Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS136052.roa
File: AS136052.roa (raw, json)
Hash identifier: uoL+eF3GgLzJBHUA2pYkPrLQ8XyVzjvajCXiY7/fG9Q=
Subject key identifier: 91:4B:0A:44:CC:EF:3C:F0:6E:B0:61:8E:96:F2:98:7B:5B:EE:4C:27
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 4534F97C8184B90DF0807F0F879EF5D17781CE6D
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS136052.roa
Signing time: Fri 17 Nov 2023 07:52:38 +0000
ROA not before: Fri 17 Nov 2023 07:47:38 +0000
ROA not after: Fri 15 Nov 2024 07:52:38 +0000
asID: 136052
IP address blocks: 27.112.78.0/23 maxlen: 24
103.23.198.0/23 maxlen: 24
103.31.38.0/23 maxlen: 24
103.49.238.0/23 maxlen: 24
103.52.114.0/23 maxlen: 24
103.63.24.0/23 maxlen: 24
103.67.78.0/23 maxlen: 24
103.76.120.0/23 maxlen: 24
103.123.62.0/23 maxlen: 24
103.139.192.0/23 maxlen: 24
103.171.84.0/24 maxlen: 24
103.171.85.0/24 maxlen: 24
103.172.204.0/23 maxlen: 24
103.174.114.0/23 maxlen: 24
103.176.76.0/24 maxlen: 24
103.176.78.0/23 maxlen: 24
103.179.56.0/23 maxlen: 24
103.179.254.0/23 maxlen: 24
103.181.142.0/23 maxlen: 24
103.183.74.0/23 maxlen: 24
103.191.92.0/23 maxlen: 24
103.193.176.0/23 maxlen: 24
103.193.178.0/23 maxlen: 24
103.217.144.0/23 maxlen: 24
103.217.226.0/23 maxlen: 24
103.226.138.0/23 maxlen: 24
103.242.10.0/23 maxlen: 24
103.250.208.0/23 maxlen: 24
116.193.190.0/23 maxlen: 24
203.145.34.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 05 May 2024 09:07:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:34:f9:7c:81:84:b9:0d:f0:80:7f:0f:87:9e:f5:d1:77:81:ce:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Nov 17 07:47:38 2023 GMT
Not After : Nov 15 07:52:38 2024 GMT
Subject: CN=914B0A44CCEF3CF06EB0618E96F2987B5BEE4C27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3e:e7:7a:b5:c0:53:f3:8a:80:5d:de:e5:e0:
e5:b6:9d:db:2c:b1:8c:c8:98:ea:54:fc:89:15:e5:
88:77:9a:87:1a:8b:77:f0:f5:06:0d:3a:53:cc:92:
df:c2:87:88:c7:cc:0e:9f:fc:3c:9f:e2:4c:d4:94:
da:bb:00:22:1c:d0:56:ff:0c:45:1c:30:57:16:ea:
27:12:b7:c4:76:48:43:ee:32:eb:a2:ca:72:8e:09:
1f:2c:a8:10:42:0a:9f:d3:aa:e5:8c:07:27:9b:9b:
0c:4c:80:64:5c:96:c1:98:77:a5:9c:bf:5b:25:26:
89:4c:1f:f2:ae:4c:2e:6f:9f:20:64:3a:34:f2:ec:
cb:90:63:cf:36:bf:dc:00:c2:b1:05:69:cf:b6:b9:
3e:4e:da:8e:a5:7c:1e:24:ac:9f:c1:9b:43:ad:ee:
ee:11:61:32:f2:5e:0d:69:eb:e1:0c:70:77:20:60:
07:4b:ac:60:f5:88:08:5c:db:0a:8f:81:af:23:96:
74:24:c9:37:b1:e6:36:1e:69:f2:7b:22:92:cd:8a:
61:c8:1c:20:61:57:fe:d1:40:4c:ea:07:54:39:d4:
46:72:d1:88:fc:55:03:d2:5a:03:2e:51:68:f3:ea:
9b:0e:8b:0c:aa:80:ba:db:83:91:aa:60:f9:4d:ce:
85:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:4B:0A:44:CC:EF:3C:F0:6E:B0:61:8E:96:F2:98:7B:5B:EE:4C:27
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS136052.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.112.78.0/23
103.23.198.0/23
