Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/AS38511.roa
File: AS38511.roa (raw, json)
Hash identifier: fdYWKj48BL/Edq20WcxMBBSEcwnqEgqb7wDZaQihKY0=
Subject key identifier: CD:B1:CC:A8:9C:9C:7D:B3:E7:F3:F6:17:2B:B0:CA:C2:2C:B4:61:2D
Certificate issuer: /CN=9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F
Certificate serial: 5545CA3B2B90B95B707BEE1408FE26A3659B42C9
Authority key identifier: 91:69:B9:B6:52:6C:D1:49:84:DD:E3:A4:2E:24:DD:8F:E7:AB:C1:7F
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/AS38511.roa
Signing time: Fri 01 Mar 2024 13:57:37 +0000
ROA not before: Fri 01 Mar 2024 13:52:37 +0000
ROA not after: Fri 28 Feb 2025 13:57:37 +0000
asID: 38511
IP address blocks: 45.251.4.0/22 maxlen: 24
101.255.0.0/16 maxlen: 16
101.255.0.0/16 maxlen: 24
101.255.0.0/17 maxlen: 17
101.255.0.0/18 maxlen: 18
101.255.0.0/22 maxlen: 22
101.255.0.0/24 maxlen: 24
101.255.1.0/24 maxlen: 24
101.255.2.0/24 maxlen: 24
101.255.3.0/24 maxlen: 24
101.255.4.0/24 maxlen: 24
101.255.5.0/24 maxlen: 24
101.255.6.0/24 maxlen: 24
101.255.7.0/24 maxlen: 24
101.255.8.0/24 maxlen: 24
101.255.9.0/24 maxlen: 24
101.255.10.0/24 maxlen: 24
101.255.11.0/24 maxlen: 24
101.255.12.0/24 maxlen: 24
101.255.13.0/24 maxlen: 24
101.255.14.0/24 maxlen: 24
101.255.15.0/24 maxlen: 24
101.255.16.0/24 maxlen: 24
101.255.17.0/24 maxlen: 24
101.255.18.0/24 maxlen: 24
101.255.19.0/24 maxlen: 24
101.255.20.0/24 maxlen: 24
101.255.21.0/24 maxlen: 24
101.255.22.0/24 maxlen: 24
101.255.25.0/24 maxlen: 24
101.255.26.0/24 maxlen: 24
101.255.27.0/24 maxlen: 24
101.255.28.0/24 maxlen: 24
101.255.29.0/24 maxlen: 24
101.255.30.0/24 maxlen: 24
101.255.31.0/24 maxlen: 24
101.255.32.0/24 maxlen: 24
101.255.33.0/24 maxlen: 24
101.255.34.0/24 maxlen: 24
101.255.35.0/24 maxlen: 24
101.255.36.0/24 maxlen: 24
101.255.37.0/24 maxlen: 24
101.255.64.0/18 maxlen: 18
101.255.96.0/20 maxlen: 20
101.255.99.0/24 maxlen: 24
101.255.100.0/22 maxlen: 22
101.255.100.0/23 maxlen: 23
101.255.124.0/24 maxlen: 24
101.255.128.0/20 maxlen: 20
101.255.144.0/20 maxlen: 20
101.255.156.0/22 maxlen: 22
101.255.160.0/21 maxlen: 21
101.255.164.0/22 maxlen: 22
101.255.173.0/24 maxlen: 24
101.255.176.0/22 maxlen: 22
103.15.172.0/22 maxlen: 24
103.15.173.0/24 maxlen: 24
103.15.174.0/24 maxlen: 24
103.15.175.0/24 maxlen: 24
115.124.64.0/19 maxlen: 24
115.124.64.0/22 maxlen: 22
115.124.64.0/24 maxlen: 24
115.124.65.0/24 maxlen: 24
115.124.66.0/24 maxlen: 24
115.124.67.0/24 maxlen: 24
115.124.68.0/23 maxlen: 23
115.124.68.0/24 maxlen: 24
115.124.69.0/24 maxlen: 24
115.124.72.0/21 maxlen: 21
115.124.72.0/24 maxlen: 24
