Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152832.roa
File: AS152832.roa (raw, json)
Hash identifier: uqJEL5tyXcoFukh0xWVt6A8iOEqtuSoPzZAwC4xmvhI=
Subject key identifier: 10:62:97:8E:79:06:0D:47:F5:8E:F7:12:92:F8:55:6D:18:58:2F:29
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 2B627538DA09A550BAB499A15A7963ABEFCF9529
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152832.roa
Signing time: Wed 18 Dec 2024 07:12:30 +0000
ROA not before: Wed 18 Dec 2024 07:07:30 +0000
ROA not after: Wed 17 Dec 2025 07:12:30 +0000
asID: 152832
IP address blocks: 2001:df4:c740::/48 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 15:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:62:75:38:da:09:a5:50:ba:b4:99:a1:5a:79:63:ab:ef:cf:95:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Dec 18 07:07:30 2024 GMT
Not After : Dec 17 07:12:30 2025 GMT
Subject: CN=1062978E79060D47F58EF71292F8556D18582F29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:15:18:ee:c4:3e:1b:d1:83:44:82:cf:d2:f6:
0f:7e:62:8d:f2:e4:87:2e:3b:51:73:ba:7d:02:d6:
de:f7:f0:3b:94:34:d0:8a:e6:32:4b:1e:de:cc:0e:
f6:83:1a:ee:4d:8e:d4:f2:32:f5:52:14:64:9b:25:
37:54:40:fb:f7:59:43:ec:ac:28:78:65:84:5f:db:
15:09:aa:d5:c5:47:60:eb:5a:d9:2b:c9:bd:06:cc:
af:81:93:87:9b:f7:58:c7:e7:5f:2f:1b:4d:27:8f:
3e:23:cf:99:76:26:5e:99:f9:7b:ee:5e:48:87:e7:
15:c2:cd:ca:60:11:64:e1:17:ba:2f:90:cb:92:91:
86:53:36:3f:cc:39:93:79:db:2b:d1:33:1d:39:27:
05:ce:bd:a8:51:1f:47:90:2b:16:76:8f:bd:8c:c1:
7d:98:0a:c2:1b:48:90:f6:ed:b3:78:66:9e:56:13:
e9:9e:50:da:5a:2d:c7:87:de:9e:c2:b1:6c:e2:f1:
f3:ce:38:af:ea:76:af:ac:02:04:15:2a:a3:38:48:
06:d3:05:74:39:0c:49:d6:1d:d5:97:6b:16:1f:71:
96:d9:e8:ad:0e:77:c9:31:fe:1f:b8:50:ff:18:fd:
14:d8:cd:6e:bd:6d:09:1c:b2:79:65:03:2a:da:60:
56:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:62:97:8E:79:06:0D:47:F5:8E:F7:12:92:F8:55:6D:18:58:2F:29
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:c740::/48
Signature Algorithm: sha256WithRSAEncryption
74:95:72:b9:15:33:30:96:09:62:c5:24:76:56:68:67:a5:0a:
61:90:66:d4:35:b4:e7:8b:e7:e1:dc:94:ba:d9:33:88:79:da:
28:b2:e3:87:9e:a5:ca:ac:46:21:fe:eb:48:37:e8:e1:11:c3:
ba:59:c6:53:b4:05:65:84:89:d4:ba:20:8e:ee:d5:18:0d:cb:
25:e5:bc:95:6d:c7:de:c9:ac:38:d0:6e:35:8c:50:1e:63:c9:
b8:09:87:eb:67:d5:95:c8:b1:1b:62:b2:37:e4:a4:c5:21:1d:
91:28:e6:34:1f:f3:8f:9e:56:4d:cc:f7:c1:05:77:15:f1:f4:
ec:76:66:45:9f:17:8e:ab:df:42:00:d5:d0:09:3c:9b:9e:a9:
ea:46:06:b2:2c:9b:80:2f:a0:b3:eb:d6:f0:7a:84:6c:59:e9:
75:75:b3:74:2f:d5:41:61:71:33:4c:67:88:ca:99:df:fe:b1:
a4:a7:b9:1e:e3:f9:fa:db:73:2f:58:14:f3:3d:9d:6e:5c:9f:
dc:07:7a:a0:db:8a:44:c3:e1:ae:c3:9c:de:b7:32:9f:dd:d8:
65:6c:14:4a:8c:24:35:c4:30:e0:4d:97:df:33:2c:56:49:7e:
c4:9b:82:ca:06:e8:03:17:aa:ab:b6:79:28:31:d8:41:b5:43:
f8:b9:dd:b6
-----BEGIN CERTIFICATE-----
MIIE4DCCA8igAwIBAgIUK2J1ONoJpVC6tJmhWnljq+/PlSkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxODA3MDczMFoX
DTI1MTIxNzA3MTIzMFowMzExMC8GA1UEAxMoMTA2Mjk3OEU3OTA2MEQ0N0Y1OEVG
NzEyOTJGODU1NkQxODU4MkYyOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANsVGO7EPhvRg0SCz9L2D35ijfLkhy47UXO6fQLW3vfwO5Q00IrmMkse3swO
9oMa7k2O1PIy9VIUZJslN1RA+/dZQ+ysKHhlhF/bFQmq1cVHYOta2SvJvQbMr4GT
h5v3WMfnXy8bTSePPiPPmXYmXpn5e+5eSIfnFcLNymARZOEXui+Qy5KRhlM2P8w5
k3nbK9EzHTknBc69qFEfR5ArFnaPvYzBfZgKwhtIkPbts3hmnlYT6Z5Q2lotx4fe
nsKxbOLx8844r+p2r6wCBBUqozhIBtMFdDkMSdYd1ZdrFh9xltnorQ53yTH+H7hQ
/xj9FNjNbr1tCRyyeWUDKtpgVq0CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQQYpeO
eQYNR/WO9xKS+FVtGFgvKTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjgzMi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACABDfTHQDANBgkqhkiG9w0BAQsFAAOCAQEAdJVyuRUzMJYJYsUk
dlZoZ6UKYZBm1DW054vn4dyUutkziHnaKLLjh56lyqxGIf7rSDfo4RHDulnGU7QF
ZYSJ1Logju7VGA3LJeW8lW3H3smsONBuNYxQHmPJuAmH62fVlcixG2KyN+SkxSEd
kSjmNB/zj55WTcz3wQV3FfH07HZmRZ8XjqvfQgDV0Ak8m56p6kYGsiybgC+gs+vW
8HqEbFnpdXWzdC/VQWFxM0xniMqZ3/6xpKe5HuP5+ttzL1gU8z2dblyf3Ad6oNuK
RMPhrsOc3rcyn93YZWwUSowkNcQw4E2X3zMsVkl+xJuCygboAxeqq7Z5KDHYQbVD
+Lndtg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:38:23 2025 by rpki-client