Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58369.roa
File: AS58369.roa (raw, json)
Hash identifier: mwu4pwI47Q7we5cyb6E+c/LkI4P2MdFbIRQefzwmjqI=
Subject key identifier: 1B:20:47:E2:9C:68:E6:03:A8:EF:AC:AB:62:92:7C:04:D6:10:67:EE
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 3DAFB7E5D64E57D31290E42ACC87EE1CE6C752D8
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58369.roa
Signing time: Wed 17 Jul 2024 06:27:00 +0000
ROA not before: Wed 17 Jul 2024 06:22:00 +0000
ROA not after: Wed 16 Jul 2025 06:27:00 +0000
asID: 58369
IP address blocks: 103.18.46.0/23 maxlen: 24
103.41.250.0/23 maxlen: 24
103.75.64.0/23 maxlen: 24
103.130.182.0/23 maxlen: 24
103.132.200.0/23 maxlen: 24
103.144.21.0/24 maxlen: 24
103.144.126.0/23 maxlen: 24
103.144.212.0/23 maxlen: 24
103.148.232.0/23 maxlen: 24
103.151.14.0/23 maxlen: 24
103.153.186.0/23 maxlen: 24
103.156.216.0/23 maxlen: 24
103.157.82.0/23 maxlen: 24
103.159.220.0/23 maxlen: 24
103.165.244.0/23 maxlen: 24
103.166.210.0/23 maxlen: 24
103.167.12.0/23 maxlen: 24
103.167.108.0/23 maxlen: 24
103.167.108.0/24 maxlen: 24
103.167.109.0/24 maxlen: 24
103.168.168.0/23 maxlen: 24
103.172.246.0/23 maxlen: 24
103.172.248.0/23 maxlen: 24
103.173.76.0/23 maxlen: 24
103.179.138.0/23 maxlen: 24
103.188.170.0/23 maxlen: 24
103.224.73.0/24 maxlen: 24
115.187.30.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 19 Feb 2025 06:34:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:af:b7:e5:d6:4e:57:d3:12:90:e4:2a:cc:87:ee:1c:e6:c7:52:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Jul 17 06:22:00 2024 GMT
Not After : Jul 16 06:27:00 2025 GMT
Subject: CN=1B2047E29C68E603A8EFACAB62927C04D61067EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:93:7d:af:23:a1:07:b3:5b:f4:f2:38:9b:b6:
dd:de:25:93:db:e5:7c:e4:f0:14:e9:40:1c:c1:29:
a8:54:07:d1:1b:55:35:99:15:f7:80:b1:89:fe:86:
88:1c:14:4d:85:23:03:07:22:14:b3:bd:c1:db:00:
47:29:45:84:17:fb:b3:12:1f:8e:56:92:f2:3d:0b:
59:61:cc:78:3e:65:2b:8f:ed:e9:dc:f3:1b:9c:ea:
88:de:74:3d:c4:e5:14:16:08:9d:ba:86:7b:43:46:
5e:8d:49:d2:a8:fa:81:f7:9a:d9:fa:66:da:ff:cd:
74:7e:a7:2b:c0:22:ef:6d:92:29:3b:b9:8d:bb:f6:
d7:05:b8:29:ae:29:e0:2f:ce:ac:e7:56:09:57:b9:
71:41:66:2c:f7:5d:95:47:ce:6f:8a:41:92:bc:04:
67:0d:30:2b:d0:12:bf:84:05:b8:9d:48:d7:c5:f6:
56:ab:31:06:7b:ab:4a:31:07:47:95:1f:d0:a7:4a:
82:03:8d:f0:7a:6b:ef:30:9e:85:cc:2d:00:20:f6:
82:9b:a0:0c:1a:66:12:7c:fa:00:17:58:2b:8c:9b:
27:aa:bb:ec:d9:12:43:a6:a8:78:be:e5:9f:04:4e:
71:e4:a8:bd:2c:06:2a:a1:5b:52:90:c8:64:28:ed:
16:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:20:47:E2:9C:68:E6:03:A8:EF:AC:AB:62:92:7C:04:D6:10:67:EE
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58369.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.18.46.0/23
