Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133815.roa
File: AS133815.roa (raw, json)
Hash identifier: o83kK8SYBMuQx1JdZ4cIerZBaB+4EzfiHf675NWc95w=
Subject key identifier: BA:8A:2F:A4:D6:CC:8B:2F:04:10:9C:F9:92:15:B1:8B:00:8F:EE:16
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 12452447CB8363C70A8FEAD44238A910E5092DA4
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133815.roa
Signing time: Mon 13 May 2024 00:00:00 +0000
ROA not before: Sun 12 May 2024 23:55:00 +0000
ROA not after: Mon 12 May 2025 00:00:00 +0000
asID: 133815
IP address blocks: 103.141.150.0/23 maxlen: 24
103.141.152.0/23 maxlen: 24
103.149.224.0/23 maxlen: 24
103.149.230.0/23 maxlen: 24
103.149.232.0/23 maxlen: 24
103.149.234.0/23 maxlen: 24
103.150.4.0/23 maxlen: 24
103.150.12.0/23 maxlen: 24
103.150.14.0/23 maxlen: 24
103.150.16.0/23 maxlen: 24
103.150.34.0/23 maxlen: 24
103.151.18.0/23 maxlen: 24
103.151.100.0/23 maxlen: 24
103.151.194.0/23 maxlen: 24
103.152.70.0/23 maxlen: 24
103.152.90.0/23 maxlen: 24
103.152.96.0/23 maxlen: 24
103.152.110.0/23 maxlen: 24
103.188.40.0/23 maxlen: 24
103.188.50.0/23 maxlen: 24
103.188.52.0/23 maxlen: 24
103.190.216.0/23 maxlen: 24
103.190.218.0/23 maxlen: 24
103.190.220.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 25 Nov 2024 20:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:45:24:47:cb:83:63:c7:0a:8f:ea:d4:42:38:a9:10:e5:09:2d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: May 12 23:55:00 2024 GMT
Not After : May 12 00:00:00 2025 GMT
Subject: CN=BA8A2FA4D6CC8B2F04109CF99215B18B008FEE16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:98:6b:54:10:5c:b4:ff:23:14:54:9f:aa:44:
74:ca:e6:bd:e8:07:5f:8e:ad:af:73:3b:1a:8e:28:
ef:22:74:50:36:b7:19:c3:55:61:c6:b6:71:e1:04:
99:bf:9a:81:22:90:fd:49:3c:a4:a8:ab:33:28:d3:
2d:70:3d:02:0b:2f:4b:56:ac:ce:62:20:52:ac:2b:
57:2b:1a:dd:4e:41:d5:b9:1d:53:3b:40:8d:e8:58:
fe:be:c0:12:18:80:f5:08:b1:62:e3:54:8e:aa:de:
b9:68:99:8b:2a:f8:6d:2f:ec:ef:38:3a:3a:91:13:
a6:f9:82:aa:54:98:fc:44:04:ef:c9:92:f0:47:de:
7d:da:b9:fa:3b:5a:57:37:5d:57:a3:34:cc:5d:d5:
19:96:1b:8c:a0:ea:3b:aa:ce:ba:e7:2e:dd:eb:1e:
fe:18:b4:4a:4d:38:32:e0:2f:52:23:2a:91:60:4f:
8b:39:db:b7:6b:2f:f2:50:3b:9d:8f:b5:8b:44:77:
e7:ac:53:93:31:1e:a3:5d:2e:1e:6a:ce:21:10:84:
51:64:1e:93:03:31:ae:33:80:00:39:65:9a:43:a3:
f2:31:37:53:ce:88:2b:96:2c:bf:5e:78:5a:d6:b5:
39:4c:0f:32:07:6c:07:b7:8d:ea:4b:1b:c0:9b:3a:
e4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:8A:2F:A4:D6:CC:8B:2F:04:10:9C:F9:92:15:B1:8B:00:8F:EE:16
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133815.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.141.150.0-103.141.153.255
