Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS24203.roa
File: AS24203.roa (raw, json)
Hash identifier: oXVZzAc1BVWz8rI4bEPFSzCb/DwmmJ/Nlya3vD+jXrk=
Subject key identifier: C9:F5:2E:1B:A5:B2:1B:7C:EF:19:23:4A:66:D3:A7:AF:B9:EC:E8:64
Certificate issuer: /CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B
Certificate serial: 28B9D980F4F63C0D4FE7EB5A65F253E296BBE8A5
Authority key identifier: 10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS24203.roa
Signing time: Fri 18 Oct 2024 10:47:25 +0000
ROA not before: Fri 18 Oct 2024 10:42:25 +0000
ROA not after: Fri 17 Oct 2025 10:47:25 +0000
asID: 24203
IP address blocks: 140.213.0.0/16 maxlen: 16
140.213.0.0/24 maxlen: 24
140.213.2.0/24 maxlen: 24
140.213.4.0/24 maxlen: 24
140.213.5.0/24 maxlen: 24
140.213.6.0/24 maxlen: 24
140.213.7.0/24 maxlen: 24
140.213.9.0/24 maxlen: 24
140.213.11.0/24 maxlen: 24
140.213.13.0/24 maxlen: 24
140.213.14.0/24 maxlen: 24
140.213.15.0/24 maxlen: 24
140.213.16.0/24 maxlen: 24
140.213.17.0/24 maxlen: 24
140.213.18.0/24 maxlen: 24
140.213.19.0/24 maxlen: 24
140.213.20.0/24 maxlen: 24
140.213.21.0/24 maxlen: 24
140.213.22.0/24 maxlen: 24
140.213.23.0/24 maxlen: 24
140.213.24.0/24 maxlen: 24
140.213.25.0/24 maxlen: 24
140.213.26.0/24 maxlen: 24
140.213.27.0/24 maxlen: 24
140.213.28.0/24 maxlen: 24
140.213.29.0/24 maxlen: 24
140.213.30.0/24 maxlen: 24
140.213.31.0/24 maxlen: 24
140.213.32.0/24 maxlen: 24
140.213.33.0/24 maxlen: 24
140.213.34.0/24 maxlen: 24
140.213.35.0/24 maxlen: 24
140.213.36.0/24 maxlen: 24
140.213.37.0/24 maxlen: 24
140.213.38.0/24 maxlen: 24
140.213.39.0/24 maxlen: 24
140.213.40.0/24 maxlen: 24
140.213.41.0/24 maxlen: 24
140.213.42.0/24 maxlen: 24
140.213.43.0/24 maxlen: 24
140.213.44.0/24 maxlen: 24
140.213.45.0/24 maxlen: 24
140.213.46.0/24 maxlen: 24
140.213.48.0/24 maxlen: 24
140.213.49.0/24 maxlen: 24
140.213.51.0/24 maxlen: 24
140.213.52.0/24 maxlen: 24
140.213.53.0/24 maxlen: 24
140.213.55.0/24 maxlen: 24
140.213.56.0/24 maxlen: 24
140.213.57.0/24 maxlen: 24
140.213.58.0/24 maxlen: 24
140.213.59.0/24 maxlen: 24
140.213.60.0/24 maxlen: 24
140.213.62.0/24 maxlen: 24
140.213.63.0/24 maxlen: 24
140.213.64.0/24 maxlen: 24
140.213.65.0/24 maxlen: 24
140.213.66.0/24 maxlen: 24
140.213.67.0/24 maxlen: 24
140.213.68.0/24 maxlen: 24
140.213.69.0/24 maxlen: 24
140.213.70.0/24 maxlen: 24
140.213.71.0/24 maxlen: 24
140.213.72.0/24 maxlen: 24
140.213.73.0/24 maxlen: 24
140.213.74.0/24 maxlen: 24
140.213.75.0/24 maxlen: 24
