Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4787.roa
File: AS4787.roa (raw, json)
Hash identifier: brRGwzxjAhBVj6XNgPmXRaWqqEvYAG+jGURSzYolCoQ=
Subject key identifier: 93:97:2E:55:28:B1:49:6E:EF:FD:20:C6:97:65:3E:7C:85:8F:39:79
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 08EC08DCDA02F1CA47EAAA167D96599E235041AB
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4787.roa
Signing time: Tue 11 Mar 2025 07:12:20 +0000
ROA not before: Tue 11 Mar 2025 07:07:20 +0000
ROA not after: Tue 10 Mar 2026 07:12:20 +0000
asID: 4787
IP address blocks: 103.86.152.0/22 maxlen: 24
103.111.200.0/22 maxlen: 24
103.112.222.0/24 maxlen: 24
103.113.48.0/22 maxlen: 24
103.114.173.0/24 maxlen: 24
103.164.132.0/23 maxlen: 24
103.164.134.0/23 maxlen: 24
202.51.24.0/21 maxlen: 24
2001:df4:cd00::/48 maxlen: 48
2403:3440::/32 maxlen: 48
2403:34c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 07 Apr 2025 17:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:ec:08:dc:da:02:f1:ca:47:ea:aa:16:7d:96:59:9e:23:50:41:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Mar 11 07:07:20 2025 GMT
Not After : Mar 10 07:12:20 2026 GMT
Subject: CN=93972E5528B1496EEFFD20C697653E7C858F3979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c7:50:73:37:af:9d:8f:7c:7e:92:a4:43:92:
21:1b:74:66:e9:48:78:42:e4:75:9f:64:e7:85:b4:
75:42:08:5c:a5:13:26:da:71:06:2b:84:89:ea:12:
ea:0c:f0:11:b1:cf:90:8b:5e:8b:ea:d5:04:8e:bd:
da:f4:a0:c4:77:3f:b2:42:55:c9:e1:73:2f:92:88:
bb:fc:a3:02:2c:62:7c:0b:6e:9c:46:41:bd:90:7d:
e8:6c:01:dc:61:33:4c:aa:80:11:60:a1:f0:24:05:
48:dd:08:ff:86:63:27:fe:89:65:5e:9f:23:74:41:
f2:f8:7e:9f:01:ff:47:e9:37:76:91:48:dd:73:83:
e1:ee:bf:cb:15:fa:23:b2:8b:6b:89:67:c6:ea:ed:
70:f8:98:05:8e:db:43:f9:a4:44:44:0d:29:b9:3e:
21:19:2d:29:d6:d7:db:40:bd:d8:c1:fd:e1:e3:d3:
0d:1e:3b:fe:3a:3b:cc:c1:b3:b3:d1:14:b7:51:02:
ef:9e:c4:cb:da:92:52:d8:19:56:6a:42:7f:b9:5b:
59:19:c6:e5:e8:dc:71:79:3c:e9:92:f5:fd:23:3f:
55:41:16:a8:a2:9c:83:11:84:20:26:ff:ae:c2:bd:
e7:54:a6:76:58:97:c8:06:6a:58:74:9f:62:b7:75:
1d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:97:2E:55:28:B1:49:6E:EF:FD:20:C6:97:65:3E:7C:85:8F:39:79
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4787.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.86.152.0/22
103.111.200.0/22
103.112.222.0/24
103.113.48.0/22
103.114.173.0/24
