Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63859.roa
File: AS63859.roa (raw, json)
Hash identifier: wCE185w+NghQ1s7VkJH0c2fmUHFUaverU7dheYrm2lg=
Subject key identifier: 98:B3:70:48:B0:13:50:94:D8:55:37:D0:9D:BF:65:E4:47:84:2C:44
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 019357ED0B60B3308465B24BEA9E96E256F44560
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63859.roa
Signing time: Fri 17 Jan 2025 16:46:19 +0000
ROA not before: Fri 17 Jan 2025 16:41:19 +0000
ROA not after: Fri 16 Jan 2026 16:46:19 +0000
asID: 63859
IP address blocks: 36.50.112.0/23 maxlen: 24
36.50.114.0/23 maxlen: 24
36.50.138.0/23 maxlen: 24
36.50.142.0/23 maxlen: 24
36.50.150.0/23 maxlen: 24
103.119.48.0/22 maxlen: 24
103.119.52.0/22 maxlen: 24
103.119.60.0/22 maxlen: 24
103.119.64.0/22 maxlen: 24
103.120.168.0/22 maxlen: 24
103.120.172.0/22 maxlen: 24
103.121.16.0/22 maxlen: 24
103.121.20.0/22 maxlen: 24
103.125.36.0/22 maxlen: 24
103.125.40.0/22 maxlen: 24
103.125.48.0/22 maxlen: 24
103.125.56.0/22 maxlen: 24
103.129.16.0/23 maxlen: 24
103.129.92.0/22 maxlen: 24
103.129.150.0/23 maxlen: 24
103.129.172.0/23 maxlen: 24
103.129.174.0/23 maxlen: 24
103.130.16.0/23 maxlen: 24
103.130.18.0/23 maxlen: 24
103.130.128.0/22 maxlen: 24
103.130.164.0/22 maxlen: 24
103.156.112.0/23 maxlen: 24
103.156.114.0/23 maxlen: 24
103.156.118.0/23 maxlen: 24
103.156.160.0/23 maxlen: 24
103.156.164.0/23 maxlen: 24
103.156.218.0/23 maxlen: 24
103.157.48.0/23 maxlen: 24
103.157.58.0/23 maxlen: 24
103.157.60.0/23 maxlen: 24
103.171.146.0/23 maxlen: 24
103.171.148.0/23 maxlen: 24
103.171.150.0/23 maxlen: 24
103.171.152.0/23 maxlen: 24
103.171.154.0/23 maxlen: 24
103.171.156.0/23 maxlen: 24
103.171.158.0/23 maxlen: 24
103.171.160.0/23 maxlen: 24
103.171.162.0/23 maxlen: 24
103.171.164.0/23 maxlen: 24
103.175.222.0/23 maxlen: 24
103.175.224.0/23 maxlen: 24
103.175.226.0/23 maxlen: 24
103.175.228.0/23 maxlen: 24
103.175.230.0/23 maxlen: 24
202.59.192.0/20 maxlen: 24
210.87.88.0/23 maxlen: 24
210.87.90.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 07 Apr 2025 17:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:57:ed:0b:60:b3:30:84:65:b2:4b:ea:9e:96:e2:56:f4:45:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Jan 17 16:41:19 2025 GMT
Not After : Jan 16 16:46:19 2026 GMT
Subject: CN=98B37048B0135094D85537D09DBF65E447842C44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:8f:9b:d0:57:34:3a:1f:24:c6:56:d2:d6:02:
2a:69:96:2a:c9:54:bf:83:d6:19:c8:87:52:32:23:
41:7c:3c:a2:ad:3b:19:a7:a2:fd:c4:bb:39:ff:41:
2e:59:fa:8c:b0:48:d6:20:34:79:a1:8d:54:cc:c4:
e9:3a:ef:32:e1:c1:7e:ae:53:d7:da:6c:0c:d5:bf:
59:f7:98:d4:6e:ce:da:5d:0e:24:71:88:97:1b:56:
a8:f2:4c:c2:e3:88:95:d9:73:3c:08:f9:b4:b1:98:
d9:c1:99:f8:1e:7c:a2:52:40:ab:d2:c9:0c:13:4a:
16:09:1a:b9:b5:39:82:12:71:97:80:20:0e:61:4d:
85:66:f2:b0:74:0b:74:1a:af:56:95:88:42:86:c6:
97:c3:60:01:a8:86:05:6a:60:07:64:6b:71:6f:17:
67:ec:3b:b4:37:28:61:3a:69:db:7b:f2:48:e9:56:
f2:f8:11:4d:20:58:95:63:e7:7e:88:ef:74:69:97:
8d:d9:c8:62:4c:8a:21:57:44:38:cd:35:55:34:d0:
cc:c1:dd:74:9a:36:85:3b:77:cc:88:8e:cd:5a:db:
bb:8c:79:1f:90:70:1f:b5:9e:6b:87:22:76:bb:6c:
13:c1:e6:69:7b:0d:54:27:02:a4:4b:b2:01:e5:44:
60:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:B3:70:48:B0:13:50:94:D8:55:37:D0:9D:BF:65:E4:47:84:2C:44
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.50.112.0/22
36.50.138.0/23
36.50.142.0/23
36.50.150.0/23
103.119.48.0/21
103.119.60.0-103.119.67.255
103.120.168.0/21
103.121.16.0/21
103.125.36.0-103.125.43.255
103.125.48.0/22
103.125.56.0/22
103.129.16.0/23
103.129.92.0/22
103.129.150.0/23
103.129.172.0/22
103.130.16.0/22
103.130.128.0/22
103.130.164.0/22
103.156.112.0/22
103.156.118.0/23
103.156.160.0/23
103.156.164.0/23
103.156.218.0/23
103.157.48.0/23
103.157.58.0-103.157.61.255
103.171.146.0-103.171.165.255
103.175.222.0-103.175.231.255
202.59.192.0/20
210.87.88.0/22
Signature Algorithm: sha256WithRSAEncryption
72:92:38:14:74:ad:4b:5b:9e:7f:30:39:18:ba:96:63:ad:01:
29:6e:c0:21:b8:40:15:70:49:95:f8:86:43:81:77:eb:8f:c6:
b1:36:fc:1f:0a:55:bb:36:59:6b:69:52:09:9a:6a:dd:97:45:
f4:2c:c9:ed:50:06:8a:63:43:43:5f:f8:ec:9a:af:b5:9a:4e:
8c:1a:d2:e4:83:19:34:05:15:8c:28:95:40:83:71:ef:eb:e5:
3c:95:c4:ce:a4:7a:7b:ad:19:14:07:de:e7:b0:6e:f4:af:d0:
d1:ad:a5:10:1c:44:20:86:ff:25:b7:53:ca:6a:20:bc:59:df:
0e:db:bd:47:7a:4a:bd:18:c3:5b:f4:d3:fb:f3:1f:05:63:b8:
e6:e6:1d:e1:95:86:d4:70:05:a5:8d:47:e0:c3:30:a3:64:a1:
c9:d7:b5:13:dc:f3:02:2a:28:06:a7:5c:1b:d1:98:38:9b:a2:
6e:b6:0c:32:ec:34:70:1e:5b:05:b4:d1:f1:ab:74:4f:75:2b:
47:bb:21:c3:1e:76:42:1b:e1:d2:9d:1d:84:aa:00:b4:6c:bc:
f1:15:ad:e4:20:f2:53:99:f6:8d:56:05:74:59:b3:aa:cc:03:
0a:de:0e:65:9f:78:0c:8b:05:fa:65:b6:fe:5e:38:98:ac:67:
8f:9e:cb:e9
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgIUAZNX7QtgszCEZbJL6p6W4lb0RWAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDExNzE2NDExOVoX
DTI2MDExNjE2NDYxOVowMzExMC8GA1UEAxMoOThCMzcwNDhCMDEzNTA5NEQ4NTUz
N0QwOURCRjY1RTQ0Nzg0MkM0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOiPm9BXNDofJMZW0tYCKmmWKslUv4PWGciHUjIjQXw8oq07Gaei/cS7Of9B
Lln6jLBI1iA0eaGNVMzE6TrvMuHBfq5T19psDNW/WfeY1G7O2l0OJHGIlxtWqPJM
wuOIldlzPAj5tLGY2cGZ+B58olJAq9LJDBNKFgkaubU5ghJxl4AgDmFNhWbysHQL
dBqvVpWIQobGl8NgAaiGBWpgB2RrcW8XZ+w7tDcoYTpp23vySOlW8vgRTSBYlWPn
fojvdGmXjdnIYkyKIVdEOM01VTTQzMHddJo2hTt3zIiOzVrbu4x5H5BwH7Wea4ci
drtsE8HmaXsNVCcCpEuyAeVEYKcCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBSYs3BI
sBNQlNhVN9Cdv2XkR4QsRDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzYzODU5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB
4DCB3QQCAAEwgdYDBAIkMnADBAEkMooDBAEkMo4DBAEkMpYDBANndzAwDAMEAmd3
PAMEAmd3QAMEA2d4qAMEA2d5EDAMAwQCZ30kAwQCZ30oAwQCZ30wAwQCZ304AwQB
Z4EQAwQCZ4FcAwQBZ4GWAwQCZ4GsAwQCZ4IQAwQCZ4KAAwQCZ4KkAwQCZ5xwAwQB
Z5x2AwQBZ5ygAwQBZ5ykAwQBZ5zaAwQBZ50wMAwDBAFnnToDBAFnnTwwDAMEAWer
kgMEAWerpDAMAwQBZ6/eAwQDZ6/gAwQEyjvAAwQC0ldYMA0GCSqGSIb3DQEBCwUA
A4IBAQBykjgUdK1LW55/MDkYupZjrQEpbsAhuEAVcEmV+IZDgXfrj8axNvwfClW7
NllraVIJmmrdl0X0LMntUAaKY0NDX/jsmq+1mk6MGtLkgxk0BRWMKJVAg3Hv6+U8
lcTOpHp7rRkUB97nsG70r9DRraUQHEQghv8lt1PKaiC8Wd8O271Hekq9GMNb9NP7
8x8FY7jm5h3hlYbUcAWljUfgwzCjZKHJ17UT3PMCKigGp1wb0Zg4m6Jutgwy7DRw
HlsFtNHxq3RPdStHuyHDHnZCG+HSnR2EqgC0bLzxFa3kIPJTmfaNVgV0WbOqzAMK
3g5ln3gMiwX6Zbb+XjiYrGePnsvp
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:22:34 2025 by rpki-client