115.124.73.0/24 maxlen: 24
115.124.74.0/24 maxlen: 24
115.124.75.0/24 maxlen: 24
115.124.76.0/24 maxlen: 24
115.124.77.0/24 maxlen: 24
115.124.78.0/24 maxlen: 24
115.124.79.0/24 maxlen: 24
115.124.80.0/22 maxlen: 22
115.124.80.0/24 maxlen: 24
115.124.81.0/24 maxlen: 24
115.124.82.0/24 maxlen: 24
115.124.83.0/24 maxlen: 24
115.124.84.0/23 maxlen: 23
115.124.84.0/24 maxlen: 24
115.124.85.0/24 maxlen: 24
115.124.86.0/23 maxlen: 23
115.124.86.0/24 maxlen: 24
115.124.87.0/24 maxlen: 24
115.124.88.0/21 maxlen: 21
115.124.88.0/24 maxlen: 24
115.124.89.0/24 maxlen: 24
115.124.90.0/24 maxlen: 24
115.124.91.0/24 maxlen: 24
115.124.92.0/24 maxlen: 24
115.124.94.0/24 maxlen: 24
115.124.95.0/24 maxlen: 24
202.182.48.0/21 maxlen: 24
2404:cf00::/32 maxlen: 32
2404:cf00::/32 maxlen: 48
2404:cf00:efa::/48 maxlen: 48
2404:cf00:e000::/48 maxlen: 48
2404:cf00:f000::/48 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.crl
rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 04 May 2024 15:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:45:ca:3b:2b:90:b9:5b:70:7b:ee:14:08:fe:26:a3:65:9b:42:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F
Validity
Not Before: Mar 1 13:52:37 2024 GMT
Not After : Feb 28 13:57:37 2025 GMT
Subject: CN=CDB1CCA89C9C7DB3E7F3F6172BB0CAC22CB4612D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:91:d8:e6:1c:d3:ac:74:64:3e:73:52:c7:88:
d6:80:5b:70:fe:02:45:3f:5f:fb:bf:74:53:f5:e8:
01:72:6e:76:79:ba:b2:bb:9a:bf:5f:25:14:44:22:
2c:ca:0a:79:c4:65:0f:af:b4:5c:31:38:b5:03:b6:
e0:00:0f:67:dc:29:3f:55:b3:96:90:90:e1:84:fe:
b2:5c:91:a7:32:0f:5a:f4:27:e6:a6:a6:94:c2:51:
5c:f1:ef:8c:de:43:d3:1a:82:e9:40:79:b0:97:54:
e9:1e:7b:29:22:df:1f:1a:3a:f3:20:36:ee:a9:9d:
14:16:5f:86:f3:98:1d:82:8b:8e:57:b0:39:ad:98:
e9:88:57:65:3a:41:02:ae:56:da:86:df:bd:d5:e9:
43:b3:dd:86:7f:e2:82:aa:e7:68:30:6c:23:2a:7e:
a4:0c:a3:df:79:57:93:f0:38:bd:d6:79:1c:8e:f5:
3a:9a:e1:89:a3:32:5e:11:3a:8b:64:f7:1a:11:54:
8f:0b:1a:c4:d3:37:55:f2:db:03:cb:25:4f:be:e3:
68:d3:25:c5:9a:2f:da:bd:07:ed:08:e1:af:89:51:
04:cc:d2:1a:55:30:22:ef:47:3c:71:74:4b:07:f3:
d1:7b:1d:dd:db:20:50:95:2c:ac:1b:79:b3:42:c9:
f4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B1:CC:A8:9C:9C:7D:B3:E7:F3:F6:17:2B:B0:CA:C2:2C:B4:61:2D
X509v3 Authority Key Identifier:
keyid:91:69:B9:B6:52:6C:D1:49:84:DD:E3:A4:2E:24:DD:8F:E7:AB:C1:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/AS38511.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.251.4.0/22
101.255.0.0/16
103.15.172.0/22
115.124.64.0/19
202.182.48.0/21
IPv6:
2404:cf00::/32
Signature Algorithm: sha256WithRSAEncryption