103.164.132.0/22
202.51.24.0/21
IPv6:
2001:df4:cd00::/48
2403:3440::/32
2403:34c0::/32
Signature Algorithm: sha256WithRSAEncryption
6c:e4:55:5f:fd:06:cb:30:9b:db:74:5f:5e:47:b0:8f:ce:25:
37:5d:89:bf:11:53:78:65:d5:e2:82:03:a4:a5:03:46:1a:8e:
33:3a:97:3b:50:de:e8:d0:ed:6e:f2:91:36:34:c5:fb:13:b5:
4d:fd:e4:83:62:3f:f9:8f:76:7d:85:e6:a9:62:aa:f1:7a:5e:
e3:b2:65:78:97:c5:c5:c0:ab:48:c1:b5:21:2c:95:64:d4:12:
ca:0a:34:f1:71:3d:85:2e:fd:0f:b2:e3:d0:8e:83:e6:d3:3f:
f8:60:fa:ad:dc:7b:d7:ff:d5:27:f4:f3:d7:e2:4f:60:07:e1:
0d:6b:dc:fd:7f:19:40:c8:5c:8f:19:1a:ff:29:8f:8c:0d:3d:
03:2e:20:f3:7d:cf:79:ef:35:95:54:a3:d5:74:57:e0:21:81:
a5:71:21:3a:c9:c4:09:97:5e:31:4a:f4:de:58:01:cf:ef:7d:
59:de:2b:8f:be:37:2c:fd:6c:4b:d8:ab:ab:12:07:9b:1f:e0:
01:f7:86:cf:13:04:34:c4:6c:f9:00:ff:54:47:dc:96:7b:5c:
6d:a2:60:97:b1:54:8e:f8:84:89:79:68:e4:d9:a1:fa:0a:15:
46:73:4f:fa:86:85:ca:89:36:a2:ef:e6:14:01:6f:5d:fb:4b:
ac:74:16:1f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUCOwI3NoC8cpH6qoWfZZZniNQQaswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDMxMTA3MDcyMFoX
DTI2MDMxMDA3MTIyMFowMzExMC8GA1UEAxMoOTM5NzJFNTUyOEIxNDk2RUVGRkQy
MEM2OTc2NTNFN0M4NThGMzk3OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/HUHM3r52PfH6SpEOSIRt0ZulIeELkdZ9k54W0dUIIXKUTJtpxBiuEieoS
6gzwEbHPkItei+rVBI692vSgxHc/skJVyeFzL5KIu/yjAixifAtunEZBvZB96GwB
3GEzTKqAEWCh8CQFSN0I/4ZjJ/6JZV6fI3RB8vh+nwH/R+k3dpFI3XOD4e6/yxX6
I7KLa4lnxurtcPiYBY7bQ/mkREQNKbk+IRktKdbX20C92MH94ePTDR47/jo7zMGz
s9EUt1EC757Ey9qSUtgZVmpCf7lbWRnG5ejccXk86ZL1/SM/VUEWqKKcgxGEICb/
rsK951SmdliXyAZqWHSfYrd1HT8CAwEAAaOCAhEwggINMB0GA1UdDgQWBBSTly5V
KLFJbu/9IMaXZT58hY85eTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzQ3ODcucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwYgYIKwYBBQUHAQcBAf8EUzBRMDAE
AgABMCoDBAJnVpgDBAJnb8gDBABncN4DBAJncTADBABncq0DBAJnpIQDBAPKMxgw
HQQCAAIwFwMHACABDfTNAAMFACQDNEADBQAkAzTAMA0GCSqGSIb3DQEBCwUAA4IB
AQBs5FVf/QbLMJvbdF9eR7CPziU3XYm/EVN4ZdXiggOkpQNGGo4zOpc7UN7o0O1u
8pE2NMX7E7VN/eSDYj/5j3Z9heapYqrxel7jsmV4l8XFwKtIwbUhLJVk1BLKCjTx
cT2FLv0PsuPQjoPm0z/4YPqt3HvX/9Un9PPX4k9gB+ENa9z9fxlAyFyPGRr/KY+M
DT0DLiDzfc957zWVVKPVdFfgIYGlcSE6ycQJl14xSvTeWAHP731Z3iuPvjcs/WxL
2KurEgebH+AB94bPEwQ0xGz5AP9UR9yWe1xtomCXsVSO+ISJeWjk2aH6ChVGc0/6
hoXKiTai7+YUAW9d+0usdBYf
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:19:56 2025 by rpki-client