Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133815.roa
File: AS133815.roa (raw, json)
Hash identifier: N1WK+wdenL7ImE6f3nokguh8x2GETSvVonT937Q2yvE=
Subject key identifier: 88:F6:60:58:14:E8:ED:68:97:BF:46:5A:83:68:6C:E3:38:05:13:4B
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 55F32A28E755EFAA864753C16ED27DBAA1363624
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133815.roa
Signing time: Mon 12 Jun 2023 00:00:00 +0000
ROA not before: Sun 11 Jun 2023 23:55:00 +0000
ROA not after: Mon 10 Jun 2024 00:00:00 +0000
asID: 133815
IP address blocks: 103.141.150.0/23 maxlen: 24
103.141.152.0/23 maxlen: 24
103.149.224.0/23 maxlen: 24
103.149.230.0/23 maxlen: 24
103.149.232.0/23 maxlen: 24
103.149.234.0/23 maxlen: 24
103.150.4.0/23 maxlen: 24
103.150.12.0/23 maxlen: 24
103.150.14.0/23 maxlen: 24
103.150.16.0/23 maxlen: 24
103.150.34.0/23 maxlen: 24
103.151.18.0/23 maxlen: 24
103.151.100.0/23 maxlen: 24
103.151.194.0/23 maxlen: 24
103.152.70.0/23 maxlen: 24
103.152.90.0/23 maxlen: 24
103.152.96.0/23 maxlen: 24
103.152.110.0/23 maxlen: 24
103.188.40.0/23 maxlen: 24
103.188.50.0/23 maxlen: 24
103.188.52.0/23 maxlen: 24
103.190.216.0/23 maxlen: 24
103.190.218.0/23 maxlen: 24
103.190.220.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 06 May 2024 05:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:f3:2a:28:e7:55:ef:aa:86:47:53:c1:6e:d2:7d:ba:a1:36:36:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Jun 11 23:55:00 2023 GMT
Not After : Jun 10 00:00:00 2024 GMT
Subject: CN=88F6605814E8ED6897BF465A83686CE33805134B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:36:6a:0a:8f:86:70:f1:0e:37:b2:95:81:67:
33:ce:c7:88:d6:46:1b:74:48:c4:5c:78:6b:b5:15:
e2:6b:11:53:c5:03:9c:d7:4d:77:63:54:37:86:5c:
8f:02:0f:e6:87:0d:52:36:51:99:4e:ba:4e:5a:b3:
02:55:01:bc:a2:38:b8:72:39:c2:48:7a:1c:09:98:
3e:fb:b2:03:46:e4:f0:e0:27:ba:f5:0c:1a:bd:64:
d2:19:76:89:c8:4a:ef:1e:55:82:7a:03:a3:6a:b3:
52:36:13:bc:48:f7:c5:fd:7f:ea:4b:05:96:13:7b:
23:d5:62:0e:27:00:31:10:58:b6:65:09:28:e9:5e:
60:21:6c:d9:22:82:86:be:0e:10:1f:f5:f7:fd:d3:
ca:31:8f:71:43:ba:d6:23:35:bd:72:7c:30:29:15:
48:5a:6a:fe:d0:5b:e8:b1:20:6d:34:4c:07:d5:51:
f6:6b:60:c8:ec:1e:0e:30:a1:94:6c:af:83:ff:04:
36:ef:62:41:5c:a9:14:c7:43:95:42:80:cb:3b:d5:
f4:22:12:1f:60:95:0a:49:6d:f1:6e:66:bd:0b:28:
53:d9:07:98:fe:df:bb:00:5e:6a:71:46:fa:83:c0:
e2:0d:a7:84:e9:54:80:c0:8b:47:e7:86:4b:76:e6:
f1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F6:60:58:14:E8:ED:68:97:BF:46:5A:83:68:6C:E3:38:05:13:4B
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133815.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.141.150.0-103.141.153.255
