Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/AS24203.roa
File: AS24203.roa (raw, json)
Hash identifier: uCzL89fT+2rTp/PjfzcCLzCjNSE0Gj5NCg172nJhGEA=
Subject key identifier: 22:3B:9F:A6:66:C4:4B:7E:D3:97:96:8C:95:70:F7:F9:C5:13:99:D6
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 39B638E334DE7ECADCFB428BB52B2F1B28891BFD
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/AS24203.roa
Signing time: Thu 10 Oct 2024 11:35:01 +0000
ROA not before: Thu 10 Oct 2024 11:30:01 +0000
ROA not after: Thu 09 Oct 2025 11:35:01 +0000
asID: 24203
IP address blocks: 112.215.0.0/16 maxlen: 16
112.215.19.0/24 maxlen: 24
112.215.23.0/24 maxlen: 24
112.215.36.0/24 maxlen: 24
112.215.44.0/24 maxlen: 24
112.215.45.0/24 maxlen: 24
112.215.47.0/24 maxlen: 24
112.215.50.0/24 maxlen: 24
112.215.60.0/24 maxlen: 24
112.215.63.0/24 maxlen: 24
112.215.64.0/24 maxlen: 24
112.215.65.0/24 maxlen: 24
112.215.66.0/24 maxlen: 24
112.215.71.0/24 maxlen: 24
112.215.79.0/24 maxlen: 24
112.215.83.0/24 maxlen: 24
112.215.84.0/24 maxlen: 24
112.215.88.0/24 maxlen: 24
112.215.101.0/24 maxlen: 24
112.215.102.0/24 maxlen: 24
112.215.103.0/24 maxlen: 24
112.215.104.0/24 maxlen: 24
112.215.122.0/24 maxlen: 24
112.215.123.0/24 maxlen: 24
112.215.124.0/24 maxlen: 24
112.215.126.0/24 maxlen: 24
112.215.127.0/24 maxlen: 24
112.215.128.0/24 maxlen: 24
112.215.133.0/24 maxlen: 24
112.215.140.0/24 maxlen: 24
112.215.145.0/24 maxlen: 24
112.215.146.0/24 maxlen: 24
112.215.147.0/24 maxlen: 24
112.215.148.0/24 maxlen: 24
112.215.149.0/24 maxlen: 24
112.215.151.0/24 maxlen: 24
112.215.152.0/24 maxlen: 24
112.215.153.0/24 maxlen: 24
112.215.154.0/24 maxlen: 24
112.215.156.0/24 maxlen: 24
112.215.157.0/24 maxlen: 24
112.215.158.0/24 maxlen: 24
112.215.160.0/24 maxlen: 24
112.215.161.0/24 maxlen: 24
112.215.165.0/24 maxlen: 24
112.215.167.0/24 maxlen: 24
112.215.168.0/24 maxlen: 24
112.215.169.0/24 maxlen: 24
112.215.170.0/24 maxlen: 24
112.215.171.0/24 maxlen: 24
112.215.172.0/24 maxlen: 24
112.215.173.0/24 maxlen: 24
112.215.174.0/24 maxlen: 24
112.215.175.0/24 maxlen: 24
112.215.179.0/24 maxlen: 24
112.215.183.0/24 maxlen: 24
112.215.184.0/24 maxlen: 24
112.215.185.0/24 maxlen: 24
112.215.198.0/24 maxlen: 24
112.215.200.0/24 maxlen: 24
112.215.201.0/24 maxlen: 24
112.215.207.0/24 maxlen: 24
112.215.208.0/24 maxlen: 24
112.215.209.0/24 maxlen: 24
112.215.210.0/24 maxlen: 24
112.215.211.0/24 maxlen: 24
112.215.212.0/24 maxlen: 24
112.215.219.0/24 maxlen: 24
112.215.220.0/24 maxlen: 24
112.215.221.0/24 maxlen: 24
112.215.222.0/24 maxlen: 24
112.215.223.0/24 maxlen: 24
112.215.224.0/24 maxlen: 24
112.215.225.0/24 maxlen: 24
112.215.226.0/24 maxlen: 24
112.215.227.0/24 maxlen: 24
112.215.228.0/24 maxlen: 24
112.215.229.0/24 maxlen: 24
112.215.230.0/24 maxlen: 24
