Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58389.roa
File: AS58389.roa (raw, json)
Hash identifier: RPHB1FAiT0OBp4Wix3NDSmra0vsKXACtNZktvabwSTo=
Subject key identifier: AA:D4:AB:17:A6:DA:94:A3:D8:E5:4C:36:85:0A:87:4A:6E:9C:4C:DA
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 68491D2260FF66DE19A540D874997FF608A9A429
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58389.roa
Signing time: Mon 09 Mar 2026 02:27:02 +0000
ROA not before: Mon 09 Mar 2026 02:22:02 +0000
ROA not after: Mon 08 Mar 2027 02:27:02 +0000
asID: 58389
IP address blocks: 43.240.229.0/24 maxlen: 24
103.11.28.0/24 maxlen: 24
103.11.29.0/24 maxlen: 24
103.11.30.0/24 maxlen: 24
103.11.31.0/24 maxlen: 24
103.143.222.0/23 maxlen: 24
114.198.240.0/21 maxlen: 24
114.198.243.0/24 maxlen: 24
116.68.164.0/24 maxlen: 24
116.68.165.0/24 maxlen: 24
116.68.167.0/24 maxlen: 24
202.47.182.0/24 maxlen: 24
202.47.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 18 Mar 2026 10:39:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:49:1d:22:60:ff:66:de:19:a5:40:d8:74:99:7f:f6:08:a9:a4:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Mar 9 02:22:02 2026 GMT
Not After : Mar 8 02:27:02 2027 GMT
Subject: CN=AAD4AB17A6DA94A3D8E54C36850A874A6E9C4CDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:86:da:02:17:95:af:98:7c:9c:52:ab:dd:79:
29:03:97:a0:4e:ab:c3:d7:21:d4:38:5b:38:45:2c:
81:ba:94:86:27:cd:0f:a5:86:a2:77:d4:fb:00:06:
f1:c5:8a:57:a6:46:33:1c:58:ff:17:81:05:f1:a5:
17:3b:c6:9d:af:11:e2:0e:cb:b9:86:e3:12:9f:23:
4c:f4:ab:1e:c3:cb:3d:ec:1a:5e:58:54:75:6b:e1:
22:c9:d0:19:ce:14:af:d3:72:87:99:41:03:ac:e7:
34:c3:0c:34:33:79:24:ec:f3:51:67:ad:93:3b:2d:
b5:6a:73:72:29:17:b2:ab:8e:5e:bd:b5:a3:90:93:
89:51:ba:c1:59:52:c3:93:88:6c:93:1e:85:f1:d1:
aa:bf:83:33:4d:3c:d3:17:3e:51:31:4a:80:50:a5:
0a:6f:f5:1f:8e:a5:04:93:e6:b3:e4:32:d0:96:56:
fa:ed:8b:c3:3c:27:e6:44:ab:1c:72:a9:62:a0:cd:
a6:55:c2:77:01:a4:e7:8f:a1:02:07:9b:ef:6e:35:
e1:87:af:94:19:c2:2c:6f:c4:1c:23:ee:64:ba:25:
e5:a9:9b:0a:30:49:85:ea:d1:72:73:3b:1f:f9:28:
a3:84:91:ad:db:89:13:72:34:1e:f5:2c:96:17:00:
f3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D4:AB:17:A6:DA:94:A3:D8:E5:4C:36:85:0A:87:4A:6E:9C:4C:DA
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58389.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.229.0/24
