Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS24203.roa
File: AS24203.roa (raw, json)
Hash identifier: Fwzv81rTbARnDS1HU1wuZmLKDKMPADgs2bsu+nS3+18=
Subject key identifier: 34:0B:AB:E0:03:DD:DA:73:FE:E5:5D:74:BB:67:15:79:44:03:0B:17
Certificate issuer: /CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B
Certificate serial: 43D43CCF23E20C914926A9A9A02968E85B5F20F1
Authority key identifier: 10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS24203.roa
Signing time: Thu 07 Mar 2024 04:38:35 +0000
ROA not before: Thu 07 Mar 2024 04:33:35 +0000
ROA not after: Thu 06 Mar 2025 04:38:35 +0000
asID: 24203
IP address blocks: 140.213.0.0/16 maxlen: 16
140.213.0.0/24 maxlen: 24
140.213.2.0/24 maxlen: 24
140.213.4.0/24 maxlen: 24
140.213.5.0/24 maxlen: 24
140.213.6.0/24 maxlen: 24
140.213.7.0/24 maxlen: 24
140.213.9.0/24 maxlen: 24
140.213.11.0/24 maxlen: 24
140.213.13.0/24 maxlen: 24
140.213.14.0/24 maxlen: 24
140.213.15.0/24 maxlen: 24
140.213.16.0/24 maxlen: 24
140.213.17.0/24 maxlen: 24
140.213.18.0/24 maxlen: 24
140.213.19.0/24 maxlen: 24
140.213.20.0/24 maxlen: 24
140.213.21.0/24 maxlen: 24
140.213.22.0/24 maxlen: 24
140.213.23.0/24 maxlen: 24
140.213.24.0/24 maxlen: 24
140.213.25.0/24 maxlen: 24
140.213.26.0/24 maxlen: 24
140.213.27.0/24 maxlen: 24
140.213.28.0/24 maxlen: 24
140.213.29.0/24 maxlen: 24
140.213.30.0/24 maxlen: 24
140.213.31.0/24 maxlen: 24
140.213.32.0/24 maxlen: 24
140.213.33.0/24 maxlen: 24
140.213.34.0/24 maxlen: 24
140.213.35.0/24 maxlen: 24
140.213.36.0/24 maxlen: 24
140.213.37.0/24 maxlen: 24
140.213.38.0/24 maxlen: 24
140.213.39.0/24 maxlen: 24
140.213.40.0/24 maxlen: 24
140.213.41.0/24 maxlen: 24
140.213.42.0/24 maxlen: 24
140.213.43.0/24 maxlen: 24
140.213.44.0/24 maxlen: 24
140.213.45.0/24 maxlen: 24
140.213.46.0/24 maxlen: 24
140.213.48.0/24 maxlen: 24
140.213.49.0/24 maxlen: 24
140.213.51.0/24 maxlen: 24
140.213.52.0/24 maxlen: 24
140.213.53.0/24 maxlen: 24
140.213.55.0/24 maxlen: 24
140.213.56.0/24 maxlen: 24
140.213.57.0/24 maxlen: 24
140.213.58.0/24 maxlen: 24
140.213.59.0/24 maxlen: 24
140.213.60.0/24 maxlen: 24
140.213.62.0/24 maxlen: 24
140.213.63.0/24 maxlen: 24
140.213.64.0/24 maxlen: 24
140.213.65.0/24 maxlen: 24
140.213.66.0/24 maxlen: 24
140.213.67.0/24 maxlen: 24
140.213.68.0/24 maxlen: 24
140.213.69.0/24 maxlen: 24
140.213.70.0/24 maxlen: 24
140.213.71.0/24 maxlen: 24
140.213.72.0/24 maxlen: 24
