Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9341.roa
File: AS9341.roa (raw, json)
Hash identifier: 2V/KF0sGEpwNKuHQjpfC8APhcDx8aHxt0I5M47Ny3VU=
Subject key identifier: 59:B7:3E:10:42:92:2F:91:7C:02:9C:4D:B5:79:DA:0E:3D:F4:3C:CA
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 131A44AFA895195FDEC10ADD4F25645F3F574E9F
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9341.roa
Signing time: Thu 31 Oct 2024 06:18:34 +0000
ROA not before: Thu 31 Oct 2024 06:13:34 +0000
ROA not after: Thu 30 Oct 2025 06:18:34 +0000
asID: 9341
IP address blocks: 43.240.80.0/22 maxlen: 24
103.17.172.0/22 maxlen: 24
103.17.172.0/23 maxlen: 24
103.17.174.0/23 maxlen: 24
103.49.188.0/22 maxlen: 24
103.55.220.0/22 maxlen: 24
103.76.168.0/22 maxlen: 24
103.78.72.0/22 maxlen: 24
103.88.196.0/22 maxlen: 24
103.88.200.0/22 maxlen: 24
103.88.204.0/22 maxlen: 24
103.88.208.0/22 maxlen: 24
103.88.244.0/22 maxlen: 24
103.88.248.0/22 maxlen: 24
103.88.252.0/22 maxlen: 24
103.89.32.0/22 maxlen: 24
103.91.14.0/23 maxlen: 24
103.101.22.0/23 maxlen: 24
103.142.182.0/23 maxlen: 24
103.181.244.0/23 maxlen: 24
103.210.230.0/23 maxlen: 24
103.215.178.0/23 maxlen: 24
103.229.164.0/22 maxlen: 24
103.238.138.0/23 maxlen: 24
160.202.40.0/22 maxlen: 24
202.46.64.0/19 maxlen: 24
202.57.18.0/24 maxlen: 24
202.57.28.0/22 maxlen: 24
202.74.43.0/24 maxlen: 24
202.74.72.0/23 maxlen: 24
202.146.48.0/20 maxlen: 24
202.154.176.0/21 maxlen: 24
202.164.216.0/22 maxlen: 24
202.171.236.0/24 maxlen: 24
203.171.216.0/24 maxlen: 24
203.171.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 22:23:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:1a:44:af:a8:95:19:5f:de:c1:0a:dd:4f:25:64:5f:3f:57:4e:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Oct 31 06:13:34 2024 GMT
Not After : Oct 30 06:18:34 2025 GMT
Subject: CN=59B73E1042922F917C029C4DB579DA0E3DF43CCA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:69:e1:85:22:f3:b2:3d:72:f3:18:09:88:6b:
f6:7b:da:c7:67:ac:fa:c3:5a:37:40:74:89:b0:a6:
cc:fd:79:b9:f1:30:00:1c:55:89:6e:b2:4e:71:bd:
85:4c:22:31:49:cb:4c:81:66:ee:ed:c7:d1:64:57:
6b:f9:19:c7:ad:1b:75:52:ea:a8:0b:c4:c5:94:82:
37:79:29:6e:9a:0a:85:58:58:f0:71:a5:6c:14:1a:
2d:bb:a6:25:01:be:6a:a3:23:3a:c7:4c:fa:ab:04:
c1:09:f7:c9:1c:cd:1f:f5:e4:67:f3:31:7f:7d:21:
c3:68:15:fa:13:26:8f:3c:d3:f1:89:75:34:28:9e:
b2:ad:86:8d:99:8a:40:35:72:71:d1:48:5f:8f:02:
d2:be:20:d8:ca:d8:2d:b1:0b:d0:dc:16:a7:a7:80:
a9:37:14:d4:af:51:a0:aa:7e:ae:d8:f8:11:ff:da:
49:ad:74:da:cf:bf:39:ed:59:ed:e0:c4:81:3e:f8:
fd:f7:6e:5e:fe:34:c2:e8:db:fb:0e:40:7a:7b:0d:
43:b7:1b:d0:78:99:45:8d:81:29:39:e3:5a:c3:d1:
1c:54:56:fe:54:2f:93:59:d0:4d:54:57:57:93:56:
b3:45:8e:fc:6b:7d:24:3e:61:da:70:37:9b:08:79:
8d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B7:3E:10:42:92:2F:91:7C:02:9C:4D:B5:79:DA:0E:3D:F4:3C:CA
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9341.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.80.0/22