140.213.76.0/24 maxlen: 24
140.213.78.0/24 maxlen: 24
140.213.79.0/24 maxlen: 24
140.213.80.0/24 maxlen: 24
140.213.81.0/24 maxlen: 24
140.213.82.0/24 maxlen: 24
140.213.86.0/24 maxlen: 24
140.213.87.0/24 maxlen: 24
140.213.98.0/24 maxlen: 24
140.213.99.0/24 maxlen: 24
140.213.100.0/24 maxlen: 24
140.213.101.0/24 maxlen: 24
140.213.102.0/24 maxlen: 24
140.213.103.0/24 maxlen: 24
140.213.104.0/24 maxlen: 24
140.213.105.0/24 maxlen: 24
140.213.106.0/24 maxlen: 24
140.213.107.0/24 maxlen: 24
140.213.108.0/24 maxlen: 24
140.213.109.0/24 maxlen: 24
140.213.110.0/24 maxlen: 24
140.213.112.0/24 maxlen: 24
140.213.113.0/24 maxlen: 24
140.213.114.0/24 maxlen: 24
140.213.115.0/24 maxlen: 24
140.213.116.0/24 maxlen: 24
140.213.117.0/24 maxlen: 24
140.213.120.0/24 maxlen: 24
140.213.121.0/24 maxlen: 24
140.213.122.0/24 maxlen: 24
140.213.123.0/24 maxlen: 24
140.213.124.0/24 maxlen: 24
140.213.125.0/24 maxlen: 24
140.213.126.0/24 maxlen: 24
140.213.127.0/24 maxlen: 24
140.213.128.0/24 maxlen: 24
140.213.129.0/24 maxlen: 24
140.213.130.0/24 maxlen: 24
140.213.131.0/24 maxlen: 24
140.213.132.0/24 maxlen: 24
140.213.133.0/24 maxlen: 24
140.213.134.0/24 maxlen: 24
140.213.135.0/24 maxlen: 24
140.213.136.0/24 maxlen: 24
140.213.137.0/24 maxlen: 24
140.213.139.0/24 maxlen: 24
140.213.140.0/24 maxlen: 24
140.213.141.0/24 maxlen: 24
140.213.142.0/24 maxlen: 24
140.213.143.0/24 maxlen: 24
140.213.144.0/24 maxlen: 24
140.213.145.0/24 maxlen: 24
140.213.146.0/24 maxlen: 24
140.213.147.0/24 maxlen: 24
140.213.148.0/24 maxlen: 24
140.213.149.0/24 maxlen: 24
140.213.150.0/24 maxlen: 24
140.213.151.0/24 maxlen: 24
140.213.153.0/24 maxlen: 24
140.213.154.0/24 maxlen: 24
140.213.155.0/24 maxlen: 24
140.213.156.0/24 maxlen: 24
140.213.158.0/24 maxlen: 24
140.213.159.0/24 maxlen: 24
140.213.160.0/24 maxlen: 24
140.213.161.0/24 maxlen: 24
140.213.162.0/24 maxlen: 24
140.213.163.0/24 maxlen: 24
140.213.164.0/24 maxlen: 24
140.213.165.0/24 maxlen: 24
140.213.166.0/24 maxlen: 24
140.213.167.0/24 maxlen: 24
140.213.168.0/24 maxlen: 24
140.213.169.0/24 maxlen: 24
140.213.170.0/24 maxlen: 24
140.213.171.0/24 maxlen: 24
140.213.172.0/24 maxlen: 24
140.213.173.0/24 maxlen: 24
140.213.174.0/24 maxlen: 24
140.213.175.0/24 maxlen: 24
140.213.176.0/24 maxlen: 24
140.213.177.0/24 maxlen: 24
140.213.178.0/24 maxlen: 24
140.213.179.0/24 maxlen: 24
140.213.180.0/24 maxlen: 24
140.213.181.0/24 maxlen: 24
140.213.182.0/24 maxlen: 24
140.213.183.0/24 maxlen: 24
140.213.184.0/24 maxlen: 24
