Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152414.roa
File: AS152414.roa (raw, json)
Hash identifier: geRwXmDAQHWvCjve+wuxJ0wzsjYloEdIQ07CEWd+84M=
Subject key identifier: 40:8B:83:51:38:4E:F2:33:B7:27:5E:B0:EA:04:9A:65:1E:E9:B0:53
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 056033A00044B370B16692E0D57DD15DAB29FA47
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152414.roa
Signing time: Thu 06 Feb 2025 10:44:57 +0000
ROA not before: Thu 06 Feb 2025 10:39:57 +0000
ROA not after: Thu 05 Feb 2026 10:44:57 +0000
asID: 152414
IP address blocks: 157.20.130.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:60:33:a0:00:44:b3:70:b1:66:92:e0:d5:7d:d1:5d:ab:29:fa:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 6 10:39:57 2025 GMT
Not After : Feb 5 10:44:57 2026 GMT
Subject: CN=408B8351384EF233B7275EB0EA049A651EE9B053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:0a:99:47:1f:d1:5d:96:ff:fb:13:4a:5a:f6:
a0:f8:77:5c:67:ef:7d:df:50:b8:83:4d:90:f2:bb:
0c:90:92:43:97:3f:16:3e:ac:dc:0c:a6:2d:42:48:
75:80:d5:61:95:9f:1c:6c:ef:4d:8d:b7:65:b3:1a:
93:a9:1b:fb:90:96:c6:47:de:b8:51:90:9e:13:b9:
5b:ac:db:e6:ad:1c:25:af:95:d8:a1:ca:6c:d3:f3:
a8:2e:34:df:d2:3f:32:b2:bb:35:52:3b:49:0c:2a:
89:f8:30:79:ba:93:b0:67:17:ce:07:e6:60:ec:31:
b0:3b:ce:df:4d:2f:7a:cf:02:77:5e:52:2b:5b:48:
d5:bc:80:46:40:5a:30:83:1e:b6:a0:dd:1c:ad:8c:
bc:d7:75:fd:21:41:8b:8b:e4:c5:69:52:f3:95:08:
a5:02:2b:65:00:89:20:8c:89:c6:5d:1f:ad:b0:c2:
e5:f8:b4:23:e7:c7:bd:9e:67:90:fb:dc:e9:db:05:
d2:5b:90:db:6a:8e:49:8a:64:ef:57:03:25:ad:e7:
13:40:34:06:ec:0f:03:01:3e:11:07:3e:99:4d:23:
a4:66:cb:4a:d9:c5:d7:d4:1c:59:15:80:41:6f:08:
d9:c5:5f:e8:19:ef:74:0f:2c:b1:a8:ad:12:1d:98:
85:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8B:83:51:38:4E:F2:33:B7:27:5E:B0:EA:04:9A:65:1E:E9:B0:53
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152414.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.130.0/23
Signature Algorithm: sha256WithRSAEncryption
40:93:49:f2:7f:3d:86:20:40:5a:dc:8e:a7:fe:4c:43:60:b4:
9a:c8:59:f2:a5:37:fe:f3:df:32:d0:bd:1d:0d:ef:bb:aa:8c:
08:d8:4c:68:b7:a9:a2:87:de:18:7b:13:b2:2d:3a:96:11:c3:
66:71:d2:ff:30:ea:a4:1b:8b:c5:89:cc:45:19:77:c0:db:ef:
a2:4d:59:78:72:84:8a:a3:04:2b:55:14:48:d1:4a:ca:d5:06:
c7:bc:f2:50:b8:f5:f1:1c:18:07:b8:cf:eb:92:aa:46:71:eb:
6b:78:53:a7:6c:71:26:28:2c:17:fb:7b:d7:7a:d7:55:a0:30:
e3:59:37:5a:a3:3c:29:41:a1:73:74:9e:83:e1:4b:ef:07:08:
15:13:13:a3:e7:fc:19:ea:a9:7d:6e:98:96:02:bf:75:95:a5:
b9:45:20:59:44:e2:56:e3:1f:e4:76:8c:23:97:b8:20:5b:ef:
62:af:91:25:44:1b:a2:ee:93:7b:65:81:a3:6d:7c:0a:49:60:
92:a0:5a:d3:84:71:9e:6f:ca:1a:4f:3b:d9:2f:14:06:2b:16:
00:fa:b4:40:1a:f8:10:96:e1:24:6d:2d:34:9f:c8:f1:c5:97:
92:6d:4a:2b:d4:64:c5:4b:38:5b:3d:1f:25:58:1e:0d:56:71:
0d:70:3c:b2
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUBWAzoABEs3CxZpLg1X3RXasp+kcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1N1oX
DTI2MDIwNTEwNDQ1N1owMzExMC8GA1UEAxMoNDA4QjgzNTEzODRFRjIzM0I3Mjc1
RUIwRUEwNDlBNjUxRUU5QjA1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOcKmUcf0V2W//sTSlr2oPh3XGfvfd9QuINNkPK7DJCSQ5c/Fj6s3AymLUJI
dYDVYZWfHGzvTY23ZbMak6kb+5CWxkfeuFGQnhO5W6zb5q0cJa+V2KHKbNPzqC40
39I/MrK7NVI7SQwqifgwebqTsGcXzgfmYOwxsDvO300ves8Cd15SK1tI1byARkBa
MIMetqDdHK2MvNd1/SFBi4vkxWlS85UIpQIrZQCJIIyJxl0frbDC5fi0I+fHvZ5n
kPvc6dsF0luQ22qOSYpk71cDJa3nE0A0BuwPAwE+EQc+mU0jpGbLStnF19QcWRWA
QW8I2cVf6BnvdA8ssaitEh2YhaUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRAi4NR
OE7yM7cnXrDqBJplHumwUzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQxNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0UgjANBgkqhkiG9w0BAQsFAAOCAQEAQJNJ8n89hiBAWtyOp/5M
Q2C0mshZ8qU3/vPfMtC9HQ3vu6qMCNhMaLepoofeGHsTsi06lhHDZnHS/zDqpBuL
xYnMRRl3wNvvok1ZeHKEiqMEK1UUSNFKytUGx7zyULj18RwYB7jP65KqRnHra3hT
p2xxJigsF/t713rXVaAw41k3WqM8KUGhc3Seg+FL7wcIFRMTo+f8GeqpfW6YlgK/
dZWluUUgWUTiVuMf5HaMI5e4IFvvYq+RJUQbou6Te2WBo218CklgkqBa04Rxnm/K
Gk872S8UBisWAPq0QBr4EJbhJG0tNJ/I8cWXkm1KK9RkxUs4Wz0fJVgeDVZxDXA8
sg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:44:52 2025 by rpki-client