103.41.250.0/23
103.75.64.0/23
103.130.182.0/23
103.132.200.0/23
103.144.21.0/24
103.144.126.0/23
103.144.212.0/23
103.148.232.0/23
103.151.14.0/23
103.153.186.0/23
103.156.216.0/23
103.157.82.0/23
103.159.220.0/23
103.165.244.0/23
103.166.210.0/23
103.167.12.0/23
103.167.108.0/23
103.168.168.0/23
103.172.246.0-103.172.249.255
103.173.76.0/23
103.179.138.0/23
103.188.170.0/23
103.224.73.0/24
115.187.30.0/23
Signature Algorithm: sha256WithRSAEncryption
15:e2:ca:7a:d5:0a:c3:08:8c:ca:07:f1:b6:bc:c8:a2:f7:2b:
10:b7:63:17:39:a6:5e:f2:dd:f3:23:44:a4:01:ff:e4:56:0c:
31:dc:27:6c:2a:29:be:9b:b9:86:62:61:f3:3d:c6:c7:7d:79:
b5:65:78:6b:df:0b:5d:85:cd:72:97:2e:64:28:b4:a0:aa:2b:
ce:c7:03:55:a2:29:b9:32:6d:d5:55:5d:13:5b:13:3f:9d:8b:
86:d2:f5:1a:4f:97:d1:94:34:6f:57:48:1d:38:fe:5d:80:95:
99:6a:ae:11:4e:89:07:cd:ed:dd:1f:7b:2d:e4:b6:82:8e:06:
a1:1a:08:7a:bc:6f:65:6c:8d:84:08:78:63:10:cf:a7:b2:c9:
3b:8a:97:b2:fb:3c:b7:80:8f:91:0f:a6:5a:90:39:88:dc:33:
53:bc:b0:51:c4:91:7f:19:46:69:f6:6a:ab:f2:d0:c2:47:53:
f1:2b:61:6d:e5:9b:a2:e7:ff:ce:97:28:76:46:10:fb:68:10:
38:e5:c4:35:d8:f9:df:87:a5:36:1d:b3:f7:82:89:5a:77:e6:
fb:f1:eb:6b:54:f4:38:fc:cb:4f:a6:c9:80:4e:b5:c1:0f:a6:
0b:b2:88:b1:3e:34:42:11:84:cf:ff:86:bc:fc:c4:51:29:67:
3f:5c:26:c1
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUPa+35dZOV9MSkOQqzIfuHObHUtgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcxNzA2MjIwMFoX
DTI1MDcxNjA2MjcwMFowMzExMC8GA1UEAxMoMUIyMDQ3RTI5QzY4RTYwM0E4RUZB
Q0FCNjI5MjdDMDRENjEwNjdFRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+Tfa8joQezW/TyOJu23d4lk9vlfOTwFOlAHMEpqFQH0RtVNZkV94Cxif6G
iBwUTYUjAwciFLO9wdsARylFhBf7sxIfjlaS8j0LWWHMeD5lK4/t6dzzG5zqiN50
PcTlFBYInbqGe0NGXo1J0qj6gfea2fpm2v/NdH6nK8Ai722SKTu5jbv21wW4Ka4p
4C/OrOdWCVe5cUFmLPddlUfOb4pBkrwEZw0wK9ASv4QFuJ1I18X2VqsxBnurSjEH
R5Uf0KdKggON8Hpr7zCehcwtACD2gpugDBpmEnz6ABdYK4ybJ6q77NkSQ6aoeL7l
nwROceSovSwGKqFbUpDIZCjtFp8CAwEAAaOCAmwwggJoMB0GA1UdDgQWBBQbIEfi
nGjmA6jvrKtiknwE1hBn7jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzU4MzY5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCB
qDCBpQQCAAEwgZ4DBAFnEi4DBAFnKfoDBAFnS0ADBAFngrYDBAFnhMgDBABnkBUD
BAFnkH4DBAFnkNQDBAFnlOgDBAFnlw4DBAFnmboDBAFnnNgDBAFnnVIDBAFnn9wD
BAFnpfQDBAFnptIDBAFnpwwDBAFnp2wDBAFnqKgwDAMEAWes9gMEAWes+AMEAWet
TAMEAWezigMEAWe8qgMEAGfgSQMEAXO7HjANBgkqhkiG9w0BAQsFAAOCAQEAFeLK
etUKwwiMygfxtrzIovcrELdjFzmmXvLd8yNEpAH/5FYMMdwnbCopvpu5hmJh8z3G
x315tWV4a98LXYXNcpcuZCi0oKorzscDVaIpuTJt1VVdE1sTP52LhtL1Gk+X0ZQ0
b1dIHTj+XYCVmWquEU6JB83t3R97LeS2go4GoRoIerxvZWyNhAh4YxDPp7LJO4qX
svs8t4CPkQ+mWpA5iNwzU7ywUcSRfxlGafZqq/LQwkdT8SthbeWbouf/zpcodkYQ
+2gQOOXENdj534elNh2z94KJWnfm+/Hra1T0OPzLT6bJgE61wQ+mC7KIsT40QhGE
z/+GvPzEUSlnP1wmwQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:45:27 2025 by rpki-client