Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133815.roa
File: AS133815.roa (raw, json)
Hash identifier: qfY131utRNe9pxxXUCsjQfnPchOWgEHlwYJfOBYcRA8=
Subject key identifier: 68:F6:67:EB:13:34:BC:87:52:4A:8D:A3:1D:CC:2E:FF:D3:04:E2:86
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 7E30E0A3A37B6C8847109CF71657A868FC85EC2F
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133815.roa
Signing time: Mon 16 Mar 2026 00:00:00 +0000
ROA not before: Sun 15 Mar 2026 23:55:00 +0000
ROA not after: Mon 15 Mar 2027 00:00:00 +0000
asID: 133815
IP address blocks: 103.141.150.0/23 maxlen: 24
103.141.152.0/23 maxlen: 24
103.149.224.0/23 maxlen: 24
103.149.230.0/23 maxlen: 24
103.149.232.0/23 maxlen: 24
103.149.234.0/23 maxlen: 24
103.150.4.0/23 maxlen: 24
103.150.12.0/23 maxlen: 24
103.150.14.0/23 maxlen: 24
103.150.16.0/23 maxlen: 24
103.150.34.0/23 maxlen: 24
103.151.18.0/23 maxlen: 24
103.151.100.0/23 maxlen: 24
103.151.194.0/23 maxlen: 24
103.152.70.0/23 maxlen: 24
103.152.90.0/23 maxlen: 24
103.152.96.0/23 maxlen: 24
103.152.110.0/23 maxlen: 24
103.188.40.0/23 maxlen: 24
103.188.50.0/23 maxlen: 24
103.188.52.0/23 maxlen: 24
103.190.216.0/23 maxlen: 24
103.190.218.0/23 maxlen: 24
103.190.220.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 22 Mar 2026 09:37:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:30:e0:a3:a3:7b:6c:88:47:10:9c:f7:16:57:a8:68:fc:85:ec:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Mar 15 23:55:00 2026 GMT
Not After : Mar 15 00:00:00 2027 GMT
Subject: CN=68F667EB1334BC87524A8DA31DCC2EFFD304E286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2b:17:e4:7e:4b:07:ae:7b:e5:77:2a:7b:7c:
b1:d0:bf:70:67:48:03:66:f9:aa:0f:da:d0:38:62:
31:ae:a3:59:51:26:c5:8c:cb:11:13:4e:e5:45:8a:
31:a3:c7:23:dd:00:5a:5d:a7:e0:f1:df:fa:1a:e7:
37:70:ae:46:87:b2:b3:83:ea:fb:8f:28:d9:87:d2:
e7:af:59:af:ba:22:27:c1:77:fc:ff:af:8b:bf:2e:
7d:69:79:5b:e0:13:f1:d9:f4:82:db:28:d8:8b:d7:
b6:f7:1a:10:da:5a:81:87:1e:7e:97:08:ab:68:b7:
9f:20:94:ec:ee:e8:81:9c:74:78:6f:a1:7d:b8:56:
cb:21:c2:12:f0:c7:66:3c:6a:9c:4b:85:b9:5b:4d:
c0:20:55:90:1a:28:24:6e:80:df:cb:c7:cc:1e:f0:
09:3c:2c:95:1d:bc:4a:5f:8f:ed:d6:55:71:b0:59:
ee:e5:99:a0:b3:37:ad:6b:b4:a8:c6:54:38:7d:6b:
56:47:ef:8f:cb:c0:f5:68:50:ee:28:06:27:ff:5f:
de:04:2c:87:b8:14:b0:36:d6:79:18:e6:b9:9a:de:
5a:4c:cb:44:d7:a5:f8:25:a4:ce:d7:58:23:3b:36:
af:77:da:06:a7:d7:30:3b:b1:6c:bc:b1:d9:06:26:
be:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F6:67:EB:13:34:BC:87:52:4A:8D:A3:1D:CC:2E:FF:D3:04:E2:86
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133815.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.141.150.0-103.141.153.255
