Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153538.roa
File: AS153538.roa (raw, json)
Hash identifier: +jKeMuenGRDNHRSqnRFmWPLlRvh+wStE3gJmitNPPNM=
Subject key identifier: 58:F0:8D:EB:18:ED:C0:20:81:B5:B1:BD:7E:94:BB:51:0A:AA:AA:85
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 586D7D0F9B6C972FEAB5ADB74DB03638EE421B76
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153538.roa
Signing time: Sat 15 Mar 2025 14:04:23 +0000
ROA not before: Sat 15 Mar 2025 13:59:23 +0000
ROA not after: Sat 14 Mar 2026 14:04:23 +0000
asID: 153538
IP address blocks: 161.248.172.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:6d:7d:0f:9b:6c:97:2f:ea:b5:ad:b7:4d:b0:36:38:ee:42:1b:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Mar 15 13:59:23 2025 GMT
Not After : Mar 14 14:04:23 2026 GMT
Subject: CN=58F08DEB18EDC02081B5B1BD7E94BB510AAAAA85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e8:eb:d9:94:95:69:c5:c1:9c:40:d5:23:b1:
e3:f7:68:2d:f9:d3:af:53:2d:b4:fa:2f:b0:9d:e8:
56:46:87:22:a0:74:35:18:bd:3c:1c:f2:43:c0:80:
42:88:d0:f1:14:06:84:2e:08:61:ea:7e:0f:de:e9:
6f:62:f7:66:a5:c0:c0:f2:07:ad:19:eb:7d:6a:9d:
7f:a5:1b:d5:6f:ef:cd:38:db:3d:fc:f2:e5:c1:63:
fd:b9:7a:1d:f9:60:8a:62:df:8a:a5:11:7a:d3:a2:
89:0c:21:50:e0:68:5d:2a:5b:52:bc:9b:7e:56:43:
ec:68:1e:6d:c2:56:5c:fc:40:73:db:97:90:81:cf:
e0:c9:1d:31:51:f7:0e:6e:d7:db:48:84:3f:cf:fc:
46:a4:ac:7a:e3:71:68:0e:e2:78:02:29:6c:21:04:
1f:50:12:03:0e:8e:bf:f3:c2:8a:c1:7a:af:8a:a7:
72:5a:fa:64:d1:47:32:91:1b:96:60:3a:db:e2:ef:
61:65:aa:a2:41:86:e8:2d:21:78:d9:02:16:29:ab:
89:c7:3f:2b:54:03:d2:00:fd:01:45:c7:5a:60:e1:
21:f1:c3:08:d5:93:61:35:cc:b2:59:b0:68:32:0e:
3d:37:51:a3:3f:93:94:bd:85:75:f8:65:59:74:10:
31:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:F0:8D:EB:18:ED:C0:20:81:B5:B1:BD:7E:94:BB:51:0A:AA:AA:85
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.248.172.0/23
Signature Algorithm: sha256WithRSAEncryption
55:56:51:27:c3:16:83:11:02:7a:ff:2a:c9:d7:4f:ed:c9:df:
98:7f:aa:e8:5d:c3:c5:cc:a1:21:ed:6c:0c:2e:75:5b:bb:a1:
ce:1a:a9:8e:29:97:50:2c:16:a6:bd:77:42:c9:f7:8f:13:98:
8f:26:82:d2:c2:72:0c:e4:f6:fe:63:91:a1:94:6b:a4:e2:8c:
9d:28:22:e3:d7:2c:c5:12:7c:bf:f0:0f:cd:ef:b2:22:b6:76:
41:75:a0:bb:e8:1c:12:66:30:3f:ee:3b:20:d9:a9:9a:84:24:
38:8f:fd:1e:25:59:bb:89:1f:e7:ab:d6:b7:6d:4c:3a:9b:4c:
57:96:fb:3c:cf:09:54:da:85:16:d2:c9:f4:81:54:39:de:11:
9a:f8:5a:d7:15:53:fd:9f:de:15:f1:fe:82:33:31:ea:26:6d:
b3:0e:37:e3:8a:3e:dd:3a:91:8c:ab:64:e2:26:5e:b4:c6:1c:
8b:1d:d4:aa:f1:ff:91:2c:5e:c1:0c:9c:d2:ed:b9:b1:e8:51:
76:b2:79:7d:9e:d1:c3:bc:a6:7f:1c:02:1b:e5:74:aa:6f:0d:
37:94:73:ea:10:e7:7f:ce:89:e7:9f:19:17:94:12:28:b7:04:
a6:63:47:a1:02:54:ca:74:06:58:4e:fd:cb:07:50:5a:c1:48:
31:28:9d:df
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUWG19D5tsly/qta23TbA2OO5CG3YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDMxNTEzNTkyM1oX
DTI2MDMxNDE0MDQyM1owMzExMC8GA1UEAxMoNThGMDhERUIxOEVEQzAyMDgxQjVC
MUJEN0U5NEJCNTEwQUFBQUE4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7o69mUlWnFwZxA1SOx4/doLfnTr1MttPovsJ3oVkaHIqB0NRi9PBzyQ8CA
QojQ8RQGhC4IYep+D97pb2L3ZqXAwPIHrRnrfWqdf6Ub1W/vzTjbPfzy5cFj/bl6
HflgimLfiqURetOiiQwhUOBoXSpbUrybflZD7GgebcJWXPxAc9uXkIHP4MkdMVH3
Dm7X20iEP8/8RqSseuNxaA7ieAIpbCEEH1ASAw6Ov/PCisF6r4qnclr6ZNFHMpEb
lmA62+LvYWWqokGG6C0heNkCFimricc/K1QD0gD9AUXHWmDhIfHDCNWTYTXMslmw
aDIOPTdRoz+TlL2FdfhlWXQQMYMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRY8I3r
GO3AIIG1sb1+lLtRCqqqhTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzUzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaH4rDANBgkqhkiG9w0BAQsFAAOCAQEAVVZRJ8MWgxECev8qyddP
7cnfmH+q6F3DxcyhIe1sDC51W7uhzhqpjimXUCwWpr13Qsn3jxOYjyaC0sJyDOT2
/mORoZRrpOKMnSgi49csxRJ8v/APze+yIrZ2QXWgu+gcEmYwP+47INmpmoQkOI/9
HiVZu4kf56vWt21MOptMV5b7PM8JVNqFFtLJ9IFUOd4Rmvha1xVT/Z/eFfH+gjMx
6iZtsw4344o+3TqRjKtk4iZetMYcix3UqvH/kSxewQyc0u25sehRdrJ5fZ7Rw7ym
fxwCG+V0qm8NN5Rz6hDnf86J558ZF5QSKLcEpmNHoQJUynQGWE79ywdQWsFIMSid
3w==
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:34:01 2025 by rpki-client