Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AS38060.roa
File: AS38060.roa (raw, json)
Hash identifier: 5jA0xh/2xXIzVpC/CIPOCCViuLF7rR73fndYS1aZyX8=
Subject key identifier: 99:28:E5:CC:BB:08:EC:DF:4F:13:8B:A9:F9:55:9B:3C:E4:B4:54:59
Certificate issuer: /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial: 17CF09CC221BBE9C81B74A24EC312D6D29E588DF
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AS38060.roa
Signing time: Thu 09 Nov 2023 03:02:20 +0000
ROA not before: Thu 09 Nov 2023 02:57:20 +0000
ROA not after: Thu 07 Nov 2024 03:02:20 +0000
asID: 38060
IP address blocks: 112.78.132.0/24 maxlen: 24
112.78.134.0/24 maxlen: 24
112.78.142.0/24 maxlen: 24
112.78.144.0/24 maxlen: 24
112.78.150.0/24 maxlen: 24
112.78.151.0/24 maxlen: 24
112.78.153.0/24 maxlen: 24
112.78.178.0/24 maxlen: 24
112.78.191.0/24 maxlen: 24
117.102.72.0/24 maxlen: 24
117.102.75.0/24 maxlen: 24
117.102.79.0/24 maxlen: 24
117.102.81.0/24 maxlen: 24
117.102.97.0/24 maxlen: 24
117.102.120.0/24 maxlen: 24
118.99.67.0/24 maxlen: 24
118.99.72.0/24 maxlen: 24
118.99.107.0/24 maxlen: 24
118.99.109.0/24 maxlen: 24
118.99.110.0/24 maxlen: 24
118.99.112.0/24 maxlen: 24
182.253.6.0/24 maxlen: 24
182.253.14.0/24 maxlen: 24
182.253.23.0/24 maxlen: 24
182.253.33.0/24 maxlen: 24
182.253.36.0/24 maxlen: 24
182.253.40.0/24 maxlen: 24
182.253.42.0/24 maxlen: 24
182.253.44.0/24 maxlen: 24
182.253.45.0/24 maxlen: 24
182.253.62.0/24 maxlen: 24
182.253.87.0/24 maxlen: 24
182.253.98.0/24 maxlen: 24
182.253.106.0/24 maxlen: 24
182.253.116.0/24 maxlen: 24
182.253.117.0/24 maxlen: 24
182.253.122.0/24 maxlen: 24
182.253.123.0/24 maxlen: 24
182.253.124.0/24 maxlen: 24
182.253.127.0/24 maxlen: 24
182.253.131.0/24 maxlen: 24
182.253.133.0/24 maxlen: 24
182.253.137.0/24 maxlen: 24
182.253.139.0/24 maxlen: 24
182.253.151.0/24 maxlen: 24
182.253.185.0/24 maxlen: 24
182.253.186.0/24 maxlen: 24
182.253.192.0/24 maxlen: 24
182.253.194.0/24 maxlen: 24
182.253.203.0/24 maxlen: 24
182.253.215.0/24 maxlen: 24
182.253.217.0/24 maxlen: 24
182.253.228.0/24 maxlen: 24
182.253.242.0/24 maxlen: 24
182.253.243.0/24 maxlen: 24
182.253.244.0/24 maxlen: 24
182.253.245.0/24 maxlen: 24
182.253.250.0/24 maxlen: 24
182.253.251.0/24 maxlen: 24
202.169.37.0/24 maxlen: 24
202.169.38.0/24 maxlen: 24
202.169.46.0/24 maxlen: 24
202.169.56.0/24 maxlen: 24
203.142.74.0/24 maxlen: 24
203.142.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl
rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 16:50:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:cf:09:cc:22:1b:be:9c:81:b7:4a:24:ec:31:2d:6d:29:e5:88:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
