Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153520.roa
File: AS153520.roa (raw, json)
Hash identifier: u/hIaSOVFM1YPNi58y/qHppQVdcGbmG31i9Luf1bP6w=
Subject key identifier: AE:97:8B:57:A0:61:C2:CC:A8:43:BB:4D:C2:F4:20:77:3A:B5:A4:3C
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 2AA442A6793B83075B6F488AC477D7E6D4A9DD9D
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153520.roa
Signing time: Tue 18 Feb 2025 03:14:05 +0000
ROA not before: Tue 18 Feb 2025 03:09:05 +0000
ROA not after: Tue 17 Feb 2026 03:14:05 +0000
asID: 153520
IP address blocks: 160.250.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:a4:42:a6:79:3b:83:07:5b:6f:48:8a:c4:77:d7:e6:d4:a9:dd:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 18 03:09:05 2025 GMT
Not After : Feb 17 03:14:05 2026 GMT
Subject: CN=AE978B57A061C2CCA843BB4DC2F420773AB5A43C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:16:5f:46:0b:fb:1c:91:6f:18:e9:2a:4e:d2:
53:c4:8a:e4:bf:54:1c:af:ce:a0:c4:06:42:f5:21:
d8:96:42:25:6b:e9:c1:1f:f9:0a:88:86:ce:86:20:
ec:c8:ca:c3:a0:c6:a0:69:c8:22:4d:21:d0:c0:dd:
e3:0b:53:c9:d4:f4:44:66:3f:12:4f:a0:60:4e:4b:
ab:50:26:4a:d8:22:9d:bc:ec:a4:a0:db:6b:e5:7d:
69:a0:0e:3d:48:4a:de:79:3f:55:19:d2:c9:1f:99:
5d:41:24:bb:0b:d9:ee:47:25:34:67:4b:ec:ee:04:
30:9e:28:f1:89:fa:ce:7a:4c:4b:ce:3a:26:5f:27:
22:de:26:6e:8a:5e:34:9a:5f:a4:6f:ba:e2:75:03:
9d:8a:41:8e:7a:56:da:96:87:71:9a:78:06:46:20:
74:72:6d:7a:ec:14:60:2b:d1:fd:ef:db:91:8f:68:
db:88:ac:74:be:a5:a1:bc:31:24:b7:e5:71:a2:9d:
c2:1a:f3:5c:f9:63:b1:16:f1:55:86:73:60:99:6c:
a0:dc:e6:91:fb:67:f4:75:19:9d:78:f6:90:bc:e3:
80:45:e4:81:e9:37:85:ee:4b:5d:93:8c:39:5b:05:
0b:90:03:4c:be:c7:08:71:f7:a6:bd:43:d3:a1:53:
dc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:97:8B:57:A0:61:C2:CC:A8:43:BB:4D:C2:F4:20:77:3A:B5:A4:3C
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153520.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.250.239.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:51:96:ee:c1:30:dc:70:3a:30:33:27:f3:43:c5:bf:30:64:
8d:07:ea:9a:57:e9:e4:9d:0f:81:23:89:69:bb:54:4f:f2:bc:
e1:20:f8:18:83:1a:9f:80:a1:ab:b3:e8:f9:59:0c:bf:b6:68:
20:2a:e6:e9:b7:cf:8f:46:33:14:f3:32:d2:c9:3f:07:b0:ea:
3b:1c:23:f5:9c:e2:68:0a:e9:46:87:5b:1e:9b:5c:66:b8:ea:
ea:78:38:b4:11:84:99:0d:91:42:56:42:fa:8d:ae:b3:02:51:
65:e7:ee:13:28:c0:eb:e9:06:77:de:a0:45:51:fc:0e:80:d5:
70:ef:7c:06:00:0e:be:32:f9:0b:15:32:92:41:c9:22:53:1b:
8d:e2:93:e8:b6:90:c0:c2:b4:2f:c8:bd:54:e9:bb:a5:10:01:
d6:72:d2:88:9b:69:85:ea:51:03:95:ce:1a:80:57:30:17:a7:
35:fc:19:4d:72:f9:fc:49:80:3a:2d:c2:2e:94:23:71:a7:ca:
0d:ff:ae:6e:34:80:11:12:c3:48:fe:95:92:29:99:eb:70:dc:
bd:1b:c8:a5:0f:64:6f:7e:bc:47:42:49:7c:40:49:06:3f:68:
16:b4:33:4e:e2:4a:4d:23:51:e1:f5:2f:82:13:c2:b7:18:f5:
7b:bd:70:6a
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUKqRCpnk7gwdbb0iKxHfX5tSp3Z0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIxODAzMDkwNVoX
DTI2MDIxNzAzMTQwNVowMzExMC8GA1UEAxMoQUU5NzhCNTdBMDYxQzJDQ0E4NDNC
QjREQzJGNDIwNzczQUI1QTQzQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMYWX0YL+xyRbxjpKk7SU8SK5L9UHK/OoMQGQvUh2JZCJWvpwR/5CoiGzoYg
7MjKw6DGoGnIIk0h0MDd4wtTydT0RGY/Ek+gYE5Lq1AmStginbzspKDba+V9aaAO
PUhK3nk/VRnSyR+ZXUEkuwvZ7kclNGdL7O4EMJ4o8Yn6znpMS846Jl8nIt4mbope
NJpfpG+64nUDnYpBjnpW2paHcZp4BkYgdHJteuwUYCvR/e/bkY9o24isdL6lobwx
JLflcaKdwhrzXPljsRbxVYZzYJlsoNzmkftn9HUZnXj2kLzjgEXkgek3he5LXZOM
OVsFC5ADTL7HCHH3pr1D06FT3D0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSul4tX
oGHCzKhDu03C9CB3OrWkPDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzUyMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKD67zANBgkqhkiG9w0BAQsFAAOCAQEAD1GW7sEw3HA6MDMn80PF
vzBkjQfqmlfp5J0PgSOJabtUT/K84SD4GIMan4Chq7Po+VkMv7ZoICrm6bfPj0Yz
FPMy0sk/B7DqOxwj9ZziaArpRodbHptcZrjq6ng4tBGEmQ2RQlZC+o2uswJRZefu
EyjA6+kGd96gRVH8DoDVcO98BgAOvjL5CxUykkHJIlMbjeKT6LaQwMK0L8i9VOm7
pRAB1nLSiJtphepRA5XOGoBXMBenNfwZTXL5/EmAOi3CLpQjcafKDf+ubjSAERLD
SP6VkimZ63DcvRvIpQ9kb368R0JJfEBJBj9oFrQzTuJKTSNR4fUvghPCtxj1e71w
ag==
-----END CERTIFICATE-----
Generated at Sat Apr 12 01:37:26 2025 by rpki-client