Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153481.roa
File: AS153481.roa (raw, json)
Hash identifier: kbi4lXqDNCYslUuo96hvJvDC9xpf2n7s1UQczIHB78s=
Subject key identifier: 21:2B:97:20:2D:FE:4D:AC:FA:4C:76:B6:BE:31:08:CC:57:23:74:6F
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 6FAD2545855647EBD2C1C4C5B4BEDA7BD9B69C65
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153481.roa
Signing time: Thu 06 Feb 2025 10:44:53 +0000
ROA not before: Thu 06 Feb 2025 10:39:53 +0000
ROA not after: Thu 05 Feb 2026 10:44:53 +0000
asID: 153481
IP address blocks: 160.250.42.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:ad:25:45:85:56:47:eb:d2:c1:c4:c5:b4:be:da:7b:d9:b6:9c:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 6 10:39:53 2025 GMT
Not After : Feb 5 10:44:53 2026 GMT
Subject: CN=212B97202DFE4DACFA4C76B6BE3108CC5723746F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e2:63:6d:72:fa:83:2e:ce:eb:cc:a8:53:7f:
e6:d9:a7:c3:75:38:86:95:c1:a0:d9:0a:0c:1f:24:
1a:2e:18:c2:12:fd:51:bd:7d:68:6c:ac:7e:d4:d2:
62:6b:d8:3e:41:83:98:ca:b6:4c:f0:f1:e8:d3:3d:
55:cb:de:19:84:11:43:83:d2:64:72:cf:8e:02:0b:
ea:64:90:6e:fc:88:ce:d7:7a:77:75:8f:86:c5:a6:
81:94:3a:1c:77:64:91:d6:eb:48:4e:b5:8f:d6:2e:
da:44:53:03:ac:8e:11:ec:fb:8f:3e:ab:9c:44:be:
78:f2:d9:a7:9d:ab:75:13:d3:22:c1:c5:65:94:80:
d1:06:32:93:29:63:0b:17:0c:81:8f:12:c4:27:a4:
0c:c6:f8:56:b3:e8:e8:2c:89:b8:f3:d8:ae:70:34:
cb:35:92:84:65:55:64:24:32:9f:b9:c1:f1:c8:17:
e9:0c:5f:dd:b5:f7:62:e1:6f:35:9e:0a:7e:f7:3f:
dd:7a:5c:4e:7a:8c:65:90:69:20:73:75:93:7a:2a:
32:40:45:4e:7f:46:36:2d:60:e9:94:01:07:04:8f:
63:37:48:d7:31:7b:b2:60:b1:5c:73:f2:6b:cb:0d:
2a:9e:77:04:a1:0e:8f:45:36:2d:e5:96:62:68:b7:
07:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:2B:97:20:2D:FE:4D:AC:FA:4C:76:B6:BE:31:08:CC:57:23:74:6F
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153481.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.250.42.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:5e:97:40:5d:c6:2d:0a:1c:76:03:e9:ce:22:e8:9a:bc:71:
74:50:bf:8b:0d:bf:2f:7d:be:58:dc:17:ee:87:24:de:2f:26:
89:7e:e8:8c:95:fc:0c:a7:0c:18:63:d6:87:b9:6a:77:85:2c:
fc:ca:85:77:e8:ad:bc:72:10:6d:59:c0:69:b0:e0:af:df:b0:
b4:95:6a:d6:b2:c8:84:90:61:55:83:18:b3:c8:19:95:fc:fe:
b5:ef:52:c6:95:2a:7d:90:66:1b:bb:84:c5:b5:e4:bb:86:3e:
e7:74:d1:a3:9c:4d:49:58:fa:14:41:86:dd:b5:69:43:19:23:
29:a8:ef:a9:78:50:29:fd:e1:03:38:c6:c2:0f:54:ad:41:a9:
ff:dd:c6:9e:3f:57:7d:b3:5a:59:70:39:2c:19:7e:3b:a9:fb:
c0:1c:e4:2b:4b:32:01:98:80:5b:15:fe:77:8a:1e:fd:68:93:
7c:ae:20:98:26:75:2e:f2:7e:81:f9:e9:1f:50:a1:e1:2a:0a:
fb:91:be:c1:f9:ff:0a:f1:33:f5:3e:d4:08:63:eb:7b:26:24:
97:79:ff:01:04:86:a6:53:9b:14:84:be:59:15:90:fa:1d:1f:
d0:5a:ec:cd:81:c1:d9:61:86:d6:28:f0:df:3c:50:5f:be:43:
64:7e:f2:5a
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUb60lRYVWR+vSwcTFtL7ae9m2nGUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1M1oX
DTI2MDIwNTEwNDQ1M1owMzExMC8GA1UEAxMoMjEyQjk3MjAyREZFNERBQ0ZBNEM3
NkI2QkUzMTA4Q0M1NzIzNzQ2RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjiY21y+oMuzuvMqFN/5tmnw3U4hpXBoNkKDB8kGi4YwhL9Ub19aGysftTS
YmvYPkGDmMq2TPDx6NM9VcveGYQRQ4PSZHLPjgIL6mSQbvyIztd6d3WPhsWmgZQ6
HHdkkdbrSE61j9Yu2kRTA6yOEez7jz6rnES+ePLZp52rdRPTIsHFZZSA0QYykylj
CxcMgY8SxCekDMb4VrPo6CyJuPPYrnA0yzWShGVVZCQyn7nB8cgX6Qxf3bX3YuFv
NZ4Kfvc/3XpcTnqMZZBpIHN1k3oqMkBFTn9GNi1g6ZQBBwSPYzdI1zF7smCxXHPy
a8sNKp53BKEOj0U2LeWWYmi3B5UCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQhK5cg
Lf5NrPpMdra+MQjMVyN0bzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzQ4MS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaD6KjANBgkqhkiG9w0BAQsFAAOCAQEAK16XQF3GLQocdgPpziLo
mrxxdFC/iw2/L32+WNwX7ock3i8miX7ojJX8DKcMGGPWh7lqd4Us/MqFd+itvHIQ
bVnAabDgr9+wtJVq1rLIhJBhVYMYs8gZlfz+te9SxpUqfZBmG7uExbXku4Y+53TR
o5xNSVj6FEGG3bVpQxkjKajvqXhQKf3hAzjGwg9UrUGp/93Gnj9XfbNaWXA5LBl+
O6n7wBzkK0syAZiAWxX+d4oe/WiTfK4gmCZ1LvJ+gfnpH1Ch4SoK+5G+wfn/CvEz
9T7UCGPreyYkl3n/AQSGplObFIS+WRWQ+h0f0FrszYHB2WGG1ijw3zxQX75DZH7y
Wg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:36:55 2025 by rpki-client