Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9341.roa
File: AS9341.roa (raw, json)
Hash identifier: bicVXrqLYcZBNttU1e97m/QMqiBTr3qVrf3OxgsH0Wg=
Subject key identifier: 8A:A5:7A:32:98:6D:7A:93:B7:73:54:50:AD:FF:06:B2:F5:F1:A1:63
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 1C86978C3BB7B32595135BCF51C5C7489144658E
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9341.roa
Signing time: Wed 04 Mar 2026 04:55:47 +0000
ROA not before: Wed 04 Mar 2026 04:50:47 +0000
ROA not after: Wed 03 Mar 2027 04:55:47 +0000
asID: 9341
IP address blocks: 43.240.80.0/22 maxlen: 24
103.17.172.0/22 maxlen: 24
103.17.172.0/23 maxlen: 24
103.17.174.0/23 maxlen: 24
103.49.188.0/22 maxlen: 24
103.55.220.0/22 maxlen: 24
103.76.168.0/22 maxlen: 24
103.76.172.0/22 maxlen: 24
103.78.72.0/22 maxlen: 24
103.78.140.0/22 maxlen: 24
103.88.196.0/22 maxlen: 24
103.88.200.0/22 maxlen: 24
103.88.204.0/22 maxlen: 24
103.88.208.0/22 maxlen: 24
103.88.244.0/22 maxlen: 24
103.88.248.0/22 maxlen: 24
103.88.252.0/22 maxlen: 24
103.89.32.0/22 maxlen: 24
103.91.14.0/23 maxlen: 24
103.94.0.0/22 maxlen: 24
103.94.124.0/22 maxlen: 24
103.101.22.0/23 maxlen: 24
103.145.150.0/24 maxlen: 24
103.181.244.0/23 maxlen: 24
103.210.230.0/23 maxlen: 24
103.215.178.0/23 maxlen: 24
103.229.164.0/22 maxlen: 24
103.238.138.0/23 maxlen: 24
160.202.40.0/22 maxlen: 24
202.46.64.0/19 maxlen: 24
202.57.18.0/24 maxlen: 24
202.57.28.0/22 maxlen: 24
202.74.43.0/24 maxlen: 24
202.74.72.0/23 maxlen: 24
202.146.48.0/20 maxlen: 24
202.154.176.0/21 maxlen: 24
202.164.216.0/22 maxlen: 24
202.171.236.0/24 maxlen: 24
203.171.216.0/23 maxlen: 24
203.171.216.0/24 maxlen: 24
203.171.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 23 Mar 2026 13:47:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:86:97:8c:3b:b7:b3:25:95:13:5b:cf:51:c5:c7:48:91:44:65:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Mar 4 04:50:47 2026 GMT
Not After : Mar 3 04:55:47 2027 GMT
Subject: CN=8AA57A32986D7A93B7735450ADFF06B2F5F1A163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9d:02:2b:e5:01:10:4c:fd:1b:f9:82:f8:27:
29:d4:0c:de:83:54:9e:94:3e:c2:7e:75:31:23:78:
d3:69:6b:df:84:38:2b:1c:19:80:c4:68:13:ab:b6:
56:4b:7c:23:ff:46:b2:19:9d:9b:32:c3:86:c5:29:
f4:45:48:32:18:05:cc:dd:ae:21:c8:7e:1c:3d:38:
7e:8e:67:df:38:37:77:03:aa:6b:8c:d8:f7:84:23:
cc:7a:77:73:2d:59:88:ab:58:96:8f:dd:09:36:f5:
7f:97:e9:d3:ea:18:b5:9a:37:ed:4b:87:6c:11:25:
68:e3:b5:12:cc:dc:51:02:01:e4:29:07:11:2c:1d:
f6:a0:8e:6f:6e:b6:a3:49:25:67:d8:04:14:2d:42:
90:21:01:4f:3e:0c:b6:e7:09:4d:16:d5:9f:e1:b5:
45:35:bc:f9:cb:69:41:39:65:cf:21:5f:ea:68:3a:
16:ad:82:12:ff:d2:5f:d6:26:eb:92:4f:5d:58:d8:
30:3b:71:48:20:a9:d7:c0:66:67:f1:7a:9d:eb:bb:
ce:43:65:23:b9:fb:58:56:9a:c2:4d:7b:ce:67:6e:
a3:b8:ba:6b:05:94:b9:06:61:3a:8b:f8:31:13:42:
66:65:10:9f:f3:dc:2e:eb:f3:48:e5:d8:bb:bb:3d:
35:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A5:7A:32:98:6D:7A:93:B7:73:54:50:AD:FF:06:B2:F5:F1:A1:63
