Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS59272.roa
File: AS59272.roa (raw, json)
Hash identifier: SlA5om/xztyGNaj4HCS/K+HOVC9Sz6ADheHJgdNi3K0=
Subject key identifier: 56:D0:47:D0:5D:9C:F0:57:6B:84:99:05:3E:81:16:A5:9C:7F:B7:93
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 62F79A6521927D247684519D7B45975CA18B2018
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS59272.roa
Signing time: Tue 10 Dec 2024 04:00:00 +0000
ROA not before: Tue 10 Dec 2024 03:55:00 +0000
ROA not after: Tue 09 Dec 2025 04:00:00 +0000
asID: 59272
IP address blocks: 103.81.246.0/24 maxlen: 24
103.81.248.0/23 maxlen: 24
103.225.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 15:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:f7:9a:65:21:92:7d:24:76:84:51:9d:7b:45:97:5c:a1:8b:20:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Dec 10 03:55:00 2024 GMT
Not After : Dec 9 04:00:00 2025 GMT
Subject: CN=56D047D05D9CF0576B8499053E8116A59C7FB793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:76:29:a9:9d:be:ad:f9:f2:93:ce:3f:64:28:
3f:fa:b7:1b:ab:19:54:d1:93:f8:c0:f9:08:6e:59:
56:29:6d:02:89:76:81:bf:80:f8:47:e3:6f:a0:13:
6a:49:e7:63:a0:22:ca:93:9f:8c:04:79:91:80:cb:
72:9a:f3:17:d4:82:18:ae:4d:65:1a:bb:99:ef:61:
d9:53:88:1c:01:76:26:5c:aa:16:55:fb:91:8c:6d:
6a:ca:9c:3b:97:fa:c6:6c:53:9d:2a:64:69:34:5c:
51:94:97:a8:4b:58:f4:16:b5:57:ea:ef:24:50:d8:
c6:75:49:81:64:6b:ee:df:5f:e3:0e:e3:9e:06:b0:
3f:6a:82:9d:65:84:04:1d:b2:65:ef:2c:eb:de:cc:
bb:c1:44:e1:32:ed:96:ce:c0:ae:36:ca:5b:fe:11:
70:c6:da:89:ac:eb:b7:f8:b6:44:d3:78:06:27:1b:
40:91:5c:6c:da:9c:44:ad:67:ab:d9:83:41:9a:43:
e9:09:79:4e:6f:fa:f9:1c:ff:c5:0e:e2:63:3e:a6:
a1:d9:71:4f:91:1a:d6:49:09:88:70:d9:f8:49:eb:
92:f1:76:95:ca:70:4e:b6:01:9e:06:42:70:e1:79:
ad:70:44:ff:70:b8:da:9f:6d:8c:9f:c6:59:72:6b:
0b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:D0:47:D0:5D:9C:F0:57:6B:84:99:05:3E:81:16:A5:9C:7F:B7:93
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS59272.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.81.246.0/24
103.81.248.0/23
103.225.175.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:29:0e:10:3e:79:56:9a:3f:bc:89:a9:31:27:c5:e9:c8:2a:
ad:c0:7a:fe:f7:3c:fa:b8:86:d1:25:b3:75:56:c8:32:b7:cf:
2b:20:02:54:0d:a1:53:f5:c3:3a:38:7c:52:55:38:1f:63:ef:
69:a7:da:70:06:e4:ad:07:1b:e9:bc:67:22:32:e9:e1:1c:40:
18:fa:40:b2:59:a3:ea:aa:2d:52:76:6a:0b:0d:fa:ab:84:b1:
7c:c6:90:5d:48:e2:ef:19:86:91:f0:08:95:b6:50:e7:fa:19:
58:e1:2e:2c:1a:22:24:85:1a:68:d2:38:bb:70:0a:6c:97:5b:
d6:c0:18:72:59:12:51:a6:27:f5:ab:ee:59:d3:10:92:7e:72:
ba:b2:c7:80:74:ca:e9:de:bf:36:c3:ec:73:e8:1d:8d:8d:33:
8f:f3:0b:f4:6b:ec:d5:5e:6e:4a:14:08:d1:d4:9a:08:56:b4:
07:a0:4c:8b:e4:47:86:84:e7:26:64:9f:8d:20:fc:72:e5:b3:
65:76:6f:82:db:be:0a:3a:b9:d8:0e:5b:f3:4b:27:d0:db:b7:
a5:4d:91:b2:fb:1a:35:34:e7:54:d7:fd:ba:fc:00:e8:ac:6d:
ca:80:00:a3:e2:7b:a2:d7:e7:ec:c8:9c:cf:5d:98:75:99:44:
e3:6f:f9:f3
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUYveaZSGSfSR2hFGde0WXXKGLIBgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDAzNTUwMFoX
DTI1MTIwOTA0MDAwMFowMzExMC8GA1UEAxMoNTZEMDQ3RDA1RDlDRjA1NzZCODQ5
OTA1M0U4MTE2QTU5QzdGQjc5MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKl2Kamdvq358pPOP2QoP/q3G6sZVNGT+MD5CG5ZViltAol2gb+A+Efjb6AT
aknnY6AiypOfjAR5kYDLcprzF9SCGK5NZRq7me9h2VOIHAF2JlyqFlX7kYxtasqc
O5f6xmxTnSpkaTRcUZSXqEtY9Ba1V+rvJFDYxnVJgWRr7t9f4w7jngawP2qCnWWE
BB2yZe8s697Mu8FE4TLtls7ArjbKW/4RcMbaiazrt/i2RNN4BicbQJFcbNqcRK1n
q9mDQZpD6Ql5Tm/6+Rz/xQ7iYz6modlxT5Ea1kkJiHDZ+EnrkvF2lcpwTrYBngZC
cOF5rXBE/3C42p9tjJ/GWXJrCzECAwEAAaOCAdswggHXMB0GA1UdDgQWBBRW0EfQ
XZzwV2uEmQU+gRalnH+3kzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzU5MjcyLnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAY
BAIAATASAwQAZ1H2AwQBZ1H4AwQAZ+GvMA0GCSqGSIb3DQEBCwUAA4IBAQBPKQ4Q
PnlWmj+8iakxJ8XpyCqtwHr+9zz6uIbRJbN1Vsgyt88rIAJUDaFT9cM6OHxSVTgf
Y+9pp9pwBuStBxvpvGciMunhHEAY+kCyWaPqqi1SdmoLDfqrhLF8xpBdSOLvGYaR
8AiVtlDn+hlY4S4sGiIkhRpo0ji7cApsl1vWwBhyWRJRpif1q+5Z0xCSfnK6sseA
dMrp3r82w+xz6B2NjTOP8wv0a+zVXm5KFAjR1JoIVrQHoEyL5EeGhOcmZJ+NIPxy
5bNldm+C274KOrnYDlvzSyfQ27elTZGy+xo1NOdU1/26/ADorG3KgACj4nui1+fs
yJzPXZh1mUTjb/nz
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:38:14 2025 by rpki-client