Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153553.roa
File: AS153553.roa (raw, json)
Hash identifier: IpTIQBnYYM7z9zH8LqI3RdW2S1I/xnJYRCDmym9cmBQ=
Subject key identifier: 04:FF:E0:F8:7E:81:1E:35:C2:18:3E:2C:ED:86:A7:BC:F4:94:C3:4B
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 2BD2267B4BF778F0E296C4A61BEC36024D680F0D
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153553.roa
Signing time: Tue 18 Feb 2025 01:53:13 +0000
ROA not before: Tue 18 Feb 2025 01:48:13 +0000
ROA not after: Tue 17 Feb 2026 01:53:13 +0000
asID: 153553
IP address blocks: 161.248.164.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:d2:26:7b:4b:f7:78:f0:e2:96:c4:a6:1b:ec:36:02:4d:68:0f:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 18 01:48:13 2025 GMT
Not After : Feb 17 01:53:13 2026 GMT
Subject: CN=04FFE0F87E811E35C2183E2CED86A7BCF494C34B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:99:69:7e:3e:79:63:4f:44:00:26:f6:3c:f4:
04:73:7e:96:b8:42:21:58:6f:a6:67:64:91:5b:19:
98:c6:dc:12:83:5b:3f:92:ad:ec:50:20:2e:1a:cb:
57:04:87:25:a8:d5:b6:6f:d2:3c:36:d1:22:59:e2:
c0:60:1f:f7:49:05:a9:20:3a:70:2a:a6:a1:71:a8:
d3:6c:e9:c6:36:fa:9c:80:7a:25:25:e3:9e:a4:50:
89:90:a9:25:a9:ee:f0:1f:ae:bb:d9:9e:63:31:b8:
93:61:08:a1:29:55:9d:85:93:41:70:ba:bc:a3:a5:
c6:03:d4:0c:aa:50:c0:21:cb:fb:c7:51:e4:28:36:
31:96:ae:2b:fe:cb:62:d7:46:8e:fd:c6:5f:7d:04:
e5:3d:b5:03:cb:48:e2:87:55:60:8a:3f:80:3c:72:
2d:75:1b:3d:86:86:07:89:e6:88:8f:20:b1:d8:fe:
eb:a9:7b:52:da:95:3e:39:8e:82:ed:8c:44:08:f2:
f3:02:28:2b:f6:eb:52:ae:57:d3:e0:14:b8:a3:2b:
6e:99:ec:53:d5:8e:3e:d6:33:a0:51:cf:c8:d5:fb:
80:d1:47:b2:69:f4:79:ea:22:97:5e:58:a6:5a:f5:
de:12:8c:ff:1b:13:ee:94:05:6c:78:98:e2:05:73:
6f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:FF:E0:F8:7E:81:1E:35:C2:18:3E:2C:ED:86:A7:BC:F4:94:C3:4B
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153553.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.248.164.0/23
Signature Algorithm: sha256WithRSAEncryption
33:11:cf:1a:9c:e3:82:ce:48:83:04:2d:27:aa:bd:0c:01:51:
8a:f2:6e:0a:53:51:cf:95:f1:fc:a6:b4:f9:cb:53:bb:3b:42:
9d:3b:45:1b:f2:7f:aa:ee:4c:1e:83:6d:33:12:14:91:b7:4a:
b7:97:da:20:5e:67:df:28:8a:85:27:bf:ec:f5:c1:52:54:5a:
c2:1a:a5:fb:8a:e3:0a:31:dc:54:bc:c4:6d:79:62:9f:0d:4a:
d1:75:77:12:fb:fa:e0:a4:1b:46:f0:43:6a:38:ae:12:15:d2:
9b:a9:2a:14:36:71:55:98:23:c6:12:48:55:d5:1b:8a:0c:5e:
78:40:48:8a:d8:a8:7d:ac:23:10:ce:e5:97:7b:4f:df:9c:78:
7e:63:38:23:b9:87:4d:ac:03:ab:71:b6:55:07:e3:14:ea:2b:
ef:a3:e3:61:79:32:86:06:f2:de:20:9b:42:a2:c5:5a:1e:a1:
d1:59:7e:50:f2:e2:7f:6c:03:f0:d2:2e:a7:19:1f:a8:25:fa:
28:02:f1:8b:19:c1:13:05:75:f1:50:02:44:35:51:ff:1b:c9:
e7:85:5a:bd:66:ba:66:56:98:6b:ad:00:32:1d:75:41:30:de:
21:5f:37:22:ea:a2:91:38:79:25:e9:1c:47:b6:bd:dc:ca:8a:
67:94:30:ef
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUK9Ime0v3ePDilsSmG+w2Ak1oDw0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIxODAxNDgxM1oX
DTI2MDIxNzAxNTMxM1owMzExMC8GA1UEAxMoMDRGRkUwRjg3RTgxMUUzNUMyMTgz
RTJDRUQ4NkE3QkNGNDk0QzM0QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSZaX4+eWNPRAAm9jz0BHN+lrhCIVhvpmdkkVsZmMbcEoNbP5Kt7FAgLhrL
VwSHJajVtm/SPDbRIlniwGAf90kFqSA6cCqmoXGo02zpxjb6nIB6JSXjnqRQiZCp
Janu8B+uu9meYzG4k2EIoSlVnYWTQXC6vKOlxgPUDKpQwCHL+8dR5Cg2MZauK/7L
YtdGjv3GX30E5T21A8tI4odVYIo/gDxyLXUbPYaGB4nmiI8gsdj+66l7UtqVPjmO
gu2MRAjy8wIoK/brUq5X0+AUuKMrbpnsU9WOPtYzoFHPyNX7gNFHsmn0eeoil15Y
plr13hKM/xsT7pQFbHiY4gVzb5MCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQE/+D4
foEeNcIYPizthqe89JTDSzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzU1My5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaH4pDANBgkqhkiG9w0BAQsFAAOCAQEAMxHPGpzjgs5IgwQtJ6q9
DAFRivJuClNRz5Xx/Ka0+ctTuztCnTtFG/J/qu5MHoNtMxIUkbdKt5faIF5n3yiK
hSe/7PXBUlRawhql+4rjCjHcVLzEbXlinw1K0XV3Evv64KQbRvBDajiuEhXSm6kq
FDZxVZgjxhJIVdUbigxeeEBIitiofawjEM7ll3tP35x4fmM4I7mHTawDq3G2VQfj
FOor76PjYXkyhgby3iCbQqLFWh6h0Vl+UPLif2wD8NIupxkfqCX6KALxixnBEwV1
8VACRDVR/xvJ54VavWa6ZlaYa60AMh11QTDeIV83IuqikTh5JekcR7a93MqKZ5Qw
7w==
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:03:22 2025 by rpki-client