Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4800.roa
File: AS4800.roa (raw, json)
Hash identifier: B1DEv24ic8A1/TI8yaem/JP46Xn8dp6117LW5Cz1tPI=
Subject key identifier: B1:2F:AE:E2:A8:5D:5F:00:A6:31:10:9B:A3:20:C0:9B:6C:83:60:09
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 4334CBA28B4167EE121AF21468E095F04C639BAC
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4800.roa
Signing time: Mon 25 Mar 2024 07:52:55 +0000
ROA not before: Mon 25 Mar 2024 07:47:55 +0000
ROA not after: Mon 24 Mar 2025 07:52:55 +0000
asID: 4800
IP address blocks: 36.50.64.0/23 maxlen: 24
36.50.66.0/23 maxlen: 24
36.50.68.0/23 maxlen: 24
36.50.70.0/23 maxlen: 24
36.50.120.0/23 maxlen: 24
36.50.126.0/23 maxlen: 24
36.50.136.0/23 maxlen: 24
36.50.242.0/23 maxlen: 24
36.50.244.0/23 maxlen: 24
36.50.246.0/23 maxlen: 24
103.1.156.0/23 maxlen: 24
103.7.194.0/23 maxlen: 24
103.8.64.0/23 maxlen: 24
103.8.66.0/23 maxlen: 24
103.8.184.0/23 maxlen: 24
103.8.186.0/23 maxlen: 24
103.8.192.0/23 maxlen: 24
103.8.194.0/23 maxlen: 24
103.9.140.0/23 maxlen: 24
103.12.206.0/23 maxlen: 24
103.12.224.0/23 maxlen: 24
103.12.226.0/23 maxlen: 24
103.13.4.0/23 maxlen: 24
103.39.198.0/23 maxlen: 24
103.40.0.0/23 maxlen: 24
103.42.246.0/23 maxlen: 23
103.43.56.0/23 maxlen: 23
103.43.58.0/23 maxlen: 23
103.43.60.0/23 maxlen: 23
103.43.62.0/23 maxlen: 23
103.44.8.0/23 maxlen: 24
103.44.10.0/23 maxlen: 24
103.44.92.0/23 maxlen: 24
103.44.94.0/23 maxlen: 24
103.44.152.0/23 maxlen: 24
103.44.154.0/23 maxlen: 24
103.55.248.0/23 maxlen: 23
103.55.250.0/23 maxlen: 23
103.60.92.0/23 maxlen: 23
103.60.94.0/23 maxlen: 23
103.65.120.0/23 maxlen: 23
103.65.122.0/23 maxlen: 23
103.65.124.0/23 maxlen: 23
103.65.126.0/23 maxlen: 23
103.101.40.0/23 maxlen: 24
103.101.164.0/23 maxlen: 24
103.102.48.0/23 maxlen: 24
103.102.54.0/23 maxlen: 24
103.103.4.0/23 maxlen: 24
103.103.216.0/23 maxlen: 24
103.104.8.0/23 maxlen: 24
103.106.12.0/23 maxlen: 24
103.108.80.0/23 maxlen: 24
103.108.84.0/23 maxlen: 24
103.142.104.0/23 maxlen: 24
103.149.24.0/23 maxlen: 24
103.152.80.0/23 maxlen: 24
103.168.122.0/23 maxlen: 24
103.168.124.0/23 maxlen: 24
103.168.126.0/23 maxlen: 24
103.168.128.0/23 maxlen: 24
103.168.130.0/23 maxlen: 24
