Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4800.roa
File: AS4800.roa (raw, json)
Hash identifier: AlQDHLD4B3KatI34ggELwbhY+sx+hZvu0PYXtg3Bq9Y=
Subject key identifier: E8:DA:C1:E9:6B:20:B6:D7:41:CF:CF:73:40:65:27:7C:76:4E:91:DD
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 11B594486FD5AD988B7E9094D4F3A6A6EDE0F960
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4800.roa
Signing time: Wed 17 Jul 2024 06:27:00 +0000
ROA not before: Wed 17 Jul 2024 06:22:00 +0000
ROA not after: Wed 16 Jul 2025 06:27:00 +0000
asID: 4800
IP address blocks: 36.50.64.0/23 maxlen: 24
36.50.66.0/23 maxlen: 24
36.50.68.0/23 maxlen: 24
36.50.70.0/23 maxlen: 24
36.50.120.0/23 maxlen: 24
36.50.126.0/23 maxlen: 24
36.50.136.0/23 maxlen: 24
36.50.242.0/23 maxlen: 24
36.50.244.0/23 maxlen: 24
36.50.246.0/23 maxlen: 24
103.1.156.0/23 maxlen: 24
103.7.194.0/23 maxlen: 24
103.8.64.0/23 maxlen: 24
103.8.66.0/23 maxlen: 24
103.8.184.0/23 maxlen: 24
103.8.186.0/23 maxlen: 24
103.8.192.0/23 maxlen: 24
103.8.194.0/23 maxlen: 24
103.9.140.0/23 maxlen: 24
103.12.206.0/23 maxlen: 24
103.12.224.0/23 maxlen: 24
103.12.226.0/23 maxlen: 24
103.13.4.0/23 maxlen: 24
103.39.198.0/23 maxlen: 24
103.40.0.0/23 maxlen: 24
103.42.246.0/23 maxlen: 24
103.43.56.0/23 maxlen: 24
103.43.58.0/23 maxlen: 24
103.43.60.0/23 maxlen: 24
103.43.62.0/23 maxlen: 24
103.44.8.0/23 maxlen: 24
103.44.10.0/23 maxlen: 24
103.44.92.0/23 maxlen: 24
103.44.94.0/23 maxlen: 24
103.44.152.0/23 maxlen: 24
103.44.154.0/23 maxlen: 24
103.55.248.0/23 maxlen: 24
103.55.250.0/23 maxlen: 24
103.60.92.0/23 maxlen: 24
103.60.94.0/23 maxlen: 24
103.65.120.0/23 maxlen: 24
103.65.122.0/23 maxlen: 24
103.65.124.0/23 maxlen: 24
103.65.126.0/23 maxlen: 24
103.101.40.0/23 maxlen: 24
103.101.164.0/23 maxlen: 24
103.102.48.0/23 maxlen: 24
103.102.54.0/23 maxlen: 24
103.103.4.0/23 maxlen: 24
103.103.216.0/23 maxlen: 24
103.104.8.0/23 maxlen: 24
103.106.12.0/23 maxlen: 24
103.108.80.0/23 maxlen: 24
103.108.84.0/23 maxlen: 24
103.142.104.0/23 maxlen: 24
103.149.24.0/23 maxlen: 24
103.152.80.0/23 maxlen: 24
103.168.122.0/23 maxlen: 24
103.168.124.0/23 maxlen: 24
103.168.126.0/23 maxlen: 24
103.168.128.0/23 maxlen: 24
103.168.130.0/23 maxlen: 24
103.168.132.0/23 maxlen: 24
103.168.136.0/23 maxlen: 24
103.169.16.0/23 maxlen: 24
103.169.18.0/23 maxlen: 24
103.169.20.0/23 maxlen: 24
103.169.22.0/23 maxlen: 24
103.169.24.0/23 maxlen: 24
103.169.26.0/23 maxlen: 24
103.169.28.0/23 maxlen: 24
103.169.30.0/23 maxlen: 24
103.175.210.0/23 maxlen: 24
103.183.60.0/23 maxlen: 24
103.183.186.0/23 maxlen: 24
103.187.150.0/23 maxlen: 24
103.187.152.0/23 maxlen: 24
103.187.154.0/23 maxlen: 24
103.187.156.0/23 maxlen: 24
103.187.184.0/23 maxlen: 24
103.187.186.0/23 maxlen: 24
103.187.188.0/23 maxlen: 24
103.187.218.0/23 maxlen: 24
103.187.220.0/23 maxlen: 24
103.187.234.0/23 maxlen: 24
103.187.236.0/23 maxlen: 24
103.188.32.0/23 maxlen: 24
103.188.34.0/23 maxlen: 24
103.188.36.0/23 maxlen: 24