103.149.224.0/23
103.149.230.0-103.149.235.255
103.150.4.0/23
103.150.12.0-103.150.17.255
103.150.34.0/23
103.151.18.0/23
103.151.100.0/23
103.151.194.0/23
103.152.70.0/23
103.152.90.0/23
103.152.96.0/23
103.152.110.0/23
103.188.40.0/23
103.188.50.0-103.188.53.255
103.190.216.0-103.190.221.255
Signature Algorithm: sha256WithRSAEncryption
05:20:4f:26:38:db:4c:6b:6f:e8:84:96:50:31:b6:ab:3f:4f:
9f:95:8a:bf:95:3f:49:4c:f5:ce:fe:1f:71:e1:5b:98:ee:47:
5c:0e:ee:35:2d:bb:f3:cf:8e:49:15:66:f6:68:8b:d9:36:1a:
e0:c6:c1:bb:8c:3e:b9:c8:55:f2:bc:9e:51:39:dc:2c:7e:8c:
aa:64:94:ed:e2:fc:f1:0e:f1:4e:b0:d8:56:36:8e:94:69:fb:
83:09:5c:c5:32:bb:ad:00:6c:48:d9:05:d7:18:b5:01:46:a9:
12:b7:6d:e4:fc:1f:99:05:05:5c:28:ce:b4:57:8f:e3:d2:ad:
6f:33:2e:0b:cf:3c:15:43:1f:f7:0b:1d:e4:09:43:d7:da:10:
f8:80:ad:4c:39:3e:d2:9e:9e:23:c5:f3:f1:5b:9c:35:ab:0f:
77:09:13:e8:aa:1e:c5:81:99:18:d5:fe:5a:5c:9b:af:b1:4b:
a6:79:ce:6d:a1:2f:44:16:11:a8:48:a1:f3:d3:ae:6d:2a:07:
75:7e:c4:21:e2:e3:9b:e0:e6:40:bd:8d:44:7a:fe:9d:ea:5c:
8c:0f:cb:0d:78:e7:e6:ad:c5:79:38:03:d1:5b:67:6c:3a:28:
22:7a:ed:5d:fe:36:28:6e:b8:f3:76:d1:e2:86:c7:67:5c:f5:
c7:ca:f5:05
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIUVfMqKOdV76qGR1PBbtJ9uqE2NiQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDYxMTIzNTUwMFoX
DTI0MDYxMDAwMDAwMFowMzExMC8GA1UEAxMoODhGNjYwNTgxNEU4RUQ2ODk3QkY0
NjVBODM2ODZDRTMzODA1MTM0QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMs2agqPhnDxDjeylYFnM87HiNZGG3RIxFx4a7UV4msRU8UDnNdNd2NUN4Zc
jwIP5ocNUjZRmU66TlqzAlUBvKI4uHI5wkh6HAmYPvuyA0bk8OAnuvUMGr1k0hl2
ichK7x5VgnoDo2qzUjYTvEj3xf1/6ksFlhN7I9ViDicAMRBYtmUJKOleYCFs2SKC
hr4OEB/19/3TyjGPcUO61iM1vXJ8MCkVSFpq/tBb6LEgbTRMB9VR9mtgyOweDjCh
lGyvg/8ENu9iQVypFMdDlUKAyzvV9CISH2CVCklt8W5mvQsoU9kHmP7fuwBeanFG
+oPA4g2nhOlUgMCLR+eGS3bm8ZECAwEAAaOCAlcwggJTMB0GA1UdDgQWBBSI9mBY
FOjtaJe/RlqDaGzjOAUTSzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzMzgxNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBpQYIKwYBBQUHAQcBAf8EgZUw
gZIwgY8EAgABMIGIMAwDBAFnjZYDBAFnjZgDBAFnleAwDAMEAWeV5gMEAmeV6AME
AWeWBDAMAwQCZ5YMAwQBZ5YQAwQBZ5YiAwQBZ5cSAwQBZ5dkAwQBZ5fCAwQBZ5hG
AwQBZ5haAwQBZ5hgAwQBZ5huAwQBZ7woMAwDBAFnvDIDBAFnvDQwDAMEA2e+2AME
AWe+3DANBgkqhkiG9w0BAQsFAAOCAQEABSBPJjjbTGtv6ISWUDG2qz9Pn5WKv5U/
SUz1zv4fceFbmO5HXA7uNS2788+OSRVm9miL2TYa4MbBu4w+uchV8ryeUTncLH6M
qmSU7eL88Q7xTrDYVjaOlGn7gwlcxTK7rQBsSNkF1xi1AUapErdt5PwfmQUFXCjO
tFeP49KtbzMuC888FUMf9wsd5AlD19oQ+ICtTDk+0p6eI8Xz8VucNasPdwkT6Koe
xYGZGNX+Wlybr7FLpnnObaEvRBYRqEih89OubSoHdX7EIeLjm+DmQL2NRHr+nepc
jA/LDXjn5q3FeTgD0VtnbDooInrtXf42KG6483bR4obHZ1z1x8r1BQ==
-----END CERTIFICATE-----
Generated at Thu May 2 23:01:59 2024 by rpki-client on console-fra.rpki-client.org