Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153524.roa
File: AS153524.roa (raw, json)
Hash identifier: V7grZ9cmzMqvO7N0WjDRtZdW/N+40zWnTBdCCBvlffw=
Subject key identifier: 4B:B3:81:98:88:6F:5D:99:28:19:58:52:12:B9:24:59:18:0B:6C:54
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 1418D6446602E38C888E7A1BB5FAAF2E09C84920
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153524.roa
Signing time: Mon 24 Feb 2025 02:38:06 +0000
ROA not before: Mon 24 Feb 2025 02:33:06 +0000
ROA not after: Mon 23 Feb 2026 02:38:06 +0000
asID: 153524
IP address blocks: 160.250.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:18:d6:44:66:02:e3:8c:88:8e:7a:1b:b5:fa:af:2e:09:c8:49:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 24 02:33:06 2025 GMT
Not After : Feb 23 02:38:06 2026 GMT
Subject: CN=4BB38198886F5D992819585212B92459180B6C54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:91:5d:b6:4d:d4:1e:4c:06:49:39:78:2c:b2:
72:8b:50:6b:26:dd:ed:ac:ec:4b:7e:4d:c6:1e:5a:
7e:ce:3e:83:79:89:5d:98:0c:ae:1b:61:19:91:60:
06:a2:fd:e7:58:d6:3d:ca:4e:99:e1:d7:42:78:ef:
36:13:d4:f5:f7:2c:e3:0e:93:4a:93:a7:e3:8a:da:
2c:d3:39:b0:6f:77:d9:3c:91:7a:cf:22:24:3c:6e:
ab:a0:2a:91:ef:1c:2b:aa:ea:bb:3f:2b:5f:08:1a:
0f:fe:4a:b8:b6:74:83:a5:5c:d0:63:70:a1:f0:9e:
6f:7c:ed:32:a8:58:6b:e0:4a:c1:73:99:a7:c7:28:
7f:76:c4:9e:90:35:6e:7b:d4:4c:13:f0:ca:2f:80:
ca:0c:5f:a8:56:a5:1e:aa:46:fa:92:41:88:30:d5:
80:d7:9b:4a:45:02:1f:8a:57:13:50:b7:ab:36:dd:
e2:77:8e:ca:b3:8d:65:85:67:61:32:6d:28:78:ea:
31:35:2d:a0:7d:60:20:7d:b0:2a:c2:c1:b4:f9:49:
9d:c1:42:74:e2:fd:92:9c:ec:06:2c:45:79:89:08:
fa:52:1e:69:b1:6f:25:3b:5b:aa:6f:93:7e:16:09:
f7:68:dc:25:99:fc:59:8d:ea:7d:f7:c8:9b:33:39:
52:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B3:81:98:88:6F:5D:99:28:19:58:52:12:B9:24:59:18:0B:6C:54
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153524.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.250.35.0/24
Signature Algorithm: sha256WithRSAEncryption
83:ad:5d:32:49:4f:0d:c8:71:c9:10:61:ae:0a:5d:34:0a:93:
ff:d2:13:9f:99:fa:be:44:1b:4b:bf:54:0f:ca:78:90:76:d1:
83:a1:b5:b7:84:cf:32:60:c8:de:9d:75:ea:c3:2c:82:3e:bb:
2c:2e:3c:3a:8a:46:15:03:7c:dc:11:27:a9:ce:c0:88:39:f3:
6c:e1:22:82:a4:ab:a9:98:83:77:1e:dc:40:b7:7d:75:ba:2e:
71:db:77:64:f8:b8:f1:c5:5c:00:18:65:8e:e7:c0:f8:00:59:
71:1e:6b:e6:c6:60:36:1a:08:c7:8d:05:7a:a5:55:2e:37:11:
b4:a3:bf:3c:dc:52:eb:bd:ea:bd:b4:af:d2:d4:81:71:26:57:
a3:f7:88:c0:a9:d2:17:5d:14:e5:d8:9c:27:e0:f1:18:b7:2c:
bb:1e:2a:61:67:2e:39:cd:f7:11:e6:95:a9:9f:fe:62:9d:0d:
5e:31:7a:86:d7:98:03:93:6c:48:86:4b:d9:e4:fe:23:f6:63:
7a:56:66:3e:34:60:00:56:80:cd:4e:da:a2:61:de:4d:bb:67:
33:ca:76:9f:f9:d9:6f:e5:da:f4:1a:71:a3:cc:d9:9d:c4:84:
42:d7:a2:db:f8:b9:fa:ed:47:2a:40:ce:00:77:54:43:94:c5:
9f:37:76:00
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUFBjWRGYC44yIjnobtfqvLgnISSAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIyNDAyMzMwNloX
DTI2MDIyMzAyMzgwNlowMzExMC8GA1UEAxMoNEJCMzgxOTg4ODZGNUQ5OTI4MTk1
ODUyMTJCOTI0NTkxODBCNkM1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqRXbZN1B5MBkk5eCyycotQaybd7azsS35Nxh5afs4+g3mJXZgMrhthGZFg
BqL951jWPcpOmeHXQnjvNhPU9fcs4w6TSpOn44raLNM5sG932TyRes8iJDxuq6Aq
ke8cK6rquz8rXwgaD/5KuLZ0g6Vc0GNwofCeb3ztMqhYa+BKwXOZp8cof3bEnpA1
bnvUTBPwyi+AygxfqFalHqpG+pJBiDDVgNebSkUCH4pXE1C3qzbd4neOyrONZYVn
YTJtKHjqMTUtoH1gIH2wKsLBtPlJncFCdOL9kpzsBixFeYkI+lIeabFvJTtbqm+T
fhYJ92jcJZn8WY3qfffImzM5Ut0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRLs4GY
iG9dmSgZWFISuSRZGAtsVDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzUyNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKD6IzANBgkqhkiG9w0BAQsFAAOCAQEAg61dMklPDchxyRBhrgpd
NAqT/9ITn5n6vkQbS79UD8p4kHbRg6G1t4TPMmDI3p116sMsgj67LC48OopGFQN8
3BEnqc7AiDnzbOEigqSrqZiDdx7cQLd9dboucdt3ZPi48cVcABhljufA+ABZcR5r
5sZgNhoIx40FeqVVLjcRtKO/PNxS673qvbSv0tSBcSZXo/eIwKnSF10U5dicJ+Dx
GLcsux4qYWcuOc33EeaVqZ/+Yp0NXjF6hteYA5NsSIZL2eT+I/ZjelZmPjRgAFaA
zU7aomHeTbtnM8p2n/nZb+Xa9Bpxo8zZncSEQtei2/i5+u1HKkDOAHdUQ5TFnzd2
AA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:31:36 2025 by rpki-client