Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141896.roa
File: AS141896.roa (raw, json)
Hash identifier: csTg585XUqpU/xad0MnCIRs2rPwi/D7ucF3yywbPJck=
Subject key identifier: 93:34:CC:6B:56:01:4F:48:ED:A7:62:2F:30:E2:64:D6:4C:69:B3:AC
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 0F4A0C149A6C1B17C9DE8E28B334B71A6A0A4325
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141896.roa
Signing time: Tue 10 Dec 2024 03:00:00 +0000
ROA not before: Tue 10 Dec 2024 02:55:00 +0000
ROA not after: Tue 09 Dec 2025 03:00:00 +0000
asID: 141896
IP address blocks: 103.163.226.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 15:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:4a:0c:14:9a:6c:1b:17:c9:de:8e:28:b3:34:b7:1a:6a:0a:43:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Dec 10 02:55:00 2024 GMT
Not After : Dec 9 03:00:00 2025 GMT
Subject: CN=9334CC6B56014F48EDA7622F30E264D64C69B3AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ad:16:5a:1b:13:0b:2c:44:8b:f1:6b:71:2d:
d7:ca:4f:71:fa:72:be:d2:c9:39:70:61:78:66:3d:
93:be:d1:47:64:2a:3a:55:ba:85:0b:42:8a:3b:46:
25:db:a3:a5:5b:75:39:87:34:33:1e:9f:ed:ae:7e:
f5:de:16:50:65:57:0a:b1:42:f5:5e:52:42:33:10:
32:d6:06:9e:7c:58:23:f2:3b:28:fe:63:d9:0d:f9:
58:0d:f8:c1:7c:dc:82:f1:cd:d7:c3:6d:38:2d:67:
d7:e8:fe:c7:79:de:4d:7d:f1:43:36:eb:15:2e:6b:
ca:37:18:aa:ad:a0:ac:8a:dc:cf:1d:2e:92:b5:95:
06:de:81:c0:1e:16:87:45:fd:24:3e:37:0e:46:8c:
66:3e:41:46:2a:ce:fd:2d:c6:08:00:02:ce:a3:6f:
57:de:96:21:5f:21:dd:a2:8b:11:4c:c6:eb:7f:fb:
27:fc:1e:73:23:fc:ab:95:6c:e6:d7:8d:13:93:0c:
93:86:ad:4a:b4:f5:be:0f:64:5b:ca:02:27:12:78:
14:9d:4b:05:f4:13:cc:07:cf:a9:81:6e:cc:c7:90:
73:61:85:9c:4c:c7:dc:07:55:33:f9:db:04:09:34:
9f:11:b3:45:0e:df:c7:33:7a:1d:40:9b:bd:2a:f6:
5c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:34:CC:6B:56:01:4F:48:ED:A7:62:2F:30:E2:64:D6:4C:69:B3:AC
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141896.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.163.226.0/23
Signature Algorithm: sha256WithRSAEncryption
14:a2:d0:2f:7e:fe:67:91:2c:02:3b:ea:e3:a6:5a:aa:5a:d8:
a5:ad:64:d0:3e:8a:c2:1b:33:8b:52:cb:f6:91:34:e6:18:ca:
6d:72:1a:66:e6:e2:77:05:56:10:45:f0:c2:19:01:52:71:74:
5f:15:b4:cf:d1:38:d5:e7:ce:96:8d:a8:0b:05:06:68:c4:b8:
32:97:40:cd:51:e8:75:f5:83:24:3b:51:4e:84:28:7a:29:74:
68:17:1b:8a:30:9c:d5:fb:ae:ac:70:78:3c:59:a1:36:79:ac:
d4:cd:9b:ee:70:0d:f6:f0:bc:ad:73:d7:60:b3:73:8c:e9:9a:
da:7c:0d:4a:3e:02:6d:0a:8e:ef:57:3a:1c:10:76:c5:1c:2f:
83:a3:db:01:6e:89:96:66:44:cf:0a:f3:a4:29:19:e7:cc:ef:
26:f7:58:ea:16:f4:3e:cf:6a:f3:a8:09:c1:3c:aa:b2:2c:71:
05:61:ac:f8:46:56:0a:ea:36:98:84:7f:af:76:16:95:83:1c:
56:b3:15:b6:21:2b:d9:68:5f:66:33:eb:68:60:60:76:da:8b:
95:4c:41:20:47:20:5f:45:c2:cd:51:af:61:8d:d7:5e:2e:bf:
ad:a8:43:7b:c1:d6:d4:d8:24:e1:93:86:fe:e1:7f:9a:9c:c3:
df:14:cb:1d
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUD0oMFJpsGxfJ3o4oszS3GmoKQyUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDAyNTUwMFoX
DTI1MTIwOTAzMDAwMFowMzExMC8GA1UEAxMoOTMzNENDNkI1NjAxNEY0OEVEQTc2
MjJGMzBFMjY0RDY0QzY5QjNBQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOWtFlobEwssRIvxa3Et18pPcfpyvtLJOXBheGY9k77RR2QqOlW6hQtCijtG
JdujpVt1OYc0Mx6f7a5+9d4WUGVXCrFC9V5SQjMQMtYGnnxYI/I7KP5j2Q35WA34
wXzcgvHN18NtOC1n1+j+x3neTX3xQzbrFS5ryjcYqq2grIrczx0ukrWVBt6BwB4W
h0X9JD43DkaMZj5BRirO/S3GCAACzqNvV96WIV8h3aKLEUzG63/7J/wecyP8q5Vs
5teNE5MMk4atSrT1vg9kW8oCJxJ4FJ1LBfQTzAfPqYFuzMeQc2GFnEzH3AdVM/nb
BAk0nxGzRQ7fxzN6HUCbvSr2XAUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSTNMxr
VgFPSO2nYi8w4mTWTGmzrDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTg5Ni5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAWej4jANBgkqhkiG9w0BAQsFAAOCAQEAFKLQL37+Z5EsAjvq46Za
qlrYpa1k0D6Kwhszi1LL9pE05hjKbXIaZubidwVWEEXwwhkBUnF0XxW0z9E41efO
lo2oCwUGaMS4MpdAzVHodfWDJDtRToQoeil0aBcbijCc1fuurHB4PFmhNnms1M2b
7nAN9vC8rXPXYLNzjOma2nwNSj4CbQqO71c6HBB2xRwvg6PbAW6JlmZEzwrzpCkZ
58zvJvdY6hb0Ps9q86gJwTyqsixxBWGs+EZWCuo2mIR/r3YWlYMcVrMVtiEr2Whf
ZjPraGBgdtqLlUxBIEcgX0XCzVGvYY3XXi6/rahDe8HW1Ngk4ZOG/uF/mpzD3xTL
HQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:35:04 2025 by rpki-client