112.215.231.0/24 maxlen: 24
112.215.232.0/24 maxlen: 24
112.215.233.0/24 maxlen: 24
112.215.234.0/24 maxlen: 24
112.215.235.0/24 maxlen: 24
112.215.236.0/24 maxlen: 24
112.215.237.0/24 maxlen: 24
112.215.238.0/24 maxlen: 24
112.215.239.0/24 maxlen: 24
112.215.240.0/24 maxlen: 24
112.215.241.0/24 maxlen: 24
112.215.242.0/24 maxlen: 24
112.215.243.0/24 maxlen: 24
112.215.244.0/24 maxlen: 24
112.215.245.0/24 maxlen: 24
112.215.246.0/24 maxlen: 24
112.215.251.0/24 maxlen: 24
112.215.252.0/24 maxlen: 24
112.215.253.0/24 maxlen: 24
202.152.240.0/24 maxlen: 24
202.152.243.0/24 maxlen: 24
203.78.112.0/20 maxlen: 20
203.78.112.0/24 maxlen: 24
203.78.113.0/24 maxlen: 24
203.78.114.0/24 maxlen: 24
203.78.116.0/24 maxlen: 24
203.78.117.0/24 maxlen: 24
203.78.118.0/24 maxlen: 24
203.78.119.0/24 maxlen: 24
203.78.120.0/24 maxlen: 24
203.78.121.0/24 maxlen: 24
203.78.122.0/24 maxlen: 24
203.78.123.0/24 maxlen: 24
203.78.124.0/24 maxlen: 24
203.78.125.0/24 maxlen: 24
203.78.126.0/24 maxlen: 24
2400:9800:c::/48 maxlen: 48
2400:9800:10::/48 maxlen: 48
2400:9800:12::/48 maxlen: 48
2400:9800:14::/48 maxlen: 48
2400:9800:15::/48 maxlen: 48
2400:9800:500::/45 maxlen: 45
2400:9800:510::/45 maxlen: 45
2400:9800:520::/45 maxlen: 45
2400:9800:530::/45 maxlen: 45
2400:9800:540::/45 maxlen: 45
2400:9800:550::/45 maxlen: 45
2400:9800:590::/45 maxlen: 45
2400:9800:5a0::/45 maxlen: 45
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 25 Nov 2024 01:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:b6:38:e3:34:de:7e:ca:dc:fb:42:8b:b5:2b:2f:1b:28:89:1b:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Oct 10 11:30:01 2024 GMT
Not After : Oct 9 11:35:01 2025 GMT
Subject: CN=223B9FA666C44B7ED397968C9570F7F9C51399D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bc:e8:11:43:b8:31:e9:49:45:9f:a6:b4:63:
9d:b9:df:8f:fd:ee:2a:d0:9f:a3:f5:3c:f2:4c:bd:
03:a3:89:f3:94:9b:61:90:e2:36:a1:81:6f:13:60:
fa:4c:48:35:06:cd:99:3a:a7:c6:9d:b7:2e:aa:e2:
27:af:be:05:06:d2:02:5d:54:eb:8c:81:a7:b0:7f:
7e:41:dd:90:16:8b:8f:46:89:dc:99:16:ab:2c:bb:
74:98:c9:f6:bb:a2:c5:01:18:f4:ad:b2:09:6e:36:
3b:b3:09:56:79:ab:4e:61:6e:c0:c5:b0:4d:18:fc:
17:c1:42:17:f7:46:99:01:fd:9b:f1:54:07:41:7c:
5e:55:de:34:9b:d7:a2:a8:dd:88:da:41:3f:12:cc:
16:04:95:b5:00:74:fa:81:79:76:3a:2e:36:61:16:
d8:dc:d9:cd:54:e0:fc:f1:f3:5e:6b:de:41:09:03:
86:d9:45:40:cd:fd:3d:64:bf:50:c7:60:24:ed:6b:
c4:be:48:61:c7:96:26:49:1f:73:19:5f:7b:69:7f:
85:e9:d8:c7:c5:24:7e:ab:f3:b8:26:a1:03:54:40:
2b:2b:67:5c:33:ed:11:2c:dc:76:17:d2:b5:50:4b:
66:46:4a:a5:c6:58:4b:7d:87:f3:f9:f8:7c:ce:d8:
f9:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:3B:9F:A6:66:C4:4B:7E:D3:97:96:8C:95:70:F7:F9:C5:13:99:D6
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/AS24203.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
