Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS135478.roa
File: AS135478.roa (raw, json)
Hash identifier: GYp2IRf/Nb0U5deetXJ6MfA9Bl2RqCN5nv68TrtKC4g=
Subject key identifier: 48:E0:E8:E5:CA:C7:41:D1:11:08:72:67:A2:01:5D:A1:BF:A3:32:CF
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 479FC56D23B91DD983B6421F2B7EEA7DFB0A3F7C
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS135478.roa
Signing time: Tue 02 Sep 2025 18:00:00 +0000
ROA not before: Tue 02 Sep 2025 17:55:00 +0000
ROA not after: Tue 01 Sep 2026 18:00:00 +0000
asID: 135478
IP address blocks: 103.121.96.0/22 maxlen: 24
103.121.100.0/22 maxlen: 24
103.121.108.0/22 maxlen: 24
103.121.132.0/22 maxlen: 24
103.121.136.0/22 maxlen: 24
103.121.144.0/22 maxlen: 24
103.121.168.0/22 maxlen: 24
103.121.180.0/22 maxlen: 24
103.121.244.0/22 maxlen: 24
103.129.4.0/22 maxlen: 24
103.129.20.0/22 maxlen: 24
103.129.24.0/22 maxlen: 24
103.129.40.0/22 maxlen: 24
103.129.48.0/22 maxlen: 24
103.129.56.0/22 maxlen: 24
103.129.68.0/22 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 08 Sep 2025 17:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:9f:c5:6d:23:b9:1d:d9:83:b6:42:1f:2b:7e:ea:7d:fb:0a:3f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Sep 2 17:55:00 2025 GMT
Not After : Sep 1 18:00:00 2026 GMT
Subject: CN=48E0E8E5CAC741D111087267A2015DA1BFA332CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:78:b9:f2:d1:4e:e9:dc:9d:a9:cf:6e:21:25:
43:83:ab:0e:ca:ce:fd:06:6b:17:42:e2:89:2d:f9:
c0:22:66:89:8f:5d:f2:91:05:fb:cb:cb:87:bf:c5:
21:79:76:58:b8:f8:55:d1:3c:8b:34:cf:99:cc:8f:
7d:ce:19:db:10:61:20:9a:58:94:32:12:e6:62:ea:
3f:a3:61:d2:65:a6:84:40:f1:2a:d3:17:b1:7c:7b:
ab:00:7b:68:5e:2c:f5:cf:73:78:5a:fa:b2:05:9e:
e0:cb:c9:ef:2a:35:ee:3f:28:68:36:41:f1:2c:51:
b9:41:c6:bd:c6:3e:bd:66:09:6e:57:ae:f5:66:44:
d4:5f:50:42:39:c3:36:36:e1:12:6f:c4:72:17:53:
9d:c9:f4:37:d1:5b:67:0f:15:4e:77:8d:fb:fa:8e:
c6:c4:aa:ef:24:97:97:8e:a2:47:31:69:30:71:09:
4a:a9:d3:c5:73:84:f3:37:36:21:d3:8e:2e:0f:b7:
b1:85:41:99:2b:a9:45:13:9d:82:b3:bb:7e:ca:78:
06:f3:63:60:60:16:b1:00:8f:42:38:82:98:36:9d:
ab:c8:88:01:1e:dd:96:8a:8b:32:c7:31:2d:cc:0b:
8d:84:f8:f3:3e:89:ec:9c:c1:3f:76:b4:3e:b1:f5:
b8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E0:E8:E5:CA:C7:41:D1:11:08:72:67:A2:01:5D:A1:BF:A3:32:CF
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS135478.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.121.96.0/21
103.121.108.0/22
103.121.132.0-103.121.139.255
