Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/AS38496.roa
File: AS38496.roa (raw, json)
Hash identifier: hnS3ZSoX0phLGwoHdG0C5h9+644LISrLfUDeK/ON/To=
Subject key identifier: 71:BA:9E:62:EA:6C:D8:F2:89:6C:27:53:5E:DA:45:AC:C5:02:67:17
Certificate issuer: /CN=6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC
Certificate serial: 6F7F5BCE35505A2FB475559C732E3152C74F26C8
Authority key identifier: 6A:D9:56:36:B6:B3:E0:D5:F9:0E:E4:1F:3C:3D:6D:51:F8:FC:06:EC
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/AS38496.roa
Signing time: Tue 08 Jul 2025 06:42:33 +0000
ROA not before: Tue 08 Jul 2025 06:37:33 +0000
ROA not after: Tue 07 Jul 2026 06:42:33 +0000
asID: 38496
IP address blocks: 103.31.156.0/22 maxlen: 24
112.78.96.0/21 maxlen: 24
114.31.240.0/24 maxlen: 24
114.31.241.0/24 maxlen: 24
114.31.242.0/24 maxlen: 24
114.31.243.0/24 maxlen: 24
114.31.244.0/24 maxlen: 24
114.31.245.0/24 maxlen: 24
114.31.246.0/24 maxlen: 24
114.31.247.0/24 maxlen: 24
114.110.40.0/21 maxlen: 24
114.134.72.0/21 maxlen: 24
115.178.120.0/24 maxlen: 24
115.178.121.0/24 maxlen: 24
115.178.122.0/24 maxlen: 24
116.66.200.0/21 maxlen: 21
116.66.200.0/23 maxlen: 23
116.66.200.0/24 maxlen: 24
116.66.201.0/24 maxlen: 24
116.66.202.0/23 maxlen: 24
116.66.202.0/24 maxlen: 24
116.66.203.0/24 maxlen: 24
116.66.204.0/24 maxlen: 24
116.66.206.0/23 maxlen: 23
116.66.206.0/24 maxlen: 24
116.66.207.0/24 maxlen: 24
116.254.120.0/21 maxlen: 24
117.103.8.0/24 maxlen: 24
117.103.9.0/24 maxlen: 24
117.103.10.0/24 maxlen: 24
117.103.11.0/24 maxlen: 24
117.103.12.0/24 maxlen: 24
117.103.13.0/24 maxlen: 24
117.103.14.0/24 maxlen: 24
117.103.15.0/24 maxlen: 24
182.23.160.0/24 maxlen: 24
182.23.161.0/24 maxlen: 24
182.23.163.0/24 maxlen: 24
182.23.164.0/24 maxlen: 24
182.23.165.0/24 maxlen: 24
182.23.166.0/24 maxlen: 24
182.23.167.0/24 maxlen: 24
182.23.168.0/24 maxlen: 24
182.23.169.0/24 maxlen: 24
182.23.172.0/24 maxlen: 24
182.23.173.0/24 maxlen: 24
182.23.174.0/24 maxlen: 24
202.87.176.0/24 maxlen: 24
202.87.184.0/24 maxlen: 24
202.87.188.0/24 maxlen: 24
203.191.40.0/24 maxlen: 24
203.191.41.0/24 maxlen: 24
203.191.42.0/24 maxlen: 24
203.191.43.0/24 maxlen: 24
203.191.44.0/24 maxlen: 24
203.191.45.0/24 maxlen: 24
203.191.47.0/24 maxlen: 24
223.27.144.0/24 maxlen: 24
223.27.145.0/24 maxlen: 24
223.27.146.0/24 maxlen: 24
223.27.148.0/24 maxlen: 24
223.27.149.0/24 maxlen: 24
223.27.150.0/23 maxlen: 24
223.27.150.0/24 maxlen: 24
223.27.151.0/24 maxlen: 24
223.27.152.0/24 maxlen: 24