103.31.38.0/23
103.49.238.0/23
103.52.114.0/23
103.63.24.0/23
103.67.78.0/23
103.76.120.0/23
103.123.62.0/23
103.139.192.0/23
103.171.84.0/23
103.172.204.0/23
103.174.114.0/23
103.176.76.0/24
103.176.78.0/23
103.179.56.0/23
103.179.254.0/23
103.181.142.0/23
103.183.74.0/23
103.191.92.0/23
103.193.176.0/22
103.217.144.0/23
103.217.226.0/23
103.226.138.0/23
103.242.10.0/23
103.250.208.0/23
116.193.190.0/23
203.145.34.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:02:43:de:09:7d:e4:d2:4c:95:61:2a:55:69:8c:11:8d:d7:
6c:f6:67:2e:8e:01:fb:26:60:5d:50:14:7b:10:fb:50:2d:41:
d6:67:11:1e:be:79:01:2a:2c:39:bf:98:4e:f7:e5:8c:60:37:
08:e3:61:fc:33:e9:98:51:b6:e4:57:ca:7b:b5:34:a4:2d:37:
7d:b7:b0:33:46:45:4c:4d:2b:2d:22:9a:09:58:42:62:88:35:
cb:9e:9a:ec:0d:99:f6:9d:86:75:29:2f:18:36:ff:47:99:c2:
af:8f:ed:ff:8f:b8:6d:d8:d8:07:0b:fd:95:48:2c:e1:2f:f2:
e3:ef:5a:13:f7:69:46:24:21:66:16:c3:62:c9:53:85:81:e1:
a5:33:1c:be:42:a6:bc:7f:36:c9:9b:d3:ed:2b:42:75:a5:9d:
32:95:f7:01:09:20:ba:c7:45:ec:c4:71:6b:75:b7:16:20:33:
da:1a:8e:ef:ba:58:56:33:89:85:22:52:df:ec:8e:8f:e3:9f:
bb:17:a0:b4:6f:b8:31:66:5b:ec:94:e0:82:bc:3a:59:c6:5a:
66:17:cb:39:5a:58:fe:68:e4:8d:19:f2:20:e0:24:5f:07:22:
6e:04:df:55:3c:87:ea:1a:2d:ce:7b:a1:74:ab:14:48:24:43:
6f:9e:fb:3a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIURTT5fIGEuQ3wgH8Ph5710XeBzm0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTExNzA3NDczOFoX
DTI0MTExNTA3NTIzOFowMzExMC8GA1UEAxMoOTE0QjBBNDRDQ0VGM0NGMDZFQjA2
MThFOTZGMjk4N0I1QkVFNEMyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOU+53q1wFPzioBd3uXg5bad2yyxjMiY6lT8iRXliHeahxqLd/D1Bg06U8yS
38KHiMfMDp/8PJ/iTNSU2rsAIhzQVv8MRRwwVxbqJxK3xHZIQ+4y66LKco4JHyyo
EEIKn9Oq5YwHJ5ubDEyAZFyWwZh3pZy/WyUmiUwf8q5MLm+fIGQ6NPLsy5Bjzza/
3ADCsQVpz7a5Pk7ajqV8HiSsn8GbQ63u7hFhMvJeDWnr4QxwdyBgB0usYPWICFzb
Co+BryOWdCTJN7HmNh5p8nsiks2KYcgcIGFX/tFATOoHVDnURnLRiPxVA9JaAy5R
aPPqmw6LDKqAutuDkapg+U3OhYcCAwEAAaOCAncwggJzMB0GA1UdDgQWBBSRSwpE
zO888G6wYY6W8ph7W+5MJzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzNjA1Mi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBxQYIKwYBBQUHAQcBAf8EgbUw
gbIwga8EAgABMIGoAwQBG3BOAwQBZxfGAwQBZx8mAwQBZzHuAwQBZzRyAwQBZz8Y
AwQBZ0NOAwQBZ0x4AwQBZ3s+AwQBZ4vAAwQBZ6tUAwQBZ6zMAwQBZ65yAwQAZ7BM
AwQBZ7BOAwQBZ7M4AwQBZ7P+AwQBZ7WOAwQBZ7dKAwQBZ79cAwQCZ8GwAwQBZ9mQ
AwQBZ9niAwQBZ+KKAwQBZ/IKAwQBZ/rQAwQBdMG+AwQBy5EiMA0GCSqGSIb3DQEB
CwUAA4IBAQBLAkPeCX3k0kyVYSpVaYwRjdds9mcujgH7JmBdUBR7EPtQLUHWZxEe
vnkBKiw5v5hO9+WMYDcI42H8M+mYUbbkV8p7tTSkLTd9t7AzRkVMTSstIpoJWEJi
iDXLnprsDZn2nYZ1KS8YNv9HmcKvj+3/j7ht2NgHC/2VSCzhL/Lj71oT92lGJCFm
FsNiyVOFgeGlMxy+Qqa8fzbJm9PtK0J1pZ0ylfcBCSC6x0XsxHFrdbcWIDPaGo7v
ulhWM4mFIlLf7I6P45+7F6C0b7gxZlvslOCCvDpZxlpmF8s5Wlj+aOSNGfIg4CRf
ByJuBN9VPIfqGi3Oe6F0qxRIJENvnvs6
-----END CERTIFICATE-----
Generated at Thu May 2 05:09:56 2024 by rpki-client on console-ams.rpki-client.org