103.121.144.0/22
103.121.168.0/22
103.121.180.0/22
103.121.244.0/22
103.129.4.0/22
103.129.20.0-103.129.27.255
103.129.40.0/22
103.129.48.0/22
103.129.56.0/22
103.129.68.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:aa:03:86:3b:3d:41:b1:d8:e2:c4:ec:0b:0c:c4:74:6a:3b:
bd:0d:e3:2f:36:f4:93:6c:64:68:88:eb:fc:20:a9:11:fd:fa:
fd:9a:28:0f:e6:07:32:1b:95:a6:20:4a:67:55:9a:35:29:90:
a3:0a:ea:9a:1b:a9:a1:68:cb:0d:ba:8f:08:25:0c:2e:f0:88:
db:0a:9e:34:c3:79:c8:1f:1f:44:e1:70:d5:34:f6:17:95:1d:
21:6b:ec:11:ea:58:60:91:34:53:eb:0d:15:e4:5a:39:40:6f:
a0:1c:27:bc:eb:79:f6:d4:0b:61:06:3e:da:8d:17:3b:94:fa:
93:97:a6:3f:d9:fd:13:9d:1f:b1:31:10:9e:a5:cf:b4:e9:24:
a8:29:99:9e:d9:23:af:82:37:6c:48:30:9c:08:06:a5:1f:45:
2f:66:1e:b4:01:50:a8:77:38:21:d8:58:c8:10:9d:60:bb:c7:
7f:cd:0e:b7:ad:7f:00:48:9e:92:4c:a6:c3:75:b2:56:f1:00:
e0:c2:8a:6b:76:c3:b1:28:50:ee:5c:ea:a1:a1:ae:06:53:db:
e3:dd:08:5a:63:f2:38:56:25:d4:10:84:13:7a:e2:02:10:4e:
00:35:14:04:16:d0:9e:f8:0d:c6:bf:dd:9b:24:fe:bf:0d:78:
bb:73:f1:ec
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUR5/FbSO5HdmDtkIfK37qffsKP3wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDkwMjE3NTUwMFoX
DTI2MDkwMTE4MDAwMFowMzExMC8GA1UEAxMoNDhFMEU4RTVDQUM3NDFEMTExMDg3
MjY3QTIwMTVEQTFCRkEzMzJDRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALR4ufLRTuncnanPbiElQ4OrDsrO/QZrF0LiiS35wCJmiY9d8pEF+8vLh7/F
IXl2WLj4VdE8izTPmcyPfc4Z2xBhIJpYlDIS5mLqP6Nh0mWmhEDxKtMXsXx7qwB7
aF4s9c9zeFr6sgWe4MvJ7yo17j8oaDZB8SxRuUHGvcY+vWYJbleu9WZE1F9QQjnD
NjbhEm/EchdTncn0N9FbZw8VTneN+/qOxsSq7ySXl46iRzFpMHEJSqnTxXOE8zc2
IdOOLg+3sYVBmSupRROdgrO7fsp4BvNjYGAWsQCPQjiCmDadq8iIAR7dloqLMscx
LcwLjYT48z6J7JzBP3a0PrH1uJkCAwEAAaOCAigwggIkMB0GA1UdDgQWBBRI4Ojl
ysdB0REIcmeiAV2hv6MyzzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzNTQ3OC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB3BggrBgEFBQcBBwEB/wRoMGYw
ZAQCAAEwXgMEA2d5YAMEAmd5bDAMAwQCZ3mEAwQCZ3mIAwQCZ3mQAwQCZ3moAwQC
Z3m0AwQCZ3n0AwQCZ4EEMAwDBAJngRQDBAJngRgDBAJngSgDBAJngTADBAJngTgD
BAJngUQwDQYJKoZIhvcNAQELBQADggEBAF2qA4Y7PUGx2OLE7AsMxHRqO70N4y82
9JNsZGiI6/wgqRH9+v2aKA/mBzIblaYgSmdVmjUpkKMK6pobqaFoyw26jwglDC7w
iNsKnjTDecgfH0ThcNU09heVHSFr7BHqWGCRNFPrDRXkWjlAb6AcJ7zrefbUC2EG
PtqNFzuU+pOXpj/Z/ROdH7ExEJ6lz7TpJKgpmZ7ZI6+CN2xIMJwIBqUfRS9mHrQB
UKh3OCHYWMgQnWC7x3/NDretfwBInpJMpsN1slbxAODCimt2w7EoUO5c6qGhrgZT
2+PdCFpj8jhWJdQQhBN64gIQTgA1FAQW0J74Dca/3Zsk/r8NeLtz8ew=
-----END CERTIFICATE-----
Generated at Fri Sep 5 08:19:58 2025 by rpki-client