Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58369.roa
File: AS58369.roa (raw, json)
Hash identifier: 70scDpOhheAQBvIFPrOG7htGUPZSGg1lw9rJ0wQ8Z5s=
Subject key identifier: 3C:3E:00:19:31:A9:5C:70:BD:E3:AE:8C:4E:E3:B4:70:9F:0E:65:2C
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 3DD1415589F11AE1E19DD42BCD92ACA55A596F4D
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58369.roa
Signing time: Tue 09 Jan 2024 03:47:14 +0000
ROA not before: Tue 09 Jan 2024 03:42:14 +0000
ROA not after: Tue 07 Jan 2025 03:47:14 +0000
asID: 58369
IP address blocks: 103.18.46.0/23 maxlen: 24
103.41.250.0/23 maxlen: 24
103.75.64.0/23 maxlen: 24
103.130.182.0/23 maxlen: 24
103.132.200.0/23 maxlen: 24
103.144.21.0/24 maxlen: 24
103.144.126.0/23 maxlen: 24
103.144.212.0/23 maxlen: 24
103.148.232.0/23 maxlen: 24
103.151.14.0/23 maxlen: 24
103.153.186.0/23 maxlen: 24
103.156.216.0/23 maxlen: 24
103.157.80.0/23 maxlen: 24
103.157.82.0/23 maxlen: 24
103.159.220.0/23 maxlen: 24
103.165.244.0/23 maxlen: 24
103.166.210.0/23 maxlen: 24
103.167.12.0/23 maxlen: 24
103.167.108.0/23 maxlen: 23
103.167.108.0/24 maxlen: 24
103.167.109.0/24 maxlen: 24
103.168.168.0/23 maxlen: 24
103.172.246.0/23 maxlen: 24
103.172.248.0/23 maxlen: 24
103.173.76.0/23 maxlen: 24
103.179.138.0/23 maxlen: 24
103.188.170.0/23 maxlen: 24
115.187.30.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 04 May 2024 13:28:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:d1:41:55:89:f1:1a:e1:e1:9d:d4:2b:cd:92:ac:a5:5a:59:6f:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Jan 9 03:42:14 2024 GMT
Not After : Jan 7 03:47:14 2025 GMT
Subject: CN=3C3E001931A95C70BDE3AE8C4EE3B4709F0E652C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a5:b8:12:47:5a:52:c3:b7:0a:05:d2:cb:40:
e0:3c:8c:1a:f1:09:a2:d9:79:9b:48:db:15:e1:cc:
fd:52:37:6e:ea:87:9f:84:aa:13:ab:e5:45:8a:0c:
5c:5c:54:03:2c:1e:f4:cb:85:0d:2e:86:fb:e7:67:
1e:d2:18:8c:a2:0e:2a:e1:8d:16:25:e8:05:f1:6b:
71:a6:d2:d0:76:49:29:7f:d9:68:b5:6f:04:39:d2:
9b:a1:50:75:e1:c5:ce:2c:36:18:28:55:97:37:c2:
0f:10:14:a4:d9:42:6a:17:86:3f:1c:c4:fa:9a:c3:
d1:96:3a:b9:e3:bb:f2:25:32:1e:4d:fd:c6:91:98:
8d:36:ab:d0:73:92:c6:cc:af:8d:2a:da:80:ec:a7:
a0:7d:b9:ed:c6:8b:4d:4d:06:ff:86:37:0e:0b:bd:
d0:9a:94:49:cd:97:e9:a5:35:d1:fc:84:8f:99:ad:
a2:b0:03:c6:d6:ba:bc:2a:a0:e8:dc:fe:a9:c0:01:
9c:79:c9:e9:fd:02:ac:b0:a8:41:d3:f5:3b:19:c5:
7a:2c:40:1a:86:63:40:bf:8e:f3:f9:c8:67:9f:b7:
1e:ce:4f:0b:cb:79:14:c8:a1:13:ae:fd:52:ca:61:
d6:b5:da:5a:85:1e:b5:ee:fb:71:b6:19:2b:f6:74:
99:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3E:00:19:31:A9:5C:70:BD:E3:AE:8C:4E:E3:B4:70:9F:0E:65:2C
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58369.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.18.46.0/23
