Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9875.roa
File: AS9875.roa (raw, json)
Hash identifier: Ghknk7IEM+BmRIAojCgmIcP4Yz7NIlRtp30NQJC7bHI=
Subject key identifier: FF:AA:E3:86:1C:E7:C0:3D:EB:EE:DE:68:B3:B3:1F:80:8D:A5:D9:DD
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 3E7CF7F8EB65FAC9EAA8EB1DC86511F7B00E7BD0
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9875.roa
Signing time: Fri 05 Apr 2024 05:00:00 +0000
ROA not before: Fri 05 Apr 2024 04:55:00 +0000
ROA not after: Fri 04 Apr 2025 05:00:00 +0000
asID: 9875
IP address blocks: 103.93.224.0/22 maxlen: 24
103.93.228.0/22 maxlen: 24
103.94.96.0/22 maxlen: 24
103.159.228.0/23 maxlen: 24
103.159.230.0/23 maxlen: 24
103.159.232.0/23 maxlen: 24
103.159.234.0/23 maxlen: 24
103.167.142.0/23 maxlen: 24
103.167.148.0/23 maxlen: 24
103.168.106.0/23 maxlen: 24
103.168.108.0/23 maxlen: 24
103.168.110.0/23 maxlen: 24
103.168.112.0/23 maxlen: 24
103.169.111.0/24 maxlen: 24
103.169.112.0/23 maxlen: 24
103.169.118.0/23 maxlen: 24
103.169.120.0/23 maxlen: 24
103.169.122.0/23 maxlen: 24
103.169.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 May 2024 18:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:7c:f7:f8:eb:65:fa:c9:ea:a8:eb:1d:c8:65:11:f7:b0:0e:7b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Apr 5 04:55:00 2024 GMT
Not After : Apr 4 05:00:00 2025 GMT
Subject: CN=FFAAE3861CE7C03DEBEEDE68B3B31F808DA5D9DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7a:fe:a2:0a:cd:6f:85:d3:2e:55:f4:50:79:
2a:6f:26:87:5a:b4:bf:be:2e:a2:44:f2:35:98:9a:
d4:75:99:fa:d5:54:71:16:d7:8f:9f:d6:71:bd:df:
8a:f2:d4:6a:58:aa:4f:b7:f3:c6:95:b0:9b:06:e1:
20:76:11:f4:28:ab:15:d6:c6:81:cd:ca:d8:aa:ba:
b3:e7:24:b0:8c:82:9a:96:25:f9:9a:c8:a1:f2:05:
ce:cb:f5:90:1a:b6:40:91:2d:f2:33:3f:1d:54:71:
87:51:19:b0:29:cf:0f:49:1a:a2:0b:67:9b:9e:32:
dc:a4:ed:93:57:d4:13:76:bd:68:d3:d4:3c:20:39:
bb:23:a1:93:91:51:e0:e3:34:a5:41:8a:14:32:79:
70:21:05:f3:d0:b1:af:64:f1:39:39:1c:19:a9:6e:
22:ed:c4:ae:54:c9:ae:89:8b:43:02:db:58:4e:50:
e0:b2:13:c9:47:61:2e:b6:9c:cf:1a:4c:5d:08:b5:
89:43:af:8c:70:d0:ce:46:b7:83:cb:6c:8f:1e:f1:
53:72:32:03:df:37:98:b1:3c:51:61:11:1e:50:ee:
f0:41:f1:2d:04:5f:58:56:75:af:30:a4:d5:a3:fa:
36:72:86:de:bd:85:ff:52:d7:2a:71:ed:30:2d:f2:
cd:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:AA:E3:86:1C:E7:C0:3D:EB:EE:DE:68:B3:B3:1F:80:8D:A5:D9:DD
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9875.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.93.224.0/21