103.17.172.0/22
103.49.188.0/22
103.55.220.0/22
103.76.168.0/22
103.78.72.0/22
103.88.196.0-103.88.211.255
103.88.244.0-103.88.255.255
103.89.32.0/22
103.91.14.0/23
103.101.22.0/23
103.142.182.0/23
103.181.244.0/23
103.210.230.0/23
103.215.178.0/23
103.229.164.0/22
103.238.138.0/23
160.202.40.0/22
202.46.64.0/19
202.57.18.0/24
202.57.28.0/22
202.74.43.0/24
202.74.72.0/23
202.146.48.0/20
202.154.176.0/21
202.164.216.0/22
202.171.236.0/24
203.171.216.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:32:96:f8:02:ed:e8:23:ad:a0:64:35:ec:b0:40:83:75:64:
8e:05:02:2f:38:a0:7a:c3:60:49:7e:81:68:a6:33:34:0c:1e:
f4:0b:8a:d5:0d:ee:0e:43:da:6f:22:ed:da:70:54:52:5a:be:
9e:e1:2a:60:92:73:70:8e:d0:93:f8:9c:f8:88:8b:52:50:e9:
22:bc:11:ef:48:7f:d3:fe:6d:df:48:bf:6a:1c:18:a2:e9:53:
6d:8d:ac:25:3a:4b:05:cb:6c:4e:05:be:33:e3:45:73:87:7a:
23:5a:17:a8:e9:0e:9a:5d:4d:ce:df:bb:31:ba:c4:7d:bf:b8:
e9:c3:6c:f1:e9:38:34:5a:1e:62:82:e4:0a:b6:22:c5:2b:14:
fd:97:e2:4f:80:ac:3b:ac:38:98:f7:d7:08:57:1e:98:5b:91:
d7:df:98:d1:4e:8a:a4:25:e1:ca:e7:b0:c1:71:c4:39:62:21:
63:58:d6:96:db:3f:ec:dd:e2:bd:da:75:46:19:17:27:cd:e1:
96:8a:ff:79:6f:76:89:f8:4b:e7:6d:d4:10:11:2b:45:57:ab:
86:08:bf:04:50:fe:70:c0:55:e8:9a:96:b3:ef:81:38:c9:f2:
89:bb:de:67:81:a2:6d:5c:03:29:3d:2b:ba:12:bc:17:e7:87:
87:c0:a5:b0
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIUExpEr6iVGV/ewQrdTyVkXz9XTp8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTAzMTA2MTMzNFoX
DTI1MTAzMDA2MTgzNFowMzExMC8GA1UEAxMoNTlCNzNFMTA0MjkyMkY5MTdDMDI5
QzREQjU3OURBMEUzREY0M0NDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtp4YUi87I9cvMYCYhr9nvax2es+sNaN0B0ibCmzP15ufEwABxViW6yTnG9
hUwiMUnLTIFm7u3H0WRXa/kZx60bdVLqqAvExZSCN3kpbpoKhVhY8HGlbBQaLbum
JQG+aqMjOsdM+qsEwQn3yRzNH/XkZ/Mxf30hw2gV+hMmjzzT8Yl1NCiesq2GjZmK
QDVycdFIX48C0r4g2MrYLbEL0NwWp6eAqTcU1K9RoKp+rtj4Ef/aSa102s+/Oe1Z
7eDEgT74/fduXv40wujb+w5AensNQ7cb0HiZRY2BKTnjWsPRHFRW/lQvk1nQTVRX
V5NWs0WO/Gt9JD5h2nA3mwh5jecCAwEAAaOCAoQwggKAMB0GA1UdDgQWBBRZtz4Q
QpIvkXwCnE21edoOPfQ8yjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzkzNDEucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgdQGCCsGAQUFBwEHAQH/BIHEMIHB
MIG+BAIAATCBtwMEAivwUAMEAmcRrAMEAmcxvAMEAmc33AMEAmdMqAMEAmdOSDAM
AwQCZ1jEAwQCZ1jQMAsDBAJnWPQDAwBnWAMEAmdZIAMEAWdbDgMEAWdlFgMEAWeO
tgMEAWe19AMEAWfS5gMEAWfXsgMEAmflpAMEAWfuigMEAqDKKAMEBcouQAMEAMo5
EgMEAso5HAMEAMpKKwMEAcpKSAMEBMqSMAMEA8qasAMEAsqk2AMEAMqr7AMEAcur
2DANBgkqhkiG9w0BAQsFAAOCAQEAPDKW+ALt6COtoGQ17LBAg3VkjgUCLzigesNg
SX6BaKYzNAwe9AuK1Q3uDkPabyLt2nBUUlq+nuEqYJJzcI7Qk/ic+IiLUlDpIrwR
70h/0/5t30i/ahwYoulTbY2sJTpLBctsTgW+M+NFc4d6I1oXqOkOml1Nzt+7MbrE
fb+46cNs8ek4NFoeYoLkCrYixSsU/ZfiT4CsO6w4mPfXCFcemFuR19+Y0U6KpCXh
yuewwXHEOWIhY1jWlts/7N3ivdp1RhkXJ83hlor/eW92ifhL523UEBErRVerhgi/
BFD+cMBV6JqWs++BOMnyibveZ4GibVwDKT0ruhK8F+eHh8ClsA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:01:59 2024 by rpki-client on console-fra.rpki-client.org