103.41.250.0/23
103.75.64.0/23
103.130.182.0/23
103.132.200.0/23
103.144.21.0/24
103.144.126.0/23
103.144.212.0/23
103.148.232.0/23
103.151.14.0/23
103.153.186.0/23
103.156.216.0/23
103.157.80.0/22
103.159.220.0/23
103.165.244.0/23
103.166.210.0/23
103.167.12.0/23
103.167.108.0/23
103.168.168.0/23
103.172.246.0-103.172.249.255
103.173.76.0/23
103.179.138.0/23
103.188.170.0/23
115.187.30.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:98:c4:36:5f:54:77:34:96:03:e9:b3:ec:4e:82:27:e8:b3:
05:13:fb:e8:b6:db:da:47:58:7b:be:7b:9b:1c:83:a2:9d:aa:
e5:db:be:1f:b1:8a:7c:89:a4:df:53:c9:3a:22:33:3c:27:c3:
9b:c9:de:8d:bc:07:53:ae:c1:7d:61:94:d9:eb:fe:73:9d:67:
eb:6f:1a:82:ed:b3:c7:82:ba:19:8e:5f:b5:18:72:77:2e:59:
42:b6:bf:4c:8c:3c:1c:1e:60:47:fa:8f:c3:1a:54:31:b8:74:
f9:19:7c:37:b5:bd:ad:e6:0a:35:cf:c4:19:c4:77:97:f5:89:
2c:8a:ec:71:8a:39:b3:ac:63:23:11:43:09:bb:b0:09:d8:71:
b4:c5:46:9e:1e:4f:44:a8:21:a7:1b:5f:e5:14:3b:a1:a6:f9:
85:3d:9c:7a:9a:ba:39:03:4d:1d:d6:5c:5c:70:27:a3:57:7b:
1c:3e:8f:ed:36:d6:62:65:ae:88:54:54:26:de:c6:13:30:da:
bb:85:38:86:cb:bf:4b:41:83:a6:70:ca:3b:0a:2f:27:2c:5b:
bf:d1:f0:d1:f5:7c:8b:d7:6f:62:40:4b:17:6d:2b:c5:8a:2f:
a2:65:c4:e4:2d:a1:3b:c4:18:51:dc:84:c2:3a:8f:5a:37:23:
c0:68:d7:75
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIUPdFBVYnxGuHhndQrzZKspVpZb00wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNDIxNFoX
DTI1MDEwNzAzNDcxNFowMzExMC8GA1UEAxMoM0MzRTAwMTkzMUE5NUM3MEJERTNB
RThDNEVFM0I0NzA5RjBFNjUyQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmluBJHWlLDtwoF0stA4DyMGvEJotl5m0jbFeHM/VI3buqHn4SqE6vlRYoM
XFxUAywe9MuFDS6G++dnHtIYjKIOKuGNFiXoBfFrcabS0HZJKX/ZaLVvBDnSm6FQ
deHFziw2GChVlzfCDxAUpNlCaheGPxzE+prD0ZY6ueO78iUyHk39xpGYjTar0HOS
xsyvjSragOynoH257caLTU0G/4Y3Dgu90JqUSc2X6aU10fyEj5mtorADxta6vCqg
6Nz+qcABnHnJ6f0CrLCoQdP1OxnFeixAGoZjQL+O8/nIZ5+3Hs5PC8t5FMihE679
Usph1rXaWoUete77cbYZK/Z0mYkCAwEAAaOCAmYwggJiMB0GA1UdDgQWBBQ8PgAZ
MalccL3jroxO47Rwnw5lLDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzU4MzY5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCB
ojCBnwQCAAEwgZgDBAFnEi4DBAFnKfoDBAFnS0ADBAFngrYDBAFnhMgDBABnkBUD
BAFnkH4DBAFnkNQDBAFnlOgDBAFnlw4DBAFnmboDBAFnnNgDBAJnnVADBAFnn9wD
BAFnpfQDBAFnptIDBAFnpwwDBAFnp2wDBAFnqKgwDAMEAWes9gMEAWes+AMEAWet
TAMEAWezigMEAWe8qgMEAXO7HjANBgkqhkiG9w0BAQsFAAOCAQEAipjENl9UdzSW
A+mz7E6CJ+izBRP76Lbb2kdYe757mxyDop2q5du+H7GKfImk31PJOiIzPCfDm8ne
jbwHU67BfWGU2ev+c51n628agu2zx4K6GY5ftRhydy5ZQra/TIw8HB5gR/qPwxpU
Mbh0+Rl8N7W9reYKNc/EGcR3l/WJLIrscYo5s6xjIxFDCbuwCdhxtMVGnh5PRKgh
pxtf5RQ7oab5hT2cepq6OQNNHdZcXHAno1d7HD6P7TbWYmWuiFRUJt7GEzDau4U4
hsu/S0GDpnDKOwovJyxbv9Hw0fV8i9dvYkBLF20rxYovomXE5C2hO8QYUdyEwjqP
WjcjwGjXdQ==
-----END CERTIFICATE-----
Generated at Wed May 1 05:56:51 2024 by rpki-client on console-fra.rpki-client.org