Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS135478.roa
File: AS135478.roa (raw, json)
Hash identifier: s+50SMO4NMsI3te0CNsJIdVxhcIa9QIFxLjkBA6L2JE=
Subject key identifier: 3D:71:8E:08:49:99:16:EF:E6:D3:1D:C4:0B:2B:62:64:FC:EA:18:D9
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 79259482F0488BF40856FE6E2B2547732AE9774C
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS135478.roa
Signing time: Tue 01 Oct 2024 18:00:00 +0000
ROA not before: Tue 01 Oct 2024 17:55:00 +0000
ROA not after: Tue 30 Sep 2025 18:00:00 +0000
asID: 135478
IP address blocks: 103.121.96.0/22 maxlen: 24
103.121.100.0/22 maxlen: 24
103.121.108.0/22 maxlen: 24
103.121.132.0/22 maxlen: 24
103.121.136.0/22 maxlen: 24
103.121.144.0/22 maxlen: 24
103.121.168.0/22 maxlen: 24
103.121.180.0/22 maxlen: 24
103.121.244.0/22 maxlen: 24
103.129.4.0/22 maxlen: 24
103.129.20.0/22 maxlen: 24
103.129.24.0/22 maxlen: 24
103.129.40.0/22 maxlen: 24
103.129.48.0/22 maxlen: 24
103.129.56.0/22 maxlen: 24
103.129.68.0/22 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 25 Nov 2024 20:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:25:94:82:f0:48:8b:f4:08:56:fe:6e:2b:25:47:73:2a:e9:77:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Oct 1 17:55:00 2024 GMT
Not After : Sep 30 18:00:00 2025 GMT
Subject: CN=3D718E08499916EFE6D31DC40B2B6264FCEA18D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1d:4a:08:a7:7b:54:a3:9f:36:30:66:f1:88:
65:c7:fa:67:19:08:ec:8d:38:30:17:c2:29:60:7d:
f1:35:d4:b4:dd:db:18:c5:d8:16:23:a6:88:5c:91:
15:c4:56:9b:98:12:af:a6:27:eb:9c:e0:8d:cb:6f:
96:0e:5c:71:07:29:02:5a:54:a0:79:2c:be:b4:ad:
d4:b0:37:4c:32:58:d0:a1:26:49:0b:b4:68:b5:7a:
f4:89:65:8f:55:d4:4b:36:b1:a1:94:da:bf:13:69:
af:f3:47:24:4a:83:78:18:5f:55:04:d9:c1:6c:42:
6b:97:f9:3c:56:12:23:7b:51:40:32:d3:e0:17:03:
4c:29:9c:d4:dd:6e:e1:6d:57:ba:79:9e:f2:7b:4e:
7d:db:f1:b4:22:da:4f:0d:93:2c:0a:aa:bc:18:55:
1e:7e:dd:75:60:a0:cd:0e:61:80:df:5e:e0:be:31:
4f:6f:8d:6d:af:c8:9f:95:9f:87:bb:c0:06:6c:e4:
ba:68:9e:f1:25:3e:d2:2d:7e:5d:f7:a0:2e:3e:f0:
98:e1:ad:16:6c:0e:e1:bf:9e:e2:a1:f4:64:10:17:
00:8c:e5:14:3c:01:c8:5d:cb:0d:61:f8:e5:c0:4b:
6b:40:a9:5e:c7:72:0b:4a:fe:14:dc:17:72:9c:af:
bf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:71:8E:08:49:99:16:EF:E6:D3:1D:C4:0B:2B:62:64:FC:EA:18:D9
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS135478.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.121.96.0/21
103.121.108.0/22
103.121.132.0-103.121.139.255
