Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9341.roa
File: AS9341.roa (raw, json)
Hash identifier: Eh3gShIvDoysQJDfpDXNED76y+i9YKdNxkBV8r6rDsw=
Subject key identifier: A1:97:6E:F4:59:48:7C:51:51:17:25:7A:F2:76:5C:3C:43:3F:A8:FC
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 0B6883CD3A14F6F459CE9E027E9EEB55E18EA497
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9341.roa
Signing time: Tue 07 May 2024 07:57:37 +0000
ROA not before: Tue 07 May 2024 07:52:37 +0000
ROA not after: Tue 06 May 2025 07:57:37 +0000
asID: 9341
IP address blocks: 43.240.80.0/22 maxlen: 24
103.17.172.0/22 maxlen: 24
103.17.172.0/23 maxlen: 24
103.17.174.0/23 maxlen: 24
103.49.188.0/22 maxlen: 24
103.55.220.0/22 maxlen: 24
103.78.72.0/22 maxlen: 24
103.88.196.0/22 maxlen: 24
103.88.200.0/22 maxlen: 24
103.88.204.0/22 maxlen: 24
103.88.208.0/22 maxlen: 24
103.88.244.0/22 maxlen: 24
103.88.248.0/22 maxlen: 24
103.88.252.0/22 maxlen: 24
103.89.32.0/22 maxlen: 24
103.91.14.0/23 maxlen: 24
103.181.244.0/23 maxlen: 24
103.215.178.0/23 maxlen: 24
103.229.164.0/22 maxlen: 24
103.238.138.0/23 maxlen: 24
160.202.40.0/22 maxlen: 24
202.46.64.0/19 maxlen: 24
202.57.18.0/24 maxlen: 24
202.57.28.0/22 maxlen: 24
202.74.43.0/24 maxlen: 24
202.146.48.0/20 maxlen: 24
202.154.176.0/21 maxlen: 24
202.164.216.0/22 maxlen: 24
202.171.236.0/24 maxlen: 24
203.171.216.0/24 maxlen: 24
203.171.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 May 2024 13:23:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:68:83:cd:3a:14:f6:f4:59:ce:9e:02:7e:9e:eb:55:e1:8e:a4:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: May 7 07:52:37 2024 GMT
Not After : May 6 07:57:37 2025 GMT
Subject: CN=A1976EF459487C515117257AF2765C3C433FA8FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:33:ad:8e:a3:c4:a0:5c:f4:81:8a:c6:75:e8:
09:34:c9:93:1c:22:d1:a1:6f:2d:dd:a9:98:ff:88:
46:80:a4:a8:95:2f:45:6a:d8:26:25:36:8b:9a:68:
14:5a:73:53:b9:18:18:fb:f1:8b:9d:a1:24:4d:6e:
62:c8:56:ce:d7:8b:97:55:00:bd:3f:d6:73:f8:a6:
24:bd:bb:db:c8:fd:8e:44:2c:7f:a7:ad:e9:16:47:
20:53:04:d6:eb:1e:d7:7e:2a:b4:2a:33:11:61:ac:
55:fc:db:c3:27:32:b1:d5:99:93:0c:61:5e:c1:04:
2d:3d:15:9b:c1:52:6a:94:fd:d8:9e:10:0d:c3:c1:
6e:93:d1:2c:fa:80:3a:13:94:6a:15:9a:5d:d7:b8:
d8:ac:12:72:17:cc:45:75:03:1c:5d:f1:7c:bb:9e:
7e:fb:6f:2f:f5:48:c6:09:05:b4:d4:f8:78:8c:2f:
ac:35:1a:19:bc:1f:85:31:40:14:f2:c7:80:2d:95:
e1:fe:1e:79:cb:aa:e3:b8:08:b2:ee:20:09:3e:93:
a1:5c:0b:41:7f:78:39:56:a9:c0:c7:2d:84:70:53:
40:08:71:94:0a:e0:b6:99:92:4a:1a:4c:87:1b:8d:
ff:0c:8e:3e:0c:f5:84:34:c0:90:21:05:e4:84:a8:
68:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:97:6E:F4:59:48:7C:51:51:17:25:7A:F2:76:5C:3C:43:3F:A8:FC
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9341.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.80.0/22