103.149.224.0/23
103.149.230.0-103.149.235.255
103.150.4.0/23
103.150.12.0-103.150.17.255
103.150.34.0/23
103.151.18.0/23
103.151.100.0/23
103.151.194.0/23
103.152.70.0/23
103.152.90.0/23
103.152.96.0/23
103.152.110.0/23
103.188.40.0/23
103.188.50.0-103.188.53.255
103.190.216.0-103.190.221.255
Signature Algorithm: sha256WithRSAEncryption
27:47:06:2b:fe:49:d2:d4:d9:78:dc:0b:84:08:0a:7b:43:00:
10:73:50:1e:cc:32:19:4b:b3:22:8b:da:68:1c:da:9e:9a:df:
fa:0c:15:03:5a:e6:5e:f9:fe:97:45:bc:c1:de:61:ce:85:b3:
3c:b2:ec:8d:b2:df:5e:ad:23:7d:91:ee:99:0d:c0:57:d5:09:
87:e8:ea:85:12:71:d7:b1:c4:59:a4:69:9c:dc:94:1d:b9:0c:
2b:b7:6a:67:cc:f9:42:c1:68:ea:d4:b5:0f:5c:26:8d:6c:57:
76:ba:64:32:39:69:43:a4:5e:d6:1b:37:e7:96:2f:3e:99:9f:
2b:c8:4e:5f:35:b4:29:3c:82:9d:67:da:80:3d:ca:51:5e:f4:
3f:9f:67:82:30:94:18:aa:83:da:11:4f:84:1f:e3:6e:20:80:
ca:c3:91:1d:88:b7:aa:89:e2:65:14:cf:15:5f:47:2a:18:ed:
74:b9:45:e1:7c:d2:e2:c1:09:b8:24:53:1c:5c:fc:4d:00:01:
85:a9:76:52:82:2b:26:41:31:56:60:5a:b0:12:aa:0c:6c:66:
db:5b:4a:da:b0:a6:0b:01:1e:ce:de:f5:27:42:cf:7b:a3:0a:
db:c1:ac:d6:df:a1:54:cb:f8:ba:0b:55:35:36:11:b9:7f:0b:
a5:66:cf:fa
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIUEkUkR8uDY8cKj+rUQjipEOUJLaQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDUxMjIzNTUwMFoX
DTI1MDUxMjAwMDAwMFowMzExMC8GA1UEAxMoQkE4QTJGQTRENkNDOEIyRjA0MTA5
Q0Y5OTIxNUIxOEIwMDhGRUUxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGYa1QQXLT/IxRUn6pEdMrmvegHX46tr3M7Go4o7yJ0UDa3GcNVYca2ceEE
mb+agSKQ/Uk8pKirMyjTLXA9AgsvS1aszmIgUqwrVysa3U5B1bkdUztAjehY/r7A
EhiA9QixYuNUjqreuWiZiyr4bS/s7zg6OpETpvmCqlSY/EQE78mS8Efefdq5+jta
VzddV6M0zF3VGZYbjKDqO6rOuucu3ese/hi0Sk04MuAvUiMqkWBPiznbt2sv8lA7
nY+1i0R356xTkzEeo10uHmrOIRCEUWQekwMxrjOAADllmkOj8jE3U86IK5Ysv154
Wta1OUwPMgdsB7eN6ksbwJs65LsCAwEAAaOCAlcwggJTMB0GA1UdDgQWBBS6ii+k
1syLLwQQnPmSFbGLAI/uFjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzMzgxNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBpQYIKwYBBQUHAQcBAf8EgZUw
gZIwgY8EAgABMIGIMAwDBAFnjZYDBAFnjZgDBAFnleAwDAMEAWeV5gMEAmeV6AME
AWeWBDAMAwQCZ5YMAwQBZ5YQAwQBZ5YiAwQBZ5cSAwQBZ5dkAwQBZ5fCAwQBZ5hG
AwQBZ5haAwQBZ5hgAwQBZ5huAwQBZ7woMAwDBAFnvDIDBAFnvDQwDAMEA2e+2AME
AWe+3DANBgkqhkiG9w0BAQsFAAOCAQEAJ0cGK/5J0tTZeNwLhAgKe0MAEHNQHswy
GUuzIovaaBzanprf+gwVA1rmXvn+l0W8wd5hzoWzPLLsjbLfXq0jfZHumQ3AV9UJ
h+jqhRJx17HEWaRpnNyUHbkMK7dqZ8z5QsFo6tS1D1wmjWxXdrpkMjlpQ6Re1hs3
55YvPpmfK8hOXzW0KTyCnWfagD3KUV70P59ngjCUGKqD2hFPhB/jbiCAysORHYi3
qoniZRTPFV9HKhjtdLlF4XzS4sEJuCRTHFz8TQABhal2UoIrJkExVmBasBKqDGxm
21tK2rCmCwEezt71J0LPe6MK28Gs1t+hVMv4ugtVNTYRuX8LpWbP+g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:46 2024 by rpki-client on console-ams.rpki-client.org