Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63859.roa
File: AS63859.roa (raw, json)
Hash identifier: tSEoZ4VARB3XJZv/6MUZqoBC3Nbn+X3mthtNPDaS/CE=
Subject key identifier: BD:47:B6:69:D1:F7:7C:1F:4B:2E:3A:AD:51:FB:F4:43:47:E4:E1:38
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 47CA7CE3883C9EF8DC1F876EF36746185CC1A025
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63859.roa
Signing time: Tue 09 Jan 2024 04:57:40 +0000
ROA not before: Tue 09 Jan 2024 04:52:40 +0000
ROA not after: Tue 07 Jan 2025 04:57:40 +0000
asID: 63859
IP address blocks: 36.50.112.0/23 maxlen: 24
36.50.114.0/23 maxlen: 24
36.50.138.0/23 maxlen: 24
36.50.142.0/23 maxlen: 24
36.50.150.0/23 maxlen: 24
103.119.48.0/22 maxlen: 24
103.119.52.0/22 maxlen: 24
103.119.60.0/22 maxlen: 24
103.119.64.0/22 maxlen: 24
103.120.168.0/22 maxlen: 24
103.120.172.0/22 maxlen: 24
103.121.16.0/22 maxlen: 24
103.121.20.0/22 maxlen: 24
103.125.36.0/22 maxlen: 24
103.125.40.0/22 maxlen: 24
103.125.48.0/22 maxlen: 24
103.125.56.0/22 maxlen: 24
103.129.16.0/23 maxlen: 23
103.129.92.0/22 maxlen: 24
103.129.150.0/23 maxlen: 23
103.129.172.0/23 maxlen: 23
103.129.174.0/23 maxlen: 23
103.130.16.0/23 maxlen: 23
103.130.18.0/23 maxlen: 23
103.130.128.0/22 maxlen: 24
103.130.164.0/22 maxlen: 24
103.156.112.0/23 maxlen: 24
103.156.114.0/23 maxlen: 24
103.156.118.0/23 maxlen: 24
103.156.160.0/23 maxlen: 24
103.156.164.0/23 maxlen: 24
103.156.218.0/23 maxlen: 24
103.157.48.0/23 maxlen: 24
103.157.58.0/23 maxlen: 24
103.157.60.0/23 maxlen: 24
103.171.146.0/23 maxlen: 24
103.171.148.0/23 maxlen: 24
103.171.150.0/23 maxlen: 24
103.171.152.0/23 maxlen: 24
103.171.154.0/23 maxlen: 24
103.171.156.0/23 maxlen: 24
103.171.158.0/23 maxlen: 24
103.171.160.0/23 maxlen: 24
103.171.162.0/23 maxlen: 24
103.171.164.0/23 maxlen: 24
103.175.222.0/23 maxlen: 24
103.175.224.0/23 maxlen: 24
103.175.226.0/23 maxlen: 24
103.175.228.0/23 maxlen: 24
103.175.230.0/23 maxlen: 24
210.87.88.0/23 maxlen: 24
210.87.90.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 08 May 2024 10:05:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:ca:7c:e3:88:3c:9e:f8:dc:1f:87:6e:f3:67:46:18:5c:c1:a0:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Jan 9 04:52:40 2024 GMT
Not After : Jan 7 04:57:40 2025 GMT
Subject: CN=BD47B669D1F77C1F4B2E3AAD51FBF44347E4E138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:82:6a:7d:08:e1:ac:0e:3b:63:e7:47:a6:d7:
29:83:2a:30:17:4d:20:23:6e:e8:7b:b7:28:fd:5f:
d0:7d:05:24:32:38:16:93:56:d6:50:5a:50:34:b6:
10:b1:3a:aa:f6:b6:8d:b0:28:d9:3f:17:58:53:c6:
e2:22:f9:74:d3:8c:3a:68:db:6b:77:de:4e:4c:43:
f5:18:bc:39:e8:f8:c2:91:76:6d:0a:d9:79:ec:b0:
0e:7a:dc:3c:c8:b3:76:1e:c3:a0:bb:8b:9a:38:a8:
d1:6b:69:71:b5:83:9c:f0:93:36:31:bd:b3:27:61:
eb:6f:ec:e9:71:ff:3d:90:04:09:2c:38:77:eb:cf:
b7:94:7c:a7:19:dc:82:08:cd:cc:48:ae:65:3f:28:
b5:13:30:9e:ed:cd:f8:a2:55:fc:c5:4b:21:b1:c8:
41:66:bf:30:ef:95:c8:77:b3:12:0e:cd:b3:17:e6:
c3:f0:b3:e3:2b:12:56:45:0f:19:91:09:c1:15:2c:
53:6d:22:3f:3d:e7:51:cd:1f:63:66:9e:05:22:52:
6b:e4:85:9d:39:c0:d9:83:4a:ff:6e:87:52:7b:6a:
0f:ea:d0:d4:19:72:77:bc:e0:ef:48:c6:4f:3c:0c:
03:07:28:28:53:f1:f6:18:1a:d8:59:10:f1:ea:9b:
82:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:47:B6:69:D1:F7:7C:1F:4B:2E:3A:AD:51:FB:F4:43:47:E4:E1:38
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.50.112.0/22
36.50.138.0/23
36.50.142.0/23
36.50.150.0/23
103.119.48.0/21
103.119.60.0-103.119.67.255
103.120.168.0/21
103.121.16.0/21
103.125.36.0-103.125.43.255
103.125.48.0/22
103.125.56.0/22
103.129.16.0/23
103.129.92.0/22
103.129.150.0/23
103.129.172.0/22
103.130.16.0/22
103.130.128.0/22
103.130.164.0/22
103.156.112.0/22
103.156.118.0/23
103.156.160.0/23
103.156.164.0/23
103.156.218.0/23
103.157.48.0/23
103.157.58.0-103.157.61.255
103.171.146.0-103.171.165.255
103.175.222.0-103.175.231.255
210.87.88.0/22
Signature Algorithm: sha256WithRSAEncryption
65:36:38:d8:93:d3:0f:81:78:d3:43:e6:b8:fa:3b:56:49:fa:
4a:38:67:7a:e3:7a:fc:91:34:80:72:41:9c:02:cc:7e:29:ad:
53:03:01:de:66:d1:87:ef:c1:9f:7f:8f:8d:52:81:f1:95:b1:
69:ed:08:59:f2:78:60:b7:cb:74:27:5c:70:03:9b:4c:80:91:
f1:0c:70:6c:cc:c4:86:e7:71:c6:14:1a:34:ba:27:a1:0c:38:
5f:2c:0d:27:b4:23:b6:4e:af:c3:af:c4:8d:d9:e9:32:cb:aa:
05:ac:f9:8b:f4:4c:f3:c6:b3:ac:85:61:c1:85:bc:0a:e4:6c:
b1:ac:c1:17:04:03:21:b8:a8:d7:b9:c3:e1:49:d0:d6:56:8e:
d1:90:47:0d:7d:a2:cc:0c:24:ea:6c:88:60:a6:d9:e5:d2:4d:
1a:d0:d7:c2:a1:04:b2:3f:05:48:57:a9:2d:cf:96:49:e0:20:
f0:20:b2:eb:83:5e:26:87:20:4b:bc:03:47:88:ee:e0:32:35:
a5:04:aa:bc:63:18:41:1b:d0:1d:72:14:5a:c5:16:0f:43:e8:
ff:af:ca:13:c9:f9:21:97:cf:fc:c3:3d:83:4d:d2:54:83:89:
13:0b:e4:34:9d:c6:74:08:e6:6c:cc:94:69:57:48:6e:3f:2e:
05:c1:47:a1
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgIUR8p844g8nvjcH4du82dGGFzBoCUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTA0NTI0MFoX
DTI1MDEwNzA0NTc0MFowMzExMC8GA1UEAxMoQkQ0N0I2NjlEMUY3N0MxRjRCMkUz
QUFENTFGQkY0NDM0N0U0RTEzODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqCan0I4awOO2PnR6bXKYMqMBdNICNu6Hu3KP1f0H0FJDI4FpNW1lBaUDS2
ELE6qva2jbAo2T8XWFPG4iL5dNOMOmjba3feTkxD9Ri8Oej4wpF2bQrZeeywDnrc
PMizdh7DoLuLmjio0WtpcbWDnPCTNjG9sydh62/s6XH/PZAECSw4d+vPt5R8pxnc
ggjNzEiuZT8otRMwnu3N+KJV/MVLIbHIQWa/MO+VyHezEg7Nsxfmw/Cz4ysSVkUP
GZEJwRUsU20iPz3nUc0fY2aeBSJSa+SFnTnA2YNK/26HUntqD+rQ1Blyd7zg70jG
TzwMAwcoKFPx9hga2FkQ8eqbggECAwEAAaOCAp4wggKaMB0GA1UdDgQWBBS9R7Zp
0fd8H0suOq1R+/RDR+ThODAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzYzODU5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB
2jCB1wQCAAEwgdADBAIkMnADBAEkMooDBAEkMo4DBAEkMpYDBANndzAwDAMEAmd3
PAMEAmd3QAMEA2d4qAMEA2d5EDAMAwQCZ30kAwQCZ30oAwQCZ30wAwQCZ304AwQB
Z4EQAwQCZ4FcAwQBZ4GWAwQCZ4GsAwQCZ4IQAwQCZ4KAAwQCZ4KkAwQCZ5xwAwQB
Z5x2AwQBZ5ygAwQBZ5ykAwQBZ5zaAwQBZ50wMAwDBAFnnToDBAFnnTwwDAMEAWer
kgMEAWerpDAMAwQBZ6/eAwQDZ6/gAwQC0ldYMA0GCSqGSIb3DQEBCwUAA4IBAQBl
NjjYk9MPgXjTQ+a4+jtWSfpKOGd643r8kTSAckGcAsx+Ka1TAwHeZtGH78Gff4+N
UoHxlbFp7QhZ8nhgt8t0J1xwA5tMgJHxDHBszMSG53HGFBo0uiehDDhfLA0ntCO2
Tq/Dr8SN2ekyy6oFrPmL9EzzxrOshWHBhbwK5GyxrMEXBAMhuKjXucPhSdDWVo7R
kEcNfaLMDCTqbIhgptnl0k0a0NfCoQSyPwVIV6ktz5ZJ4CDwILLrg14mhyBLvANH
iO7gMjWlBKq8YxhBG9AdchRaxRYPQ+j/r8oTyfkhl8/8wz2DTdJUg4kTC+Q0ncZ0
COZszJRpV0huPy4FwUeh
-----END CERTIFICATE-----
Generated at Sun May 5 05:20:58 2024 by rpki-client on console-fra.rpki-client.org