Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138608.roa
File: AS138608.roa (raw, json)
Hash identifier: WXsOie2Zpb5/vCdfFby5fIXkjNOvsm2mtEYqLWuDiHE=
Subject key identifier: E7:99:B2:AB:76:42:B3:B5:FD:6F:83:1E:38:73:C3:27:4A:11:50:66
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 6F88CDAC7781E14E5D7E489286CBC20F24683BF9
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138608.roa
Signing time: Wed 04 Mar 2026 10:00:00 +0000
ROA not before: Wed 04 Mar 2026 09:55:00 +0000
ROA not after: Wed 03 Mar 2027 10:00:00 +0000
asID: 138608
IP address blocks: 103.13.206.0/23 maxlen: 24
103.30.194.0/23 maxlen: 24
103.37.124.0/23 maxlen: 24
103.56.82.0/23 maxlen: 24
103.67.186.0/23 maxlen: 24
103.187.146.0/23 maxlen: 24
103.189.234.0/23 maxlen: 24
103.210.54.0/23 maxlen: 24
103.250.10.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 20 Mar 2026 21:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:88:cd:ac:77:81:e1:4e:5d:7e:48:92:86:cb:c2:0f:24:68:3b:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Mar 4 09:55:00 2026 GMT
Not After : Mar 3 10:00:00 2027 GMT
Subject: CN=E799B2AB7642B3B5FD6F831E3873C3274A115066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1f:7d:15:cf:08:af:81:f1:dc:2c:3f:14:62:
25:cd:f2:ad:95:ed:07:f7:fd:54:3e:a5:7d:bc:5a:
8a:57:e9:c9:5b:fb:1e:cc:3c:f4:b0:c3:cb:88:41:
7a:1f:e2:87:d0:f8:13:e6:98:1b:73:5b:42:71:9f:
61:71:3c:c9:29:ad:7e:8a:f7:fe:7c:0f:21:5f:90:
9a:6c:e4:16:51:c0:9c:f8:a0:2d:ab:ca:b1:0f:93:
5c:62:32:68:77:ba:57:04:34:4e:1b:0d:b5:55:9a:
3c:fc:b3:8f:d5:87:1d:64:8d:1b:49:86:d7:93:4c:
02:97:a0:9f:50:79:f9:71:a1:c8:6e:b2:b9:c8:d3:
e7:35:60:73:e8:c8:4d:ee:d8:42:cc:ff:2b:00:5d:
de:be:28:c0:90:7b:27:e8:ea:b8:8b:e4:df:c3:be:
d0:82:23:d5:40:0d:37:7d:3c:23:cf:32:7e:87:ed:
35:c8:e9:96:7d:3d:50:e2:32:e0:b5:b1:cb:b2:bf:
78:ae:a2:08:ec:38:4b:c7:12:a4:a0:27:70:52:cc:
26:6c:54:e5:9a:4d:35:c0:43:8f:9c:3f:d4:55:db:
6e:2c:a7:e6:16:16:23:a3:81:3c:5c:09:43:4c:ac:
27:b7:d2:ff:e0:97:6a:19:84:66:fa:93:f1:c2:0d:
c1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:99:B2:AB:76:42:B3:B5:FD:6F:83:1E:38:73:C3:27:4A:11:50:66
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138608.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.13.206.0/23
103.30.194.0/23
103.37.124.0/23
103.56.82.0/23
