Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152386.roa
File: AS152386.roa (raw, json)
Hash identifier: KgbaA131LPKSggEFqZTrsyA4r9QsiYTuUw9QZst3FtA=
Subject key identifier: 25:F6:08:4C:7B:0C:BD:05:5A:F4:64:C3:58:17:C1:97:7C:31:F3:A8
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 7D35C9218DF0AAF42ECDAC323B37DC3E227DEB8D
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152386.roa
Signing time: Thu 06 Feb 2025 10:44:48 +0000
ROA not before: Thu 06 Feb 2025 10:39:48 +0000
ROA not after: Thu 05 Feb 2026 10:44:48 +0000
asID: 152386
IP address blocks: 157.20.30.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:35:c9:21:8d:f0:aa:f4:2e:cd:ac:32:3b:37:dc:3e:22:7d:eb:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 6 10:39:48 2025 GMT
Not After : Feb 5 10:44:48 2026 GMT
Subject: CN=25F6084C7B0CBD055AF464C35817C1977C31F3A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c4:5b:0e:b9:e6:1f:3c:29:d1:a7:bb:1b:51:
80:45:67:87:da:75:d2:5b:27:f7:c2:b4:48:9d:1f:
29:79:76:ed:90:2b:f6:45:36:74:b6:49:66:25:f3:
61:7f:eb:ca:db:5a:d7:bd:44:71:fe:bd:54:f1:e3:
da:64:bd:31:d0:2d:9d:f7:3e:45:6d:71:39:56:4c:
c3:84:57:34:6a:af:7f:1c:b5:df:87:b9:e5:17:e0:
33:83:31:76:be:22:f2:63:cd:6e:d6:7f:c6:b2:71:
70:1b:d2:3b:59:7e:4c:ed:75:90:ec:fd:d5:76:a3:
c2:5f:4c:9c:9e:fd:28:73:7c:80:a5:1b:7e:ef:e0:
e0:0e:3d:fb:fe:c6:1d:cb:49:78:fe:b1:83:2c:c6:
d2:df:b2:3b:ce:f0:af:dd:b2:a1:31:63:10:c3:fd:
9a:6e:03:9c:8b:18:55:46:a7:81:13:c8:6f:3b:c1:
50:79:84:8c:05:16:5f:66:5d:c1:06:e0:42:25:23:
e2:c8:1a:b4:9a:5d:b0:b9:f7:2c:6f:b7:1d:a5:c1:
71:20:f2:e2:6a:8e:44:f9:d7:43:c5:13:5a:d3:7c:
cf:d9:cd:79:e7:94:fb:84:d9:40:82:e5:cf:85:b3:
87:44:80:66:32:cb:01:3a:a2:99:8e:bd:24:7c:4a:
1d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F6:08:4C:7B:0C:BD:05:5A:F4:64:C3:58:17:C1:97:7C:31:F3:A8
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152386.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.30.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:1b:27:66:f3:73:28:dc:f0:01:72:68:22:60:9c:4b:7c:64:
3c:c4:d6:9e:17:7c:51:9f:7b:aa:4f:2b:c7:5c:92:f8:55:7e:
ee:f9:1c:bd:5f:c2:11:25:18:1c:b5:b6:f8:fd:91:c8:44:42:
da:a4:12:3b:47:4d:02:ce:38:5d:58:3e:50:e9:db:87:aa:da:
08:52:f0:04:be:6d:82:c2:6b:6b:d7:ab:9e:cb:20:b1:4e:40:
47:f5:c6:7f:5f:45:6e:c5:f5:0a:54:55:ed:dd:2c:14:45:25:
01:61:59:67:40:f5:06:7a:7e:5b:f7:05:93:32:56:1f:71:f2:
32:9e:50:a8:74:a4:f9:2d:a5:b5:4d:3a:75:01:10:9d:77:99:
7f:6d:c2:a8:ba:8e:ee:5a:19:a3:2a:ae:9f:9c:12:75:bf:bf:
a7:a2:65:69:fa:96:8d:9e:30:70:0a:af:f5:cd:21:8d:e2:82:
04:76:82:eb:12:ee:b0:ed:3c:cd:4f:25:03:0f:8e:62:f5:d0:
5a:0f:9a:29:01:98:1c:1e:47:7b:ab:db:ff:54:e3:12:75:20:
ae:74:a7:a0:06:e8:92:6f:7f:ba:91:98:40:c7:c1:63:87:86:
13:a6:8e:6e:0d:28:a3:62:be:57:9d:52:5a:a6:dd:07:91:ff:
d3:44:01:a9
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUfTXJIY3wqvQuzawyOzfcPiJ9640wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk0OFoX
DTI2MDIwNTEwNDQ0OFowMzExMC8GA1UEAxMoMjVGNjA4NEM3QjBDQkQwNTVBRjQ2
NEMzNTgxN0MxOTc3QzMxRjNBODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3EWw655h88KdGnuxtRgEVnh9p10lsn98K0SJ0fKXl27ZAr9kU2dLZJZiXz
YX/rytta171Ecf69VPHj2mS9MdAtnfc+RW1xOVZMw4RXNGqvfxy134e55RfgM4Mx
dr4i8mPNbtZ/xrJxcBvSO1l+TO11kOz91Xajwl9MnJ79KHN8gKUbfu/g4A49+/7G
HctJeP6xgyzG0t+yO87wr92yoTFjEMP9mm4DnIsYVUangRPIbzvBUHmEjAUWX2Zd
wQbgQiUj4sgatJpdsLn3LG+3HaXBcSDy4mqORPnXQ8UTWtN8z9nNeeeU+4TZQILl
z4Wzh0SAZjLLATqimY69JHxKHfsCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQl9ghM
ewy9BVr0ZMNYF8GXfDHzqDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM4Ni5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0UHjANBgkqhkiG9w0BAQsFAAOCAQEAahsnZvNzKNzwAXJoImCc
S3xkPMTWnhd8UZ97qk8rx1yS+FV+7vkcvV/CESUYHLW2+P2RyERC2qQSO0dNAs44
XVg+UOnbh6raCFLwBL5tgsJra9ernssgsU5AR/XGf19FbsX1ClRV7d0sFEUlAWFZ
Z0D1Bnp+W/cFkzJWH3HyMp5QqHSk+S2ltU06dQEQnXeZf23CqLqO7loZoyqun5wS
db+/p6JlafqWjZ4wcAqv9c0hjeKCBHaC6xLusO08zU8lAw+OYvXQWg+aKQGYHB5H
e6vb/1TjEnUgrnSnoAbokm9/upGYQMfBY4eGE6aObg0oo2K+V51SWqbdB5H/00QB
qQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:31:34 2025 by rpki-client