103.11.28.0/22
103.143.222.0/23
114.198.240.0/21
116.68.164.0/23
116.68.167.0/24
202.47.182.0/23
Signature Algorithm: sha256WithRSAEncryption
77:a4:4e:10:8a:60:d8:bc:8b:b2:67:e9:9a:ac:62:14:45:1f:
d6:24:e2:55:c3:2c:47:a2:78:20:b3:b9:ae:a0:b2:75:0f:4e:
d2:0d:74:de:6c:bd:9d:aa:3c:0e:26:ba:ec:7f:37:d8:95:a7:
ad:ae:74:b8:7b:96:b9:f1:1b:8f:41:d7:f6:2b:01:77:b5:79:
d0:73:dd:69:70:c1:0f:93:0d:80:fd:33:e8:cf:ec:3f:d8:7d:
7a:c7:6d:fc:79:1f:7c:70:e2:37:19:34:58:df:d6:48:8d:de:
cc:4d:ea:f8:78:94:be:29:d0:c6:18:8b:79:14:26:40:50:41:
b2:da:70:ef:0d:dd:dd:48:96:db:b1:b9:33:c4:80:30:fa:4b:
fa:57:15:e6:e6:66:59:14:b8:ec:2c:06:b4:fa:c4:7a:a0:7b:
b4:db:dd:bf:4e:64:7e:51:25:f1:28:f3:f3:2c:6a:60:2a:e7:
d1:da:af:64:8b:31:5c:f6:70:92:92:89:3c:1f:2d:46:40:77:
79:73:a5:1c:81:f5:8d:73:0a:51:74:53:c8:02:04:aa:09:37:
8a:6a:a1:fb:27:49:75:22:97:a3:66:b2:ff:26:ad:79:b4:2c:
b7:e0:83:97:82:92:32:64:c9:7d:64:d9:54:35:56:51:74:af:
26:5f:53:47
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUaEkdImD/Zt4ZpUDYdJl/9gippCkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDMwOTAyMjIwMloX
DTI3MDMwODAyMjcwMlowMzExMC8GA1UEAxMoQUFENEFCMTdBNkRBOTRBM0Q4RTU0
QzM2ODUwQTg3NEE2RTlDNENEQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJSG2gIXla+YfJxSq915KQOXoE6rw9ch1DhbOEUsgbqUhifND6WGonfU+wAG
8cWKV6ZGMxxY/xeBBfGlFzvGna8R4g7LuYbjEp8jTPSrHsPLPewaXlhUdWvhIsnQ
Gc4Ur9Nyh5lBA6znNMMMNDN5JOzzUWetkzsttWpzcikXsquOXr21o5CTiVG6wVlS
w5OIbJMehfHRqr+DM0080xc+UTFKgFClCm/1H46lBJPms+Qy0JZW+u2Lwzwn5kSr
HHKpYqDNplXCdwGk54+hAgeb72414YevlBnCLG/EHCPuZLol5ambCjBJherRcnM7
H/koo4SRrduJE3I0HvUslhcA8xsCAwEAAaOCAfMwggHvMB0GA1UdDgQWBBSq1KsX
ptqUo9jlTDaFCodKbpxM2jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzU4Mzg5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAw
BAIAATAqAwQAK/DlAwQCZwscAwQBZ4/eAwQDcsbwAwQBdESkAwQAdESnAwQByi+2
MA0GCSqGSIb3DQEBCwUAA4IBAQB3pE4QimDYvIuyZ+marGIURR/WJOJVwyxHongg
s7muoLJ1D07SDXTebL2dqjwOJrrsfzfYlaetrnS4e5a58RuPQdf2KwF3tXnQc91p
cMEPkw2A/TPoz+w/2H16x238eR98cOI3GTRY39ZIjd7MTer4eJS+KdDGGIt5FCZA
UEGy2nDvDd3dSJbbsbkzxIAw+kv6VxXm5mZZFLjsLAa0+sR6oHu0292/TmR+USXx
KPPzLGpgKufR2q9kizFc9nCSkok8Hy1GQHd5c6UcgfWNcwpRdFPIAgSqCTeKaqH7
J0l1IpejZrL/Jq15tCy34IOXgpIyZMl9ZNlUNVZRdK8mX1NH
-----END CERTIFICATE-----
Generated at Mon Mar 16 01:10:32 2026 by rpki-client