140.213.73.0/24 maxlen: 24
140.213.74.0/24 maxlen: 24
140.213.75.0/24 maxlen: 24
140.213.76.0/24 maxlen: 24
140.213.78.0/24 maxlen: 24
140.213.79.0/24 maxlen: 24
140.213.80.0/24 maxlen: 24
140.213.81.0/24 maxlen: 24
140.213.82.0/24 maxlen: 24
140.213.86.0/24 maxlen: 24
140.213.87.0/24 maxlen: 24
140.213.98.0/24 maxlen: 24
140.213.99.0/24 maxlen: 24
140.213.100.0/24 maxlen: 24
140.213.101.0/24 maxlen: 24
140.213.102.0/24 maxlen: 24
140.213.103.0/24 maxlen: 24
140.213.104.0/24 maxlen: 24
140.213.105.0/24 maxlen: 24
140.213.106.0/24 maxlen: 24
140.213.107.0/24 maxlen: 24
140.213.108.0/24 maxlen: 24
140.213.109.0/24 maxlen: 24
140.213.110.0/24 maxlen: 24
140.213.112.0/24 maxlen: 24
140.213.113.0/24 maxlen: 24
140.213.114.0/24 maxlen: 24
140.213.115.0/24 maxlen: 24
140.213.116.0/24 maxlen: 24
140.213.117.0/24 maxlen: 24
140.213.120.0/24 maxlen: 24
140.213.121.0/24 maxlen: 24
140.213.122.0/24 maxlen: 24
140.213.123.0/24 maxlen: 24
140.213.124.0/24 maxlen: 24
140.213.125.0/24 maxlen: 24
140.213.126.0/24 maxlen: 24
140.213.127.0/24 maxlen: 24
140.213.128.0/24 maxlen: 24
140.213.129.0/24 maxlen: 24
140.213.130.0/24 maxlen: 24
140.213.131.0/24 maxlen: 24
140.213.132.0/24 maxlen: 24
140.213.133.0/24 maxlen: 24
140.213.134.0/24 maxlen: 24
140.213.135.0/24 maxlen: 24
140.213.136.0/24 maxlen: 24
140.213.137.0/24 maxlen: 24
140.213.139.0/24 maxlen: 24
140.213.140.0/24 maxlen: 24
140.213.141.0/24 maxlen: 24
140.213.142.0/24 maxlen: 24
140.213.143.0/24 maxlen: 24
140.213.144.0/24 maxlen: 24
140.213.145.0/24 maxlen: 24
140.213.146.0/24 maxlen: 24
140.213.147.0/24 maxlen: 24
140.213.148.0/24 maxlen: 24
140.213.149.0/24 maxlen: 24
140.213.150.0/24 maxlen: 24
140.213.151.0/24 maxlen: 24
140.213.153.0/24 maxlen: 24
140.213.154.0/24 maxlen: 24
140.213.155.0/24 maxlen: 24
140.213.156.0/24 maxlen: 24
140.213.158.0/24 maxlen: 24
140.213.159.0/24 maxlen: 24
140.213.160.0/24 maxlen: 24
140.213.161.0/24 maxlen: 24
140.213.162.0/24 maxlen: 24
140.213.163.0/24 maxlen: 24
140.213.164.0/24 maxlen: 24
140.213.165.0/24 maxlen: 24
140.213.166.0/24 maxlen: 24
140.213.167.0/24 maxlen: 24
140.213.168.0/24 maxlen: 24
140.213.169.0/24 maxlen: 24
140.213.170.0/24 maxlen: 24
140.213.171.0/24 maxlen: 24
140.213.172.0/24 maxlen: 24
140.213.173.0/24 maxlen: 24
140.213.174.0/24 maxlen: 24
140.213.175.0/24 maxlen: 24
140.213.176.0/24 maxlen: 24
140.213.177.0/24 maxlen: 24
