Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152389.roa
File: AS152389.roa (raw, json)
Hash identifier: TQ96RL4Jw7tS+HWvnWa4yCfUGoiyOE4fYZTbOYjpOPE=
Subject key identifier: 93:82:28:CD:01:11:74:50:51:EE:70:10:D8:A9:EB:01:73:E1:E3:2D
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 6E63BCF2A2733790CA17DF535864B54C1C81CFE2
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152389.roa
Signing time: Thu 06 Feb 2025 10:44:56 +0000
ROA not before: Thu 06 Feb 2025 10:39:56 +0000
ROA not after: Thu 05 Feb 2026 10:44:56 +0000
asID: 152389
IP address blocks: 157.15.216.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:63:bc:f2:a2:73:37:90:ca:17:df:53:58:64:b5:4c:1c:81:cf:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 6 10:39:56 2025 GMT
Not After : Feb 5 10:44:56 2026 GMT
Subject: CN=938228CD0111745051EE7010D8A9EB0173E1E32D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c8:90:b6:72:77:eb:3c:47:95:02:9d:db:64:
cc:5e:d6:7c:c6:28:48:17:70:de:f2:d2:13:5f:30:
dc:5d:1b:22:fc:8e:be:29:70:b0:c6:0d:f1:bc:fe:
61:da:8f:ac:e7:81:78:5e:73:1f:c7:05:00:92:94:
2d:82:d8:f3:5b:c3:ec:ab:bf:8a:ec:55:6c:c3:ee:
7f:be:62:be:3f:cd:7a:4c:88:b1:bb:b9:cb:16:da:
da:10:79:a8:5c:f1:66:d3:b3:4d:8c:a2:6e:3e:ba:
17:5d:ea:9b:4c:4f:ea:1f:3d:dc:2c:80:b3:ce:ad:
9a:a3:77:9e:72:57:66:20:73:5e:eb:b6:08:43:08:
2b:37:e5:7c:4a:13:a2:2c:77:d2:80:c2:ae:2c:ce:
8f:f2:02:04:47:e1:06:0a:44:1f:71:dd:36:13:98:
e7:a1:00:a4:26:2c:3b:4c:af:b4:20:39:88:1b:12:
1c:27:74:a7:68:58:76:72:5c:a9:0d:a2:a2:8a:d6:
5f:ac:be:2d:40:96:04:4d:c8:c1:60:d4:ca:ee:21:
8e:aa:a1:75:f8:63:73:a6:91:05:13:02:95:67:73:
7a:8b:db:26:54:e1:3e:57:27:4b:58:59:2b:bf:d4:
47:e0:5b:47:09:7b:9b:47:6a:2f:d6:21:d9:5e:88:
8b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:82:28:CD:01:11:74:50:51:EE:70:10:D8:A9:EB:01:73:E1:E3:2D
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152389.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.15.216.0/23
Signature Algorithm: sha256WithRSAEncryption
62:a8:d4:8b:c7:d3:fb:c4:b3:61:26:fc:f1:9d:c6:b7:df:4f:
21:29:7f:0d:0a:9c:da:9b:51:39:3f:eb:e6:56:9c:ab:2b:e8:
a4:9c:0d:c9:dd:50:05:85:35:66:bc:da:bd:00:74:54:b9:f3:
2d:63:46:0c:ad:be:83:53:f2:a0:a8:d3:ce:8b:1c:3a:c0:a1:
38:f1:4b:13:e0:e3:42:95:e2:22:ce:cd:51:62:72:17:37:5a:
b1:9e:6e:29:f6:0c:d0:2f:59:ce:75:6c:91:08:67:7f:95:78:
53:db:79:e6:52:3e:6d:ec:f4:f7:87:80:2f:70:80:12:57:94:
df:5f:7c:71:02:a2:72:b5:da:00:0e:ce:45:de:5a:25:36:33:
72:98:22:45:2d:49:76:20:c1:0e:61:f1:2f:9c:83:3d:01:6a:
49:3b:34:0a:f0:e9:82:c1:49:60:24:e3:e1:31:c6:ac:68:95:
62:f1:a9:78:3d:23:d2:9d:a8:79:14:4b:23:64:88:59:bc:bc:
b5:7e:f2:c9:83:65:11:5c:86:62:2e:d2:58:ca:05:e1:49:59:
7b:e9:d1:b7:e3:d4:d0:6a:e2:75:01:e2:65:fe:02:19:55:03:
76:af:2c:2c:18:02:b2:59:cb:51:cb:e7:49:75:e5:be:45:b0:
f4:2b:1c:09
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUbmO88qJzN5DKF99TWGS1TByBz+IwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1NloX
DTI2MDIwNTEwNDQ1NlowMzExMC8GA1UEAxMoOTM4MjI4Q0QwMTExNzQ1MDUxRUU3
MDEwRDhBOUVCMDE3M0UxRTMyRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHIkLZyd+s8R5UCndtkzF7WfMYoSBdw3vLSE18w3F0bIvyOvilwsMYN8bz+
YdqPrOeBeF5zH8cFAJKULYLY81vD7Ku/iuxVbMPuf75ivj/NekyIsbu5yxba2hB5
qFzxZtOzTYyibj66F13qm0xP6h893CyAs86tmqN3nnJXZiBzXuu2CEMIKzflfEoT
oix30oDCrizOj/ICBEfhBgpEH3HdNhOY56EApCYsO0yvtCA5iBsSHCd0p2hYdnJc
qQ2ioorWX6y+LUCWBE3IwWDUyu4hjqqhdfhjc6aRBRMClWdzeovbJlThPlcnS1hZ
K7/UR+BbRwl7m0dqL9Yh2V6Ii6UCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSTgijN
ARF0UFHucBDYqesBc+HjLTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM4OS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0P2DANBgkqhkiG9w0BAQsFAAOCAQEAYqjUi8fT+8SzYSb88Z3G
t99PISl/DQqc2ptROT/r5lacqyvopJwNyd1QBYU1ZrzavQB0VLnzLWNGDK2+g1Py
oKjTzoscOsChOPFLE+DjQpXiIs7NUWJyFzdasZ5uKfYM0C9ZznVskQhnf5V4U9t5
5lI+bez094eAL3CAEleU3198cQKicrXaAA7ORd5aJTYzcpgiRS1JdiDBDmHxL5yD
PQFqSTs0CvDpgsFJYCTj4THGrGiVYvGpeD0j0p2oeRRLI2SIWby8tX7yyYNlEVyG
Yi7SWMoF4UlZe+nRt+PU0GridQHiZf4CGVUDdq8sLBgCslnLUcvnSXXlvkWw9Csc
CQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:34:23 2025 by rpki-client