103.149.224.0/23
103.149.230.0-103.149.235.255
103.150.4.0/23
103.150.12.0-103.150.17.255
103.150.34.0/23
103.151.18.0/23
103.151.100.0/23
103.151.194.0/23
103.152.70.0/23
103.152.90.0/23
103.152.96.0/23
103.152.110.0/23
103.188.40.0/23
103.188.50.0-103.188.53.255
103.190.216.0-103.190.221.255
Signature Algorithm: sha256WithRSAEncryption
45:b4:47:a0:a6:52:7e:eb:90:04:3b:d8:c7:66:86:e9:8c:b3:
71:9f:cd:20:9c:be:38:6b:e0:4b:f5:03:f8:bf:26:5e:85:05:
b5:1c:10:0a:32:55:54:e4:eb:c0:a7:e3:e9:f5:88:a9:94:65:
2b:07:d5:a5:e9:ea:23:39:63:c0:7b:3a:b6:7d:0f:9f:a3:5a:
53:0f:50:3e:ed:ce:c0:ad:c4:d9:b5:40:7b:08:09:76:8e:f8:
e2:7e:90:b9:49:c6:c3:9b:68:ad:0e:50:fb:ff:85:f4:90:ab:
4e:7c:19:38:49:4a:89:78:57:f3:0e:16:03:f2:87:8b:6f:c7:
77:9f:b2:63:7b:00:b2:89:fc:9f:8b:fa:d2:6a:e4:bd:9f:02:
36:0b:b6:79:8a:e4:4d:1f:1e:90:19:90:30:94:47:0a:25:ac:
7e:d8:b0:21:48:67:b7:3c:9c:6a:37:1e:e9:c8:c6:c3:28:4e:
1f:d1:1e:47:31:8e:79:ba:87:08:83:7c:47:db:d4:4b:6e:7d:
20:a5:33:73:41:76:bb:e8:82:16:49:a6:6a:3b:f9:83:a1:ec:
91:70:25:82:18:74:64:e4:ac:b3:0e:36:0c:05:ad:ba:8a:14:
39:6f:ea:87:8d:fa:a9:95:1a:ef:e2:83:8d:32:5f:d2:44:ec:
f2:2b:e8:c2
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIUfjDgo6N7bIhHEJz3FleoaPyF7C8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDMxNTIzNTUwMFoX
DTI3MDMxNTAwMDAwMFowMzExMC8GA1UEAxMoNjhGNjY3RUIxMzM0QkM4NzUyNEE4
REEzMURDQzJFRkZEMzA0RTI4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANsrF+R+Sweue+V3Knt8sdC/cGdIA2b5qg/a0DhiMa6jWVEmxYzLERNO5UWK
MaPHI90AWl2n4PHf+hrnN3CuRoeys4Pq+48o2YfS569Zr7oiJ8F3/P+vi78ufWl5
W+AT8dn0gtso2IvXtvcaENpagYcefpcIq2i3nyCU7O7ogZx0eG+hfbhWyyHCEvDH
ZjxqnEuFuVtNwCBVkBooJG6A38vHzB7wCTwslR28Sl+P7dZVcbBZ7uWZoLM3rWu0
qMZUOH1rVkfvj8vA9WhQ7igGJ/9f3gQsh7gUsDbWeRjmuZreWkzLRNel+CWkztdY
Izs2r3faBqfXMDuxbLyx2QYmvvkCAwEAAaOCAlcwggJTMB0GA1UdDgQWBBRo9mfr
EzS8h1JKjaMdzC7/0wTihjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzMzgxNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBpQYIKwYBBQUHAQcBAf8EgZUw
gZIwgY8EAgABMIGIMAwDBAFnjZYDBAFnjZgDBAFnleAwDAMEAWeV5gMEAmeV6AME
AWeWBDAMAwQCZ5YMAwQBZ5YQAwQBZ5YiAwQBZ5cSAwQBZ5dkAwQBZ5fCAwQBZ5hG
AwQBZ5haAwQBZ5hgAwQBZ5huAwQBZ7woMAwDBAFnvDIDBAFnvDQwDAMEA2e+2AME
AWe+3DANBgkqhkiG9w0BAQsFAAOCAQEARbRHoKZSfuuQBDvYx2aG6YyzcZ/NIJy+
OGvgS/UD+L8mXoUFtRwQCjJVVOTrwKfj6fWIqZRlKwfVpenqIzljwHs6tn0Pn6Na
Uw9QPu3OwK3E2bVAewgJdo744n6QuUnGw5torQ5Q+/+F9JCrTnwZOElKiXhX8w4W
A/KHi2/Hd5+yY3sAson8n4v60mrkvZ8CNgu2eYrkTR8ekBmQMJRHCiWsftiwIUhn
tzycajce6cjGwyhOH9EeRzGOebqHCIN8R9vUS259IKUzc0F2u+iCFkmmajv5g6Hs
kXAlghh0ZOSssw42DAWtuooUOW/qh436qZUa7+KDjTJf0kTs8ivowg==
-----END CERTIFICATE-----
Generated at Thu Mar 19 08:15:42 2026 by rpki-client