140.213.185.0/24 maxlen: 24
140.213.191.0/24 maxlen: 24
140.213.204.0/24 maxlen: 24
140.213.206.0/24 maxlen: 24
140.213.207.0/24 maxlen: 24
140.213.208.0/24 maxlen: 24
140.213.209.0/24 maxlen: 24
140.213.218.0/24 maxlen: 24
140.213.219.0/24 maxlen: 24
140.213.220.0/24 maxlen: 24
140.213.221.0/24 maxlen: 24
140.213.222.0/24 maxlen: 24
140.213.224.0/24 maxlen: 24
140.213.226.0/24 maxlen: 24
140.213.227.0/24 maxlen: 24
140.213.228.0/24 maxlen: 24
140.213.229.0/24 maxlen: 24
140.213.230.0/24 maxlen: 24
140.213.231.0/24 maxlen: 24
140.213.232.0/24 maxlen: 24
140.213.233.0/24 maxlen: 24
140.213.237.0/24 maxlen: 24
140.213.238.0/24 maxlen: 24
140.213.239.0/24 maxlen: 24
140.213.240.0/24 maxlen: 24
140.213.241.0/24 maxlen: 24
140.213.242.0/24 maxlen: 24
140.213.243.0/24 maxlen: 24
140.213.244.0/24 maxlen: 24
140.213.245.0/24 maxlen: 24
140.213.246.0/24 maxlen: 24
140.213.254.0/24 maxlen: 24
140.213.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.crl
rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 23 Nov 2024 14:24:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:b9:d9:80:f4:f6:3c:0d:4f:e7:eb:5a:65:f2:53:e2:96:bb:e8:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B
Validity
Not Before: Oct 18 10:42:25 2024 GMT
Not After : Oct 17 10:47:25 2025 GMT
Subject: CN=C9F52E1BA5B21B7CEF19234A66D3A7AFB9ECE864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c7:d9:1c:57:4e:b0:e6:51:b0:52:76:52:b8:
fd:5c:8b:c5:8e:1f:e6:94:e5:26:79:ce:4e:1e:6f:
9d:89:44:11:d4:45:e3:28:8f:94:6a:8d:f7:10:3b:
6a:8f:03:40:34:48:f5:2b:97:ef:47:c8:e8:03:75:
8f:dc:5c:cf:bf:6f:86:c1:5c:00:d8:28:ce:ed:5b:
6d:2f:bf:91:c8:f3:bd:a1:9b:72:01:12:7d:e2:0c:
00:83:e5:ea:10:60:b8:cd:22:56:b5:b1:11:01:ff:
52:40:85:58:82:72:7c:71:d9:51:0a:e2:40:36:c4:
0c:e5:ce:e2:93:09:07:f1:a0:65:8c:8a:00:39:06:
19:c4:3a:cf:c9:07:fd:6d:dc:25:a1:40:4d:a7:78:
04:46:01:3f:02:83:6f:03:00:bc:db:17:08:0c:e1:
32:72:7e:81:94:5d:ae:c6:94:58:0e:54:14:1b:13:
c8:ce:b6:04:35:07:98:19:b5:7f:ff:19:4e:4c:39:
67:10:e2:d1:7f:2f:ae:53:64:b5:9b:63:5d:b4:aa:
e5:0e:3d:c5:a6:3a:39:4e:06:f4:d9:fb:b1:92:87:
b0:32:b1:91:cf:ca:0f:59:7c:a2:5f:b1:d2:56:40:
94:3a:ec:65:a2:20:10:7d:94:b5:2e:cd:2b:1a:e5:
2e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F5:2E:1B:A5:B2:1B:7C:EF:19:23:4A:66:D3:A7:AF:B9:EC:E8:64
X509v3 Authority Key Identifier:
keyid:10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS24203.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:59:9c:14:9b:c1:1e:58:2d:6e:b1:b7:c3:0e:54:d8:50:f3:
52:cc:0e:dc:32:c1:98:0e:d4:8c:61:68:a4:6c:e2:43:f2:8f:
e7:b9:86:d7:20:62:d6:74:ad:2f:86:8d:4b:6d:89:c0:e4:32:
e6:15:48:ca:bf:b3:8e:38:6e:0d:dc:be:65:62:c6:d8:7d:29:
8e:e8:54:42:dc:b0:39:c0:b7:5b:58:81:de:4c:ab:43:ec:f2:
a9:3f:34:68:26:1c:f1:16:db:8f:59:be:e3:8c:ef:41:13:6d:
2b:fc:4e:62:a2:06:b8:c5:f5:f8:1a:20:4a:27:82:9b:bd:da:
d8:c2:be:8e:73:25:8d:cb:e4:e8:ea:1f:77:14:37:94:89:bc:
be:59:66:b7:e4:52:c4:cd:c8:5e:d5:24:32:cb:d8:b5:79:00:
f1:6e:4c:71:26:dd:c1:19:64:1f:67:90:c9:89:7c:d5:41:d9:
ec:45:cf:ed:e5:39:bd:2a:0c:00:8e:ba:5e:62:1a:0e:62:1a:
73:61:2d:0a:c2:5c:b0:df:a3:eb:7b:2f:44:82:19:e1:64:36:
03:16:44:38:8e:59:68:bb:81:e5:47:67:ed:b2:eb:ae:00:ad:
32:c9:49:b0:37:c8:87:6c:ca:a4:4a:e3:42:81:8a:e6:3c:64:
db:ec:11:43
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIUKLnZgPT2PA1P5+taZfJT4pa76KUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTBCQUI3OTA3RDk1M0EwRDVGREVCNUMyMEM5RjI5QkNG
QzY2MEExQjAeFw0yNDEwMTgxMDQyMjVaFw0yNTEwMTcxMDQ3MjVaMDMxMTAvBgNV
BAMTKEM5RjUyRTFCQTVCMjFCN0NFRjE5MjM0QTY2RDNBN0FGQjlFQ0U4NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnx9kcV06w5lGwUnZSuP1ci8WO
H+aU5SZ5zk4eb52JRBHUReMoj5RqjfcQO2qPA0A0SPUrl+9HyOgDdY/cXM+/b4bB
XADYKM7tW20vv5HI872hm3IBEn3iDACD5eoQYLjNIla1sREB/1JAhViCcnxx2VEK
4kA2xAzlzuKTCQfxoGWMigA5BhnEOs/JB/1t3CWhQE2neARGAT8Cg28DALzbFwgM
4TJyfoGUXa7GlFgOVBQbE8jOtgQ1B5gZtX//GU5MOWcQ4tF/L65TZLWbY120quUO
PcWmOjlOBvTZ+7GSh7AysZHPyg9ZfKJfsdJWQJQ67GWiIBB9lLUuzSsa5S5vAgMB
AAGjggH9MIIB+TAdBgNVHQ4EFgQUyfUuG6WyG3zvGSNKZtOnr7ns6GQwHwYDVR0j
BBgwFoAUELq3kH2VOg1f3rXCDJ8pvPxmChswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMS8xMEJBQjc5MDdE
OTUzQTBENUZERUI1QzIwQzlGMjlCQ0ZDNjYwQTFCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvMTBCQUI3OTA3RDk1M0EwRDVGREVCNUMyMEM5RjI5QkNGQzY2
MEExQi5jZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jl
cG8tcnBraS5pZG5pYy5uZXQvcmVwby80YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04
ZDdlN2ZjMmMyMjcvMS9BUzI0MjAzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjNUwDQYJKoZIhvcNAQEL
BQADggEBACBZnBSbwR5YLW6xt8MOVNhQ81LMDtwywZgO1IxhaKRs4kPyj+e5htcg
YtZ0rS+GjUtticDkMuYVSMq/s444bg3cvmVixth9KY7oVELcsDnAt1tYgd5Mq0Ps
8qk/NGgmHPEW249ZvuOM70ETbSv8TmKiBrjF9fgaIEongpu92tjCvo5zJY3L5Ojq
H3cUN5SJvL5ZZrfkUsTNyF7VJDLL2LV5APFuTHEm3cEZZB9nkMmJfNVB2exFz+3l
Ob0qDACOul5iGg5iGnNhLQrCXLDfo+t7L0SCGeFkNgMWRDiOWWi7geVHZ+2y664A
rTLJSbA3yIdsyqRK40KBiuY8ZNvsEUM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:46:56 2024 by rpki-client on console-ams.rpki-client.org