103.17.172.0/22
103.49.188.0/22
103.55.220.0/22
103.78.72.0/22
103.88.196.0-103.88.211.255
103.88.244.0-103.88.255.255
103.89.32.0/22
103.91.14.0/23
103.181.244.0/23
103.215.178.0/23
103.229.164.0/22
103.238.138.0/23
160.202.40.0/22
202.46.64.0/19
202.57.18.0/24
202.57.28.0/22
202.74.43.0/24
202.146.48.0/20
202.154.176.0/21
202.164.216.0/22
202.171.236.0/24
203.171.216.0/23
Signature Algorithm: sha256WithRSAEncryption
92:b1:85:b0:4b:f8:e1:c3:1d:e1:44:e9:b7:b8:d7:9b:1a:13:
ea:29:39:c5:52:b6:db:c0:22:92:10:a7:9a:01:0a:02:cd:cb:
09:40:38:aa:aa:a6:00:40:c0:bc:9f:64:c3:2e:fb:ab:95:81:
5a:db:3a:96:0f:a1:7a:e0:37:b2:b3:dd:2b:52:07:22:e4:1d:
3e:71:1a:89:81:3e:5a:89:6a:fd:d5:d3:7c:88:96:2d:0f:9d:
18:93:a9:e0:de:48:4d:c0:91:f8:59:34:7c:e2:23:30:97:f5:
bf:dc:9c:46:aa:93:4c:3e:56:6c:4c:4d:a7:51:57:8d:ef:db:
94:9e:3a:c8:03:3e:26:3b:b8:33:36:0c:de:22:bd:3d:fd:44:
48:25:28:b0:fd:e6:08:89:a2:4b:f7:9c:17:ca:3e:a3:dd:34:
3f:e4:28:d0:48:21:dc:df:c1:bc:4f:ff:ae:77:fd:80:85:36:
be:67:e9:a2:46:b8:2f:25:40:50:4b:ba:93:b6:f6:0a:a9:8e:
c7:87:3d:85:f9:47:03:d3:33:10:ed:2b:61:cf:2c:2e:2e:d9:
e5:5e:78:99:2f:96:a0:72:bf:38:4f:8f:94:fb:59:bf:f7:ef:
8c:19:ee:71:a2:a8:84:d1:04:c6:36:fb:de:ad:5d:0c:7d:93:
f3:96:2c:87
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIUC2iDzToU9vRZzp4Cfp7rVeGOpJcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDUwNzA3NTIzN1oX
DTI1MDUwNjA3NTczN1owMzExMC8GA1UEAxMoQTE5NzZFRjQ1OTQ4N0M1MTUxMTcy
NTdBRjI3NjVDM0M0MzNGQThGQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPszrY6jxKBc9IGKxnXoCTTJkxwi0aFvLd2pmP+IRoCkqJUvRWrYJiU2i5po
FFpzU7kYGPvxi52hJE1uYshWzteLl1UAvT/Wc/imJL2728j9jkQsf6et6RZHIFME
1use134qtCozEWGsVfzbwycysdWZkwxhXsEELT0Vm8FSapT92J4QDcPBbpPRLPqA
OhOUahWaXde42KwSchfMRXUDHF3xfLuefvtvL/VIxgkFtNT4eIwvrDUaGbwfhTFA
FPLHgC2V4f4eecuq47gIsu4gCT6ToVwLQX94OVapwMcthHBTQAhxlArgtpmSShpM
hxuN/wyOPgz1hDTAkCEF5ISoaDECAwEAAaOCAmYwggJiMB0GA1UdDgQWBBShl270
WUh8UVEXJXrydlw8Qz+o/DAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzkzNDEucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgbYGCCsGAQUFBwEHAQH/BIGmMIGj
MIGgBAIAATCBmQMEAivwUAMEAmcRrAMEAmcxvAMEAmc33AMEAmdOSDAMAwQCZ1jE
AwQCZ1jQMAsDBAJnWPQDAwBnWAMEAmdZIAMEAWdbDgMEAWe19AMEAWfXsgMEAmfl
pAMEAWfuigMEAqDKKAMEBcouQAMEAMo5EgMEAso5HAMEAMpKKwMEBMqSMAMEA8qa
sAMEAsqk2AMEAMqr7AMEAcur2DANBgkqhkiG9w0BAQsFAAOCAQEAkrGFsEv44cMd
4UTpt7jXmxoT6ik5xVK228AikhCnmgEKAs3LCUA4qqqmAEDAvJ9kwy77q5WBWts6
lg+heuA3srPdK1IHIuQdPnEaiYE+Wolq/dXTfIiWLQ+dGJOp4N5ITcCR+Fk0fOIj
MJf1v9ycRqqTTD5WbExNp1FXje/blJ46yAM+Jju4MzYM3iK9Pf1ESCUosP3mCImi
S/ecF8o+o900P+Qo0Egh3N/BvE//rnf9gIU2vmfpoka4LyVAUEu6k7b2CqmOx4c9
hflHA9MzEO0rYc8sLi7Z5V54mS+WoHK/OE+PlPtZv/fvjBnucaKohNEExjb73q1d
DH2T85Yshw==
-----END CERTIFICATE-----
Generated at Wed May 8 09:50:41 2024 by rpki-client on console-fra.rpki-client.org