Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153141.roa
File: AS153141.roa (raw, json)
Hash identifier: t3MnHfIg0Ip3fNIAgHwpyOOGVO8AT62fSebl0g28RIU=
Subject key identifier: 39:5E:F3:07:B0:17:A1:3E:E3:77:06:81:9B:FA:18:A8:6F:C5:BB:FA
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 30825A54FE8BCB5615EEA2AE55ADEDD1C50ED75D
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153141.roa
Signing time: Thu 06 Feb 2025 10:44:58 +0000
ROA not before: Thu 06 Feb 2025 10:39:58 +0000
ROA not after: Thu 05 Feb 2026 10:44:58 +0000
asID: 153141
IP address blocks: 160.191.130.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:82:5a:54:fe:8b:cb:56:15:ee:a2:ae:55:ad:ed:d1:c5:0e:d7:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 6 10:39:58 2025 GMT
Not After : Feb 5 10:44:58 2026 GMT
Subject: CN=395EF307B017A13EE37706819BFA18A86FC5BBFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:85:07:cc:3c:25:81:3c:3f:d0:c6:b1:92:ae:
86:49:69:0e:ce:77:97:bb:08:18:75:90:ea:3a:e1:
56:c2:2a:d5:15:6e:bf:e1:65:d2:24:7a:1c:90:98:
23:82:b2:59:10:89:00:d1:f1:5d:12:30:15:eb:d1:
08:af:3d:0e:e6:06:5f:37:2e:ff:ee:37:6d:93:c7:
52:78:e6:69:b8:6f:c2:93:8c:8a:b7:6b:9e:53:10:
01:60:e2:f4:f6:82:59:ff:0e:88:a0:68:a7:86:00:
b8:88:7e:7b:09:bc:3e:51:ad:9f:de:9c:52:6c:95:
04:19:b4:da:7d:29:37:0b:ac:10:2b:80:9f:7a:d2:
89:a1:ff:95:1f:2a:9f:0a:8d:19:ed:e9:d9:08:c6:
46:c2:a1:bc:d7:bf:6d:61:45:46:cb:80:66:c9:49:
81:dd:18:53:32:82:f1:b3:cf:d8:9a:5e:f7:34:47:
20:a7:50:8b:b9:02:c4:b1:b2:50:46:5c:bb:8a:50:
5c:b8:a0:94:f6:86:49:10:e7:8b:e8:e5:66:81:c8:
56:47:77:db:67:0f:0f:8b:0e:79:e2:47:21:30:96:
a5:a9:59:c7:4a:92:5f:cc:73:97:c6:ea:2c:02:f4:
3c:9f:57:0c:f3:8d:e1:33:77:7b:f4:81:fe:1a:8b:
2b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:5E:F3:07:B0:17:A1:3E:E3:77:06:81:9B:FA:18:A8:6F:C5:BB:FA
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153141.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.191.130.0/23
Signature Algorithm: sha256WithRSAEncryption
78:43:e5:e0:2f:2d:25:14:0b:41:29:fa:ae:25:be:10:06:7b:
d2:5f:fa:33:05:31:d0:19:19:0a:4e:92:5d:19:fc:82:09:3b:
ea:5b:65:ac:16:59:29:23:36:0d:e2:be:0e:9d:fe:e3:ac:3f:
ef:47:3c:dc:ac:00:50:51:0a:02:ed:fb:89:38:68:13:1a:22:
85:6d:fc:aa:f1:ba:e2:49:c0:d7:c5:e9:58:b3:b4:66:71:fa:
85:31:f0:7f:e5:52:7d:ce:b8:23:eb:d7:05:4e:5f:ae:b8:d2:
96:4f:5c:eb:a6:5f:29:42:4a:a3:ff:60:ca:95:eb:5e:26:e4:
09:86:8c:47:09:e1:b0:ec:a8:fa:c5:b0:ea:7b:58:35:01:a5:
db:3a:22:02:71:ca:7f:a4:b5:1a:40:e0:10:fd:a1:28:29:cd:
88:bb:1a:38:b1:04:4d:e9:31:06:24:16:e5:b8:56:34:df:f2:
2b:9b:c5:8e:70:10:9a:30:72:8a:e9:63:8a:27:ad:0e:88:84:
d6:c9:0f:25:8a:69:4c:15:29:e7:36:a2:67:7e:74:7d:f1:cf:
41:62:a0:2c:b4:a3:43:b2:39:a9:4c:0d:35:1a:7a:c5:ef:48:
9b:5f:59:4c:ff:6c:b6:b4:d9:5d:a3:a9:e5:08:0d:94:54:39:
9a:6b:da:c5
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUMIJaVP6Ly1YV7qKuVa3t0cUO110wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1OFoX
DTI2MDIwNTEwNDQ1OFowMzExMC8GA1UEAxMoMzk1RUYzMDdCMDE3QTEzRUUzNzcw
NjgxOUJGQTE4QTg2RkM1QkJGQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWFB8w8JYE8P9DGsZKuhklpDs53l7sIGHWQ6jrhVsIq1RVuv+Fl0iR6HJCY
I4KyWRCJANHxXRIwFevRCK89DuYGXzcu/+43bZPHUnjmabhvwpOMirdrnlMQAWDi
9PaCWf8OiKBop4YAuIh+ewm8PlGtn96cUmyVBBm02n0pNwusECuAn3rSiaH/lR8q
nwqNGe3p2QjGRsKhvNe/bWFFRsuAZslJgd0YUzKC8bPP2Jpe9zRHIKdQi7kCxLGy
UEZcu4pQXLiglPaGSRDni+jlZoHIVkd322cPD4sOeeJHITCWpalZx0qSX8xzl8bq
LAL0PJ9XDPON4TN3e/SB/hqLK5sCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQ5XvMH
sBehPuN3BoGb+hiob8W7+jAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzE0MS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC/gjANBgkqhkiG9w0BAQsFAAOCAQEAeEPl4C8tJRQLQSn6riW+
EAZ70l/6MwUx0BkZCk6SXRn8ggk76ltlrBZZKSM2DeK+Dp3+46w/70c83KwAUFEK
Au37iThoExoihW38qvG64knA18XpWLO0ZnH6hTHwf+VSfc64I+vXBU5frrjSlk9c
66ZfKUJKo/9gypXrXibkCYaMRwnhsOyo+sWw6ntYNQGl2zoiAnHKf6S1GkDgEP2h
KCnNiLsaOLEETekxBiQW5bhWNN/yK5vFjnAQmjByiuljiietDoiE1skPJYppTBUp
5zaiZ350ffHPQWKgLLSjQ7I5qUwNNRp6xe9Im19ZTP9strTZXaOp5QgNlFQ5mmva
xQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:34:25 2025 by rpki-client