af:33:f4:af:24:f9:b2:
ed:ff:35:78:0f:8e:b1:59:72:ce:4e:23:ef:4c:b6:
4f:5a:bc:2a:fc:9a:d9:d9:b5:80:ab:51:9d:3c:c7:
4f:e2:76:ae:c4:dc:0a:c4:71:a0:c3:b5:08:72:88:
9b:e0:db:80:ad:77:b8:c3:c4:c7:3c:a5:a4:67:70:
e6:dc:42:48:7a:f8:a0:6d:bb:51:d9:5e:f1:ff:ff:
7b:d3:3c:93:20:0c:a2:6d:a5:68:16:a4:0e:ef:06:
c4:f7:51:cc:83:9f:21:38:74:2a:06:9b:05:17:59:
0f:12:20:04:89:a3:f2:4a:7d:0f:07:f2:a4:79:69:
87:42:9a:99:0a:24:38:e2:86:a9:79:75:8f:a5:5d:
8c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E0:81:84:6A:76:85:88:EA:B4:A6:20:EB:45:6E:3E:05:D6:42:13
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152375.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.15.64.0/23
Signature Algorithm: sha256WithRSAEncryption
22:bd:df:48:70:8a:0c:6a:50:f6:18:2b:e8:5b:a7:94:18:da:
bf:97:63:96:c5:13:d3:cd:91:d5:55:56:b8:b6:77:21:7d:04:
3f:2a:dd:00:79:72:8f:32:b7:a8:ad:8e:71:4a:67:b1:52:b8:
fb:ce:0b:32:ba:15:8a:a3:c3:dc:2d:23:69:46:8c:5c:fa:c4:
1f:83:27:22:aa:dd:cb:24:d1:07:6f:52:28:87:2a:57:8d:0b:
db:19:a2:5f:48:69:10:f4:bc:12:32:d1:d2:1b:f0:ff:ad:55:
ee:49:c8:9b:49:0b:9a:7b:18:35:24:48:f8:b1:39:ea:3b:6a:
34:1b:f5:72:07:ae:30:77:c8:cf:ab:69:3c:3e:c6:44:ca:f3:
38:7a:58:b4:37:75:d5:69:ee:76:28:34:38:8b:3c:1f:38:4f:
70:67:9f:ee:fe:c5:c5:34:ab:7f:64:5a:17:da:6c:26:79:4c:
ba:0f:4a:93:47:3b:16:1b:9f:e0:46:18:87:7f:9b:ec:7d:f5:
bb:82:cc:a9:cd:cc:bb:0c:ed:7a:ab:dd:67:d0:67:8e:a9:1a:
7a:bd:0e:47:d0:97:b1:74:4a:fd:96:3c:c1:23:7a:71:e6:d1:
8a:a3:21:01:6d:83:72:78:6e:17:69:60:b5:07:89:51:08:f7:
cc:6b:44:1f
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUaHqxL/ZdRhjLdEydnmVVv+nYwMUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1MloX
DTI2MDIwNTEwNDQ1MlowMzExMC8GA1UEAxMoQ0FFMDgxODQ2QTc2ODU4OEVBQjRB
NjIwRUI0NTZFM0UwNUQ2NDIxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL10FrKU5IPRzi+OrQNBDkUlisTE9Ycd+Irh5jR9MFXtgkI8s8gdbxt2MwWB
T7n4McFKU0wiHaEg0rS11M1LAlwKazI9i36/EL+4OfPeCdSc3+29kJV0+75GGQ6O
HkcLWjL3CsdXnpCRhXCWg51pM7SvM/SvJPmy7f81eA+OsVlyzk4j70y2T1q8Kvya
2dm1gKtRnTzHT+J2rsTcCsRxoMO1CHKIm+DbgK13uMPExzylpGdw5txCSHr4oG27
Udle8f//e9M8kyAMom2laBakDu8GxPdRzIOfITh0KgabBRdZDxIgBImj8kp9Dwfy
pHlph0KamQokOOKGqXl1j6VdjI0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTK4IGE
anaFiOq0piDrRW4+BdZCEzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM3NS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0PQDANBgkqhkiG9w0BAQsFAAOCAQEAIr3fSHCKDGpQ9hgr6Fun
lBjav5djlsUT082R1VVWuLZ3IX0EPyrdAHlyjzK3qK2OcUpnsVK4+84LMroViqPD
3C0jaUaMXPrEH4MnIqrdyyTRB29SKIcqV40L2xmiX0hpEPS8EjLR0hvw/61V7knI
m0kLmnsYNSRI+LE56jtqNBv1cgeuMHfIz6tpPD7GRMrzOHpYtDd11Wnudig0OIs8
HzhPcGef7v7FxTSrf2RaF9psJnlMug9Kk0c7Fhuf4EYYh3+b7H31u4LMqc3Muwzt
eqvdZ9Bnjqkaer0OR9CXsXRK/ZY8wSN6cebRiqMhAW2DcnhuF2lgtQeJUQj3zGtE
Hw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:34:16 2025 by rpki-client