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9341.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.80.0/22
103.17.172.0/22
103.49.188.0/22
103.55.220.0/22
103.76.168.0/21
103.78.72.0/22
103.78.140.0/22
103.88.196.0-103.88.211.255
103.88.244.0-103.88.255.255
103.89.32.0/22
103.91.14.0/23
103.94.0.0/22
103.94.124.0/22
103.101.22.0/23
103.145.150.0/24
103.181.244.0/23
103.210.230.0/23
103.215.178.0/23
103.229.164.0/22
103.238.138.0/23
160.202.40.0/22
202.46.64.0/19
202.57.18.0/24
202.57.28.0/22
202.74.43.0/24
202.74.72.0/23
202.146.48.0/20
202.154.176.0/21
202.164.216.0/22
202.171.236.0/24
203.171.216.0/23
Signature Algorithm: sha256WithRSAEncryption
07:05:e9:d3:0c:a6:9b:e0:c7:6a:dc:a0:18:87:e6:32:f5:c9:
e4:3a:9c:49:a7:72:47:af:15:b8:97:0a:1e:16:39:a8:5e:99:
82:16:6d:27:9d:75:f3:c3:75:44:73:f5:c2:ba:60:44:6a:c5:
ca:67:f5:9b:d0:38:89:33:5b:34:d9:4f:4b:cf:89:42:f7:ec:
4e:5d:bf:1a:1e:ee:c9:59:35:ce:04:4d:f5:95:c6:df:e1:3c:
be:1d:01:66:af:d3:8c:f6:5b:a9:75:db:6f:af:fc:ff:32:72:
60:70:ab:f3:e9:e3:86:e4:f3:63:2d:a2:5f:9f:44:91:62:b8:
f5:9b:6b:f9:57:26:10:c4:0c:6f:9a:98:36:e5:a9:86:a6:65:
a3:f0:2a:53:a6:ba:d8:96:25:4b:84:09:4c:a2:68:55:f9:bc:
dc:7e:3c:e1:54:5c:f2:df:cb:4d:70:4a:a9:9e:85:5a:8c:64:
5b:9a:c7:43:73:b6:a3:2a:4a:0c:0d:d0:75:5e:4b:6c:19:8f:
1e:8b:37:9f:31:fe:eb:88:0a:b2:30:de:e8:71:e0:b5:43:e6:
24:5b:91:4d:be:0f:6a:17:a3:7e:f6:e2:b1:08:f8:53:ea:75:
03:ed:14:ed:7e:61:56:f2:ec:4d:fb:09:86:79:81:bd:4f:c4:
99:ce:1f:c2
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgIUHIaXjDu3syWVE1vPUcXHSJFEZY4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDMwNDA0NTA0N1oX
DTI3MDMwMzA0NTU0N1owMzExMC8GA1UEAxMoOEFBNTdBMzI5ODZEN0E5M0I3NzM1
NDUwQURGRjA2QjJGNUYxQTE2MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+dAivlARBM/Rv5gvgnKdQM3oNUnpQ+wn51MSN402lr34Q4KxwZgMRoE6u2
Vkt8I/9GshmdmzLDhsUp9EVIMhgFzN2uIch+HD04fo5n3zg3dwOqa4zY94QjzHp3
cy1ZiKtYlo/dCTb1f5fp0+oYtZo37UuHbBElaOO1EszcUQIB5CkHESwd9qCOb262
o0klZ9gEFC1CkCEBTz4MtucJTRbVn+G1RTW8+ctpQTllzyFf6mg6Fq2CEv/SX9Ym
65JPXVjYMDtxSCCp18BmZ/F6neu7zkNlI7n7WFaawk17zmduo7i6awWUuQZhOov4
MRNCZmUQn/PcLuvzSOXYu7s9NZECAwEAAaOCApYwggKSMB0GA1UdDgQWBBSKpXoy
mG16k7dzVFCt/way9fGhYzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzkzNDEucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgeYGCCsGAQUFBwEHAQH/BIHWMIHT
MIHQBAIAATCByQMEAivwUAMEAmcRrAMEAmcxvAMEAmc33AMEA2dMqAMEAmdOSAME
AmdOjDAMAwQCZ1jEAwQCZ1jQMAsDBAJnWPQDAwBnWAMEAmdZIAMEAWdbDgMEAmde
AAMEAmdefAMEAWdlFgMEAGeRlgMEAWe19AMEAWfS5gMEAWfXsgMEAmflpAMEAWfu
igMEAqDKKAMEBcouQAMEAMo5EgMEAso5HAMEAMpKKwMEAcpKSAMEBMqSMAMEA8qa
sAMEAsqk2AMEAMqr7AMEAcur2DANBgkqhkiG9w0BAQsFAAOCAQEABwXp0wymm+DH
atygGIfmMvXJ5DqcSadyR68VuJcKHhY5qF6ZghZtJ51188N1RHP1wrpgRGrFymf1
m9A4iTNbNNlPS8+JQvfsTl2/Gh7uyVk1zgRN9ZXG3+E8vh0BZq/TjPZbqXXbb6/8
/zJyYHCr8+njhuTzYy2iX59EkWK49Ztr+VcmEMQMb5qYNuWphqZlo/AqU6a62JYl
S4QJTKJoVfm83H484VRc8t/LTXBKqZ6FWoxkW5rHQ3O2oypKDA3QdV5LbBmPHos3
nzH+64gKsjDe6HHgtUPmJFuRTb4PahejfvbisQj4U+p1A+0U7X5hVvLsTfsJhnmB
vU/Emc4fwg==
-----END CERTIFICATE-----
Generated at Fri Mar 20 10:52:40 2026 by rpki-client