Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152430.roa
File: AS152430.roa (raw, json)
Hash identifier: RR1uLzvGEK4WWTdkxupdwKzPzNA+qj7NjZn6Q03Z7YQ=
Subject key identifier: F5:19:38:53:01:5E:97:D9:7F:19:24:03:B5:EA:47:5D:BE:6B:30:34
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 0D8A182AF515F09E3A7EAB689FE21CF4C720B42C
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152430.roa
Signing time: Mon 27 Apr 2026 09:00:00 +0000
ROA not before: Mon 27 Apr 2026 08:55:00 +0000
ROA not after: Mon 26 Apr 2027 09:00:00 +0000
asID: 152430
IP address blocks: 157.20.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:8a:18:2a:f5:15:f0:9e:3a:7e:ab:68:9f:e2:1c:f4:c7:20:b4:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Validity
Not Before: Apr 27 08:55:00 2026 GMT
Not After : Apr 26 09:00:00 2027 GMT
Subject: CN=F5193853015E97D97F192403B5EA475DBE6B3034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5a:1c:a2:d7:6f:8e:12:09:7f:48:a0:9a:d6:
87:00:cb:b9:87:81:6b:d5:e1:3e:66:e6:15:3c:20:
92:72:99:bd:9d:c5:f8:1e:21:30:30:d0:0e:7b:4c:
aa:ca:d5:a2:8b:4b:bf:e0:d4:ab:1e:e1:a4:6f:69:
b3:65:de:4d:0d:11:17:21:50:5f:56:43:ea:2b:0f:
db:76:aa:29:0f:e0:c7:c5:45:86:c0:b8:e4:d6:cd:
8e:44:3e:ca:25:2e:ff:11:e3:ff:95:87:6f:f0:36:
64:a7:3a:1e:99:4d:26:5a:69:8e:ce:d4:68:19:9f:
f9:6d:81:56:07:3f:ec:a5:13:91:b9:c2:2f:c5:f8:
ae:0d:db:83:82:61:23:b5:22:21:70:4d:77:a3:3e:
76:8e:59:60:55:dd:28:bf:da:5b:eb:68:9d:ad:b3:
52:60:78:83:7d:b2:9b:ad:e4:f2:aa:40:02:63:c2:
af:ad:c5:da:15:3b:4a:34:4b:23:88:b9:5d:8c:9a:
c4:72:5e:4f:ea:4c:78:fc:f2:e5:30:72:03:0e:8a:
67:78:f5:d3:a2:b8:fe:60:55:48:a7:5e:a4:cc:f3:
3b:10:3e:e4:43:da:92:b3:23:fc:30:ba:fb:73:79:
2c:80:d0:00:27:53:a8:1f:d5:0a:3d:bf:a7:29:0c:
87:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:19:38:53:01:5E:97:D9:7F:19:24:03:B5:EA:47:5D:BE:6B:30:34
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.128.0/24
Signature Algorithm: sha256WithRSAEncryption
53:eb:3c:7c:c0:b7:5d:fc:28:b5:8e:0a:b1:de:3c:6a:fe:d9:
28:b2:f7:25:c8:7a:17:de:e2:9f:b2:a4:a7:d2:a3:ab:67:be:
96:4f:cd:65:8f:de:6d:e9:11:b2:d8:95:bd:38:a1:4f:09:64:
63:99:1f:18:2b:4d:b9:e0:1e:bc:cd:e5:c2:63:83:3d:eb:fa:
06:7e:dc:e9:97:40:a1:35:b6:c8:48:f7:31:85:ff:48:6f:fb:
40:23:73:64:1b:88:a5:13:50:37:4d:17:73:c7:a1:6f:8f:96:
14:62:83:47:89:af:b5:88:4b:9b:90:9f:ef:b0:0e:65:d2:64:
85:b0:cc:df:9d:4e:26:d0:7f:0c:97:bf:4c:56:9a:cc:e0:a4:
43:b3:31:74:20:27:d1:ad:9c:55:92:05:bd:37:c5:f0:b3:46:
b2:84:23:6a:ee:57:32:68:6b:a4:77:11:ae:b7:fb:64:0e:2f:
63:cc:43:1c:6d:0b:2e:b7:b0:81:7e:4d:61:22:1c:e5:8e:72:
cd:49:cd:16:11:92:c6:c5:f6:36:dd:c5:0c:a4:fc:ed:5b:08:
f5:9a:2c:21:ab:11:6f:43:60:6c:a4:0e:8e:a7:d6:8e:72:b8:
55:37:81:df:9d:3c:89:1f:f4:6c:4c:32:05:a9:b2:da:94:08:
aa:56:11:e7
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUDYoYKvUV8J46fqton+Ic9McgtCwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDQyNzA4NTUwMFoX
DTI3MDQyNjA5MDAwMFowMzExMC8GA1UEAxMoRjUxOTM4NTMwMTVFOTdEOTdGMTky
NDAzQjVFQTQ3NURCRTZCMzAzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJaHKLXb44SCX9IoJrWhwDLuYeBa9XhPmbmFTwgknKZvZ3F+B4hMDDQDntM
qsrVootLv+DUqx7hpG9ps2XeTQ0RFyFQX1ZD6isP23aqKQ/gx8VFhsC45NbNjkQ+
yiUu/xHj/5WHb/A2ZKc6HplNJlppjs7UaBmf+W2BVgc/7KUTkbnCL8X4rg3bg4Jh
I7UiIXBNd6M+do5ZYFXdKL/aW+tona2zUmB4g32ym63k8qpAAmPCr63F2hU7SjRL
I4i5XYyaxHJeT+pMePzy5TByAw6KZ3j106K4/mBVSKdepMzzOxA+5EPakrMj/DC6
+3N5LIDQACdTqB/VCj2/pykMhyUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBT1GThT
AV6X2X8ZJAO16kddvmswNDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAJ0UgDANBgkqhkiG9w0BAQsFAAOCAQEAU+s8fMC3XfwotY4Ksd48
av7ZKLL3Jch6F97in7Kkp9Kjq2e+lk/NZY/ebekRstiVvTihTwlkY5kfGCtNueAe
vM3lwmODPev6Bn7c6ZdAoTW2yEj3MYX/SG/7QCNzZBuIpRNQN00Xc8ehb4+WFGKD
R4mvtYhLm5Cf77AOZdJkhbDM351OJtB/DJe/TFaazOCkQ7MxdCAn0a2cVZIFvTfF
8LNGsoQjau5XMmhrpHcRrrf7ZA4vY8xDHG0LLrewgX5NYSIc5Y5yzUnNFhGSxsX2
Nt3FDKT87VsI9ZosIasRb0NgbKQOjqfWjnK4VTeB3508iR/0bEwyBamy2pQIqlYR
5w==
-----END CERTIFICATE-----
Generated at Wed Jun 24 02:55:40 2026 by rpki-client