Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS4800.roa
File: AS4800.roa (raw, json)
Hash identifier: KzM1XQPWaeTSidncs79G+qNQDKSxr/N29jv9eWtEuC0=
Subject key identifier: 89:D8:B1:A8:A5:EC:2D:1F:DC:B7:53:3C:4A:4A:B3:83:15:CE:75:0D
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 373BBCDFE910F9DAD4951C0710FDB676ED3AAD80
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS4800.roa
Signing time: Thu 06 Feb 2025 10:44:55 +0000
ROA not before: Thu 06 Feb 2025 10:39:55 +0000
ROA not after: Thu 05 Feb 2026 10:44:55 +0000
asID: 4800
IP address blocks: 157.66.52.0/23 maxlen: 24
157.66.112.0/23 maxlen: 24
157.66.114.0/23 maxlen: 24
157.66.116.0/23 maxlen: 24
157.66.136.0/23 maxlen: 24
157.66.200.0/23 maxlen: 24
157.66.202.0/23 maxlen: 24
157.66.204.0/23 maxlen: 24
157.66.206.0/23 maxlen: 24
157.66.212.0/23 maxlen: 24
157.66.214.0/23 maxlen: 24
157.66.228.0/23 maxlen: 24
157.66.230.0/23 maxlen: 24
157.66.232.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Apr 2025 21:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:3b:bc:df:e9:10:f9:da:d4:95:1c:07:10:fd:b6:76:ed:3a:ad:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 6 10:39:55 2025 GMT
Not After : Feb 5 10:44:55 2026 GMT
Subject: CN=89D8B1A8A5EC2D1FDCB7533C4A4AB38315CE750D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:12:8d:e1:b6:81:cf:1f:81:26:39:23:8c:d6:
9c:ea:04:58:92:25:a1:77:fe:30:79:98:cb:da:30:
8e:f6:51:03:82:49:0c:48:6f:70:58:a8:f4:2a:22:
2d:23:1d:55:37:e6:23:61:1f:15:9e:8b:54:90:49:
62:28:ff:fa:79:4b:22:af:09:88:af:88:53:28:0a:
a2:f0:c9:34:5a:74:c7:72:60:9e:d5:aa:4b:af:1f:
c3:26:66:91:6b:6c:b8:55:ef:26:7c:f7:48:48:23:
91:ad:fc:33:68:9b:fd:f4:86:e8:cb:40:38:66:f3:
4c:fa:4d:df:fa:e2:97:6c:b7:de:15:26:30:05:14:
6d:93:1c:ad:97:27:4c:ff:65:cf:a0:5d:27:e4:4b:
b0:79:97:0b:2e:a3:d4:e7:f7:f9:86:8f:d4:90:92:
d0:15:c5:44:20:59:fa:20:d6:4f:b7:e7:38:79:b5:
3f:48:92:d1:49:df:a0:13:bd:73:69:54:9e:1f:ae:
70:9d:48:0f:8c:93:0e:51:2f:30:6c:ac:73:ff:34:
32:45:d0:b0:6b:7c:ab:3b:aa:bf:c4:28:ad:f7:20:
80:5a:5b:7c:ca:fa:53:33:84:95:f9:61:4e:29:21:
8c:3f:67:f7:1f:30:50:62:5e:28:c7:b4:df:1e:ec:
3b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D8:B1:A8:A5:EC:2D:1F:DC:B7:53:3C:4A:4A:B3:83:15:CE:75:0D
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS4800.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.66.52.0/23