Validity
Not Before: Nov 9 02:57:20 2023 GMT
Not After : Nov 7 03:02:20 2024 GMT
Subject: CN=9928E5CCBB08ECDF4F138BA9F9559B3CE4B45459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:37:45:83:96:0b:3a:5e:93:fe:25:89:aa:6d:
67:0c:83:49:12:af:61:b4:ed:25:aa:c6:43:10:b1:
2e:ce:bc:a1:13:91:1b:ed:84:f5:7e:de:3b:75:f6:
b3:84:af:2a:6b:2e:df:4c:4c:e3:00:96:d5:a2:a0:
36:03:18:ac:8b:39:21:bf:86:00:13:fa:3b:b2:5d:
d2:20:45:68:80:c6:69:f2:f1:93:c8:61:2e:f5:cc:
27:4a:7b:79:49:99:7c:e8:cd:25:4a:45:f2:b7:fb:
4e:ff:4f:2d:67:d5:d0:7e:05:fa:d2:1e:aa:50:7d:
df:72:d6:ef:d0:c2:ce:42:ec:b2:f2:1d:11:1a:a1:
6c:62:e9:a7:04:7a:61:3e:e8:0a:25:50:c0:b5:ac:
b8:e9:0d:64:f6:c8:52:2d:97:c8:01:31:50:4e:fa:
9b:75:a8:ab:21:93:1c:d2:10:83:43:3e:eb:a1:94:
0d:d4:e7:51:8f:10:b7:ab:79:1e:45:f2:e4:5c:8d:
87:f0:ac:77:a3:2d:44:e1:94:91:2d:98:36:1b:a0:
56:51:e3:fe:00:28:05:5b:ee:e0:c7:6a:66:64:55:
de:e8:99:9e:00:18:f7:75:4d:fc:06:05:06:09:7f:
04:66:fc:37:b8:a1:eb:eb:ba:a8:19:0c:eb:26:7d:
ec:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:28:E5:CC:BB:08:EC:DF:4F:13:8B:A9:F9:55:9B:3C:E4:B4:54:59
X509v3 Authority Key Identifier:
keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AS38060.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
112.78.132.0/24
112.78.134.0/24
112.78.142.0/24
112.78.144.0/24
112.78.150.0/23
112.78.153.0/24
112.78.178.0/24
112.78.191.0/24
117.102.72.0/24
117.102.75.0/24
117.102.79.0/24
117.102.81.0/24
117.102.97.0/24
117.102.120.0/24
118.99.67.0/24
118.99.72.0/24
118.99.107.0/24
118.99.109.0-118.99.110.255
118.99.112.0/24
182.253.6.0/24
182.253.14.0/24
182.253.23.0/24
182.253.33.0/24
182.253.36.0/24
182.253.40.0/24
182.253.42.0/24
182.253.44.0/23
182.253.62.0/24
182.253.87.0/24
182.253.98.0/24
182.253.106.0/24
182.253.116.0/23
182.253.122.0-182.253.124.255
182.253.127.0/24
182.253.131.0/24
182.253.133.0/24
182.253.137.0/24
182.253.139.0/24
182.253.151.0/24
182.253.185.0-182.253.186.255
182.253.192.0/24
182.253.194.0/24
182.253.203.0/24
182.253.215.0/24
182.253.217.0/24
182.253.228.0/24
182.253.242.0-182.253.245.255
182.253.250.0/23
202.169.37.0-202.169.38.255
202.169.46.0/24
202.169.56.0/24
203.142.74.0/24
203.142.76.0/24
Signature Algorithm: sha256WithRSAEncryption
64:76:18:3b:21:0e:5e:0e:c9:f3:6b:29:6f:1b:31:91:55:72:
7d:23:97:d0:87:2a:30:e1:62:91:44:79:a2:8e:30:81:66:0f:
07:87:43:05:a7:94:0e:8c:91:47:d1:d2:f4:3b:b9:66:d4:68:
c9:fe:9b:76:21:10:bf:a4:77:97:09:5e:69:2a:c0:eb:5d:f7:
ce:d0:7a:d1:4b:01:bc:26:b0:96:cf:c9:8f:fe:4c:ad:c0:f3:
fb:ea:2a:97:5a:f8:db:24:90:33:53:73:3a:fc:87:5b:61:bf:
a1:0c:a2:fd:66:55:4d:a6:0a:e8:b5:5a:b3:2c:81:2d:d2:0a:
