Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153601.roa
File: AS153601.roa (raw, json)
Hash identifier: ZBmvq4PWy8IxpyC2TypfRL3sJpRFRtq2h8PnP/U7DBM=
Subject key identifier: 0A:14:BE:C4:7F:FF:C4:BE:09:0B:CD:2D:A3:31:40:F2:C0:AC:0F:97
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 375F78FA6E5EE6DDBD93679109506B43AC478B6C
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153601.roa
Signing time: Tue 25 Mar 2025 03:04:16 +0000
ROA not before: Tue 25 Mar 2025 02:59:16 +0000
ROA not after: Tue 24 Mar 2026 03:04:16 +0000
asID: 153601
IP address blocks: 161.248.233.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:5f:78:fa:6e:5e:e6:dd:bd:93:67:91:09:50:6b:43:ac:47:8b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Mar 25 02:59:16 2025 GMT
Not After : Mar 24 03:04:16 2026 GMT
Subject: CN=0A14BEC47FFFC4BE090BCD2DA33140F2C0AC0F97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a4:8a:93:a6:7d:09:07:d1:ef:fd:79:be:06:
61:60:96:73:33:26:0a:cd:b2:65:e0:07:82:ca:6e:
c0:ca:e6:72:e3:8d:9e:1a:b9:38:90:97:06:7a:df:
63:6f:33:1f:c0:ee:da:df:4b:71:68:98:25:3b:7f:
dc:46:a5:fe:9b:fe:a8:18:fd:78:7f:e7:13:6e:a7:
4e:fc:38:8f:4d:98:37:90:b2:a5:e7:cb:22:b5:ca:
b6:b6:c8:73:90:74:a0:a2:6b:ad:24:d5:ec:03:26:
a8:01:a9:1c:dd:01:19:a9:ee:18:e6:31:ce:12:44:
16:f7:df:3a:31:b4:d2:4d:c6:34:aa:2d:ca:0f:d8:
ff:ac:eb:be:42:92:65:67:c9:ee:74:b8:1a:df:6d:
f4:4a:29:cf:80:b7:5c:c9:85:0d:e2:b7:96:d4:48:
cd:89:75:a7:dd:43:39:cd:c4:ca:43:e1:34:5e:9d:
6d:5c:a8:30:f8:22:7e:f2:a0:99:5a:43:4c:3f:39:
2f:4f:aa:8e:1f:84:2f:74:27:a9:93:fd:67:41:4b:
6d:93:17:6a:00:2a:cf:47:c1:0e:1d:31:19:97:5c:
e7:85:ed:a4:d5:59:5a:c7:78:2d:bf:86:c9:9d:c0:
45:7a:46:49:0b:29:16:f1:2a:5d:5b:85:c1:05:f3:
65:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:14:BE:C4:7F:FF:C4:BE:09:0B:CD:2D:A3:31:40:F2:C0:AC:0F:97
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153601.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.248.233.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:e5:c0:0b:3d:9c:99:c6:ba:59:7a:bd:c5:de:d9:94:1a:c8:
fb:70:1b:43:88:4f:76:83:87:3d:22:33:4f:6a:0f:36:da:15:
60:75:c6:ff:f4:db:b4:ec:e5:fa:f0:1f:c6:04:e3:58:fe:bb:
17:b1:0a:43:e3:15:8e:f8:54:ce:5c:8b:29:45:9e:08:cb:bb:
e5:14:9f:d5:91:e7:b9:df:2a:c5:eb:dc:30:e6:fb:21:e1:04:
c7:f8:32:6d:a0:7e:e7:27:ca:43:4a:cd:a0:84:b0:5e:b1:26:
82:4f:bd:10:01:61:70:00:a8:53:35:50:f6:63:75:26:4d:82:
57:09:c2:88:4d:0e:0a:81:dd:c8:81:9e:9e:a1:d8:f0:85:96:
79:74:ee:e4:fc:34:7c:0c:63:ab:17:d5:2e:14:08:50:72:8e:
50:16:53:dc:c0:71:ac:97:b6:a7:37:67:3d:55:b3:00:7f:f0:
b0:9b:df:cc:d3:4d:d8:45:7a:be:7f:cd:20:b4:44:34:da:65:
e4:54:33:33:16:9d:a5:37:4d:59:5c:64:8a:00:50:18:b0:2f:
ab:48:c8:dc:42:93:f6:c0:01:7e:a9:80:38:ad:f4:41:5a:62:
b4:82:bd:81:ac:69:ee:a5:df:71:d3:85:ee:8d:ed:e4:12:f9:
4a:05:cd:f3
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUN194+m5e5t29k2eRCVBrQ6xHi2wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDMyNTAyNTkxNloX
DTI2MDMyNDAzMDQxNlowMzExMC8GA1UEAxMoMEExNEJFQzQ3RkZGQzRCRTA5MEJD
RDJEQTMzMTQwRjJDMEFDMEY5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALikipOmfQkH0e/9eb4GYWCWczMmCs2yZeAHgspuwMrmcuONnhq5OJCXBnrf
Y28zH8Du2t9LcWiYJTt/3Eal/pv+qBj9eH/nE26nTvw4j02YN5CypefLIrXKtrbI
c5B0oKJrrSTV7AMmqAGpHN0BGanuGOYxzhJEFvffOjG00k3GNKotyg/Y/6zrvkKS
ZWfJ7nS4Gt9t9Eopz4C3XMmFDeK3ltRIzYl1p91DOc3EykPhNF6dbVyoMPgifvKg
mVpDTD85L0+qjh+EL3QnqZP9Z0FLbZMXagAqz0fBDh0xGZdc54XtpNVZWsd4Lb+G
yZ3ARXpGSQspFvEqXVuFwQXzZQMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQKFL7E
f//EvgkLzS2jMUDywKwPlzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzYwMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKH46TANBgkqhkiG9w0BAQsFAAOCAQEAT+XACz2cmca6WXq9xd7Z
lBrI+3AbQ4hPdoOHPSIzT2oPNtoVYHXG//TbtOzl+vAfxgTjWP67F7EKQ+MVjvhU
zlyLKUWeCMu75RSf1ZHnud8qxevcMOb7IeEEx/gybaB+5yfKQ0rNoISwXrEmgk+9
EAFhcACoUzVQ9mN1Jk2CVwnCiE0OCoHdyIGenqHY8IWWeXTu5Pw0fAxjqxfVLhQI
UHKOUBZT3MBxrJe2pzdnPVWzAH/wsJvfzNNN2EV6vn/NILRENNpl5FQzMxadpTdN
WVxkigBQGLAvq0jI3EKT9sABfqmAOK30QVpitIK9gaxp7qXfcdOF7o3t5BL5SgXN
8w==
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:05:53 2025 by rpki-client