Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138089.roa
File: AS138089.roa (raw, json)
Hash identifier: GrHOSWsk1Tcp364HnqNw5ngj72McUtlui9DuOKlu9K8=
Subject key identifier: 85:80:F7:21:F1:8E:58:51:79:B0:37:84:97:CB:95:3F:F9:05:3B:A5
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 52190AD8F7AC2AABCB91F6B7A87253E1F640AD64
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138089.roa
Signing time: Mon 13 Jan 2025 03:11:28 +0000
ROA not before: Mon 13 Jan 2025 03:06:28 +0000
ROA not after: Mon 12 Jan 2026 03:11:28 +0000
asID: 138089
IP address blocks: 103.158.13.0/24 maxlen: 24
113.192.48.0/24 maxlen: 24
210.87.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 12:08:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:19:0a:d8:f7:ac:2a:ab:cb:91:f6:b7:a8:72:53:e1:f6:40:ad:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Jan 13 03:06:28 2025 GMT
Not After : Jan 12 03:11:28 2026 GMT
Subject: CN=8580F721F18E585179B0378497CB953FF9053BA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:7b:e8:cc:f2:3f:1c:92:bc:de:79:a4:16:61:
2e:e2:06:14:a9:72:77:94:c7:b2:5d:df:cb:7a:87:
1f:44:23:3c:a4:28:1d:4c:88:f0:f5:f7:66:a1:6a:
25:a0:ea:e9:4e:96:49:07:83:69:bf:df:f5:6a:ca:
db:fe:75:e7:8c:af:59:20:fc:1f:da:44:f7:37:5b:
78:49:ae:ca:1f:d0:54:cf:fc:4b:c6:14:3d:39:99:
10:27:bc:99:8e:bf:92:10:c4:c0:15:43:63:de:8f:
ef:b1:5e:c8:0a:f2:4c:8a:95:b2:aa:29:bd:26:d7:
4b:10:f5:7a:07:a1:f2:dd:3f:cf:37:40:f2:b1:92:
e5:f2:4f:dc:24:98:b2:27:d6:b5:8d:b1:fe:03:0d:
20:cb:52:51:f9:fe:ca:a9:ce:6e:12:fd:11:6d:d6:
49:f2:b4:89:12:a5:a8:09:7d:45:6a:35:9c:f3:7b:
bf:e5:33:24:1a:0a:47:0b:6c:60:5a:6e:99:b7:64:
c9:28:60:4b:86:4c:d8:87:6d:7c:c7:f1:6c:a9:9e:
b4:26:58:28:5a:59:1f:78:fe:6c:98:b9:f4:8c:bb:
4a:a6:ec:06:b9:9b:e6:50:80:37:b2:07:cf:41:91:
37:11:27:d4:b1:61:3b:a6:46:c6:b7:e1:9d:13:be:
ed:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:80:F7:21:F1:8E:58:51:79:B0:37:84:97:CB:95:3F:F9:05:3B:A5
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138089.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.158.13.0/24
113.192.48.0/24
210.87.74.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:87:74:4f:4e:1e:75:3e:23:5a:17:b3:ee:56:e4:ac:f7:ed:
4c:8b:cd:6d:a7:50:39:c6:4a:7f:f1:2a:2b:43:a0:11:73:00:
9b:cb:e5:ed:3f:e6:70:28:1e:8b:81:db:12:30:ce:32:4a:4f:
b0:3a:ed:e8:48:90:de:cc:5a:e5:d6:e3:d6:14:ed:63:9d:79:
d7:b2:be:57:9a:26:e8:c8:91:35:93:a9:37:3c:77:48:56:50:
16:b9:b2:b5:e8:c1:7f:f3:1c:00:95:04:01:a6:83:64:fa:cf:
1d:cf:02:cb:61:21:33:c6:af:1d:f8:3c:54:cc:b8:33:5e:26:
5a:b3:f2:ee:3d:e4:4a:97:06:03:cf:a5:e5:21:32:15:5a:db:
c1:05:f9:29:12:6f:36:8e:2c:99:11:b5:30:e3:51:33:0b:ec:
3e:94:5b:43:c2:fb:29:01:1b:a5:9b:fb:94:7c:46:b0:69:d2:
fe:1e:1e:bc:a8:ea:9c:37:25:0c:e4:3f:ba:c9:3f:ef:c9:a0:
9d:25:3f:7f:0b:d5:fb:58:9e:36:14:79:5e:cd:a6:10:b8:3c:
4b:b1:ee:e7:16:03:02:d0:15:1a:b9:0e:a2:ec:8c:c5:18:04:
b7:a7:32:89:76:4c:d6:2e:ac:08:11:62:39:2d:69:34:a0:a8:
3e:b6:94:fd
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgIUUhkK2PesKqvLkfa3qHJT4fZArWQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDExMzAzMDYyOFoX
DTI2MDExMjAzMTEyOFowMzExMC8GA1UEAxMoODU4MEY3MjFGMThFNTg1MTc5QjAz
Nzg0OTdDQjk1M0ZGOTA1M0JBNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOt76MzyPxySvN55pBZhLuIGFKlyd5THsl3fy3qHH0QjPKQoHUyI8PX3ZqFq
JaDq6U6WSQeDab/f9WrK2/5154yvWSD8H9pE9zdbeEmuyh/QVM/8S8YUPTmZECe8
mY6/khDEwBVDY96P77FeyAryTIqVsqopvSbXSxD1egeh8t0/zzdA8rGS5fJP3CSY
sifWtY2x/gMNIMtSUfn+yqnObhL9EW3WSfK0iRKlqAl9RWo1nPN7v+UzJBoKRwts
YFpumbdkyShgS4ZM2IdtfMfxbKmetCZYKFpZH3j+bJi59Iy7SqbsBrmb5lCAN7IH
z0GRNxEn1LFhO6ZGxrfhnRO+7T8CAwEAAaOCAdwwggHYMB0GA1UdDgQWBBSFgPch
8Y5YUXmwN4SXy5U/+QU7pTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODA4OS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBow
GAQCAAEwEgMEAGeeDQMEAHHAMAMEANJXSjANBgkqhkiG9w0BAQsFAAOCAQEAXod0
T04edT4jWhez7lbkrPftTIvNbadQOcZKf/EqK0OgEXMAm8vl7T/mcCgei4HbEjDO
MkpPsDrt6EiQ3sxa5dbj1hTtY51517K+V5om6MiRNZOpNzx3SFZQFrmytejBf/Mc
AJUEAaaDZPrPHc8Cy2EhM8avHfg8VMy4M14mWrPy7j3kSpcGA8+l5SEyFVrbwQX5
KRJvNo4smRG1MONRMwvsPpRbQ8L7KQEbpZv7lHxGsGnS/h4evKjqnDclDOQ/usk/
78mgnSU/fwvV+1ieNhR5Xs2mELg8S7Hu5xYDAtAVGrkOouyMxRgEt6cyiXZM1i6s
CBFiOS1pNKCoPraU/Q==
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:41:27 2025 by rpki-client