223.27.153.0/24 maxlen: 24
223.27.154.0/23 maxlen: 24
223.27.154.0/24 maxlen: 24
223.27.156.0/24 maxlen: 24
223.27.157.0/24 maxlen: 24
223.27.158.0/24 maxlen: 24
223.27.159.0/24 maxlen: 24
2401:2400::/32 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.crl
rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 29 Jul 2025 08:40:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:7f:5b:ce:35:50:5a:2f:b4:75:55:9c:73:2e:31:52:c7:4f:26:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC
Validity
Not Before: Jul 8 06:37:33 2025 GMT
Not After : Jul 7 06:42:33 2026 GMT
Subject: CN=71BA9E62EA6CD8F2896C27535EDA45ACC5026717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:59:81:ad:04:61:5d:4a:45:0e:39:fd:79:37:
63:80:29:a7:da:cd:41:e0:b2:f1:0e:db:dc:f9:80:
f3:0f:dc:ff:52:90:7c:15:86:da:29:dc:38:b1:bb:
fb:58:5a:26:52:fb:dd:cc:5b:80:8a:b9:b1:ed:99:
fb:12:3c:c9:ec:4d:56:3a:31:ca:1f:af:59:e9:37:
2f:ae:95:f9:84:02:aa:00:1b:eb:f6:84:5e:a6:1b:
78:a4:cd:e5:15:55:e1:13:6c:95:17:f1:3c:c6:9b:
08:5b:df:9a:10:cb:0f:4e:ae:65:c2:39:66:ef:03:
b0:51:90:d9:35:01:05:b5:94:78:51:e1:25:df:21:
a3:80:a1:a1:69:1c:41:5a:f0:26:41:0d:2b:c0:42:
6d:33:d9:f4:2f:42:3c:08:ac:9e:75:18:14:2c:65:
92:a0:e5:18:15:9d:7d:a0:b3:a5:6a:53:be:36:34:
71:39:5d:b4:47:fa:f1:2e:26:53:c6:4f:37:24:4d:
65:cb:df:01:68:c7:e7:62:d4:bf:76:d5:2f:48:8b:
e2:10:5e:47:65:7c:36:cb:82:13:c3:5e:69:9f:68:
7f:9e:94:a5:54:ca:2b:30:7c:de:d8:19:af:c3:f9:
cc:43:0c:7e:16:b8:38:71:82:52:73:f1:eb:5e:bf:
95:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:BA:9E:62:EA:6C:D8:F2:89:6C:27:53:5E:DA:45:AC:C5:02:67:17
X509v3 Authority Key Identifier:
keyid:6A:D9:56:36:B6:B3:E0:D5:F9:0E:E4:1F:3C:3D:6D:51:F8:FC:06:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/AS38496.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.31.156.0/22
112.78.96.0/21
114.31.240.0/21
114.110.40.0/21
114.134.72.0/21
115.178.120.0-115.178.122.255
116.66.200.0/21
116.254.120.0/21
117.103.8.0/21
182.23.160.0/23
182.23.163.0-182.23.169.255
182.23.172.0-182.23.174.255
202.87.176.0/24
202.87.184.0/24
202.87.188.0/24
203.191.40.0-203.191.45.255
203.191.47.0/24
223.27.144.0-223.27.146.255
223.27.148.0-223.27.159.255
IPv6:
2401:2400::/32
Signature Algorithm: sha256WithRSAEncryption
70:e2:66:b2:41:be:32:c4:33:35:fb:93:dd:02:8d:ec:f8:cd:
19:50:c0:78:77:03:e4:9f:f7:ac:67:6f:b5:20:33:08:db:bb:
6d:98:d0:f3:96:1d:67:55:1a:48:47:1a:f2:35:f0:ca:5e:56:
c1:f9:cc:75:9f:b4:df:9b:2d:e7:b0:63:a2:d2:fb:0e:ed:8e:
77:60:42:60:dd:37:fb:c4:46:96:44:2b:35:6c:fe:9c:f7:ac:
26:71:88:3b:82:b1:95:fb:80:86:94:13:46:7f:e7:90:bc:1c:
39:6e:1a:58:66:d9:78:66:4c:a0:09:cf:bd:88:0e:1b:51:34:
8a:89:fa:e4:cf:ed:86:29:55:e7:ec:d7:9a:78:bd:c2:1f:c8:
c0:6b:77:b2:3b:f9:61:d8:0f:5b:db:9c:95:92:7f:e3:3a:3c:
ab:69:c5:a7:aa:29:1e:db:d5:cf:cf:85:31:94:91:46:37:b2:
b3:1b:cf:66:80:9f:05:cc:44:5d:af:03:6d:12:41:fb:57:91:
a8:47:ae:0f:75:3d:a5:56:10:50:bb:d0:8d:87:06:23:c6:1a:
21:26:9b:c9:06:69:9b:2a:9f:d5:da:f0:d0:d2:2f:56:bb:34:
68:13:63:b3:41:52:b0:4e:f3:58:72:be:3b:61:80:2c:c7:24:
06:c6:b9:9d
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIUb39bzjVQWi+0dVWccy4xUsdPJsgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkFEOTU2MzZCNkIzRTBENUY5MEVFNDFGM0MzRDZENTFG
OEZDMDZFQzAeFw0yNTA3MDgwNjM3MzNaFw0yNjA3MDcwNjQyMzNaMDMxMTAvBgNV
BAMTKDcxQkE5RTYyRUE2Q0Q4RjI4OTZDMjc1MzVFREE0NUFDQzUwMjY3MTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4WYGtBGFdSkUOOf15N2OAKafa
zUHgsvEO29z5gPMP3P9SkHwVhtop3Dixu/tYWiZS+93MW4CKubHtmfsSPMnsTVY6
Mcofr1npNy+ulfmEAqoAG+v2hF6mG3ikzeUVVeETbJUX8TzGmwhb35oQyw9OrmXC
OWbvA7BRkNk1AQW1lHhR4SXfIaOAoaFpHEFa8CZBDSvAQm0z2fQvQjwIrJ51GBQs
ZZKg5RgVnX2gs6VqU742NHE5XbRH+vEuJlPGTzckTWXL3wFox+di1L921S9Ii+IQ
XkdlfDbLghPDXmmfaH+elKVUyiswfN7YGa/D+cxDDH4WuDhxglJz8etev5VzAgMB
AAGjggKuMIICqjAdBgNVHQ4EFgQUcbqeYups2PKJbCdTXtpFrMUCZxcwHwYDVR0j
BBgwFoAUatlWNraz4NX5DuQfPD1tUfj8BuwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
ODczNDlmYi00NjVlLTRlOGItYTk3NC05MGU5MzliY2IwZmIvMC82QUQ5NTYzNkI2
QjNFMEQ1RjkwRUU0MUYzQzNENkQ1MUY4RkMwNkVDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNkFEOTU2MzZCNkIzRTBENUY5MEVFNDFGM0MzRDZENTFGOEZD
MDZFQy5jZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jl
cG8tcnBraS5pZG5pYy5uZXQvcmVwby9lODczNDlmYi00NjVlLTRlOGItYTk3NC05
MGU5MzliY2IwZmIvMC9BUzM4NDk2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAJnH5wDBANwTmAD
BANyH/ADBANybigDBANyhkgwDAMEA3OyeAMEAHOyegMEA3RCyAMEA3T+eAMEA3Vn
CAMEAbYXoDAMAwQAthejAwQBtheoMAwDBAK2F6wDBAC2F64DBADKV7ADBADKV7gD
BADKV7wwDAMEA8u/KAMEAcu/LAMEAMu/LzAMAwQE3xuQAwQA3xuSMAwDBALfG5QD
BAXfG4AwDQQCAAIwBwMFACQBJAAwDQYJKoZIhvcNAQELBQADggEBAHDiZrJBvjLE
MzX7k90Cjez4zRlQwHh3A+Sf96xnb7UgMwjbu22Y0POWHWdVGkhHGvI18MpeVsH5
zHWftN+bLeewY6LS+w7tjndgQmDdN/vERpZEKzVs/pz3rCZxiDuCsZX7gIaUE0Z/
55C8HDluGlhm2XhmTKAJz72IDhtRNIqJ+uTP7YYpVefs15p4vcIfyMBrd7I7+WHY
D1vbnJWSf+M6PKtpxaeqKR7b1c/PhTGUkUY3srMbz2aAnwXMRF2vA20SQftXkahH
rg91PaVWEFC70I2HBiPGGiEmm8kGaZsqn9Xa8NDSL1a7NGgTY7NBUrBO81hyvjth
gCzHJAbGuZ0=
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:23:25 2025 by rpki-client