Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138608.roa
File: AS138608.roa (raw, json)
Hash identifier: IYKil/kOoiqrGrAHxCbvkVKaaP04vg0pADtFs/DvxW4=
Subject key identifier: 2D:2A:F5:1A:28:2F:2F:3E:CD:88:79:FF:FC:4B:2E:52:07:C8:09:FA
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 491E167C85751C6F8A3069B7B97BCA06FA8F145A
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138608.roa
Signing time: Wed 01 May 2024 10:00:00 +0000
ROA not before: Wed 01 May 2024 09:55:00 +0000
ROA not after: Wed 30 Apr 2025 10:00:00 +0000
asID: 138608
IP address blocks: 103.13.206.0/23 maxlen: 24
103.30.194.0/23 maxlen: 24
103.37.124.0/23 maxlen: 24
103.56.82.0/23 maxlen: 24
103.67.186.0/23 maxlen: 24
103.187.146.0/23 maxlen: 24
103.189.234.0/23 maxlen: 24
103.210.54.0/23 maxlen: 24
103.250.10.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 12 May 2024 03:34:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:1e:16:7c:85:75:1c:6f:8a:30:69:b7:b9:7b:ca:06:fa:8f:14:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: May 1 09:55:00 2024 GMT
Not After : Apr 30 10:00:00 2025 GMT
Subject: CN=2D2AF51A282F2F3ECD8879FFFC4B2E5207C809FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:04:2f:0c:e0:bb:cd:24:43:51:6b:13:8b:26:
ce:0b:4a:8b:fd:f6:4b:32:10:3c:78:12:96:3f:d3:
e4:b4:1b:fe:e3:68:8b:fe:05:76:f4:aa:c9:6b:b7:
d5:89:dc:18:4f:5a:db:a2:2a:a9:ab:bb:62:9d:99:
3c:26:8d:89:db:69:2d:44:9c:03:35:4c:b8:2a:73:
30:8f:0e:bb:d5:94:e5:ed:f4:cb:cb:29:7e:79:40:
d2:31:bd:04:20:5c:e4:57:a5:2f:65:98:98:1b:71:
1a:e4:7d:9b:c9:4e:8e:c0:38:49:96:54:7c:e3:68:
68:b4:35:67:a4:ca:2f:b4:ba:ba:66:45:46:50:04:
5f:67:9a:07:63:0a:01:7a:d3:b2:2d:24:79:c6:c5:
4b:c2:1b:ce:a4:a5:83:ad:d0:2d:05:8d:1f:00:23:
5c:92:72:6c:9d:2f:52:a8:27:1d:24:d9:4c:90:10:
47:62:9e:04:8a:e8:d5:b4:49:f4:6d:8d:18:05:5a:
8e:5c:0d:17:12:1f:1d:8c:0f:a2:29:9b:43:11:35:
81:0a:23:26:df:77:b5:b2:8c:7f:39:9c:6b:d8:16:
63:40:db:f0:be:ba:f2:3b:98:28:52:8e:b1:b1:39:
b4:e0:31:b3:42:b0:0e:bc:83:b8:15:27:72:4f:9a:
f5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:2A:F5:1A:28:2F:2F:3E:CD:88:79:FF:FC:4B:2E:52:07:C8:09:FA
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138608.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.13.206.0/23
103.30.194.0/23
103.37.124.0/23
103.56.82.0/23
103.67.186.0/23