103.67.186.0/23
103.187.146.0/23
103.189.234.0/23
103.210.54.0/23
103.250.10.0/23
Signature Algorithm: sha256WithRSAEncryption
11:54:83:6d:e6:a6:2a:c8:40:b3:16:a7:46:04:51:23:83:9a:
20:95:ee:2a:a3:40:ae:cf:ff:42:e3:a3:38:0d:ce:04:21:48:
ae:e8:72:ac:85:97:6d:0c:e5:69:a8:2d:ec:cb:f6:b3:e0:63:
f0:e0:c4:23:69:d7:4a:f6:a3:af:c9:37:4f:06:ea:72:e0:03:
76:b1:1c:64:fc:f1:67:e7:bb:c4:fb:e8:6e:b2:a6:c7:ad:7a:
78:94:86:1a:8a:ea:9c:ad:68:97:f7:7e:22:d3:e3:bb:3b:47:
13:a1:1e:8b:b5:c5:a2:9b:62:6c:e3:a5:45:60:3c:c3:16:6e:
12:5d:3e:3d:96:f7:f8:29:f9:94:ce:13:4e:03:27:bc:1c:17:
5d:68:c9:ab:1b:f3:05:2e:40:77:c0:4d:ff:57:23:6c:5e:29:
13:a6:b1:ff:9e:78:b3:f3:79:38:f6:b5:c1:bd:69:f4:14:f5:
54:eb:c5:1e:74:1e:f4:cd:c2:fb:88:e5:56:d8:ca:d2:f2:4b:
ff:ed:f5:15:1e:64:24:7a:60:b9:1b:a3:66:97:e1:bb:8c:a0:
13:2e:c7:af:d0:1c:85:b8:54:fa:38:81:6e:43:2a:1f:b5:ec:
24:76:5d:2a:d0:e0:ce:9f:7f:e1:e9:61:86:ea:9b:97:82:55:
e8:0b:19:3a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIUb4jNrHeB4U5dfkiShsvCDyRoO/kwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDMwNDA5NTUwMFoX
DTI3MDMwMzEwMDAwMFowMzExMC8GA1UEAxMoRTc5OUIyQUI3NjQyQjNCNUZENkY4
MzFFMzg3M0MzMjc0QTExNTA2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIffRXPCK+B8dwsPxRiJc3yrZXtB/f9VD6lfbxailfpyVv7Hsw89LDDy4hB
eh/ih9D4E+aYG3NbQnGfYXE8ySmtfor3/nwPIV+QmmzkFlHAnPigLavKsQ+TXGIy
aHe6VwQ0ThsNtVWaPPyzj9WHHWSNG0mG15NMApegn1B5+XGhyG6yucjT5zVgc+jI
Te7YQsz/KwBd3r4owJB7J+jquIvk38O+0IIj1UANN308I88yfoftNcjpln09UOIy
4LWxy7K/eK6iCOw4S8cSpKAncFLMJmxU5ZpNNcBDj5w/1FXbbiyn5hYWI6OBPFwJ
Q0ysJ7fS/+CXahmEZvqT8cINwT0CAwEAAaOCAgAwggH8MB0GA1UdDgQWBBTnmbKr
dkKztf1vgx44c8MnShFQZjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODYwOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4w
PAQCAAEwNgMEAWcNzgMEAWcewgMEAWclfAMEAWc4UgMEAWdDugMEAWe7kgMEAWe9
6gMEAWfSNgMEAWf6CjANBgkqhkiG9w0BAQsFAAOCAQEAEVSDbeamKshAsxanRgRR
I4OaIJXuKqNArs//QuOjOA3OBCFIruhyrIWXbQzlaagt7Mv2s+Bj8ODEI2nXSvaj
r8k3TwbqcuADdrEcZPzxZ+e7xPvobrKmx616eJSGGorqnK1ol/d+ItPjuztHE6Ee
i7XFoptibOOlRWA8wxZuEl0+PZb3+Cn5lM4TTgMnvBwXXWjJqxvzBS5Ad8BN/1cj
bF4pE6ax/554s/N5OPa1wb1p9BT1VOvFHnQe9M3C+4jlVtjK0vJL/+31FR5kJHpg
uRujZpfhu4ygEy7Hr9AchbhU+jiBbkMqH7XsJHZdKtDgzp9/4elhhuqbl4JV6AsZ
Og==
-----END CERTIFICATE-----
Generated at Tue Mar 17 16:20:47 2026 by rpki-client