Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS131769.roa
File: AS131769.roa (raw, json)
Hash identifier: 86GEcSuvG7JPWSL0tFDSdqrwDiYl6tve8PiehUaqLFE=
Subject key identifier: 45:ED:49:5B:05:EC:24:79:40:E6:04:C1:6A:B1:2E:52:93:7E:17:30
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 0A889B2D72EA924DC92E75F47F84D7D9A59CA302
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS131769.roa
Signing time: Mon 26 May 2025 07:57:11 +0000
ROA not before: Mon 26 May 2025 07:52:11 +0000
ROA not after: Mon 25 May 2026 07:57:11 +0000
asID: 131769
IP address blocks: 103.16.132.0/23 maxlen: 24
103.211.160.0/24 maxlen: 24
103.227.148.0/23 maxlen: 24
203.18.39.0/24 maxlen: 24
203.153.20.0/22 maxlen: 24
210.87.122.0/24 maxlen: 24
2400:c080::/32 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 06 Jun 2025 21:09:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:88:9b:2d:72:ea:92:4d:c9:2e:75:f4:7f:84:d7:d9:a5:9c:a3:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: May 26 07:52:11 2025 GMT
Not After : May 25 07:57:11 2026 GMT
Subject: CN=45ED495B05EC247940E604C16AB12E52937E1730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:16:21:d7:ec:ea:40:66:2d:03:1f:2c:28:78:
24:2f:a2:c3:72:7c:e5:bc:d2:81:43:4d:7b:56:62:
5d:ca:37:c6:16:c0:f0:b8:b8:ba:a7:68:60:79:48:
43:dd:57:11:c2:d8:21:c4:78:61:23:20:19:39:06:
75:5c:00:38:53:3f:af:cb:5c:b6:ba:49:4c:3f:ca:
86:42:67:11:7c:ac:b4:5e:39:0f:63:86:e5:ec:a8:
98:48:d0:a7:63:94:b6:1a:81:43:cf:94:d4:ed:e3:
a3:74:05:56:d6:06:db:d1:5c:cb:ce:73:c0:04:bb:
4c:d3:65:a2:13:49:95:6a:ce:a3:b6:7a:6e:5e:ca:
87:ae:35:f1:1d:d3:c6:fc:c4:2f:13:ab:4b:c9:41:
dd:11:35:87:f3:30:9b:67:35:49:d1:b6:fc:b2:7b:
c6:ba:44:ce:35:19:15:3a:09:12:32:90:13:0a:5c:
b7:01:c5:55:69:84:7d:e5:97:60:c5:5a:10:fb:72:
0c:ca:84:65:d1:37:ee:70:dc:b0:4f:b4:9b:c6:cd:
44:d3:9e:06:a6:ea:cd:54:59:3e:9e:bc:83:68:27:
da:4a:d0:1b:86:fd:0a:21:55:eb:44:a0:37:86:36:
de:09:42:78:6d:46:5e:e3:88:6a:e4:c8:8a:5c:9e:
79:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:ED:49:5B:05:EC:24:79:40:E6:04:C1:6A:B1:2E:52:93:7E:17:30
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS131769.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.16.132.0/23
103.211.160.0/24
103.227.148.0/23
203.18.39.0/24
203.153.20.0/22
210.87.122.0/24
IPv6:
2400:c080::/32
Signature Algorithm: sha256WithRSAEncryption
9a:87:2d:c1:da:fd:8b:cd:02:93:33:c3:96:bb:78:73:9d:27:
63:5f:06:92:46:7f:88:1c:9f:07:18:ca:6c:58:fa:50:02:f6:
0f:5e:b5:de:89:46:aa:b3:c1:a2:f3:ed:66:11:15:7c:10:e3:
7e:c4:a7:00:60:b6:bd:5f:a0:b0:60:9d:d2:25:2c:e6:fd:35:
8b:60:94:0d:bc:c7:62:8b:5a:67:1b:b0:93:5b:84:70:1e:1f:
d3:f4:06:bf:7a:49:55:e1:c0:5a:21:70:59:15:6e:75:5d:ca:
1e:d9:2d:02:43:c4:df:ff:97:b8:98:45:37:a5:e9:3f:47:91:
fe:3d:37:b8:71:2e:c5:b1:37:fa:66:74:18:25:13:b5:d6:70:
62:fd:44:dc:b8:69:f5:cf:3c:a1:8b:b3:fb:d6:7b:07:00:22:
bf:e4:23:da:e0:08:71:0d:bf:9d:b9:76:a7:94:b2:24:40:e5:
19:0b:0c:71:f5:42:ee:c0:20:01:da:d4:6a:93:12:c2:08:56:
bc:0c:ac:77:fc:6c:ef:51:a6:a2:06:e2:a3:ed:14:74:33:9b:
a8:6b:6c:a4:d2:00:bc:89:3d:7d:ba:62:a6:33:ca:71:19:5b:
07:67:bd:bb:9c:19:d1:05:eb:97:09:79:90:5a:4f:ec:99:bd:
98:53:e7:6b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIUCoibLXLqkk3JLnX0f4TX2aWcowIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUyNjA3NTIxMVoX
DTI2MDUyNTA3NTcxMVowMzExMC8GA1UEAxMoNDVFRDQ5NUIwNUVDMjQ3OTQwRTYw
NEMxNkFCMTJFNTI5MzdFMTczMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8WIdfs6kBmLQMfLCh4JC+iw3J85bzSgUNNe1ZiXco3xhbA8Li4uqdoYHlI
Q91XEcLYIcR4YSMgGTkGdVwAOFM/r8tctrpJTD/KhkJnEXystF45D2OG5eyomEjQ
p2OUthqBQ8+U1O3jo3QFVtYG29Fcy85zwAS7TNNlohNJlWrOo7Z6bl7Kh6418R3T
xvzELxOrS8lB3RE1h/Mwm2c1SdG2/LJ7xrpEzjUZFToJEjKQEwpctwHFVWmEfeWX
YMVaEPtyDMqEZdE37nDcsE+0m8bNRNOeBqbqzVRZPp68g2gn2krQG4b9CiFV60Sg
N4Y23glCeG1GXuOIauTIilyeeRECAwEAAaOCAf0wggH5MB0GA1UdDgQWBBRF7Ulb
BewkeUDmBMFqsS5Sk34XMDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzMTc2OS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBMBggrBgEFBQcBBwEB/wQ9MDsw
KgQCAAEwJAMEAWcQhAMEAGfToAMEAWfjlAMEAMsSJwMEAsuZFAMEANJXejANBAIA
AjAHAwUAJADAgDANBgkqhkiG9w0BAQsFAAOCAQEAmoctwdr9i80CkzPDlrt4c50n
Y18GkkZ/iByfBxjKbFj6UAL2D1613olGqrPBovPtZhEVfBDjfsSnAGC2vV+gsGCd
0iUs5v01i2CUDbzHYotaZxuwk1uEcB4f0/QGv3pJVeHAWiFwWRVudV3KHtktAkPE
3/+XuJhFN6XpP0eR/j03uHEuxbE3+mZ0GCUTtdZwYv1E3Lhp9c88oYuz+9Z7BwAi
v+Qj2uAIcQ2/nbl2p5SyJEDlGQsMcfVC7sAgAdrUapMSwghWvAysd/xs71Gmogbi
o+0UdDObqGtspNIAvIk9fbpipjPKcRlbB2e9u5wZ0QXrlwl5kFpP7Jm9mFPnaw==
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:09:12 2025 by rpki-client