Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AS38482.roa
File: AS38482.roa (raw, json)
Hash identifier: 6DNbKDEK/SY+/DzJhbRflBz1Pn5KQge5nVs4UP46K+A=
Subject key identifier: DF:DC:FF:5D:9B:AC:80:1A:C2:5B:79:39:DC:2C:70:E1:6B:0A:80:7E
Certificate issuer: /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial: 15C4D7FF380D7AA31D36F89EF8D8AB2B13EA338B
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AS38482.roa
Signing time: Thu 05 Mar 2026 02:07:15 +0000
ROA not before: Thu 05 Mar 2026 02:02:15 +0000
ROA not after: Thu 04 Mar 2027 02:07:15 +0000
asID: 38482
IP address blocks: 112.78.135.0/24 maxlen: 24
112.78.136.0/24 maxlen: 24
112.78.137.0/24 maxlen: 24
112.78.139.0/24 maxlen: 24
112.78.141.0/24 maxlen: 24
112.78.144.0/24 maxlen: 24
112.78.146.0/24 maxlen: 24
112.78.149.0/24 maxlen: 24
112.78.152.0/24 maxlen: 24
112.78.170.0/24 maxlen: 24
112.78.176.0/24 maxlen: 24
112.78.184.0/24 maxlen: 24
112.78.186.0/24 maxlen: 24
112.78.187.0/24 maxlen: 24
117.102.65.0/24 maxlen: 24
117.102.70.0/24 maxlen: 24
117.102.73.0/24 maxlen: 24
117.102.79.0/24 maxlen: 24
117.102.80.0/24 maxlen: 24
117.102.82.0/24 maxlen: 24
117.102.83.0/24 maxlen: 24
117.102.84.0/24 maxlen: 24
117.102.85.0/24 maxlen: 24
117.102.86.0/24 maxlen: 24
117.102.88.0/24 maxlen: 24
117.102.90.0/24 maxlen: 24
117.102.92.0/24 maxlen: 24
117.102.94.0/24 maxlen: 24
117.102.95.0/24 maxlen: 24
117.102.98.0/24 maxlen: 24
117.102.101.0/24 maxlen: 24
117.102.102.0/24 maxlen: 24
117.102.103.0/24 maxlen: 24
117.102.104.0/24 maxlen: 24
117.102.107.0/24 maxlen: 24
117.102.113.0/24 maxlen: 24
117.102.114.0/24 maxlen: 24
117.102.116.0/24 maxlen: 24
117.102.118.0/24 maxlen: 24
117.102.120.0/24 maxlen: 24
117.102.122.0/24 maxlen: 24
118.99.74.0/24 maxlen: 24
118.99.85.0/24 maxlen: 24
118.99.86.0/24 maxlen: 24
182.253.0.0/24 maxlen: 24
182.253.1.0/24 maxlen: 24
182.253.2.0/24 maxlen: 24
182.253.3.0/24 maxlen: 24
182.253.5.0/24 maxlen: 24
182.253.6.0/24 maxlen: 24
182.253.11.0/24 maxlen: 24
182.253.15.0/24 maxlen: 24
182.253.17.0/24 maxlen: 24
182.253.18.0/24 maxlen: 24
182.253.19.0/24 maxlen: 24
182.253.23.0/24 maxlen: 24
182.253.25.0/24 maxlen: 24
182.253.27.0/24 maxlen: 24
182.253.28.0/24 maxlen: 24
182.253.29.0/24 maxlen: 24
182.253.30.0/24 maxlen: 24
182.253.33.0/24 maxlen: 24
182.253.34.0/24 maxlen: 24
182.253.35.0/24 maxlen: 24
182.253.40.0/24 maxlen: 24
182.253.41.0/24 maxlen: 24
182.253.45.0/24 maxlen: 24
182.253.46.0/24 maxlen: 24
182.253.47.0/24 maxlen: 24