140.213.178.0/24 maxlen: 24
140.213.179.0/24 maxlen: 24
140.213.180.0/24 maxlen: 24
140.213.181.0/24 maxlen: 24
140.213.182.0/24 maxlen: 24
140.213.183.0/24 maxlen: 24
140.213.191.0/24 maxlen: 24
140.213.204.0/24 maxlen: 24
140.213.206.0/24 maxlen: 24
140.213.207.0/24 maxlen: 24
140.213.208.0/24 maxlen: 24
140.213.209.0/24 maxlen: 24
140.213.218.0/24 maxlen: 24
140.213.219.0/24 maxlen: 24
140.213.220.0/24 maxlen: 24
140.213.221.0/24 maxlen: 24
140.213.222.0/24 maxlen: 24
140.213.224.0/24 maxlen: 24
140.213.226.0/24 maxlen: 24
140.213.227.0/24 maxlen: 24
140.213.228.0/24 maxlen: 24
140.213.229.0/24 maxlen: 24
140.213.230.0/24 maxlen: 24
140.213.231.0/24 maxlen: 24
140.213.232.0/24 maxlen: 24
140.213.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.crl
rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 07 May 2024 17:02:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:d4:3c:cf:23:e2:0c:91:49:26:a9:a9:a0:29:68:e8:5b:5f:20:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B
Validity
Not Before: Mar 7 04:33:35 2024 GMT
Not After : Mar 6 04:38:35 2025 GMT
Subject: CN=340BABE003DDDA73FEE55D74BB67157944030B17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:11:1f:2b:ce:99:d6:63:fc:3f:19:68:de:5b:
0c:a9:b9:32:70:2a:f8:a2:27:24:c5:51:32:f9:66:
f7:99:77:4d:43:36:75:a1:df:12:dc:c4:57:ac:b5:
ed:d6:f1:ab:1b:4e:0b:e5:7b:9f:53:56:cd:f3:14:
80:c1:0d:59:7f:d1:be:fb:e2:9f:7e:ca:b6:d3:de:
75:62:e9:38:6e:e6:a1:de:99:de:d1:e9:83:a4:8b:
50:f2:cf:a6:57:58:55:c7:77:1b:72:19:ce:f6:77:
db:4b:33:e9:5c:e5:31:23:2f:4c:0d:57:18:69:bf:
ac:a3:5e:8e:20:3a:96:cc:c2:9b:03:88:8b:2f:eb:
0f:78:a1:2c:fb:d7:34:fb:6a:21:6d:d3:13:5d:20:
8b:3d:96:21:87:6a:ac:68:cd:01:e2:c9:63:6a:82:
62:7f:c2:21:92:45:28:54:fc:87:f5:04:03:34:15:
7c:63:85:74:11:01:48:9d:1d:ae:cc:29:be:13:1c:
49:05:c2:2f:3c:ff:6a:a4:0f:97:c2:e7:83:5c:0e:
c3:7a:e5:52:14:42:7e:00:2b:e9:9d:eb:60:1b:8d:
c5:8d:1d:6c:1e:a7:28:6c:cc:21:64:e7:c6:b3:3d:
19:e3:8d:40:16:22:31:27:0b:55:02:78:bd:f0:22:
28:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:0B:AB:E0:03:DD:DA:73:FE:E5:5D:74:BB:67:15:79:44:03:0B:17
X509v3 Authority Key Identifier:
keyid:10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS24203.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:2c:fd:59:43:af:4b:39:8f:99:cc:5b:cb:0f:77:fa:7a:0b:
e3:8c:7b:da:94:b7:ec:d0:05:42:22:d7:3e:fb:97:43:24:2d:
82:d8:25:7f:5e:64:5a:08:56:7e:c8:9a:4a:18:ff:e2:f2:da:
2b:78:43:99:54:5a:3d:f9:d9:d3:66:6a:c8:f4:b8:39:59:97:
db:64:a7:d6:88:b2:7b:28:01:4e:a7:48:38:38:dd:96:2f:60:
23:9f:62:19:9e:c6:93:7f:8c:d6:eb:69:75:21:b3:2e:7a:9c:
2b:86:3d:91:20:09:fb:1c:39:3c:88:a1:56:de:4d:90:01:c1:
82:15:9f:a6:76:ac:56:f3:a1:d9:ef:1c:d2:77:56:bb:aa:d7:
f2:85:19:84:4e:76:1b:3a:83:ed:b7:b0:db:bb:18:40:d6:32:
7b:0b:7b:70:41:af:1f:6b:3a:04:2d:dd:13:28:fb:b3:76:42:
89:6e:a1:a1:e5:30:1d:42:d7:ae:d2:9b:e8:01:a5:6d:9f:69:
06:62:5f:93:2b:4b:09:48:7c:78:48:ac:dd:b1:47:47:ea:66:
30:b3:2b:4d:40:92:5d:58:54:e7:be:0e:3e:65:ad:d1:44:99:
04:00:87:9c:8b:21:b5:ae:87:15:6e:59:41:a5:e5:68:2a:22:
bf:58:a4:b5
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIUQ9Q8zyPiDJFJJqmpoClo6FtfIPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTBCQUI3OTA3RDk1M0EwRDVGREVCNUMyMEM5RjI5QkNG
QzY2MEExQjAeFw0yNDAzMDcwNDMzMzVaFw0yNTAzMDYwNDM4MzVaMDMxMTAvBgNV
BAMTKDM0MEJBQkUwMDNERERBNzNGRUU1NUQ3NEJCNjcxNTc5NDQwMzBCMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxER8rzpnWY/w/GWjeWwypuTJw
KviiJyTFUTL5ZveZd01DNnWh3xLcxFeste3W8asbTgvle59TVs3zFIDBDVl/0b77
4p9+yrbT3nVi6Thu5qHemd7R6YOki1Dyz6ZXWFXHdxtyGc72d9tLM+lc5TEjL0wN
Vxhpv6yjXo4gOpbMwpsDiIsv6w94oSz71zT7aiFt0xNdIIs9liGHaqxozQHiyWNq
gmJ/wiGSRShU/If1BAM0FXxjhXQRAUidHa7MKb4THEkFwi88/2qkD5fC54NcDsN6
5VIUQn4AK+md62AbjcWNHWwepyhszCFk58azPRnjjUAWIjEnC1UCeL3wIigVAgMB
AAGjggH9MIIB+TAdBgNVHQ4EFgQUNAur4APd2nP+5V10u2cVeUQDCxcwHwYDVR0j
BBgwFoAUELq3kH2VOg1f3rXCDJ8pvPxmChswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMS8xMEJBQjc5MDdE
OTUzQTBENUZERUI1QzIwQzlGMjlCQ0ZDNjYwQTFCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvMTBCQUI3OTA3RDk1M0EwRDVGREVCNUMyMEM5RjI5QkNGQzY2
MEExQi5jZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jl
cG8tcnBraS5pZG5pYy5uZXQvcmVwby80YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04
ZDdlN2ZjMmMyMjcvMS9BUzI0MjAzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjNUwDQYJKoZIhvcNAQEL
BQADggEBAKks/VlDr0s5j5nMW8sPd/p6C+OMe9qUt+zQBUIi1z77l0MkLYLYJX9e
ZFoIVn7ImkoY/+Ly2it4Q5lUWj352dNmasj0uDlZl9tkp9aIsnsoAU6nSDg43ZYv
YCOfYhmexpN/jNbraXUhsy56nCuGPZEgCfscOTyIoVbeTZABwYIVn6Z2rFbzodnv
HNJ3Vruq1/KFGYROdhs6g+23sNu7GEDWMnsLe3BBrx9rOgQt3RMo+7N2QoluoaHl
MB1C167Sm+gBpW2faQZiX5MrSwlIfHhIrN2xR0fqZjCzK01Akl1YVOe+Dj5lrdFE
mQQAh5yLIbWuhxVuWUGl5WgqIr9YpLU=
-----END CERTIFICATE-----
Generated at Sat May 4 20:35:44 2024 by rpki-client on console-fra.rpki-client.org