Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153149.roa
File: AS153149.roa (raw, json)
Hash identifier: aOw4+TQjHDcD7ThsiTdmGBAqejzP7OBl6QlPeQ+p5y4=
Subject key identifier: 17:5E:4D:E3:1B:AB:37:CB:9E:27:F8:F0:A5:B5:C7:4B:75:B0:FC:03
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 5A9790B86C15C5A46E80D6AE65F7D90FE0684E92
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153149.roa
Signing time: Tue 03 Dec 2024 08:43:07 +0000
ROA not before: Tue 03 Dec 2024 08:38:07 +0000
ROA not after: Tue 02 Dec 2025 08:43:07 +0000
asID: 153149
IP address blocks: 2001:df4:9a40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:97:90:b8:6c:15:c5:a4:6e:80:d6:ae:65:f7:d9:0f:e0:68:4e:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Dec 3 08:38:07 2024 GMT
Not After : Dec 2 08:43:07 2025 GMT
Subject: CN=175E4DE31BAB37CB9E27F8F0A5B5C74B75B0FC03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:60:4a:4a:78:d9:a4:b0:a6:24:22:42:57:6f:
d5:b2:0b:27:45:26:69:2d:50:22:84:b8:25:56:68:
35:74:8e:e9:8f:10:8d:67:56:d4:75:2f:ba:4d:18:
b3:31:90:7a:b9:b9:32:fc:7f:ef:cb:ee:ce:27:33:
0a:c4:d8:c3:c9:b5:83:21:ac:e9:b5:a4:ea:09:b0:
e6:22:53:84:f8:9a:b2:62:9d:ce:da:9b:b0:f7:64:
ff:31:39:23:d7:a1:7a:1e:58:eb:25:7f:5d:ba:ba:
af:ca:34:76:1f:d2:04:dd:cd:b0:92:34:be:f2:0d:
c4:05:78:d1:34:6f:41:50:14:c7:e6:5c:cb:b7:15:
ba:2d:f8:9b:2d:58:50:be:05:a6:4a:23:40:98:39:
9a:04:a9:57:a8:b8:3f:b3:a6:5e:9b:5d:14:67:af:
80:58:b7:22:ac:b1:d4:69:54:b3:b9:93:be:34:22:
4b:3b:b1:0f:94:db:8e:f1:d2:18:5a:7c:62:62:6e:
27:44:89:fb:86:0c:51:41:28:9a:0b:ca:32:02:d7:
d0:87:20:bd:05:46:7c:d6:31:98:4c:46:2e:5f:13:
60:c3:7e:89:ce:71:ac:20:19:46:2e:bb:b6:4e:91:
60:bf:0e:16:30:af:f3:c8:a1:84:3e:4c:f7:88:4c:
47:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:5E:4D:E3:1B:AB:37:CB:9E:27:F8:F0:A5:B5:C7:4B:75:B0:FC:03
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153149.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:9a40::/48
Signature Algorithm: sha256WithRSAEncryption
68:cf:bf:53:0a:c8:55:6d:a0:f0:15:39:f5:86:62:97:b5:47:
40:2b:da:37:ab:5a:d3:9b:93:2b:e7:73:53:a0:36:1f:6b:d6:
ef:0c:f7:66:86:bf:ec:4a:24:9c:46:66:f1:3b:64:42:66:d7:
ba:d6:94:4e:82:5f:5d:49:fc:e7:fa:89:c4:e8:92:ef:fc:e0:
06:54:09:53:28:9a:7b:43:e4:3f:94:74:ac:49:ca:44:62:6f:
51:04:1e:97:00:3d:b1:2e:29:23:e6:83:17:0b:35:04:6e:55:
a8:c5:f3:32:51:5c:ab:ba:22:6b:d7:8a:76:7e:cd:de:26:2a:
5a:7b:95:06:67:fb:ce:22:32:f5:fb:65:6e:11:f0:12:81:28:
f3:35:5e:18:52:10:90:7b:57:1f:c4:28:d6:b8:d6:aa:2a:f3:
88:83:a2:b4:48:95:99:97:f5:1c:c5:ee:b2:8e:82:c7:41:60:
3d:b0:3e:8c:c5:1a:0c:60:4e:ab:03:c2:e9:52:c5:f2:dd:71:
36:39:8c:47:09:6a:f9:97:bf:f7:76:d3:44:4e:d3:f4:01:43:
64:77:35:05:ad:8e:de:47:de:bd:01:68:c8:02:fa:a8:e8:52:
02:22:12:2e:4a:57:bb:1f:85:9e:7b:e6:e7:27:dc:f7:61:19:
42:68:bb:07
-----BEGIN CERTIFICATE-----
MIIE4DCCA8igAwIBAgIUWpeQuGwVxaRugNauZffZD+BoTpIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIwMzA4MzgwN1oX
DTI1MTIwMjA4NDMwN1owMzExMC8GA1UEAxMoMTc1RTRERTMxQkFCMzdDQjlFMjdG
OEYwQTVCNUM3NEI3NUIwRkMwMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1gSkp42aSwpiQiQldv1bILJ0UmaS1QIoS4JVZoNXSO6Y8QjWdW1HUvuk0Y
szGQerm5Mvx/78vuziczCsTYw8m1gyGs6bWk6gmw5iJThPiasmKdztqbsPdk/zE5
I9eheh5Y6yV/Xbq6r8o0dh/SBN3NsJI0vvINxAV40TRvQVAUx+Zcy7cVui34my1Y
UL4FpkojQJg5mgSpV6i4P7OmXptdFGevgFi3Iqyx1GlUs7mTvjQiSzuxD5TbjvHS
GFp8YmJuJ0SJ+4YMUUEomgvKMgLX0IcgvQVGfNYxmExGLl8TYMN+ic5xrCAZRi67
tk6RYL8OFjCv88ihhD5M94hMR8cCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQXXk3j
G6s3y54n+PCltcdLdbD8AzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzE0OS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACABDfSaQDANBgkqhkiG9w0BAQsFAAOCAQEAaM+/UwrIVW2g8BU5
9YZil7VHQCvaN6ta05uTK+dzU6A2H2vW7wz3Zoa/7EoknEZm8TtkQmbXutaUToJf
XUn85/qJxOiS7/zgBlQJUyiae0PkP5R0rEnKRGJvUQQelwA9sS4pI+aDFws1BG5V
qMXzMlFcq7oia9eKdn7N3iYqWnuVBmf7ziIy9ftlbhHwEoEo8zVeGFIQkHtXH8Qo
1rjWqirziIOitEiVmZf1HMXuso6Cx0FgPbA+jMUaDGBOqwPC6VLF8t1xNjmMRwlq
+Ze/93bTRE7T9AFDZHc1Ba2O3kfevQFoyAL6qOhSAiISLkpXux+Fnnvm5yfc92EZ
Qmi7Bw==
-----END CERTIFICATE-----
Generated at Sat Feb 22 21:35:10 2025 by rpki-client