Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63859.roa
File: AS63859.roa (raw, json)
Hash identifier: NXGro7fz1j/OjsSB0UU1ZKeQSwG1gEZhBTR+xOZSnhM=
Subject key identifier: 4F:42:F5:64:A6:50:32:8C:E8:CA:6A:70:31:7C:B9:3A:C2:1A:66:72
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 120B0F530A463FFAF8A44773CFC20E45317DE6CD
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63859.roa
Signing time: Tue 03 Jun 2025 12:15:10 +0000
ROA not before: Tue 03 Jun 2025 12:10:10 +0000
ROA not after: Tue 02 Jun 2026 12:15:10 +0000
asID: 63859
IP address blocks: 36.50.112.0/23 maxlen: 24
36.50.114.0/23 maxlen: 24
36.50.138.0/23 maxlen: 24
36.50.142.0/23 maxlen: 24
36.50.150.0/23 maxlen: 24
103.119.48.0/22 maxlen: 24
103.119.52.0/22 maxlen: 24
103.119.60.0/22 maxlen: 24
103.119.64.0/22 maxlen: 24
103.120.168.0/22 maxlen: 24
103.120.172.0/22 maxlen: 24
103.121.16.0/22 maxlen: 24
103.121.20.0/22 maxlen: 24
103.125.36.0/22 maxlen: 24
103.125.40.0/22 maxlen: 24
103.125.48.0/22 maxlen: 24
103.125.56.0/22 maxlen: 24
103.129.16.0/23 maxlen: 24
103.129.92.0/22 maxlen: 24
103.129.150.0/23 maxlen: 24
103.129.172.0/23 maxlen: 24
103.129.174.0/23 maxlen: 24
103.130.16.0/23 maxlen: 24
103.130.18.0/23 maxlen: 24
103.130.128.0/22 maxlen: 24
103.130.164.0/22 maxlen: 24
103.156.112.0/23 maxlen: 24
103.156.114.0/23 maxlen: 24
103.156.118.0/23 maxlen: 24
103.156.160.0/23 maxlen: 24
103.156.164.0/23 maxlen: 24
103.156.218.0/23 maxlen: 24
103.157.48.0/23 maxlen: 24
103.157.58.0/23 maxlen: 24
103.157.60.0/23 maxlen: 24
103.171.146.0/23 maxlen: 24
103.171.148.0/23 maxlen: 24
103.171.150.0/23 maxlen: 24
103.171.152.0/23 maxlen: 24
103.171.154.0/23 maxlen: 24
103.171.156.0/23 maxlen: 24
103.171.158.0/23 maxlen: 24
103.171.160.0/23 maxlen: 24
103.171.162.0/23 maxlen: 24
103.171.164.0/23 maxlen: 24
103.175.222.0/23 maxlen: 24
103.175.224.0/23 maxlen: 24
103.175.226.0/23 maxlen: 24
103.175.228.0/23 maxlen: 24
103.175.230.0/23 maxlen: 24
202.59.192.0/20 maxlen: 24
203.83.32.0/20 maxlen: 24
210.87.88.0/23 maxlen: 24
210.87.90.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 06 Jun 2025 21:09:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:0b:0f:53:0a:46:3f:fa:f8:a4:47:73:cf:c2:0e:45:31:7d:e6:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Jun 3 12:10:10 2025 GMT
Not After : Jun 2 12:15:10 2026 GMT
Subject: CN=4F42F564A650328CE8CA6A70317CB93AC21A6672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b8:98:2e:fe:b5:a2:96:43:3e:cd:64:2b:f7:
94:8a:6b:79:38:9a:df:e1:8e:e4:11:9d:f9:ba:e5:
43:aa:f6:95:10:f2:d6:58:00:15:93:e1:a7:2a:b7:
40:c2:f8:92:23:eb:ee:23:4d:5e:31:e5:ea:de:6d:
e7:cc:e6:15:0f:53:a3:26:42:c9:18:0a:f9:bb:30:
75:5b:ce:46:ba:d4:e8:74:cc:4e:91:87:6a:dc:ca:
81:6d:d5:4b:a2:56:74:a5:41:22:22:f5:8b:60:eb:
a4:a4:68:87:2d:a2:f2:b2:16:28:ad:b8:49:9b:e9:
06:a5:70:21:c9:cc:97:1e:dd:47:3f:b0:99:67:75:
d3:a3:a6:d5:96:8e:15:a6:dd:7e:61:37:04:08:9c:
37:4d:b1:d4:1b:ef:9e:75:3a:58:2c:a7:5f:07:22:
61:bf:68:2b:0d:b9:70:98:1b:36:80:fc:47:02:4e:
52:9f:d5:ac:c2:8c:cf:a0:24:e0:24:b2:7c:81:0a:
6c:cb:cf:7b:5e:d8:95:dc:b3:6d:0f:48:02:ed:ff:
63:af:6c:66:9e:fa:84:f5:de:90:8c:c4:4d:77:f8:
8a:ba:8b:21:2c:7c:9d:52:20:e5:c7:f1:48:59:eb:
5e:bc:c4:d8:a9:4c:b7:f0:fb:37:f0:8d:cf:fd:5a:
0a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:42:F5:64:A6:50:32:8C:E8:CA:6A:70:31:7C:B9:3A:C2:1A:66:72
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.50.112.0/22
36.50.138.0/23
36.50.142.0/23
36.50.150.0/23
103.119.48.0/21
103.119.60.0-103.119.67.255
103.120.168.0/21
103.121.16.0/21
103.125.36.0-103.125.43.255
103.125.48.0/22
103.125.56.0/22
103.129.16.0/23
103.129.92.0/22
103.129.150.0/23
103.129.172.0/22
103.130.16.0/22
103.130.128.0/22
103.130.164.0/22
103.156.112.0/22
103.156.118.0/23
103.156.160.0/23
103.156.164.0/23
103.156.218.0/23
103.157.48.0/23
103.157.58.0-103.157.61.255
103.171.146.0-103.171.165.255
103.175.222.0-103.175.231.255
202.59.192.0/20
203.83.32.0/20
210.87.88.0/22
Signature Algorithm: sha256WithRSAEncryption
43:e7:01:89:77:83:b2:4d:24:b9:06:eb:fa:fb:84:1c:8f:af:
24:f8:2c:3f:56:76:cd:ff:e9:51:02:8b:9f:f2:a5:17:2d:cb:
ec:97:20:41:46:f3:61:2d:79:9a:0f:39:64:be:f0:06:b4:9f:
e9:00:92:e8:e4:8a:4f:54:78:cc:cd:99:b4:a8:40:e9:65:c0:
c9:e1:96:30:20:fc:1a:c8:3a:57:02:9f:95:db:c9:fe:63:c5:
16:f1:90:30:db:16:f3:74:49:35:40:a9:3b:e8:0f:6a:cf:0d:
ba:77:78:1e:2d:65:9c:8f:6b:75:c1:63:05:ff:d2:26:be:56:
f4:84:c0:9e:64:50:7a:af:54:0b:7f:17:20:bf:8b:33:08:9d:
88:79:c4:43:76:a3:90:82:44:2d:3b:de:e5:39:0a:5f:77:48:
12:50:c5:f8:b9:15:5f:f6:27:46:8e:dc:19:da:d5:b9:34:f7:
43:c6:d1:db:f5:c5:a9:d3:2b:77:b6:c8:27:e2:2b:70:03:56:
1f:40:4a:0e:e9:94:b3:49:86:30:ab:f1:68:4e:31:85:d6:7d:
63:26:4d:b6:f7:ca:ac:52:5a:38:05:f7:e6:b7:0a:16:d1:d9:
74:3c:a4:a0:b9:c0:23:5a:79:f6:59:48:19:5e:e1:e9:4a:b3:
32:45:88:51
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgIUEgsPUwpGP/r4pEdzz8IORTF95s0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwMzEyMTAxMFoX
DTI2MDYwMjEyMTUxMFowMzExMC8GA1UEAxMoNEY0MkY1NjRBNjUwMzI4Q0U4Q0E2
QTcwMzE3Q0I5M0FDMjFBNjY3MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMi4mC7+taKWQz7NZCv3lIpreTia3+GO5BGd+brlQ6r2lRDy1lgAFZPhpyq3
QML4kiPr7iNNXjHl6t5t58zmFQ9ToyZCyRgK+bswdVvORrrU6HTMTpGHatzKgW3V
S6JWdKVBIiL1i2DrpKRohy2i8rIWKK24SZvpBqVwIcnMlx7dRz+wmWd106Om1ZaO
FabdfmE3BAicN02x1BvvnnU6WCynXwciYb9oKw25cJgbNoD8RwJOUp/VrMKMz6Ak
4CSyfIEKbMvPe17YldyzbQ9IAu3/Y69sZp76hPXekIzETXf4irqLISx8nVIg5cfx
SFnrXrzE2KlMt/D7N/CNz/1aCtsCAwEAAaOCAqowggKmMB0GA1UdDgQWBBRPQvVk
plAyjOjKanAxfLk6whpmcjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzYzODU5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB
5jCB4wQCAAEwgdwDBAIkMnADBAEkMooDBAEkMo4DBAEkMpYDBANndzAwDAMEAmd3
PAMEAmd3QAMEA2d4qAMEA2d5EDAMAwQCZ30kAwQCZ30oAwQCZ30wAwQCZ304AwQB
Z4EQAwQCZ4FcAwQBZ4GWAwQCZ4GsAwQCZ4IQAwQCZ4KAAwQCZ4KkAwQCZ5xwAwQB
Z5x2AwQBZ5ygAwQBZ5ykAwQBZ5zaAwQBZ50wMAwDBAFnnToDBAFnnTwwDAMEAWer
kgMEAWerpDAMAwQBZ6/eAwQDZ6/gAwQEyjvAAwQEy1MgAwQC0ldYMA0GCSqGSIb3
DQEBCwUAA4IBAQBD5wGJd4OyTSS5Buv6+4Qcj68k+Cw/VnbN/+lRAouf8qUXLcvs
lyBBRvNhLXmaDzlkvvAGtJ/pAJLo5IpPVHjMzZm0qEDpZcDJ4ZYwIPwayDpXAp+V
28n+Y8UW8ZAw2xbzdEk1QKk76A9qzw26d3geLWWcj2t1wWMF/9Imvlb0hMCeZFB6
r1QLfxcgv4szCJ2IecRDdqOQgkQtO97lOQpfd0gSUMX4uRVf9idGjtwZ2tW5NPdD
xtHb9cWp0yt3tsgn4itwA1YfQEoO6ZSzSYYwq/FoTjGF1n1jJk2298qsUlo4Bffm
twoW0dl0PKSgucAjWnn2WUgZXuHpSrMyRYhR
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:12:23 2025 by rpki-client