103.121.144.0/22
103.121.168.0/22
103.121.180.0/22
103.121.244.0/22
103.129.4.0/22
103.129.20.0-103.129.27.255
103.129.40.0/22
103.129.48.0/22
103.129.56.0/22
103.129.68.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:5e:dd:42:d5:34:c6:08:fb:fb:8e:9b:b3:f3:e7:80:8a:2b:
9b:f3:5a:ae:8a:e2:e0:19:f9:0c:68:cd:ce:cc:57:6d:49:f3:
36:e1:36:38:4c:79:70:0f:52:94:f6:e0:02:00:19:ef:5c:dc:
55:20:b7:85:05:73:9f:a9:51:2a:b7:dc:a2:4f:04:95:5e:09:
ee:b4:25:56:c2:43:c3:8b:b1:56:27:46:e0:58:1d:c5:80:50:
13:77:d9:32:f3:90:89:05:13:0c:28:a8:21:c7:86:02:78:23:
3a:01:97:2d:20:49:30:4b:8a:6f:93:b9:b5:33:75:30:0e:3c:
43:64:c2:e3:60:39:c4:6b:7d:71:72:eb:c9:87:23:77:1b:ea:
6b:7e:9d:2e:8d:24:56:8e:61:47:27:d6:05:22:b5:e4:c1:36:
ba:16:b3:cf:92:6e:64:ad:f0:87:eb:1c:1b:3a:a7:8c:5f:69:
53:b5:1f:20:90:83:13:65:ec:e2:e9:cc:aa:51:2c:91:0b:52:
6d:e0:78:ca:3b:be:b2:22:5d:e4:1d:86:61:ea:53:67:09:e7:
ba:d0:2d:02:0c:76:1e:a8:f3:8b:65:e4:b5:f7:53:da:2e:e2:
97:f8:06:5e:04:5e:9b:63:d5:bc:3a:90:58:d5:41:90:9c:06:
af:91:b0:3c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeSWUgvBIi/QIVv5uKyVHcyrpd0wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTAwMTE3NTUwMFoX
DTI1MDkzMDE4MDAwMFowMzExMC8GA1UEAxMoM0Q3MThFMDg0OTk5MTZFRkU2RDMx
REM0MEIyQjYyNjRGQ0VBMThEOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANwdSgine1SjnzYwZvGIZcf6ZxkI7I04MBfCKWB98TXUtN3bGMXYFiOmiFyR
FcRWm5gSr6Yn65zgjctvlg5ccQcpAlpUoHksvrSt1LA3TDJY0KEmSQu0aLV69Ill
j1XUSzaxoZTavxNpr/NHJEqDeBhfVQTZwWxCa5f5PFYSI3tRQDLT4BcDTCmc1N1u
4W1Xunme8ntOfdvxtCLaTw2TLAqqvBhVHn7ddWCgzQ5hgN9e4L4xT2+Nba/In5Wf
h7vABmzkumie8SU+0i1+XfegLj7wmOGtFmwO4b+e4qH0ZBAXAIzlFDwByF3LDWH4
5cBLa0CpXsdyC0r+FNwXcpyvvx8CAwEAAaOCAigwggIkMB0GA1UdDgQWBBQ9cY4I
SZkW7+bTHcQLK2Jk/OoY2TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzNTQ3OC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB3BggrBgEFBQcBBwEB/wRoMGYw
ZAQCAAEwXgMEA2d5YAMEAmd5bDAMAwQCZ3mEAwQCZ3mIAwQCZ3mQAwQCZ3moAwQC
Z3m0AwQCZ3n0AwQCZ4EEMAwDBAJngRQDBAJngRgDBAJngSgDBAJngTADBAJngTgD
BAJngUQwDQYJKoZIhvcNAQELBQADggEBAG9e3ULVNMYI+/uOm7Pz54CKK5vzWq6K
4uAZ+Qxozc7MV21J8zbhNjhMeXAPUpT24AIAGe9c3FUgt4UFc5+pUSq33KJPBJVe
Ce60JVbCQ8OLsVYnRuBYHcWAUBN32TLzkIkFEwwoqCHHhgJ4IzoBly0gSTBLim+T
ubUzdTAOPENkwuNgOcRrfXFy68mHI3cb6mt+nS6NJFaOYUcn1gUiteTBNroWs8+S
bmSt8IfrHBs6p4xfaVO1HyCQgxNl7OLpzKpRLJELUm3geMo7vrIiXeQdhmHqU2cJ
57rQLQIMdh6o84tl5LX3U9ou4pf4Bl4EXptj1bw6kFjVQZCcBq+RsDw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:46 2024 by rpki-client on console-ams.rpki-client.org