Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AS38060.roa
File: AS38060.roa (raw, json)
Hash identifier: eOcmz88SeKGkb0DMwImS4Yyf8BOpXzai0Cr7w/OsMC8=
Subject key identifier: B8:CC:A7:72:5F:C9:84:9E:57:8B:58:E9:2E:B0:C8:A6:0E:F8:59:CA
Certificate issuer: /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial: 4813F8C013C81370728608E8C704AFFAB0E8E203
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AS38060.roa
Signing time: Tue 22 Jul 2025 02:23:43 +0000
ROA not before: Tue 22 Jul 2025 02:18:43 +0000
ROA not after: Tue 21 Jul 2026 02:23:43 +0000
asID: 38060
IP address blocks: 112.78.132.0/24 maxlen: 24
112.78.134.0/24 maxlen: 24
112.78.142.0/24 maxlen: 24
112.78.144.0/24 maxlen: 24
112.78.150.0/24 maxlen: 24
112.78.151.0/24 maxlen: 24
112.78.153.0/24 maxlen: 24
112.78.178.0/24 maxlen: 24
112.78.191.0/24 maxlen: 24
117.102.66.0/24 maxlen: 24
117.102.72.0/24 maxlen: 24
117.102.75.0/24 maxlen: 24
117.102.79.0/24 maxlen: 24
117.102.81.0/24 maxlen: 24
117.102.97.0/24 maxlen: 24
117.102.120.0/24 maxlen: 24
118.99.67.0/24 maxlen: 24
118.99.72.0/24 maxlen: 24
118.99.107.0/24 maxlen: 24
118.99.109.0/24 maxlen: 24
118.99.110.0/24 maxlen: 24
118.99.112.0/24 maxlen: 24
118.99.123.0/24 maxlen: 24
182.253.6.0/24 maxlen: 24
182.253.13.0/24 maxlen: 24
182.253.14.0/24 maxlen: 24
182.253.23.0/24 maxlen: 24
182.253.33.0/24 maxlen: 24
182.253.36.0/24 maxlen: 24
182.253.40.0/24 maxlen: 24
182.253.42.0/24 maxlen: 24
182.253.44.0/24 maxlen: 24
182.253.45.0/24 maxlen: 24
182.253.62.0/24 maxlen: 24
182.253.87.0/24 maxlen: 24
182.253.98.0/24 maxlen: 24
182.253.106.0/24 maxlen: 24
182.253.116.0/24 maxlen: 24
182.253.122.0/24 maxlen: 24
182.253.123.0/24 maxlen: 24
182.253.124.0/24 maxlen: 24
182.253.127.0/24 maxlen: 24
182.253.131.0/24 maxlen: 24
182.253.133.0/24 maxlen: 24
182.253.137.0/24 maxlen: 24
182.253.139.0/24 maxlen: 24
182.253.151.0/24 maxlen: 24
182.253.185.0/24 maxlen: 24
182.253.186.0/24 maxlen: 24
182.253.192.0/24 maxlen: 24
182.253.194.0/24 maxlen: 24
182.253.203.0/24 maxlen: 24
182.253.215.0/24 maxlen: 24
182.253.217.0/24 maxlen: 24
182.253.228.0/24 maxlen: 24
182.253.242.0/24 maxlen: 24
182.253.243.0/24 maxlen: 24
182.253.244.0/24 maxlen: 24
182.253.245.0/24 maxlen: 24
182.253.250.0/24 maxlen: 24
182.253.251.0/24 maxlen: 24
202.169.37.0/24 maxlen: 24
202.169.38.0/24 maxlen: 24
202.169.46.0/24 maxlen: 24
202.169.56.0/24 maxlen: 24
203.142.74.0/24 maxlen: 24
203.142.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl
rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 25 Jul 2025 13:53:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:13:f8:c0:13:c8:13:70:72:86:08:e8:c7:04:af:fa:b0:e8:e2:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