103.188.38.0/23 maxlen: 24
103.190.222.0/23 maxlen: 24
103.190.224.0/23 maxlen: 24
103.191.0.0/23 maxlen: 24
103.191.2.0/23 maxlen: 24
103.191.4.0/23 maxlen: 24
103.191.6.0/23 maxlen: 24
103.191.8.0/23 maxlen: 24
103.191.10.0/23 maxlen: 24
103.191.12.0/23 maxlen: 24
103.200.204.0/23 maxlen: 24
103.200.206.0/23 maxlen: 24
103.203.68.0/23 maxlen: 24
103.203.70.0/23 maxlen: 24
103.203.204.0/23 maxlen: 24
103.203.206.0/23 maxlen: 24
103.252.86.0/23 maxlen: 24
103.253.164.0/23 maxlen: 24
103.254.124.0/23 maxlen: 24
113.192.32.0/23 maxlen: 24
113.192.34.0/23 maxlen: 24
113.192.36.0/23 maxlen: 24
113.192.38.0/23 maxlen: 24
210.87.94.0/23 maxlen: 24
210.87.102.0/23 maxlen: 24
2400:8000::/32 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 25 Nov 2024 20:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:b5:94:48:6f:d5:ad:98:8b:7e:90:94:d4:f3:a6:a6:ed:e0:f9:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Jul 17 06:22:00 2024 GMT
Not After : Jul 16 06:27:00 2025 GMT
Subject: CN=E8DAC1E96B20B6D741CFCF734065277C764E91DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b0:a5:e6:79:4f:c8:06:55:03:e0:da:5b:ea:
65:eb:4a:24:79:6b:13:9b:0a:96:5d:a4:8b:fb:15:
74:8d:ea:2c:d8:76:55:30:8e:0d:d9:72:15:1e:b2:
04:ea:bd:8d:c6:c9:2c:89:4b:82:ff:56:a1:16:ab:
5b:fb:25:0d:83:6c:08:c6:40:b2:43:21:3c:c3:09:
a5:24:b3:81:2a:11:a0:71:70:39:e8:ab:98:ff:6f:
05:81:41:3a:6f:d7:15:63:57:80:47:86:ec:0b:7d:
3a:f6:26:d8:56:2a:f3:53:47:41:15:1a:79:e4:09:
57:55:fe:78:17:e8:f7:8e:5d:c3:21:3d:a2:07:5a:
d9:98:5a:f8:dd:a5:ba:ae:fa:fb:2e:1c:ad:ba:75:
2e:36:2b:ae:1a:c9:e6:75:a0:4f:dc:5a:cc:df:9c:
82:a8:3d:8f:36:66:ce:e3:94:56:65:c1:6c:ca:77:
57:f1:6d:11:18:78:0b:df:36:ff:8f:a8:85:ea:5c:
9d:c4:f1:fe:17:9a:4d:67:5b:32:be:f6:97:43:62:
cb:8e:87:77:b2:c8:df:6b:d3:4d:28:bc:bb:7e:65:
39:09:aa:e0:0a:79:46:41:24:15:40:43:68:6b:5a:
e3:99:42:56:9e:34:30:e1:91:84:0e:0e:53:eb:64:
bd:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:DA:C1:E9:6B:20:B6:D7:41:CF:CF:73:40:65:27:7C:76:4E:91:DD
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4800.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.50.64.0/21
36.50.120.0/23
36.50.126.0/23
36.50.136.0/23
36.50.242.0-36.50.247.255
103.1.156.0/23
103.7.194.0/23
103.8.64.0/22
103.8.184.0/22
103.8.192.0/22
103.9.140.0/23
103.12.206.0/23
103.12.224.0/22
103.13.4.0/23
103.39.198.0/23
103.40.0.0/23
103.42.246.0/23
103.43.56.0/21
103.44.8.0/22
103.44.92.0/22
103.44.152.0/22
103.55.248.0/22
103.60.92.0/22
103.65.120.0/21
103.101.40.0/23
103.101.164.0/23
103.102.48.0/23
103.102.54.0/23
103.103.4.0/23
103.103.216.0/23
103.104.8.0/23
103.106.12.0/23
103.108.80.0/23
103.108.84.0/23
103.142.104.0/23
103.149.24.0/23
103.152.80.0/23
103.168.122.0-103.168.133.255
103.168.136.0/23
103.169.16.0/20
103.175.210.0/23
103.183.60.0/23
103.183.186.0/23
103.187.150.0-103.187.157.255
103.187.184.0-103.187.189.255
103.187.218.0-103.187.221.255
103.187.234.0-103.187.237.255
103.188.32.0/21
103.190.222.0-103.190.225.255