103.168.132.0/23 maxlen: 24
103.168.136.0/23 maxlen: 24
103.169.16.0/23 maxlen: 24
103.169.18.0/23 maxlen: 24
103.169.20.0/23 maxlen: 24
103.169.22.0/23 maxlen: 24
103.169.24.0/23 maxlen: 24
103.169.26.0/23 maxlen: 24
103.169.28.0/23 maxlen: 24
103.169.30.0/23 maxlen: 24
103.175.210.0/23 maxlen: 24
103.183.60.0/23 maxlen: 24
103.183.186.0/23 maxlen: 24
103.187.150.0/23 maxlen: 24
103.187.152.0/23 maxlen: 24
103.187.154.0/23 maxlen: 24
103.187.156.0/23 maxlen: 24
103.187.184.0/23 maxlen: 24
103.187.186.0/23 maxlen: 24
103.187.188.0/23 maxlen: 24
103.187.218.0/23 maxlen: 24
103.187.220.0/23 maxlen: 24
103.187.234.0/23 maxlen: 24
103.187.236.0/23 maxlen: 24
103.188.32.0/23 maxlen: 24
103.188.34.0/23 maxlen: 24
103.188.36.0/23 maxlen: 24
103.188.38.0/23 maxlen: 24
103.190.222.0/23 maxlen: 24
103.190.224.0/23 maxlen: 24
103.191.0.0/23 maxlen: 24
103.191.2.0/23 maxlen: 24
103.191.4.0/23 maxlen: 24
103.191.6.0/23 maxlen: 24
103.191.8.0/23 maxlen: 24
103.191.10.0/23 maxlen: 24
103.191.12.0/23 maxlen: 24
103.200.204.0/23 maxlen: 24
103.200.206.0/23 maxlen: 24
103.203.68.0/23 maxlen: 24
103.203.70.0/23 maxlen: 24
103.203.204.0/23 maxlen: 24
103.203.206.0/23 maxlen: 24
103.252.86.0/23 maxlen: 24
103.253.164.0/23 maxlen: 24
103.254.124.0/23 maxlen: 24
113.192.32.0/23 maxlen: 24
113.192.34.0/23 maxlen: 24
113.192.36.0/23 maxlen: 24
113.192.38.0/23 maxlen: 24
210.87.94.0/23 maxlen: 24
210.87.102.0/23 maxlen: 24
2400:8000::/32 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 12 May 2024 03:34:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:34:cb:a2:8b:41:67:ee:12:1a:f2:14:68:e0:95:f0:4c:63:9b:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Mar 25 07:47:55 2024 GMT
Not After : Mar 24 07:52:55 2025 GMT
Subject: CN=B12FAEE2A85D5F00A631109BA320C09B6C836009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:3d:e9:73:ae:88:57:dc:30:33:f3:72:99:02:
c8:87:13:35:d7:f4:76:78:d0:87:f6:fb:96:a3:12:
07:78:b1:c6:92:70:2a:61:cb:cd:4f:04:f5:f6:4a:
7e:d9:7e:1c:bd:46:b5:03:10:e5:a7:70:c1:b6:5f:
9b:59:d4:9b:d0:b9:ae:ed:5c:48:ad:c1:5d:da:67:
c5:08:e7:14:7b:37:3d:69:67:ec:51:4d:98:e9:12:
f0:06:26:8a:92:60:d0:c2:a8:73:78:e2:44:31:83:
22:d5:b9:d3:31:ea:19:89:01:2b:be:10:60:38:99:
40:de:17:db:3a:5d:1c:c2:0b:1c:17:3b:59:78:ba:
3b:bf:2b:3b:93:ab:e0:da:13:4d:c9:94:cc:c5:2b:
4b:d5:95:29:2f:62:d2:46:fe:43:96:0b:e3:31:a3:
8a:7c:43:18:77:10:47:6d:e8:0b:de:1d:39:6a:d2:
bc:f5:9f:5c:10:b0:12:ff:c4:71:e8:d4:da:96:1b:
32:c3:aa:e8:f5:60:81:24:4a:95:8e:0f:5e:2b:bb:
b9:ac:3e:f1:d6:4b:3d:0f:f3:7e:d2:5c:d8:e7:53:
22:df:ce:cc:ef:34:cc:b4:a2:8e:a4:62:33:94:27:
87:5c:00:d2:d5:e7:f4:4a:a0:d7:e2:59:fe:26:8a:
9d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:2F:AE:E2:A8:5D:5F:00:A6:31:10:9B:A3:20:C0:9B:6C:83:60:09
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4800.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.50.64.0/21
36.50.120.0/23
36.50.126.0/23
36.50.136.0/23
36.50.242.0-36.50.247.255
103.1.156.0/23
103.7.194.0/23
103.8.64.0/22
103.8.184.0/22
103.8.192.0/22
103.9.140.0/23
103.12.206.0/23
103.12.224.0/22
103.13.4.0/23
103.39.198.0/23
103.40.0.0/23
103.42.246.0/23
103.43.56.0/21
103.44.8.0/22
103.44.92.0/22
103.44.152.0/22
103.55.248.0/22
103.60.92.0/22
103.65.120.0/21
103.101.40.0/23
103.101.164.0/23
103.102.48.0/23
103.102.54.0/23
103.103.4.0/23
103.103.216.0/23
103.104.8.0/23
103.106.12.0/23
103.108.80.0/23
103.108.84.0/23
103.142.104.0/23
103.149.24.0/23
103.152.80.0/23
103.168.122.0-103.168.133.255
103.168.136.0/23
103.169.16.0/20
103.175.210.0/23
103.183.60.0/23
103.183.186.0/23
103.187.150.0-103.187.157.255
103.187.184.0-103.187.189.255
103.187.218.0-103.187.221.255
103.187.234.0-103.187.237.255
103.188.32.0/21
103.190.222.0-103.190.225.255
103.191.0.0-103.191.13.255
103.200.204.0/22
103.203.68.0/22
103.203.204.0/22
103.252.86.0/23
103.253.164.0/23
103.254.124.0/23
113.192.32.0/21
210.87.94.0/23
210.87.102.0/23
IPv6:
2400:8000::/32
Signature Algorithm: sha256WithRSAEncryption
54:78:35:be:a5:91:b4:b9:d6:12:63:39:13:14:a6:e6:16:bf:
54:e9:e7:ef:cc:7d:b2:6e:df:ef:aa:eb:26:11:f0:1d:01:e8:
bf:b8:b1:70:65:97:dc:a4:9b:b2:64:57:58:02:72:ba:c6:ef:
21:95:6a:cd:99:1a:b9:4b:19:11:56:8d:36:b3:76:05:19:1f:
6b:f2:08:fe:8c:2b:f2:54:52:d9:c3:46:9a:b1:65:77:b4:a1:
4c:28:c4:73:20:4e:2b:d6:df:3b:1a:2f:ad:0c:d8:4f:b0:23:
19:4c:95:eb:af:6f:41:f1:db:b7:d6:c1:f7:05:68:74:66:c7:
31:b8:4d:1e:f5:29:a8:f4:26:28:ce:ef:2b:38:a9:56:f3:cd:
52:d3:7d:65:e0:cb:84:df:7e:b7:a0:b7:8f:41:d0:1f:2d:24:
48:0e:16:d5:57:40:6d:28:50:67:73:f4:9e:c1:27:59:e8:b7:
30:90:49:75:c1:8a:5d:fc:29:6a:7f:b3:36:6b:09:6c:d3:4e:
ad:d8:db:0c:68:a7:fb:6e:14:8f:fd:57:63:ed:49:7f:86:0c:
e0:e8:8f:90:04:6c:c4:18:77:fe:6f:15:20:86:fa:59:1a:cc:
2f:1d:5d:c2:ca:d5:dc:d7:b1:3b:c4:a9:fb:69:0c:a5:5a:50:
14:2c:e3:3a
-----BEGIN CERTIFICATE-----
MIIGjzCCBXegAwIBAgIUQzTLootBZ+4SGvIUaOCV8Exjm6wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDMyNTA3NDc1NVoX
DTI1MDMyNDA3NTI1NVowMzExMC8GA1UEAxMoQjEyRkFFRTJBODVENUYwMEE2MzEx
MDlCQTMyMEMwOUI2QzgzNjAwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANk96XOuiFfcMDPzcpkCyIcTNdf0dnjQh/b7lqMSB3ixxpJwKmHLzU8E9fZK
ftl+HL1GtQMQ5adwwbZfm1nUm9C5ru1cSK3BXdpnxQjnFHs3PWln7FFNmOkS8AYm
ipJg0MKoc3jiRDGDItW50zHqGYkBK74QYDiZQN4X2zpdHMILHBc7WXi6O78rO5Or
4NoTTcmUzMUrS9WVKS9i0kb+Q5YL4zGjinxDGHcQR23oC94dOWrSvPWfXBCwEv/E
cejU2pYbMsOq6PVggSRKlY4PXiu7uaw+8dZLPQ/zftJc2OdTIt/OzO80zLSijqRi
M5Qnh1wA0tXn9Eqg1+JZ/iaKnc8CAwEAAaOCA4IwggN+MB0GA1UdDgQWBBSxL67i
qF1fAKYxEJujIMCbbINgCTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzQ4MDAucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwggHRBggrBgEFBQcBBwEB/wSCAcAw
ggG8MIIBqQQCAAEwggGhAwQDJDJAAwQBJDJ4AwQBJDJ+AwQBJDKIMAwDBAEkMvID
BAMkMvADBAFnAZwDBAFnB8IDBAJnCEADBAJnCLgDBAJnCMADBAFnCYwDBAFnDM4D
BAJnDOADBAFnDQQDBAFnJ8YDBAFnKAADBAFnKvYDBANnKzgDBAJnLAgDBAJnLFwD
BAJnLJgDBAJnN/gDBAJnPFwDBANnQXgDBAFnZSgDBAFnZaQDBAFnZjADBAFnZjYD
BAFnZwQDBAFnZ9gDBAFnaAgDBAFnagwDBAFnbFADBAFnbFQDBAFnjmgDBAFnlRgD
BAFnmFAwDAMEAWeoegMEAWeohAMEAWeoiAMEBGepEAMEAWev0gMEAWe3PAMEAWe3
ujAMAwQBZ7uWAwQBZ7ucMAwDBANnu7gDBAFnu7wwDAMEAWe72gMEAWe73DAMAwQB
Z7vqAwQBZ7vsAwQDZ7wgMAwDBAFnvt4DBAFnvuAwCwMDAGe/AwQBZ78MAwQCZ8jM
AwQCZ8tEAwQCZ8vMAwQBZ/xWAwQBZ/2kAwQBZ/58AwQDccAgAwQB0ldeAwQB0ldm
MA0EAgACMAcDBQAkAIAAMA0GCSqGSIb3DQEBCwUAA4IBAQBUeDW+pZG0udYSYzkT
FKbmFr9U6efvzH2ybt/vqusmEfAdAei/uLFwZZfcpJuyZFdYAnK6xu8hlWrNmRq5
SxkRVo02s3YFGR9r8gj+jCvyVFLZw0aasWV3tKFMKMRzIE4r1t87Gi+tDNhPsCMZ
TJXrr29B8du31sH3BWh0ZscxuE0e9Smo9CYozu8rOKlW881S031l4MuE3363oLeP
QdAfLSRIDhbVV0BtKFBnc/SewSdZ6LcwkEl1wYpd/Clqf7M2awls006t2NsMaKf7
bhSP/Vdj7Ul/hgzg6I+QBGzEGHf+bxUghvpZGswvHV3CytXc17E7xKn7aQylWlAU
LOM6
-----END CERTIFICATE-----
Generated at Wed May 8 21:02:25 2024 by rpki-client on console-fra.rpki-client.org