Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AS38060.roa
File: AS38060.roa (raw, json)
Hash identifier: sCJYA9RzvhULZFKF2+8vUSPmeWwAql+rDCs/syocduA=
Subject key identifier: 3B:12:6C:9B:F0:B3:63:CF:4B:C5:EC:11:0C:83:43:25:7D:CC:A8:6D
Certificate issuer: /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial: 46F3107EAC7292235510BA307175DF49D654E247
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AS38060.roa
Signing time: Fri 30 Aug 2024 11:23:14 +0000
ROA not before: Fri 30 Aug 2024 11:18:14 +0000
ROA not after: Fri 29 Aug 2025 11:23:14 +0000
asID: 38060
IP address blocks: 112.78.132.0/24 maxlen: 24
112.78.134.0/24 maxlen: 24
112.78.142.0/24 maxlen: 24
112.78.144.0/24 maxlen: 24
112.78.150.0/24 maxlen: 24
112.78.151.0/24 maxlen: 24
112.78.153.0/24 maxlen: 24
112.78.178.0/24 maxlen: 24
112.78.191.0/24 maxlen: 24
117.102.72.0/24 maxlen: 24
117.102.75.0/24 maxlen: 24
117.102.79.0/24 maxlen: 24
117.102.81.0/24 maxlen: 24
117.102.97.0/24 maxlen: 24
117.102.120.0/24 maxlen: 24
118.99.67.0/24 maxlen: 24
118.99.72.0/24 maxlen: 24
118.99.107.0/24 maxlen: 24
118.99.109.0/24 maxlen: 24
118.99.110.0/24 maxlen: 24
118.99.112.0/24 maxlen: 24
118.99.123.0/24 maxlen: 24
182.253.6.0/24 maxlen: 24
182.253.14.0/24 maxlen: 24
182.253.23.0/24 maxlen: 24
182.253.33.0/24 maxlen: 24
182.253.36.0/24 maxlen: 24
182.253.40.0/24 maxlen: 24
182.253.42.0/24 maxlen: 24
182.253.44.0/24 maxlen: 24
182.253.45.0/24 maxlen: 24
182.253.62.0/24 maxlen: 24
182.253.87.0/24 maxlen: 24
182.253.98.0/24 maxlen: 24
182.253.106.0/24 maxlen: 24
182.253.116.0/24 maxlen: 24
182.253.122.0/24 maxlen: 24
182.253.123.0/24 maxlen: 24
182.253.124.0/24 maxlen: 24
182.253.127.0/24 maxlen: 24
182.253.131.0/24 maxlen: 24
182.253.133.0/24 maxlen: 24
182.253.137.0/24 maxlen: 24
182.253.139.0/24 maxlen: 24
182.253.151.0/24 maxlen: 24
182.253.185.0/24 maxlen: 24
182.253.186.0/24 maxlen: 24
182.253.192.0/24 maxlen: 24
182.253.194.0/24 maxlen: 24
182.253.203.0/24 maxlen: 24
182.253.215.0/24 maxlen: 24
182.253.217.0/24 maxlen: 24
182.253.228.0/24 maxlen: 24
182.253.242.0/24 maxlen: 24
182.253.243.0/24 maxlen: 24
182.253.244.0/24 maxlen: 24
182.253.245.0/24 maxlen: 24
182.253.250.0/24 maxlen: 24
182.253.251.0/24 maxlen: 24
202.169.37.0/24 maxlen: 24
202.169.38.0/24 maxlen: 24
202.169.46.0/24 maxlen: 24
202.169.56.0/24 maxlen: 24
203.142.74.0/24 maxlen: 24
203.142.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl
rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 15 Mar 2025 12:34:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:f3:10:7e:ac:72:92:23:55:10:ba:30:71:75:df:49:d6:54:e2:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