103.94.96.0/22
103.159.228.0-103.159.235.255
103.167.142.0/23
103.167.148.0/23
103.168.106.0-103.168.113.255
103.169.111.0-103.169.113.255
103.169.118.0-103.169.125.255
Signature Algorithm: sha256WithRSAEncryption
7c:9f:0b:5d:ce:39:81:f5:73:b5:e5:df:84:d2:b1:15:69:a1:
b7:18:84:db:ca:c6:c3:d8:9a:73:b6:15:47:95:6d:7d:42:65:
a4:ab:16:d5:0d:a2:16:79:44:e5:77:8f:39:90:a8:dd:18:1f:
b3:80:a0:da:5e:8a:8c:93:84:b0:f9:75:12:23:a1:8f:a5:e4:
fa:7b:18:cf:71:74:8d:48:ab:ff:4e:e8:ac:9d:16:a9:4e:91:
cc:f1:f8:ac:81:f6:a3:63:7f:16:e9:0c:48:98:4f:e9:23:10:
43:e8:f1:17:5d:58:1c:12:fa:d9:e7:39:5b:e4:33:da:f2:90:
c2:01:60:25:b1:2c:1c:6f:0e:13:e7:db:0e:86:8e:77:7e:6f:
70:91:6d:19:af:61:16:28:6a:44:d3:d4:65:b5:57:51:90:0b:
16:18:45:7e:93:64:cd:d8:9d:f6:47:c4:5f:50:7b:77:86:65:
39:dc:3e:a6:db:bc:24:18:93:dc:8a:57:80:44:9c:b7:fc:58:
4a:01:8b:be:a7:ef:6a:b5:59:cd:3c:f2:e1:70:f5:a9:44:4d:
98:d2:0f:98:31:d2:a5:b6:51:23:1a:5b:d2:5c:2c:ab:cf:f2:
19:f9:b2:ee:f3:90:63:c6:65:2b:7a:6c:18:1f:d6:00:0b:ef:
6f:da:81:2e
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIUPnz3+Otl+snqqOsdyGUR97AOe9AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDQwNTA0NTUwMFoX
DTI1MDQwNDA1MDAwMFowMzExMC8GA1UEAxMoRkZBQUUzODYxQ0U3QzAzREVCRUVE
RTY4QjNCMzFGODA4REE1RDlERDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOF6/qIKzW+F0y5V9FB5Km8mh1q0v74uokTyNZia1HWZ+tVUcRbXj5/Wcb3f
ivLUaliqT7fzxpWwmwbhIHYR9CirFdbGgc3K2Kq6s+cksIyCmpYl+ZrIofIFzsv1
kBq2QJEt8jM/HVRxh1EZsCnPD0kaogtnm54y3KTtk1fUE3a9aNPUPCA5uyOhk5FR
4OM0pUGKFDJ5cCEF89Cxr2TxOTkcGaluIu3ErlTJromLQwLbWE5Q4LITyUdhLrac
zxpMXQi1iUOvjHDQzka3g8tsjx7xU3IyA983mLE8UWERHlDu8EHxLQRfWFZ1rzCk
1aP6NnKG3r2F/1LXKnHtMC3yzfsCAwEAAaOCAhgwggIUMB0GA1UdDgQWBBT/quOG
HOfAPevu3mizsx+AjaXZ3TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzk4NzUucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwaQYIKwYBBQUHAQcBAf8EWjBYMFYE
AgABMFADBANnXeADBAJnXmAwDAMEAmef5AMEAmef6AMEAWenjgMEAWenlDAMAwQB
Z6hqAwQBZ6hwMAwDBABnqW8DBAFnqXAwDAMEAWepdgMEAWepfDANBgkqhkiG9w0B
AQsFAAOCAQEAfJ8LXc45gfVzteXfhNKxFWmhtxiE28rGw9iac7YVR5VtfUJlpKsW
1Q2iFnlE5XePOZCo3Rgfs4Cg2l6KjJOEsPl1EiOhj6Xk+nsYz3F0jUir/07orJ0W
qU6RzPH4rIH2o2N/FukMSJhP6SMQQ+jxF11YHBL62ec5W+Qz2vKQwgFgJbEsHG8O
E+fbDoaOd35vcJFtGa9hFihqRNPUZbVXUZALFhhFfpNkzdid9kfEX1B7d4ZlOdw+
ptu8JBiT3IpXgESct/xYSgGLvqfvarVZzTzy4XD1qURNmNIPmDHSpbZRIxpb0lws
q8/yGfmy7vOQY8ZlK3psGB/WAAvvb9qBLg==
-----END CERTIFICATE-----
Generated at Wed May 8 17:45:24 2024 by rpki-client on console-ams.rpki-client.org