Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4787.roa
File: AS4787.roa (raw, json)
Hash identifier: nZF6Rty3Ou4JFb6QGNPdfevWIbfq/38CAZAf5oE7+MA=
Subject key identifier: DF:48:AB:92:4E:66:A7:7D:06:80:7D:59:47:16:4F:2A:0C:0E:AF:80
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 6AC1347465FFEF8B3996BE63A536FDDAD1B3C801
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4787.roa
Signing time: Fri 08 Nov 2024 09:06:08 +0000
ROA not before: Fri 08 Nov 2024 09:01:08 +0000
ROA not after: Fri 07 Nov 2025 09:06:08 +0000
asID: 4787
IP address blocks: 103.86.152.0/22 maxlen: 24
103.111.200.0/22 maxlen: 24
103.113.48.0/22 maxlen: 24
103.164.132.0/23 maxlen: 24
103.164.134.0/23 maxlen: 24
202.51.24.0/21 maxlen: 24
2403:3440::/32 maxlen: 48
2403:34c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 25 Nov 2024 20:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:c1:34:74:65:ff:ef:8b:39:96:be:63:a5:36:fd:da:d1:b3:c8:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Nov 8 09:01:08 2024 GMT
Not After : Nov 7 09:06:08 2025 GMT
Subject: CN=DF48AB924E66A77D06807D5947164F2A0C0EAF80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:23:2d:e1:cd:18:91:1b:92:a6:ca:0d:c1:a8:
08:19:26:ca:20:bd:51:11:3b:ff:51:31:92:5e:70:
88:7f:4b:82:c4:3b:35:91:bd:61:b1:fd:3f:21:e6:
46:12:44:75:a4:c5:e9:fa:0f:f8:bf:6a:34:68:c6:
13:d5:4e:d5:df:8c:7a:e1:86:e0:56:11:9c:67:a0:
e0:a7:38:2a:e9:45:eb:9d:f3:fd:5e:a4:d2:43:5b:
bf:03:40:a5:6c:31:a4:0b:14:e6:e2:4a:ad:9f:b1:
f9:d8:d4:39:7e:4e:5d:0d:9f:53:a9:21:05:03:85:
90:86:92:c6:26:c8:c6:60:a5:a0:a2:7f:a6:47:29:
69:5f:29:2a:79:9c:fe:73:21:c5:1c:b1:2b:61:6b:
85:35:27:f5:c2:e6:7d:51:10:49:68:b8:af:90:cf:
46:4e:99:78:0e:7f:6a:92:83:e4:3e:14:c8:da:49:
41:72:c6:11:db:4e:21:4e:59:77:e8:1d:ed:64:53:
25:8e:f0:10:82:0f:fc:bf:6f:b3:b5:3d:1a:9f:f1:
78:57:f7:95:93:e3:a2:99:c0:92:cf:b9:70:9b:34:
cc:6e:a5:69:e1:04:32:81:11:ef:ed:c2:7a:97:4d:
01:1f:06:fb:a3:2a:7a:f7:eb:a0:be:92:3c:36:08:
ed:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:48:AB:92:4E:66:A7:7D:06:80:7D:59:47:16:4F:2A:0C:0E:AF:80
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4787.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.86.152.0/22
103.111.200.0/22
103.113.48.0/22
103.164.132.0/22
202.51.24.0/21
IPv6:
2403:3440::/32
2403:34c0::/32
Signature Algorithm: sha256WithRSAEncryption
95:c7:7b:ba:42:a7:58:aa:63:ed:96:77:64:51:d6:6d:91:92:
f7:35:42:54:95:fd:95:bb:0b:dc:cd:11:2c:1a:f4:3c:b2:54:
e6:d3:18:c7:77:e8:ed:52:36:8b:70:58:8d:7c:67:fb:60:68:
ec:2b:c0:ba:80:0c:42:c5:38:a5:86:8f:b8:1e:8f:ce:4f:8e:
83:f8:52:1d:9e:fd:5a:2b:52:f6:f6:b9:d7:b9:ab:a1:91:f6:
91:2a:25:22:06:3e:db:bc:fb:af:92:2d:87:ef:0e:a6:27:29:
53:27:07:f3:df:2e:2b:0f:2f:3f:14:85:c8:aa:b1:ac:fa:c2:
a9:75:c3:4a:75:30:b8:f9:91:4a:15:c7:85:40:8c:de:d0:64:
25:fe:83:ee:9a:8f:26:00:35:f5:c0:90:37:30:a3:fd:fa:d5:
02:36:b8:df:66:02:d0:ae:f5:cf:23:2a:27:cd:1f:aa:c8:ff:
a2:97:08:20:32:25:0d:30:20:c2:3f:f9:04:14:1e:05:7b:23:
42:8b:f4:cf:cb:59:4a:38:3b:62:71:a6:61:d7:02:97:85:f4:
f7:c2:27:61:91:e3:52:7c:b5:51:8a:37:b4:05:75:d9:9d:90:
86:d6:0a:b2:d2:08:0a:fd:31:32:af:22:b0:18:b9:fe:e1:35:
14:23:92:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIUasE0dGX/74s5lr5jpTb92tGzyAEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTEwODA5MDEwOFoX
DTI1MTEwNzA5MDYwOFowMzExMC8GA1UEAxMoREY0OEFCOTI0RTY2QTc3RDA2ODA3
RDU5NDcxNjRGMkEwQzBFQUY4MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMYjLeHNGJEbkqbKDcGoCBkmyiC9URE7/1Exkl5wiH9LgsQ7NZG9YbH9PyHm
RhJEdaTF6foP+L9qNGjGE9VO1d+MeuGG4FYRnGeg4Kc4KulF653z/V6k0kNbvwNA
pWwxpAsU5uJKrZ+x+djUOX5OXQ2fU6khBQOFkIaSxibIxmCloKJ/pkcpaV8pKnmc
/nMhxRyxK2FrhTUn9cLmfVEQSWi4r5DPRk6ZeA5/apKD5D4UyNpJQXLGEdtOIU5Z
d+gd7WRTJY7wEIIP/L9vs7U9Gp/xeFf3lZPjopnAks+5cJs0zG6laeEEMoER7+3C
epdNAR8G+6MqevfroL6SPDYI7a8CAwEAAaOCAfwwggH4MB0GA1UdDgQWBBTfSKuS
TmanfQaAfVlHFk8qDA6vgDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzQ3ODcucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwTQYIKwYBBQUHAQcBAf8EPjA8MCQE
AgABMB4DBAJnVpgDBAJnb8gDBAJncTADBAJnpIQDBAPKMxgwFAQCAAIwDgMFACQD
NEADBQAkAzTAMA0GCSqGSIb3DQEBCwUAA4IBAQCVx3u6QqdYqmPtlndkUdZtkZL3
NUJUlf2VuwvczREsGvQ8slTm0xjHd+jtUjaLcFiNfGf7YGjsK8C6gAxCxTilho+4
Ho/OT46D+FIdnv1aK1L29rnXuauhkfaRKiUiBj7bvPuvki2H7w6mJylTJwfz3y4r
Dy8/FIXIqrGs+sKpdcNKdTC4+ZFKFceFQIze0GQl/oPumo8mADX1wJA3MKP9+tUC
NrjfZgLQrvXPIyonzR+qyP+ilwggMiUNMCDCP/kEFB4FeyNCi/TPy1lKODticaZh
1wKXhfT3widhkeNSfLVRije0BXXZnZCG1gqy0ggK/TEyryKwGLn+4TUUI5I+
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:50 2024 by rpki-client on console-ams.rpki-client.org