Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS55666.roa
File: AS55666.roa (raw, json)
Hash identifier: wBpVigy0EGl3J74Yu9TXCZc+y8kS+QVDJz9hUySHHv8=
Subject key identifier: DB:F2:ED:83:97:41:78:74:9D:51:2E:99:52:EC:40:77:6C:20:04:20
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 4D5756723BE2FD4D8C2D7E6EBA55D7384B1753BA
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS55666.roa
Signing time: Thu 01 Aug 2024 10:45:48 +0000
ROA not before: Thu 01 Aug 2024 10:40:48 +0000
ROA not after: Thu 31 Jul 2025 10:45:48 +0000
asID: 55666
IP address blocks: 43.245.184.0/22 maxlen: 24
103.4.52.0/23 maxlen: 24
103.4.54.0/24 maxlen: 24
103.31.224.0/22 maxlen: 24
202.46.148.0/22 maxlen: 24
2001:df1:e000::/48 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 25 Nov 2024 20:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:57:56:72:3b:e2:fd:4d:8c:2d:7e:6e:ba:55:d7:38:4b:17:53:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Aug 1 10:40:48 2024 GMT
Not After : Jul 31 10:45:48 2025 GMT
Subject: CN=DBF2ED83974178749D512E9952EC40776C200420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:1c:6a:c2:1a:37:fb:23:4d:d0:52:1c:39:0e:
be:31:b8:6e:a7:d5:23:6c:97:9f:de:b0:65:da:fb:
c8:71:9e:8d:5d:b5:cd:51:f1:02:d7:a9:5e:be:0c:
99:d1:89:08:6f:d9:83:85:e8:7c:08:af:1f:0a:50:
95:63:a1:a1:77:79:f3:e0:24:f5:6b:f4:09:1a:f2:
62:53:ce:7c:b5:4d:0c:a3:e8:0d:7c:41:26:51:99:
68:39:3a:a9:7d:c2:75:35:63:9e:31:1d:32:f9:80:
44:e6:af:da:64:4f:7c:20:5d:bb:ff:e7:4b:02:44:
c2:d9:c7:2a:6c:38:3a:21:8e:aa:48:95:68:96:96:
25:41:b8:99:62:8b:7e:41:16:35:bd:de:d2:de:87:
54:35:29:ff:f4:50:72:f2:39:e9:26:84:a7:7d:e7:
16:7b:78:ff:a0:a5:d8:b3:3a:ba:53:2a:57:9b:0d:
55:5e:b9:04:05:8c:c2:d0:38:c5:a3:0a:59:e8:89:
fd:65:e9:4a:b4:1e:cf:63:f5:30:e2:ce:a2:b3:69:
18:7e:8d:0c:fc:cd:b7:36:58:9e:b0:40:1b:ae:b9:
5d:23:33:23:c2:b3:7e:6d:62:3b:d3:3c:ed:e9:ab:
f6:3b:74:01:87:a7:70:48:64:89:4d:a0:48:51:70:
70:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F2:ED:83:97:41:78:74:9D:51:2E:99:52:EC:40:77:6C:20:04:20
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS55666.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.245.184.0/22
103.4.52.0-103.4.54.255
103.31.224.0/22
202.46.148.0/22
IPv6:
2001:df1:e000::/48
Signature Algorithm: sha256WithRSAEncryption
00:4f:45:65:50:46:fe:7b:f1:26:7d:a2:04:1e:39:ba:ff:17:
b2:ce:17:34:72:41:4d:6e:66:5f:de:74:d0:a1:c4:1c:4f:b8:
c8:f5:74:6b:c1:c1:45:a1:54:53:3d:6f:0f:de:90:99:9b:76:
b0:78:be:74:a4:7d:06:96:67:3e:70:4b:25:c4:7d:cd:0b:11:
b5:ed:13:86:aa:73:00:29:9b:6b:6a:48:a9:2f:e1:da:32:fe:
d3:c0:57:12:af:88:14:5b:04:90:66:8f:7f:a0:1c:3f:7b:bd:
4c:d2:97:2b:68:f6:1d:8d:40:92:8a:50:30:fa:00:dd:ce:72:
a3:fe:8f:d8:5b:82:31:c4:29:9b:34:04:58:72:a7:69:ae:68:
9f:9b:18:93:b5:b9:e7:89:ea:a0:41:80:d4:6f:18:f5:92:ea:
63:40:b0:8f:bd:2b:c1:06:dc:53:09:ee:a8:0a:ca:1a:59:e0:
fa:0f:2d:ef:5a:4a:18:ab:66:5d:bc:24:47:ca:23:e9:50:33:
87:52:9d:40:e4:0d:05:43:9e:f8:aa:56:af:29:75:5e:e4:63:
4d:6b:90:83:77:5d:43:e6:1e:17:cf:87:e8:7e:4e:8f:5d:7b:
46:f4:85:4e:57:e2:32:8e:64:9a:85:3c:e0:04:75:d3:70:2f:
4b:63:57:5c
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIUTVdWcjvi/U2MLX5uulXXOEsXU7owDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDgwMTEwNDA0OFoX
DTI1MDczMTEwNDU0OFowMzExMC8GA1UEAxMoREJGMkVEODM5NzQxNzg3NDlENTEy
RTk5NTJFQzQwNzc2QzIwMDQyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOkcasIaN/sjTdBSHDkOvjG4bqfVI2yXn96wZdr7yHGejV21zVHxAtepXr4M
mdGJCG/Zg4XofAivHwpQlWOhoXd58+Ak9Wv0CRryYlPOfLVNDKPoDXxBJlGZaDk6
qX3CdTVjnjEdMvmAROav2mRPfCBdu//nSwJEwtnHKmw4OiGOqkiVaJaWJUG4mWKL
fkEWNb3e0t6HVDUp//RQcvI56SaEp33nFnt4/6Cl2LM6ulMqV5sNVV65BAWMwtA4
xaMKWeiJ/WXpSrQez2P1MOLOorNpGH6NDPzNtzZYnrBAG665XSMzI8Kzfm1iO9M8
7emr9jt0AYencEhkiU2gSFFwcOMCAwEAAaOCAfowggH2MB0GA1UdDgQWBBTb8u2D
l0F4dJ1RLplS7EB3bCAEIDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzU1NjY2LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAm
BAIAATAgAwQCK/W4MAwDBAJnBDQDBABnBDYDBAJnH+ADBALKLpQwDwQCAAIwCQMH
ACABDfHgADANBgkqhkiG9w0BAQsFAAOCAQEAAE9FZVBG/nvxJn2iBB45uv8Xss4X
NHJBTW5mX9500KHEHE+4yPV0a8HBRaFUUz1vD96QmZt2sHi+dKR9BpZnPnBLJcR9
zQsRte0ThqpzACmba2pIqS/h2jL+08BXEq+IFFsEkGaPf6AcP3u9TNKXK2j2HY1A
kopQMPoA3c5yo/6P2FuCMcQpmzQEWHKnaa5on5sYk7W554nqoEGA1G8Y9ZLqY0Cw
j70rwQbcUwnuqArKGlng+g8t71pKGKtmXbwkR8oj6VAzh1KdQOQNBUOe+KpWryl1
XuRjTWuQg3ddQ+YeF8+H6H5Oj117RvSFTlfiMo5kmoU84AR103AvS2NXXA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:14:28 2024 by rpki-client on console-fra.rpki-client.org