Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63859.roa
File: AS63859.roa (raw, json)
Hash identifier: RCREHdKjH0ozOdGCas2X1F18wxJ4aP83fAhv19uaVI4=
Subject key identifier: C5:CB:F8:74:9A:AC:F0:3E:02:30:E5:AA:4B:D7:BC:D8:67:D7:5B:CE
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 324AFBE68C8694D3F091730C8F118CD66B7B19BC
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63859.roa
Signing time: Wed 17 Jul 2024 06:27:01 +0000
ROA not before: Wed 17 Jul 2024 06:22:01 +0000
ROA not after: Wed 16 Jul 2025 06:27:01 +0000
asID: 63859
IP address blocks: 36.50.112.0/23 maxlen: 24
36.50.114.0/23 maxlen: 24
36.50.138.0/23 maxlen: 24
36.50.142.0/23 maxlen: 24
36.50.150.0/23 maxlen: 24
103.119.48.0/22 maxlen: 24
103.119.52.0/22 maxlen: 24
103.119.60.0/22 maxlen: 24
103.119.64.0/22 maxlen: 24
103.120.168.0/22 maxlen: 24
103.120.172.0/22 maxlen: 24
103.121.16.0/22 maxlen: 24
103.121.20.0/22 maxlen: 24
103.125.36.0/22 maxlen: 24
103.125.40.0/22 maxlen: 24
103.125.48.0/22 maxlen: 24
103.125.56.0/22 maxlen: 24
103.129.16.0/23 maxlen: 24
103.129.92.0/22 maxlen: 24
103.129.150.0/23 maxlen: 24
103.129.172.0/23 maxlen: 24
103.129.174.0/23 maxlen: 24
103.130.16.0/23 maxlen: 24
103.130.18.0/23 maxlen: 24
103.130.128.0/22 maxlen: 24
103.130.164.0/22 maxlen: 24
103.156.112.0/23 maxlen: 24
103.156.114.0/23 maxlen: 24
103.156.118.0/23 maxlen: 24
103.156.160.0/23 maxlen: 24
103.156.164.0/23 maxlen: 24
103.156.218.0/23 maxlen: 24
103.157.48.0/23 maxlen: 24
103.157.58.0/23 maxlen: 24
103.157.60.0/23 maxlen: 24
103.171.146.0/23 maxlen: 24
103.171.148.0/23 maxlen: 24
103.171.150.0/23 maxlen: 24
103.171.152.0/23 maxlen: 24
103.171.154.0/23 maxlen: 24
103.171.156.0/23 maxlen: 24
103.171.158.0/23 maxlen: 24
103.171.160.0/23 maxlen: 24
103.171.162.0/23 maxlen: 24
103.171.164.0/23 maxlen: 24
103.175.222.0/23 maxlen: 24
103.175.224.0/23 maxlen: 24
103.175.226.0/23 maxlen: 24
103.175.228.0/23 maxlen: 24
103.175.230.0/23 maxlen: 24
210.87.88.0/23 maxlen: 24
210.87.90.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 25 Nov 2024 20:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:4a:fb:e6:8c:86:94:d3:f0:91:73:0c:8f:11:8c:d6:6b:7b:19:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Jul 17 06:22:01 2024 GMT
Not After : Jul 16 06:27:01 2025 GMT
Subject: CN=C5CBF8749AACF03E0230E5AA4BD7BCD867D75BCE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9b:d0:b4:76:b1:7d:f3:cb:43:9a:10:e8:eb:
50:c5:78:a9:cb:95:b5:c0:c8:ae:1d:9d:ca:9a:46:
c0:63:c5:6d:7c:b9:f7:a4:ef:f5:69:5e:9b:fe:29:
80:e8:52:15:10:5b:2b:65:67:eb:bf:f4:b8:35:5b:
4f:ff:44:ab:b9:a3:d3:7e:63:ca:24:8e:13:2f:76:
8e:85:4f:e2:e8:85:fd:0b:fa:fc:ea:b0:ee:f8:43:
ce:1c:d0:96:de:9a:fc:8f:50:ca:7e:99:79:72:75:
9c:29:05:2a:a3:0d:2a:98:14:35:2d:3a:56:8b:25:
e2:6d:84:7c:3f:77:62:f9:e6:40:e8:0e:6a:d2:f4:
45:ce:aa:ac:4e:18:f5:6c:8a:14:1f:9f:04:66:14:
69:06:3e:90:0b:ce:8e:d3:75:c6:05:6a:c6:9e:aa:
c4:12:e0:c0:84:df:9f:40:30:6d:4a:bd:96:b7:44:
86:95:bd:ad:68:96:a2:d0:4d:7c:83:73:fe:ab:9c:
12:c9:b4:8e:60:3d:8a:20:b1:c1:3b:c1:65:8e:0e:
6a:28:85:7a:55:db:76:c0:f3:1e:ab:de:f8:03:a3:
b9:fa:60:7e:c5:80:36:6c:a9:fa:c1:a1:f5:62:b9:
97:2b:12:0f:06:04:b7:1e:a7:98:94:51:a1:d6:87:
a8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:CB:F8:74:9A:AC:F0:3E:02:30:E5:AA:4B:D7:BC:D8:67:D7:5B:CE
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.50.112.0/22
36.50.138.0/23
36.50.142.0/23
36.50.150.0/23
103.119.48.0/21
103.119.60.0-103.119.67.255
103.120.168.0/21
103.121.16.0/21
103.125.36.0-103.125.43.255
103.125.48.0/22
103.125.56.0/22
103.129.16.0/23
103.129.92.0/22
103.129.150.0/23
103.129.172.0/22
103.130.16.0/22
103.130.128.0/22
103.130.164.0/22
103.156.112.0/22
103.156.118.0/23
103.156.160.0/23
103.156.164.0/23
103.156.218.0/23
103.157.48.0/23
103.157.58.0-103.157.61.255
103.171.146.0-103.171.165.255
103.175.222.0-103.175.231.255
210.87.88.0/22
Signature Algorithm: sha256WithRSAEncryption
39:da:6f:a6:71:a5:90:68:ad:dd:5a:12:3e:6b:7d:ce:0f:ba:
27:b7:7b:83:75:41:4e:a8:99:c7:05:e3:8e:12:74:82:44:80:
15:3d:15:86:cf:ec:a2:99:6c:3f:dd:97:da:0c:50:e8:c4:5e:
cc:4f:26:a1:57:71:63:ec:d3:57:7c:ce:6c:20:44:74:87:35:
a9:fc:6d:a0:83:bd:1b:ee:a9:f7:bb:07:31:a3:e3:1b:e8:b7:
93:c3:7f:c6:42:01:84:1d:d7:b1:29:bb:76:4f:a8:b7:ed:88:
38:3b:92:9d:6e:85:2b:3c:39:b2:86:d0:8e:df:24:8a:f0:4b:
80:ed:2d:27:9c:d1:5e:1d:a1:c1:c0:44:c3:c9:a3:32:84:ac:
78:3e:64:e3:bc:91:36:8b:0c:f7:bb:f8:4b:54:49:fc:8b:9c:
11:45:c3:d9:64:87:8e:8d:5e:74:ab:4f:2a:52:34:bb:ac:f8:
4a:1d:a5:bd:a5:5e:68:a2:0e:44:6f:e9:30:4d:04:f3:69:e9:
5e:96:78:0a:96:c4:18:fe:38:4b:86:43:6d:bf:0e:a1:be:5d:
a4:3e:ca:e5:ae:d9:90:c3:b7:ff:87:48:ac:fe:18:ca:9d:c5:
d6:13:3a:a5:1e:95:70:94:12:9c:23:c3:87:c4:68:89:41:99:
5c:20:b3:13
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgIUMkr75oyGlNPwkXMMjxGM1mt7GbwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcxNzA2MjIwMVoX
DTI1MDcxNjA2MjcwMVowMzExMC8GA1UEAxMoQzVDQkY4NzQ5QUFDRjAzRTAyMzBF
NUFBNEJEN0JDRDg2N0Q3NUJDRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmb0LR2sX3zy0OaEOjrUMV4qcuVtcDIrh2dyppGwGPFbXy596Tv9Wlem/4p
gOhSFRBbK2Vn67/0uDVbT/9Eq7mj035jyiSOEy92joVP4uiF/Qv6/Oqw7vhDzhzQ
lt6a/I9Qyn6ZeXJ1nCkFKqMNKpgUNS06Vosl4m2EfD93YvnmQOgOatL0Rc6qrE4Y
9WyKFB+fBGYUaQY+kAvOjtN1xgVqxp6qxBLgwITfn0AwbUq9lrdEhpW9rWiWotBN
fINz/qucEsm0jmA9iiCxwTvBZY4OaiiFelXbdsDzHqve+AOjufpgfsWANmyp+sGh
9WK5lysSDwYEtx6nmJRRodaHqAECAwEAAaOCAp4wggKaMB0GA1UdDgQWBBTFy/h0
mqzwPgIw5apL17zYZ9dbzjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzYzODU5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB
2jCB1wQCAAEwgdADBAIkMnADBAEkMooDBAEkMo4DBAEkMpYDBANndzAwDAMEAmd3
PAMEAmd3QAMEA2d4qAMEA2d5EDAMAwQCZ30kAwQCZ30oAwQCZ30wAwQCZ304AwQB
Z4EQAwQCZ4FcAwQBZ4GWAwQCZ4GsAwQCZ4IQAwQCZ4KAAwQCZ4KkAwQCZ5xwAwQB
Z5x2AwQBZ5ygAwQBZ5ykAwQBZ5zaAwQBZ50wMAwDBAFnnToDBAFnnTwwDAMEAWer
kgMEAWerpDAMAwQBZ6/eAwQDZ6/gAwQC0ldYMA0GCSqGSIb3DQEBCwUAA4IBAQA5
2m+mcaWQaK3dWhI+a33OD7ont3uDdUFOqJnHBeOOEnSCRIAVPRWGz+yimWw/3Zfa
DFDoxF7MTyahV3Fj7NNXfM5sIER0hzWp/G2gg70b7qn3uwcxo+Mb6LeTw3/GQgGE
HdexKbt2T6i37Yg4O5KdboUrPDmyhtCO3ySK8EuA7S0nnNFeHaHBwETDyaMyhKx4
PmTjvJE2iwz3u/hLVEn8i5wRRcPZZIeOjV50q08qUjS7rPhKHaW9pV5oog5Eb+kw
TQTzaelelngKlsQY/jhLhkNtvw6hvl2kPsrlrtmQw7f/h0is/hjKncXWEzqlHpVw
lBKcI8OHxGiJQZlcILMT
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:50 2024 by rpki-client on console-ams.rpki-client.org