fb:cf:35:fb:1c:a2:a1:ba:33:b7:21:b4:67:cd:71:bd:25:bd:
a8:7e:01:04:6d:83:40:2d:f4:52:0e:1f:9f:05:49:33:2e:ac:
11:1b:d6:27:4d:4d:51:04:95:bc:5a:f4:0a:27:7f:dd:94:93:
a0:ca:27:87:88:a5:f3:a4:32:95:ec:a1:cc:b1:09:e2:38:69:
d9:2a:15:21:3d:a5:87:33:bf:bd:5b:1f:cf:ec:03:de:74:5e:
31:58:45:70:5c:61:67:2b:7e:b0:51:12:3d:a7:06:12:07:16:
15:cf:76:e1:1e:1c:9c:da:57:50:c1:0a:88:7a:f4:a6:b6:ec:
ca:a6:78:53
-----BEGIN CERTIFICATE-----
MIIGXjCCBUagAwIBAgIUF88JzCIbvpyBt0ok7DEtbSnliN8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMzExMDkwMjU3MjBaFw0yNDExMDcwMzAyMjBaMDMxMTAvBgNV
BAMTKDk5MjhFNUNDQkIwOEVDREY0RjEzOEJBOUY5NTU5QjNDRTRCNDU0NTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCN0WDlgs6XpP+JYmqbWcMg0kS
r2G07SWqxkMQsS7OvKETkRvthPV+3jt19rOEryprLt9MTOMAltWioDYDGKyLOSG/
hgAT+juyXdIgRWiAxmny8ZPIYS71zCdKe3lJmXzozSVKRfK3+07/Ty1n1dB+BfrS
HqpQfd9y1u/Qws5C7LLyHREaoWxi6acEemE+6AolUMC1rLjpDWT2yFItl8gBMVBO
+pt1qKshkxzSEINDPuuhlA3U51GPELereR5F8uRcjYfwrHejLUThlJEtmDYboFZR
4/4AKAVb7uDHamZkVd7omZ4AGPd1TfwGBQYJfwRm/De4oevruqgZDOsmfey3AgMB
AAGjggNoMIIDZDAdBgNVHQ4EFgQUmSjlzLsI7N9PE4up+VWbPOS0VFkwHwYDVR0j
BBgwFoAUrFVUR7piw5EH8Wv1cvgqQX9yjb8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
OTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC9BQzU1NTQ0N0JB
NjJDMzkxMDdGMTZCRjU3MkY4MkE0MTdGNzI4REJGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3Rjcy
OERCRi5jZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jl
cG8tcnBraS5pZG5pYy5uZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00
ODRmMDI1ZGZmY2MvMC9BUzM4MDYwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMIIBhwYIKwYBBQUHAQcBAf8EggF2MIIBcjCCAW4EAgABMIIBZgMEAHBOhAME
AHBOhgMEAHBOjgMEAHBOkAMEAXBOlgMEAHBOmQMEAHBOsgMEAHBOvwMEAHVmSAME
AHVmSwMEAHVmTwMEAHVmUQMEAHVmYQMEAHVmeAMEAHZjQwMEAHZjSAMEAHZjazAM
AwQAdmNtAwQAdmNuAwQAdmNwAwQAtv0GAwQAtv0OAwQAtv0XAwQAtv0hAwQAtv0k
AwQAtv0oAwQAtv0qAwQBtv0sAwQAtv0+AwQAtv1XAwQAtv1iAwQAtv1qAwQBtv10
MAwDBAG2/XoDBAC2/XwDBAC2/X8DBAC2/YMDBAC2/YUDBAC2/YkDBAC2/YsDBAC2
/ZcwDAMEALb9uQMEALb9ugMEALb9wAMEALb9wgMEALb9ywMEALb91wMEALb92QME
ALb95DAMAwQBtv3yAwQBtv30AwQBtv36MAwDBADKqSUDBADKqSYDBADKqS4DBADK
qTgDBADLjkoDBADLjkwwDQYJKoZIhvcNAQELBQADggEBAGR2GDshDl4OyfNrKW8b
MZFVcn0jl9CHKjDhYpFEeaKOMIFmDweHQwWnlA6MkUfR0vQ7uWbUaMn+m3YhEL+k
d5cJXmkqwOtd987QetFLAbwmsJbPyY/+TK3A8/vqKpda+NskkDNTczr8h1thv6EM
ov1mVU2mCui1WrMsgS3SCvvPNfscoqG6M7chtGfNcb0lvah+AQRtg0At9FIOH58F
STMurBEb1idNTVEElbxa9Aonf92Uk6DKJ4eIpfOkMpXsocyxCeI4adkqFSE9pYcz
v71bH8/sA950XjFYRXBcYWcrfrBREj2nBhIHFhXPduEeHJzaV1DBCoh69Ka27Mqm
eFM=
-----END CERTIFICATE-----
Generated at Tue Apr 30 18:54:26 2024 by rpki-client on console-fra.rpki-client.org