Validity
Not Before: Aug 30 11:18:14 2024 GMT
Not After : Aug 29 11:23:14 2025 GMT
Subject: CN=3B126C9BF0B363CF4BC5EC110C8343257DCCA86D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b6:3e:39:c6:15:cc:b9:f8:70:0d:87:4b:92:
ad:38:b3:b8:ca:2f:1b:a1:6a:59:0e:3d:ca:f0:bb:
db:b6:5b:ee:67:92:e7:e1:65:a1:de:f9:59:6b:8e:
db:b8:99:7b:78:08:7d:a4:44:30:5e:3a:0f:00:ab:
d2:05:47:cc:46:7c:8c:61:19:c8:4d:93:c7:3e:13:
5b:3d:eb:1a:7a:1e:b7:ee:29:14:4a:22:a7:18:8b:
82:18:f2:bb:12:27:a2:a0:b5:51:dc:4e:fe:9f:fa:
24:b3:6a:ac:f1:ee:33:f5:60:16:6e:91:d2:ac:dd:
49:14:42:b5:e2:84:7c:13:6c:6d:dc:a6:0d:19:bc:
d7:52:2a:3e:6b:d3:d9:d2:83:1b:87:94:75:bf:8c:
f6:ff:7d:a0:78:7b:0c:88:2b:23:d6:33:26:5a:76:
51:a9:db:03:de:e1:98:6e:77:0d:05:cc:f9:e2:f0:
dd:d4:34:5d:4b:41:4f:2c:88:4b:49:55:fa:d3:31:
1a:fe:5f:08:05:49:4a:ad:1d:a3:78:37:2c:d3:58:
64:05:be:82:30:49:1d:45:27:38:a7:cf:f0:69:6b:
e6:9f:94:1f:14:ae:22:21:98:ed:53:6e:aa:01:31:
44:be:84:66:82:3e:15:12:a6:67:2c:b9:d7:2c:f3:
3e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:12:6C:9B:F0:B3:63:CF:4B:C5:EC:11:0C:83:43:25:7D:CC:A8:6D
X509v3 Authority Key Identifier:
keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AS38060.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
112.78.132.0/24
112.78.134.0/24
112.78.142.0/24
112.78.144.0/24
112.78.150.0/23
112.78.153.0/24
112.78.178.0/24
112.78.191.0/24
117.102.72.0/24
117.102.75.0/24
117.102.79.0/24
117.102.81.0/24
117.102.97.0/24
117.102.120.0/24
118.99.67.0/24
118.99.72.0/24
118.99.107.0/24
118.99.109.0-118.99.110.255
118.99.112.0/24
118.99.123.0/24
182.253.6.0/24
182.253.14.0/24
182.253.23.0/24
182.253.33.0/24
182.253.36.0/24
182.253.40.0/24
182.253.42.0/24
182.253.44.0/23
182.253.62.0/24
182.253.87.0/24
182.253.98.0/24
182.253.106.0/24
182.253.116.0/24
182.253.122.0-182.253.124.255
182.253.127.0/24
182.253.131.0/24
182.253.133.0/24
182.253.137.0/24
182.253.139.0/24
182.253.151.0/24
182.253.185.0-182.253.186.255
182.253.192.0/24
182.253.194.0/24
182.253.203.0/24
182.253.215.0/24
182.253.217.0/24
182.253.228.0/24
182.253.242.0-182.253.245.255
182.253.250.0/23
202.169.37.0-202.169.38.255
202.169.46.0/24
202.169.56.0/24
203.142.74.0/24
203.142.76.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:be:58:74:78:8a:78:4b:4e:c0:1f:38:70:45:21:de:c7:f3:
25:3d:71:8d:2a:e0:42:4d:8b:64:5f:35:e1:a8:41:99:44:d7:
9f:d0:63:55:1b:c7:18:ff:88:43:eb:ae:58:70:1c:34:23:f2:
76:2b:a5:d5:18:e6:46:35:15:8c:4e:b2:e5:29:22:64:bc:d1:
2e:4f:ad:e0:eb:f9:37:38:6b:fe:7a:58:98:5f:3c:05:3d:db:
49:c2:69:0d:13:3f:a4:21:88:a5:bb:2e:95:e1:3a:54:ca:5e:
9d:0d:c5:d6:2c:1f:6a:7c:2f:9d:1d:b0:8a:0c:1f:e7:e9:f1:
9b:3f:75:72:dd:f4:9d:33:80:81:92:22:08:4c:73:2b:44:ea:
04:a4:74:d5:34:95:63:f9:be:98:b9:30:f4:b6:26:7c:28:95:
6d:72:f4:ea:a9:ea:2d:27:2d:33:6d:6e:1d:f3:9d:1b:8b:0f:
e2:51:58:d8:da:f1:30:b6:e0:b7:45:2e:73:13:b5:47:49:44:
60:e1:86:19:1c:d4:08:33:e0:15:47:0d:59:4a:f6:72:9d:99:
c8:c4:2a:d2:70:70:7f:da:1f:2e:f8:b2:c9:cb:a9:e6:d3:5a:
90:3b:62:ba:c0:15:66:98:04:68:8b:07:67:71:b0:a8:86:23:
8b:30:9b:a6
-----BEGIN CERTIFICATE-----
MIIGZDCCBUygAwIBAgIURvMQfqxykiNVELowcXXfSdZU4kcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yNDA4MzAxMTE4MTRaFw0yNTA4MjkxMTIzMTRaMDMxMTAvBgNV
BAMTKDNCMTI2QzlCRjBCMzYzQ0Y0QkM1RUMxMTBDODM0MzI1N0RDQ0E4NkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3tj45xhXMufhwDYdLkq04s7jK
LxuhalkOPcrwu9u2W+5nkufhZaHe+Vlrjtu4mXt4CH2kRDBeOg8Aq9IFR8xGfIxh
GchNk8c+E1s96xp6HrfuKRRKIqcYi4IY8rsSJ6KgtVHcTv6f+iSzaqzx7jP1YBZu
kdKs3UkUQrXihHwTbG3cpg0ZvNdSKj5r09nSgxuHlHW/jPb/faB4ewyIKyPWMyZa
dlGp2wPe4Zhudw0FzPni8N3UNF1LQU8siEtJVfrTMRr+XwgFSUqtHaN4NyzTWGQF
voIwSR1FJzinz/Bpa+aflB8UriIhmO1TbqoBMUS+hGaCPhUSpmcsudcs8z6PAgMB
AAGjggNuMIIDajAdBgNVHQ4EFgQUOxJsm/CzY89LxewRDINDJX3MqG0wHwYDVR0j
BBgwFoAUrFVUR7piw5EH8Wv1cvgqQX9yjb8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
OTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC9BQzU1NTQ0N0JB
NjJDMzkxMDdGMTZCRjU3MkY4MkE0MTdGNzI4REJGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3Rjcy
OERCRi5jZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jl
cG8tcnBraS5pZG5pYy5uZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00
ODRmMDI1ZGZmY2MvMC9BUzM4MDYwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMIIBjQYIKwYBBQUHAQcBAf8EggF8MIIBeDCCAXQEAgABMIIBbAMEAHBOhAME
AHBOhgMEAHBOjgMEAHBOkAMEAXBOlgMEAHBOmQMEAHBOsgMEAHBOvwMEAHVmSAME
AHVmSwMEAHVmTwMEAHVmUQMEAHVmYQMEAHVmeAMEAHZjQwMEAHZjSAMEAHZjazAM
AwQAdmNtAwQAdmNuAwQAdmNwAwQAdmN7AwQAtv0GAwQAtv0OAwQAtv0XAwQAtv0h
AwQAtv0kAwQAtv0oAwQAtv0qAwQBtv0sAwQAtv0+AwQAtv1XAwQAtv1iAwQAtv1q
AwQAtv10MAwDBAG2/XoDBAC2/XwDBAC2/X8DBAC2/YMDBAC2/YUDBAC2/YkDBAC2
/YsDBAC2/ZcwDAMEALb9uQMEALb9ugMEALb9wAMEALb9wgMEALb9ywMEALb91wME
ALb92QMEALb95DAMAwQBtv3yAwQBtv30AwQBtv36MAwDBADKqSUDBADKqSYDBADK
qS4DBADKqTgDBADLjkoDBADLjkwwDQYJKoZIhvcNAQELBQADggEBAC++WHR4inhL
TsAfOHBFId7H8yU9cY0q4EJNi2RfNeGoQZlE15/QY1Ubxxj/iEPrrlhwHDQj8nYr
pdUY5kY1FYxOsuUpImS80S5PreDr+Tc4a/56WJhfPAU920nCaQ0TP6QhiKW7LpXh
OlTKXp0NxdYsH2p8L50dsIoMH+fp8Zs/dXLd9J0zgIGSIghMcytE6gSkdNU0lWP5
vpi5MPS2JnwolW1y9Oqp6i0nLTNtbh3znRuLD+JRWNja8TC24LdFLnMTtUdJRGDh
hhkc1Agz4BVHDVlK9nKdmcjEKtJwcH/aHy74ssnLqebTWpA7YrrAFWaYBGiLB2dx
sKiGI4swm6Y=
-----END CERTIFICATE-----
Generated at Thu Mar 13 01:47:38 2025 by rpki-client