112.215.0.0/16
202.152.240.0/24
202.152.243.0/24
203.78.112.0/20
IPv6:
2400:9800:c::/48
2400:9800:10::/48
2400:9800:12::/48
2400:9800:14::/47
2400:9800:500::/45
2400:9800:510::/45
2400:9800:520::/45
2400:9800:530::/45
2400:9800:540::/45
2400:9800:550::/45
2400:9800:590::/45
2400:9800:5a0::/45
Signature Algorithm: sha256WithRSAEncryption
39:c4:3e:29:31:c6:5f:cf:3b:94:2c:e2:2a:d9:47:19:77:76:
21:ed:e9:f0:b4:b0:49:0b:5e:4d:d1:bf:a8:01:47:6f:eb:be:
69:45:8d:95:98:18:04:48:87:f1:02:df:da:6e:c8:93:d2:2e:
f5:30:d4:6e:97:e2:37:ae:65:29:29:35:74:c6:97:d9:a6:ba:
ff:05:84:7d:b2:b0:b7:65:27:6f:3c:ff:45:d6:6a:cc:8d:7e:
ba:ea:88:5b:ed:a3:82:38:ef:82:c7:d5:70:df:f3:35:30:8c:
3f:e7:2c:49:f4:0a:fe:e4:f7:6d:51:39:d8:29:2a:27:10:66:
77:54:fe:f2:36:f0:62:b1:13:a0:e6:f6:58:b8:03:99:58:5a:
45:6b:32:47:10:68:d9:fd:31:12:b8:0f:97:2d:da:05:3e:03:
1d:6e:bd:2b:7e:90:0f:7b:19:58:40:09:d2:48:18:18:05:c8:
d6:52:eb:c7:77:54:b9:80:e8:75:be:d9:7e:01:dd:1b:0e:7b:
c9:d6:34:c4:9d:c9:be:87:65:1c:b9:80:c5:df:37:31:e6:30:
a2:9d:ab:dc:a5:56:c6:c6:a7:25:0f:3a:78:15:17:e3:4c:63:
8d:e1:18:2a:6b:52:c2:19:c3:d6:d2:f3:72:db:62:53:d8:dc:
40:ef:ab:57
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIUObY44zTefsrc+0KLtSsvGyiJG/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yNDEwMTAxMTMwMDFaFw0yNTEwMDkxMTM1MDFaMDMxMTAvBgNV
BAMTKDIyM0I5RkE2NjZDNDRCN0VEMzk3OTY4Qzk1NzBGN0Y5QzUxMzk5RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2vOgRQ7gx6UlFn6a0Y52534/9
7irQn6P1PPJMvQOjifOUm2GQ4jahgW8TYPpMSDUGzZk6p8adty6q4ievvgUG0gJd
VOuMgaewf35B3ZAWi49GidyZFqssu3SYyfa7osUBGPStsgluNjuzCVZ5q05hbsDF
sE0Y/BfBQhf3RpkB/ZvxVAdBfF5V3jSb16Ko3YjaQT8SzBYElbUAdPqBeXY6LjZh
Ftjc2c1U4Pzx815r3kEJA4bZRUDN/T1kv1DHYCTta8S+SGHHliZJH3MZX3tpf4Xp
2MfFJH6r87gmoQNUQCsrZ1wz7REs3HYX0rVQS2ZGSqXGWEt9h/P5+HzO2PkbAgMB
AAGjggKGMIICgjAdBgNVHQ4EFgQUIjufpmbES37Tl5aMlXD3+cUTmdYwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jl
cG8tcnBraS5pZG5pYy5uZXQvcmVwby80YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04
ZDdlN2ZjMmMyMjcvMC9BUzI0MjAzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzAdBAIAATAXAwMAcNcDBADKmPADBADK
mPMDBATLTnAwcgQCAAIwbAMHACQAmAAADAMHACQAmAAAEAMHACQAmAAAEgMHASQA
mAAAFAMHAyQAmAAFAAMHAyQAmAAFEAMHAyQAmAAFIAMHAyQAmAAFMAMHAyQAmAAF
QAMHAyQAmAAFUAMHAyQAmAAFkAMHAyQAmAAFoDANBgkqhkiG9w0BAQsFAAOCAQEA
OcQ+KTHGX887lCziKtlHGXd2Ie3p8LSwSQteTdG/qAFHb+u+aUWNlZgYBEiH8QLf
2m7Ik9Iu9TDUbpfiN65lKSk1dMaX2aa6/wWEfbKwt2Unbzz/RdZqzI1+uuqIW+2j
gjjvgsfVcN/zNTCMP+csSfQK/uT3bVE52CkqJxBmd1T+8jbwYrEToOb2WLgDmVha
RWsyRxBo2f0xErgPly3aBT4DHW69K36QD3sZWEAJ0kgYGAXI1lLrx3dUuYDodb7Z
fgHdGw57ydY0xJ3JvodlHLmAxd83MeYwop2r3KVWxsanJQ86eBUX40xjjeEYKmtS
whnD1tLzcttiU9jcQO+rVw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:05:57 2024 by rpki-client on console-fra.rpki-client.org