103.191.0.0-103.191.13.255
103.200.204.0/22
103.203.68.0/22
103.203.204.0/22
103.252.86.0/23
103.253.164.0/23
103.254.124.0/23
113.192.32.0/21
210.87.94.0/23
210.87.102.0/23
IPv6:
2400:8000::/32
Signature Algorithm: sha256WithRSAEncryption
09:06:11:69:fd:da:63:1e:0b:80:de:07:df:42:8a:12:82:f9:
f1:94:da:b4:c5:93:91:bd:82:c0:5d:46:29:c5:aa:bf:80:1c:
df:ef:7c:e8:a2:d2:1a:17:3a:ce:f2:29:59:98:d0:21:c9:06:
aa:be:f9:e6:62:cf:93:10:a2:89:64:a0:b1:fe:dd:20:dd:0a:
93:d0:4b:35:c7:4c:86:01:04:20:23:6c:bb:73:2e:ee:95:29:
cd:14:76:df:96:b0:d8:5c:64:20:8c:c4:8a:61:87:f3:27:23:
62:e4:70:28:8f:0d:e8:bf:82:d0:71:7f:4d:0c:13:dd:41:6a:
d3:1f:9d:83:7d:00:14:31:73:20:dc:cd:d7:4b:d9:ab:42:84:
13:7a:32:a7:4f:af:04:2a:e7:24:e3:0a:ea:85:77:42:c4:24:
29:28:7d:f7:bb:1c:e0:5f:b1:0b:20:32:86:65:81:e4:60:0c:
fc:72:55:15:35:c0:f4:29:a9:82:55:fe:fc:4f:9a:3f:42:0b:
bb:e0:45:3c:54:60:03:6a:5a:b8:d3:79:27:8d:18:25:8c:75:
80:11:ee:a3:3a:a6:26:e1:ba:2e:0d:70:3f:47:29:11:d9:d4:
8b:80:30:dc:0e:be:39:07:e7:bc:1c:1a:2f:74:06:95:0d:15:
41:35:70:55
-----BEGIN CERTIFICATE-----
MIIGjzCCBXegAwIBAgIUEbWUSG/VrZiLfpCU1POmpu3g+WAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcxNzA2MjIwMFoX
DTI1MDcxNjA2MjcwMFowMzExMC8GA1UEAxMoRThEQUMxRTk2QjIwQjZENzQxQ0ZD
RjczNDA2NTI3N0M3NjRFOTFERDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmwpeZ5T8gGVQPg2lvqZetKJHlrE5sKll2ki/sVdI3qLNh2VTCODdlyFR6y
BOq9jcbJLIlLgv9WoRarW/slDYNsCMZAskMhPMMJpSSzgSoRoHFwOeirmP9vBYFB
Om/XFWNXgEeG7At9OvYm2FYq81NHQRUaeeQJV1X+eBfo945dwyE9ogda2Zha+N2l
uq76+y4crbp1LjYrrhrJ5nWgT9xazN+cgqg9jzZmzuOUVmXBbMp3V/FtERh4C982
/4+ohepcncTx/heaTWdbMr72l0Niy46Hd7LI32vTTSi8u35lOQmq4Ap5RkEkFUBD
aGta45lCVp40MOGRhA4OU+tkvb0CAwEAAaOCA4IwggN+MB0GA1UdDgQWBBTo2sHp
ayC210HPz3NAZSd8dk6R3TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzQ4MDAucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwggHRBggrBgEFBQcBBwEB/wSCAcAw
ggG8MIIBqQQCAAEwggGhAwQDJDJAAwQBJDJ4AwQBJDJ+AwQBJDKIMAwDBAEkMvID
BAMkMvADBAFnAZwDBAFnB8IDBAJnCEADBAJnCLgDBAJnCMADBAFnCYwDBAFnDM4D
BAJnDOADBAFnDQQDBAFnJ8YDBAFnKAADBAFnKvYDBANnKzgDBAJnLAgDBAJnLFwD
BAJnLJgDBAJnN/gDBAJnPFwDBANnQXgDBAFnZSgDBAFnZaQDBAFnZjADBAFnZjYD
BAFnZwQDBAFnZ9gDBAFnaAgDBAFnagwDBAFnbFADBAFnbFQDBAFnjmgDBAFnlRgD
BAFnmFAwDAMEAWeoegMEAWeohAMEAWeoiAMEBGepEAMEAWev0gMEAWe3PAMEAWe3
ujAMAwQBZ7uWAwQBZ7ucMAwDBANnu7gDBAFnu7wwDAMEAWe72gMEAWe73DAMAwQB
Z7vqAwQBZ7vsAwQDZ7wgMAwDBAFnvt4DBAFnvuAwCwMDAGe/AwQBZ78MAwQCZ8jM
AwQCZ8tEAwQCZ8vMAwQBZ/xWAwQBZ/2kAwQBZ/58AwQDccAgAwQB0ldeAwQB0ldm
MA0EAgACMAcDBQAkAIAAMA0GCSqGSIb3DQEBCwUAA4IBAQAJBhFp/dpjHguA3gff
QooSgvnxlNq0xZORvYLAXUYpxaq/gBzf73zootIaFzrO8ilZmNAhyQaqvvnmYs+T
EKKJZKCx/t0g3QqT0Es1x0yGAQQgI2y7cy7ulSnNFHbflrDYXGQgjMSKYYfzJyNi
5HAojw3ov4LQcX9NDBPdQWrTH52DfQAUMXMg3M3XS9mrQoQTejKnT68EKuck4wrq
hXdCxCQpKH33uxzgX7ELIDKGZYHkYAz8clUVNcD0KamCVf78T5o/Qgu74EU8VGAD
alq403knjRgljHWAEe6jOqYm4bouDXA/RykR2dSLgDDcDr45B+e8HBovdAaVDRVB
NXBV
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:50 2024 by rpki-client on console-ams.rpki-client.org