103.187.146.0/23
103.189.234.0/23
103.210.54.0/23
103.250.10.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:a0:fc:1f:0f:d5:56:9f:ea:e4:b9:8a:6a:03:52:81:7b:54:
58:21:0c:e6:0c:9b:f4:2b:fb:30:aa:2a:72:ef:f9:89:56:b5:
bf:18:66:76:62:18:79:dd:ff:82:62:b5:77:d1:5a:c3:79:9b:
49:7f:fb:c3:d3:ec:7d:93:01:ba:ea:eb:87:b2:11:c8:eb:ae:
97:33:09:8a:72:7f:6d:be:c3:10:13:6a:6f:7f:f9:39:d0:18:
1b:00:d4:61:fa:96:32:99:7f:dd:79:35:fc:54:84:ca:0a:c8:
c6:cb:df:5c:7f:5c:71:79:c3:ca:b5:99:09:7a:9d:19:c6:71:
d4:6d:bd:0c:f6:bc:a4:ee:bc:3b:49:c4:59:65:fb:8b:90:25:
8d:bd:c4:25:81:55:e5:aa:7c:98:a6:ea:fd:cf:87:0c:fd:a3:
33:63:98:6a:14:e5:27:1e:0a:b1:ca:28:7c:f7:84:54:b9:3a:
2c:fb:35:47:31:3f:2e:ef:f9:d3:f0:e7:41:09:3b:93:fb:b4:
8c:c6:ee:9c:b5:61:c8:28:25:20:58:1b:a1:08:70:02:43:a8:
f1:ed:c2:2f:4d:6f:40:d2:19:7e:dc:f4:26:d8:71:f1:8b:18:
99:33:ce:52:92:f8:9f:2a:09:44:a6:8b:6b:3d:63:e4:58:8d:
b4:c3:76:e3
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIUSR4WfIV1HG+KMGm3uXvKBvqPFFowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDUwMTA5NTUwMFoX
DTI1MDQzMDEwMDAwMFowMzExMC8GA1UEAxMoMkQyQUY1MUEyODJGMkYzRUNEODg3
OUZGRkM0QjJFNTIwN0M4MDlGQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPQELwzgu80kQ1FrE4smzgtKi/32SzIQPHgSlj/T5LQb/uNoi/4FdvSqyWu3
1YncGE9a26Iqqau7Yp2ZPCaNidtpLUScAzVMuCpzMI8Ou9WU5e30y8spfnlA0jG9
BCBc5FelL2WYmBtxGuR9m8lOjsA4SZZUfONoaLQ1Z6TKL7S6umZFRlAEX2eaB2MK
AXrTsi0kecbFS8IbzqSlg63QLQWNHwAjXJJybJ0vUqgnHSTZTJAQR2KeBIro1bRJ
9G2NGAVajlwNFxIfHYwPoimbQxE1gQojJt93tbKMfzmca9gWY0Db8L668juYKFKO
sbE5tOAxs0KwDryDuBUnck+a9cECAwEAAaOCAgAwggH8MB0GA1UdDgQWBBQtKvUa
KC8vPs2Ief/8Sy5SB8gJ+jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODYwOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4w
PAQCAAEwNgMEAWcNzgMEAWcewgMEAWclfAMEAWc4UgMEAWdDugMEAWe7kgMEAWe9
6gMEAWfSNgMEAWf6CjANBgkqhkiG9w0BAQsFAAOCAQEAXKD8Hw/VVp/q5LmKagNS
gXtUWCEM5gyb9Cv7MKoqcu/5iVa1vxhmdmIYed3/gmK1d9Faw3mbSX/7w9PsfZMB
uurrh7IRyOuulzMJinJ/bb7DEBNqb3/5OdAYGwDUYfqWMpl/3Xk1/FSEygrIxsvf
XH9ccXnDyrWZCXqdGcZx1G29DPa8pO68O0nEWWX7i5Aljb3EJYFV5ap8mKbq/c+H
DP2jM2OYahTlJx4KscoofPeEVLk6LPs1RzE/Lu/50/DnQQk7k/u0jMbunLVhyCgl
IFgboQhwAkOo8e3CL01vQNIZftz0Jthx8YsYmTPOUpL4nyoJRKaLaz1j5FiNtMN2
4w==
-----END CERTIFICATE-----
Generated at Wed May 8 21:02:21 2024 by rpki-client on console-fra.rpki-client.org