157.66.112.0-157.66.117.255
157.66.136.0/23
157.66.200.0/21
157.66.212.0/22
157.66.228.0-157.66.233.255
Signature Algorithm: sha256WithRSAEncryption
22:4e:c2:51:0f:44:e9:37:e8:be:0e:b0:8a:b8:f4:01:c1:29:
41:83:4b:e1:d5:47:0c:e8:ee:c4:9f:a9:8e:b3:16:9c:d8:f7:
7d:9f:65:15:2c:2d:2a:1f:bc:72:7f:3d:d8:f9:09:6e:ca:52:
b8:31:fe:df:b7:4a:c1:ee:40:93:1c:5e:1e:9f:48:91:55:f0:
42:0d:b6:20:8d:a9:ff:fa:8a:a2:c5:71:25:65:d7:7d:8c:84:
0d:77:b9:f9:82:cf:00:7d:bd:e6:45:0f:d3:88:9f:7b:5e:fe:
d4:c0:72:d5:75:4b:cb:f2:20:16:3c:ef:eb:67:f2:c1:b9:77:
ac:96:e8:70:42:69:05:e8:9a:00:24:3a:6d:87:eb:bd:dd:1f:
dd:0b:2a:99:f9:d0:ca:24:49:4f:89:93:e8:80:7f:be:74:cb:
b4:8d:59:ee:c9:81:bd:0b:e1:a1:9d:e2:68:32:eb:f7:c3:0a:
70:5a:a8:2e:1f:e7:d4:e1:a8:d8:64:6f:09:7b:a4:86:51:f1:
dc:9e:8c:52:8a:3c:d0:cb:8c:e3:28:1b:b0:93:0e:5e:77:d2:
a2:05:7e:84:bd:db:f1:88:c0:6c:df:82:90:57:6a:84:1b:1c:
61:4d:1e:b3:d2:15:4e:fb:fb:2f:90:02:a2:9c:0c:09:b8:90:
6d:99:3e:e2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIUNzu83+kQ+drUlRwHEP22du06rYAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1NVoX
DTI2MDIwNTEwNDQ1NVowMzExMC8GA1UEAxMoODlEOEIxQThBNUVDMkQxRkRDQjc1
MzNDNEE0QUIzODMxNUNFNzUwRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMISjeG2gc8fgSY5I4zWnOoEWJIloXf+MHmYy9owjvZRA4JJDEhvcFio9Coi
LSMdVTfmI2EfFZ6LVJBJYij/+nlLIq8JiK+IUygKovDJNFp0x3JgntWqS68fwyZm
kWtsuFXvJnz3SEgjka38M2ib/fSG6MtAOGbzTPpN3/ril2y33hUmMAUUbZMcrZcn
TP9lz6BdJ+RLsHmXCy6j1Of3+YaP1JCS0BXFRCBZ+iDWT7fnOHm1P0iS0UnfoBO9
c2lUnh+ucJ1ID4yTDlEvMGysc/80MkXQsGt8qzuqv8QorfcggFpbfMr6UzOElflh
TikhjD9n9x8wUGJeKMe03x7sO/cCAwEAAaOCAfwwggH4MB0GA1UdDgQWBBSJ2LGo
pewtH9y3UzxKSrODFc51DTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzQ4MDAucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwTQYIKwYBBQUHAQcBAf8EPjA8MDoE
AgABMDQDBAGdQjQwDAMEBJ1CcAMEAZ1CdAMEAZ1CiAMEA51CyAMEAp1C1DAMAwQC
nULkAwQBnULoMA0GCSqGSIb3DQEBCwUAA4IBAQAiTsJRD0TpN+i+DrCKuPQBwSlB
g0vh1UcM6O7En6mOsxac2Pd9n2UVLC0qH7xyfz3Y+QluylK4Mf7ft0rB7kCTHF4e
n0iRVfBCDbYgjan/+oqixXElZdd9jIQNd7n5gs8Afb3mRQ/TiJ97Xv7UwHLVdUvL
8iAWPO/rZ/LBuXesluhwQmkF6JoAJDpth+u93R/dCyqZ+dDKJElPiZPogH++dMu0
jVnuyYG9C+GhneJoMuv3wwpwWqguH+fU4ajYZG8Je6SGUfHcnoxSijzQy4zjKBuw
kw5ed9KiBX6EvdvxiMBs34KQV2qEGxxhTR6z0hVO+/svkAKinAwJuJBtmT7i
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:56:00 2025 by rpki-client