182.253.60.0/24 maxlen: 24
182.253.68.0/24 maxlen: 24
182.253.69.0/24 maxlen: 24
182.253.70.0/24 maxlen: 24
182.253.71.0/24 maxlen: 24
182.253.85.0/24 maxlen: 24
182.253.100.0/24 maxlen: 24
182.253.101.0/24 maxlen: 24
182.253.120.0/24 maxlen: 24
182.253.190.0/24 maxlen: 24
182.253.195.0/24 maxlen: 24
182.253.201.0/24 maxlen: 24
182.253.204.0/24 maxlen: 24
182.253.205.0/24 maxlen: 24
182.253.210.0/24 maxlen: 24
182.253.213.0/24 maxlen: 24
182.253.221.0/24 maxlen: 24
182.253.222.0/24 maxlen: 24
182.253.225.0/24 maxlen: 24
182.253.226.0/24 maxlen: 24
182.253.236.0/24 maxlen: 24
182.253.237.0/24 maxlen: 24
182.253.238.0/24 maxlen: 24
182.253.239.0/24 maxlen: 24
182.253.240.0/24 maxlen: 24
202.169.38.0/24 maxlen: 24
202.169.39.0/24 maxlen: 24
202.169.41.0/24 maxlen: 24
202.169.43.0/24 maxlen: 24
202.169.46.0/24 maxlen: 24
202.169.49.0/24 maxlen: 24
202.169.51.0/24 maxlen: 24
202.169.52.0/24 maxlen: 24
202.169.54.0/24 maxlen: 24
202.169.55.0/24 maxlen: 24
202.169.56.0/24 maxlen: 24
202.169.58.0/24 maxlen: 24
202.169.62.0/24 maxlen: 24
203.142.64.0/24 maxlen: 24
203.142.65.0/24 maxlen: 24
203.142.69.0/24 maxlen: 24
203.142.70.0/24 maxlen: 24
203.142.80.0/24 maxlen: 24
203.142.81.0/24 maxlen: 24
203.142.83.0/24 maxlen: 24
203.142.85.0/24 maxlen: 24
203.142.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl
rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 22 Mar 2026 07:42:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:c4:d7:ff:38:0d:7a:a3:1d:36:f8:9e:f8:d8:ab:2b:13:ea:33:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
Validity
Not Before: Mar 5 02:02:15 2026 GMT
Not After : Mar 4 02:07:15 2027 GMT
Subject: CN=DFDCFF5D9BAC801AC25B7939DC2C70E16B0A807E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:dd:25:11:28:7d:f7:12:54:b9:cb:aa:f9:de:
5e:23:b4:95:89:67:72:7d:4c:11:d5:b1:6d:4c:5e:
a4:45:5c:df:81:4b:3d:b3:50:88:fc:86:f3:4f:6a:
1f:c3:41:65:81:d6:3b:ab:bf:8a:8b:3e:46:53:33:
cf:a0:26:62:2e:08:d1:d2:13:dd:b3:56:ae:ea:7c:
28:21:04:bf:ad:ad:9a:84:8a:7d:d4:53:17:3b:4e:
73:de:79:45:a3:2c:4f:af:23:f9:51:e8:1b:11:07:
61:68:32:d9:e2:f6:47:8d:a7:f1:69:fb:d9:80:50:
fe:c8:35:cc:82:9c:75:66:18:71:85:bf:8c:66:04:
e6:57:be:30:81:64:28:20:75:89:38:9c:34:26:83:
38:54:5a:9d:ec:b4:ec:92:fe:cd:24:ee:7e:04:68:
32:be:47:64:f1:de:16:88:5f:06:2b:b5:e3:17:a8:
2e:7f:e1:82:31:26:8b:c0:77:c9:f7:c9:57:52:32:
28:96:e0:da:bf:52:73:a5:fa:ab:b8:5e:ee:3f:89:
44:b3:0d:1f:11:bd:85:50:19:02:6b:71:19:f1:8e:
b6:9c:eb:56:b1:b8:45:26:b4:70:7f:32:c3:c8:a0:
6d:cd:53:bf:97:85:1b:e4:4e:0e:a7:b2:c0:a1:a4:
06:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DC:FF:5D:9B:AC:80:1A:C2:5B:79:39:DC:2C:70:E1:6B:0A:80:7E
X509v3 Authority Key Identifier:
keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AS38482.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
112.78.135.0-112.78.137.255
112.78.139.0/24
112.78.141.0/24
112.78.144.0/24
112.78.146.0/24
112.78.149.0/24
112.78.152.0/24
112.78.170.0/24
112.78.176.0/24
112.78.184.0/24
112.78.186.0/23
117.102.65.0/24
117.102.70.0/24
117.102.73.0/24
117.102.79.0-117.102.80.255
117.102.82.0-117.102.86.255
117.102.88.0/24
117.102.90.0/24
117.102.92.0/24
117.102.94.0/23
117.102.98.0/24
117.102.101.0-117.102.104.255
117.102.107.0/24
117.102.113.0-117.102.114.255
117.102.116.0/24
117.102.118.0/24
117.102.120.0/24
117.102.122.0/24
118.99.74.0/24
118.99.85.0-118.99.86.255
182.253.0.0/22
182.253.5.0-182.253.6.255
182.253.11.0/24
182.253.15.0/24
182.253.17.0-182.253.19.255
182.253.23.0/24
182.253.25.0/24
182.253.27.0-182.253.30.255
182.253.33.0-182.253.35.255
182.253.40.0/23
182.253.45.0-182.253.47.255
182.253.60.0/24
182.253.68.0/22
182.253.85.0/24
182.253.100.0/23
182.253.120.0/24
182.253.190.0/24
182.253.195.0/24
182.253.201.0/24
182.253.204.0/23
182.253.210.0/24
182.253.213.0/24
182.253.221.0-182.253.222.255
182.253.225.0-182.253.226.255
182.253.236.0-182.253.240.255
202.169.38.0/23
202.169.41.0/24
202.169.43.0/24
202.169.46.0/24
202.169.49.0/24
202.169.51.0-202.169.52.255
202.169.54.0-202.169.56.255
202.169.58.0/24
202.169.62.0/24
203.142.64.0/23
203.142.69.0-203.142.70.255
203.142.80.0/23
203.142.83.0/24
203.142.85.0-203.142.86.255
Signature Algorithm: sha256WithRSAEncryption
55:67:7b:06:17:0d:41:78:0e:47:63:d0:e4:87:e2:8c:6f:0b:
8a:a8:81:96:bb:d7:4e:99:1f:42:b0:ad:66:09:8c:9c:0c:fe:
a5:c4:e9:31:35:be:42:34:f3:09:34:08:c0:72:27:03:40:99:
2b:67:04:20:b2:40:07:d6:a9:e6:40:ec:05:bf:26:b1:63:05:
90:b6:73:5c:e5:4e:a9:88:f7:c4:de:e1:aa:9d:3c:c2:50:4d:
7e:1d:59:22:c6:e8:8d:1c:30:a4:0e:42:0b:06:c2:a3:07:7e:
96:be:75:73:26:14:69:a5:4a:76:3d:b3:cc:64:b6:0a:79:a5:
29:46:a4:13:4c:39:c0:ba:31:b5:1c:a8:22:11:49:3a:35:4c:
24:a6:f1:35:6b:5d:d0:34:06:ef:e1:a0:c8:f1:d6:c6:07:46:
1e:c4:a9:7b:c8:f6:5c:ba:21:a2:b7:86:79:dd:2d:19:43:ac:
b0:71:7f:8d:75:ca:bc:05:05:b2:26:8f:cf:02:6a:7a:d6:15:
84:67:5d:ba:82:3d:10:60:7b:f8:d6:5a:39:1b:3a:50:f8:f5:
3a:87:3f:fb:5c:6a:09:81:c7:b4:a2:df:af:ce:53:e9:7d:b0:
65:98:ea:96:a7:b5:17:b5:b3:81:fc:cc:d4:a6:b5:85:92:f1:
de:a6:d5:c2
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUFcTX/zgNeqMdNvie+NirKxPqM4swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yNjAzMDUwMjAyMTVaFw0yNzAzMDQwMjA3MTVaMDMxMTAvBgNV
BAMTKERGRENGRjVEOUJBQzgwMUFDMjVCNzkzOURDMkM3MEUxNkIwQTgwN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC43SURKH33ElS5y6r53l4jtJWJ
Z3J9TBHVsW1MXqRFXN+BSz2zUIj8hvNPah/DQWWB1jurv4qLPkZTM8+gJmIuCNHS
E92zVq7qfCghBL+trZqEin3UUxc7TnPeeUWjLE+vI/lR6BsRB2FoMtni9keNp/Fp
+9mAUP7INcyCnHVmGHGFv4xmBOZXvjCBZCggdYk4nDQmgzhUWp3stOyS/s0k7n4E
aDK+R2Tx3haIXwYrteMXqC5/4YIxJovAd8n3yVdSMiiW4Nq/UnOl+qu4Xu4/iUSz
DR8RvYVQGQJrcRnxjrac61axuEUmtHB/MsPIoG3NU7+XhRvkTg6nssChpAY5AgMB
AAGjggQwMIIELDAdBgNVHQ4EFgQU39z/XZusgBrCW3k53Cxw4WsKgH4wHwYDVR0j
BBgwFoAUrFVUR7piw5EH8Wv1cvgqQX9yjb8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
OTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC9BQzU1NTQ0N0JB
NjJDMzkxMDdGMTZCRjU3MkY4MkE0MTdGNzI4REJGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3Rjcy
OERCRi5jZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jl
cG8tcnBraS5pZG5pYy5uZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00
ODRmMDI1ZGZmY2MvMC9BUzM4NDgyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMIICTwYIKwYBBQUHAQcBAf8EggI+MIICOjCCAjYEAgABMIICLjAMAwQAcE6H
AwQBcE6IAwQAcE6LAwQAcE6NAwQAcE6QAwQAcE6SAwQAcE6VAwQAcE6YAwQAcE6q
AwQAcE6wAwQAcE64AwQBcE66AwQAdWZBAwQAdWZGAwQAdWZJMAwDBAB1Zk8DBAB1
ZlAwDAMEAXVmUgMEAHVmVgMEAHVmWAMEAHVmWgMEAHVmXAMEAXVmXgMEAHVmYjAM
AwQAdWZlAwQAdWZoAwQAdWZrMAwDBAB1ZnEDBAB1ZnIDBAB1ZnQDBAB1ZnYDBAB1
ZngDBAB1ZnoDBAB2Y0owDAMEAHZjVQMEAHZjVgMEArb9ADAMAwQAtv0FAwQAtv0G
AwQAtv0LAwQAtv0PMAwDBAC2/REDBAK2/RADBAC2/RcDBAC2/RkwDAMEALb9GwME
ALb9HjAMAwQAtv0hAwQCtv0gAwQBtv0oMAwDBAC2/S0DBAS2/SADBAC2/TwDBAK2
/UQDBAC2/VUDBAG2/WQDBAC2/XgDBAC2/b4DBAC2/cMDBAC2/ckDBAG2/cwDBAC2
/dIDBAC2/dUwDAMEALb93QMEALb93jAMAwQAtv3hAwQAtv3iMAwDBAK2/ewDBAC2
/fADBAHKqSYDBADKqSkDBADKqSsDBADKqS4DBADKqTEwDAMEAMqpMwMEAMqpNDAM
AwQByqk2AwQAyqk4AwQAyqk6AwQAyqk+AwQBy45AMAwDBADLjkUDBADLjkYDBAHL
jlADBADLjlMwDAMEAMuOVQMEAMuOVjANBgkqhkiG9w0BAQsFAAOCAQEAVWd7BhcN
QXgOR2PQ5IfijG8LiqiBlrvXTpkfQrCtZgmMnAz+pcTpMTW+QjTzCTQIwHInA0CZ
K2cEILJAB9ap5kDsBb8msWMFkLZzXOVOqYj3xN7hqp08wlBNfh1ZIsbojRwwpA5C
CwbCowd+lr51cyYUaaVKdj2zzGS2CnmlKUakE0w5wLoxtRyoIhFJOjVMJKbxNWtd
0DQG7+GgyPHWxgdGHsSpe8j2XLohoreGed0tGUOssHF/jXXKvAUFsiaPzwJqetYV
hGdduoI9EGB7+NZaORs6UPj1Ooc/+1xqCYHHtKLfr85T6X2wZZjqlqe1F7WzgfzM
1Ka1hZLx3qbVwg==
-----END CERTIFICATE-----
Generated at Fri Mar 20 04:37:19 2026 by rpki-client