Validity
Not Before: Jul 22 02:18:43 2025 GMT
Not After : Jul 21 02:23:43 2026 GMT
Subject: CN=B8CCA7725FC9849E578B58E92EB0C8A60EF859CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a7:38:5a:3b:a3:d1:53:db:54:3d:e8:68:36:
6c:47:51:07:49:cb:93:2c:d3:37:85:3e:59:cb:2c:
37:1e:6f:21:12:df:20:3d:af:eb:5a:df:bd:b2:c4:
0a:5f:fe:8d:21:93:a6:37:07:d9:ab:34:c5:95:04:
3f:1d:bc:e3:06:ad:04:4c:87:45:47:4c:f7:8d:35:
71:dc:51:f1:4c:ff:29:87:99:93:ce:5a:43:0d:84:
62:d4:ac:cb:e5:5c:fb:86:73:95:59:d2:7f:7e:91:
5b:f7:a6:09:d9:40:33:a0:39:fb:cd:a7:c3:7e:3c:
5a:5a:b1:a2:4a:56:dd:a2:79:ee:9b:a8:de:2e:57:
b4:6a:dd:15:fb:56:44:e3:63:79:f7:78:b4:9d:20:
32:3d:3c:24:61:17:cc:d1:65:2c:a3:e6:89:74:ad:
21:9d:67:fe:7d:85:ea:de:b8:5a:34:bc:82:d2:68:
6d:7e:4c:c1:8c:0e:aa:d0:c2:f9:40:53:b4:32:b7:
5d:7a:13:d0:ef:07:e2:19:ea:67:a7:6e:3a:5c:ff:
16:d4:16:20:83:9a:7b:0d:68:08:8a:21:bb:98:d8:
36:78:60:65:c4:96:5e:0e:d0:97:55:cc:0e:f0:dc:
00:37:66:65:ec:88:55:b4:c9:83:74:f6:30:45:b3:
f4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:CC:A7:72:5F:C9:84:9E:57:8B:58:E9:2E:B0:C8:A6:0E:F8:59:CA
X509v3 Authority Key Identifier:
keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AS38060.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
112.78.132.0/24
112.78.134.0/24
112.78.142.0/24
112.78.144.0/24
112.78.150.0/23
112.78.153.0/24
112.78.178.0/24
112.78.191.0/24
117.102.66.0/24
117.102.72.0/24
117.102.75.0/24
117.102.79.0/24
117.102.81.0/24
117.102.97.0/24
117.102.120.0/24
118.99.67.0/24
118.99.72.0/24
118.99.107.0/24
118.99.109.0-118.99.110.255
118.99.112.0/24
118.99.123.0/24
182.253.6.0/24
182.253.13.0-182.253.14.255
182.253.23.0/24
182.253.33.0/24
182.253.36.0/24
182.253.40.0/24
182.253.42.0/24
182.253.44.0/23
182.253.62.0/24
182.253.87.0/24
182.253.98.0/24
182.253.106.0/24
182.253.116.0/24
182.253.122.0-182.253.124.255
182.253.127.0/24
182.253.131.0/24
182.253.133.0/24
182.253.137.0/24
182.253.139.0/24
182.253.151.0/24
182.253.185.0-182.253.186.255
182.253.192.0/24
182.253.194.0/24
182.253.203.0/24
182.253.215.0/24
182.253.217.0/24
182.253.228.0/24
182.253.242.0-182.253.245.255
182.253.250.0/23
202.169.37.0-202.169.38.255
202.169.46.0/24
202.169.56.0/24
203.142.74.0/24
203.142.76.0/24
Signature Algorithm: sha256WithRSAEncryption
40:5a:37:47:71:ae:15:95:19:bf:4e:83:42:f5:01:b4:00:4d:
2c:af:07:cf:4f:5a:f8:f0:1e:e8:dc:a4:5b:93:45:fe:9f:02:
fb:c4:d3:7a:23:1c:9c:bf:fc:58:b0:3d:4b:aa:a7:e7:a3:97:
aa:01:77:0d:1e:0c:de:9d:3d:4b:e1:4f:1d:81:59:90:20:7a:
e8:7c:c9:f7:38:31:7d:e4:4b:b7:09:cd:88:60:04:d1:77:79:
b5:2a:b1:36:92:b4:68:3d:12:99:11:ef:01:f5:d8:83:76:5c:
b1:45:2f:e8:46:ea:3c:fc:fb:19:34:f0:4e:a2:d9:18:59:44:
5e:f3:b4:4d:61:b8:fc:4a:a7:e3:88:fb:2c:44:26:24:4a:a5:
da:ff:d7:fc:bf:1e:18:11:c1:78:1f:30:40:f0:c8:fb:37:c0:
9b:af:08:11:a6:b3:08:8f:0d:b1:25:c8:2a:68:d6:d1:d6:42:
f4:fd:d0:c4:6c:d1:e6:b8:dd:67:87:d4:db:b7:74:46:cc:2c:
77:ea:2d:fc:37:4d:90:2f:24:dc:15:6e:71:bc:a8:08:50:cc:
9f:44:df:56:f7:b5:42:56:cd:ac:e5:18:3e:12:4f:c4:02:55:
77:a7:46:d0:b0:c6:c4:a2:0a:98:55:f8:7b:6d:b2:55:be:42:
4a:32:15:a2
-----BEGIN CERTIFICATE-----
MIIGcjCCBVqgAwIBAgIUSBP4wBPIE3ByhgjoxwSv+rDo4gMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yNTA3MjIwMjE4NDNaFw0yNjA3MjEwMjIzNDNaMDMxMTAvBgNV
BAMTKEI4Q0NBNzcyNUZDOTg0OUU1NzhCNThFOTJFQjBDOEE2MEVGODU5Q0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYpzhaO6PRU9tUPehoNmxHUQdJ
y5Ms0zeFPlnLLDcebyES3yA9r+ta372yxApf/o0hk6Y3B9mrNMWVBD8dvOMGrQRM
h0VHTPeNNXHcUfFM/ymHmZPOWkMNhGLUrMvlXPuGc5VZ0n9+kVv3pgnZQDOgOfvN
p8N+PFpasaJKVt2iee6bqN4uV7Rq3RX7VkTjY3n3eLSdIDI9PCRhF8zRZSyj5ol0
rSGdZ/59hereuFo0vILSaG1+TMGMDqrQwvlAU7Qyt116E9DvB+IZ6menbjpc/xbU
FiCDmnsNaAiKIbuY2DZ4YGXEll4O0JdVzA7w3AA3ZmXsiFW0yYN09jBFs/StAgMB
AAGjggN8MIIDeDAdBgNVHQ4EFgQUuMyncl/JhJ5Xi1jpLrDIpg74WcowHwYDVR0j
BBgwFoAUrFVUR7piw5EH8Wv1cvgqQX9yjb8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
OTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC9BQzU1NTQ0N0JB
NjJDMzkxMDdGMTZCRjU3MkY4MkE0MTdGNzI4REJGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3Rjcy
OERCRi5jZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jl
cG8tcnBraS5pZG5pYy5uZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00
ODRmMDI1ZGZmY2MvMC9BUzM4MDYwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMIIBmwYIKwYBBQUHAQcBAf8EggGKMIIBhjCCAYIEAgABMIIBegMEAHBOhAME
AHBOhgMEAHBOjgMEAHBOkAMEAXBOlgMEAHBOmQMEAHBOsgMEAHBOvwMEAHVmQgME
AHVmSAMEAHVmSwMEAHVmTwMEAHVmUQMEAHVmYQMEAHVmeAMEAHZjQwMEAHZjSAME
AHZjazAMAwQAdmNtAwQAdmNuAwQAdmNwAwQAdmN7AwQAtv0GMAwDBAC2/Q0DBAC2
/Q4DBAC2/RcDBAC2/SEDBAC2/SQDBAC2/SgDBAC2/SoDBAG2/SwDBAC2/T4DBAC2
/VcDBAC2/WIDBAC2/WoDBAC2/XQwDAMEAbb9egMEALb9fAMEALb9fwMEALb9gwME
ALb9hQMEALb9iQMEALb9iwMEALb9lzAMAwQAtv25AwQAtv26AwQAtv3AAwQAtv3C
AwQAtv3LAwQAtv3XAwQAtv3ZAwQAtv3kMAwDBAG2/fIDBAG2/fQDBAG2/fowDAME
AMqpJQMEAMqpJgMEAMqpLgMEAMqpOAMEAMuOSgMEAMuOTDANBgkqhkiG9w0BAQsF
AAOCAQEAQFo3R3GuFZUZv06DQvUBtABNLK8Hz09a+PAe6NykW5NF/p8C+8TTeiMc
nL/8WLA9S6qn56OXqgF3DR4M3p09S+FPHYFZkCB66HzJ9zgxfeRLtwnNiGAE0Xd5
tSqxNpK0aD0SmRHvAfXYg3ZcsUUv6EbqPPz7GTTwTqLZGFlEXvO0TWG4/Eqn44j7
LEQmJEql2v/X/L8eGBHBeB8wQPDI+zfAm68IEaazCI8NsSXIKmjW0dZC9P3QxGzR
5rjdZ4fU27d0Rswsd+ot/DdNkC8k3BVucbyoCFDMn0TfVve1QlbNrOUYPhJPxAJV
d6dG0LDGxKIKmFX4e22yVb5CSjIVog==
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:25:31 2025 by rpki-client