ac:01:ba:12:34:91:3c:ca:c5:83:a0:e3:19:fe:85:b6:4a:b0:
63:2c:73:07:b1:6a:07:66:e0:3f:59:32:5f:24:df:a2:89:b5:
59:50:97:6f:3c:30:a3:36:02:a6:17:84:55:24:ad:8f:ff:21:
76:3d:ed:f2:cc:68:ce:f1:f9:d0:eb:8d:07:7d:ce:3c:f6:4f:
87:f6:c6:27:9a:94:48:c5:59:dc:77:46:1e:b7:63:6b:0b:31:
ee:b1:03:e0:d8:24:39:58:08:a6:9d:92:79:80:79:5f:fe:98:
dd:1d:ed:10:4d:9b:5c:31:60:0e:f9:3d:b9:e5:57:46:1e:c7:
e5:8e:d0:26:6c:bf:b4:e0:c3:1e:5d:55:bd:82:68:d5:77:ba:
29:d3:21:28:38:30:91:91:b2:62:0a:02:3c:de:2d:ef:7e:21:
e3:aa:89:7a:ce:82:21:8e:c3:ca:7a:6f:f2:82:ea:9a:0e:29:
1d:91:03:f2:77:cc:3b:aa:4e:95:a3:b8:71:91:0d:4c:02:fc:
56:2b:ba:04:be:9f:ad:1b:87:b7:af:d2:e1:d2:a3:56:d5:22:
ab:73:79:9f:95:e7:bc:15:80:be:ba:96:00:78:2c:74:cd:0c:
80:55:55:f8:64:80:c0:f7:8f:a4:d7:77:36:11:47:16:12:78:
8c:ce:d6:1a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUVUXKOyuQuVtwe+4UCP4mo2WbQskwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTE2OUI5QjY1MjZDRDE0OTg0RERFM0E0MkUyNEREOEZF
N0FCQzE3RjAeFw0yNDAzMDExMzUyMzdaFw0yNTAyMjgxMzU3MzdaMDMxMTAvBgNV
BAMTKENEQjFDQ0E4OUM5QzdEQjNFN0YzRjYxNzJCQjBDQUMyMkNCNDYxMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDekdjmHNOsdGQ+c1LHiNaAW3D+
AkU/X/u/dFP16AFybnZ5urK7mr9fJRREIizKCnnEZQ+vtFwxOLUDtuAAD2fcKT9V
s5aQkOGE/rJckacyD1r0J+amppTCUVzx74zeQ9MagulAebCXVOkeeyki3x8aOvMg
Nu6pnRQWX4bzmB2Ci45XsDmtmOmIV2U6QQKuVtqG373V6UOz3YZ/4oKq52gwbCMq
fqQMo995V5PwOL3WeRyO9Tqa4YmjMl4ROotk9xoRVI8LGsTTN1Xy2wPLJU++42jT
JcWaL9q9B+0I4a+JUQTM0hpVMCLvRzxxdEsH89F7Hd3bIFCVLKwbebNCyfQNAgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUzbHMqJycfbPn8/YXK7DKwiy0YS0wHwYDVR0j
BBgwFoAUkWm5tlJs0UmE3eOkLiTdj+erwX8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
OGYyOTE1ZC0xOGM5LTRlMDMtYmJmYi0yMDc0YzU5ODA4OTgvMC85MTY5QjlCNjUy
NkNEMTQ5ODREREUzQTQyRTI0REQ4RkU3QUJDMTdGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTE2OUI5QjY1MjZDRDE0OTg0RERFM0E0MkUyNEREOEZFN0FC
QzE3Ri5jZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jl
cG8tcnBraS5pZG5pYy5uZXQvcmVwby84OGYyOTE1ZC0xOGM5LTRlMDMtYmJmYi0y
MDc0YzU5ODA4OTgvMC9BUzM4NTExLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQCLfsEAwMAZf8DBAJnD6wD
BAVzfEADBAPKtjAwDQQCAAIwBwMFACQEzwAwDQYJKoZIhvcNAQELBQADggEBAKwB
uhI0kTzKxYOg4xn+hbZKsGMscwexagdm4D9ZMl8k36KJtVlQl288MKM2AqYXhFUk
rY//IXY97fLMaM7x+dDrjQd9zjz2T4f2xiealEjFWdx3Rh63Y2sLMe6xA+DYJDlY
CKadknmAeV/+mN0d7RBNm1wxYA75PbnlV0Yex+WO0CZsv7Tgwx5dVb2CaNV3uinT
ISg4MJGRsmIKAjzeLe9+IeOqiXrOgiGOw8p6b/KC6poOKR2RA/J3zDuqTpWjuHGR
DUwC/FYrugS+n60bh7ev0uHSo1bVIqtzeZ+V57wVgL66lgB4LHTNDIBVVfhkgMD3
j6TXdzYRRxYSeIzO1ho=
-----END CERTIFICATE-----
Generated at Wed May 1 13:28:04 2024 by rpki-client on console-fra.rpki-client.org