Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS139994.roa
File: AS139994.roa (raw, json)
Hash identifier: o5dWMLcAPURO9PZC5YH126j8KmfdJjrFvEUaI0Qlo+E=
Subject key identifier: 37:82:85:31:C5:F7:20:10:A9:3E:C8:A8:59:E1:58:8E:89:83:2B:1D
Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
Certificate serial: DF1FE82A0C0157D789914B4922BB5211683A13
Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS139994.roa
Signing time: Sat 02 May 2026 09:23:46 +0000
ROA not before: Sat 02 May 2026 09:18:46 +0000
ROA not after: Sat 01 May 2027 09:23:46 +0000
asID: 139994
IP address blocks: 140.213.196.0/24 maxlen: 24
140.213.197.0/24 maxlen: 24
140.213.198.0/24 maxlen: 24
140.213.199.0/24 maxlen: 24
140.213.200.0/24 maxlen: 24
140.213.201.0/24 maxlen: 24
140.213.202.0/24 maxlen: 24
140.213.203.0/24 maxlen: 24
157.85.197.0/24 maxlen: 24
157.85.198.0/24 maxlen: 24
157.85.206.0/24 maxlen: 24
157.85.207.0/24 maxlen: 24
157.85.208.0/24 maxlen: 24
157.85.209.0/24 maxlen: 24
157.85.210.0/24 maxlen: 24
157.85.211.0/24 maxlen: 24
157.85.212.0/24 maxlen: 24
157.85.213.0/24 maxlen: 24
157.85.218.0/24 maxlen: 24
157.85.219.0/24 maxlen: 24
157.85.220.0/24 maxlen: 24
157.85.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 03 May 2026 20:26:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
df:1f:e8:2a:0c:01:57:d7:89:91:4b:49:22:bb:52:11:68:3a:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
Validity
Not Before: May 2 09:18:46 2026 GMT
Not After : May 1 09:23:46 2027 GMT
Subject: CN=37828531C5F72010A93EC8A859E1588E89832B1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:eb:8e:c7:14:a1:4b:61:7f:72:31:4f:af:c6:
d1:1a:5d:13:58:08:13:fc:1f:8f:e6:94:52:4f:d1:
bb:c0:88:3e:80:de:43:49:92:98:b8:9a:87:d3:6e:
38:a1:10:36:7a:fa:28:7c:ea:9a:6f:94:c3:be:cd:
53:ac:28:8c:5a:eb:77:d9:4f:31:6b:e0:97:6f:04:
9a:c6:35:60:e1:33:09:21:e6:6a:0a:1d:ff:5e:d3:
68:6d:3c:e5:49:ae:8a:b9:d1:9f:df:7a:2b:38:b3:
be:a7:77:3a:26:7f:16:1c:f3:a3:19:b9:27:5d:9c:
3b:36:e7:41:98:5a:72:5d:d4:c9:76:d5:da:4b:c2:
f9:86:f8:5a:13:34:07:29:c1:24:25:33:82:78:80:
f3:88:54:0b:75:81:2a:8c:a5:ec:e0:8c:65:16:8f:
76:06:4e:c8:1c:54:e0:83:49:f7:95:70:37:64:42:
eb:b3:61:ca:23:d9:14:4c:20:2b:27:6c:b2:9c:88:
28:2c:d8:38:c5:20:9d:b3:84:39:04:53:dc:a3:7a:
0d:aa:47:b5:cd:ef:41:84:c8:b2:03:25:83:c0:03:
5a:c9:8c:a4:90:7b:fd:da:54:31:d2:85:3d:85:f2:
30:33:bb:0b:84:39:3f:28:5d:5a:0e:73:21:9e:e2:
33:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:82:85:31:C5:F7:20:10:A9:3E:C8:A8:59:E1:58:8E:89:83:2B:1D
X509v3 Authority Key Identifier:
keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS139994.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.213.196.0-140.213.203.255
157.85.197.0-157.85.198.255
157.85.206.0-157.85.213.255
157.85.218.0-157.85.221.255
Signature Algorithm: sha256WithRSAEncryption
0f:c7:5f:09:85:9e:63:e3:6f:6a:5a:a7:28:99:09:49:3b:08:
0a:33:ce:30:12:27:0b:4e:0c:e6:69:14:d4:89:46:b1:a6:9e:
b1:8e:b1:30:57:24:26:84:fc:1b:0c:10:5e:35:89:20:fb:1a:
78:3d:df:cc:ee:87:2a:41:5a:59:33:de:55:f6:9c:69:06:ec:
ea:68:b0:26:32:ef:58:4f:0d:f2:f3:d3:63:6f:a0:c4:f3:cd:
79:27:45:76:2c:80:7b:7a:a5:f0:cb:dc:63:e0:68:02:d3:39:
50:ab:75:67:a1:cb:dc:94:4e:e8:35:4f:c7:b8:05:90:d4:f8:
9f:c1:6a:d8:b8:53:7b:4c:46:c1:ba:22:a2:ac:db:68:e8:31:
53:89:0d:3a:a7:0b:d4:f1:a5:cf:86:e7:81:90:59:8c:3f:66:
37:e6:73:32:ae:b0:5f:54:43:55:5a:e0:da:69:44:f9:dc:fd:
47:91:d2:78:c9:d4:f7:85:3b:80:e7:8b:6b:65:26:db:94:d3:
5c:19:e0:30:80:66:35:fa:12:1b:68:e3:34:0e:ff:ae:ea:d2:
f7:bd:0c:4e:30:7e:c5:a3:3c:d2:cd:f2:79:34:06:2b:1a:41:
dc:47:60:7b:c5:8c:50:fc:8e:db:31:1f:74:d5:b5:bb:2c:aa:
37:ae:86:9a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUAN8f6CoMAVfXiZFLSSK7UhFoOhMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0
NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTg0NloX
DTI3MDUwMTA5MjM0NlowMzExMC8GA1UEAxMoMzc4Mjg1MzFDNUY3MjAxMEE5M0VD
OEE4NTlFMTU4OEU4OTgzMkIxRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXrjscUoUthf3IxT6/G0RpdE1gIE/wfj+aUUk/Ru8CIPoDeQ0mSmLiah9Nu
OKEQNnr6KHzqmm+Uw77NU6wojFrrd9lPMWvgl28EmsY1YOEzCSHmagod/17TaG08
5UmuirnRn996Kzizvqd3OiZ/Fhzzoxm5J12cOzbnQZhacl3UyXbV2kvC+Yb4WhM0
BynBJCUzgniA84hUC3WBKoyl7OCMZRaPdgZOyBxU4INJ95VwN2RC67NhyiPZFEwg
KydsspyIKCzYOMUgnbOEOQRT3KN6DapHtc3vQYTIsgMlg8ADWsmMpJB7/dpUMdKF
PYXyMDO7C4Q5PyhdWg5zIZ7iMxMCAwEAAaOCAf4wggH6MB0GA1UdDgQWBBQ3goUx
xfcgEKk+yKhZ4ViOiYMrHTAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT
YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB
NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG
MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz
Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTM5OTk0LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIA
ATA4MAwDBAKM1cQDBAKM1cgwDAMEAJ1VxQMEAJ1VxjAMAwQBnVXOAwQBnVXUMAwD
BAGdVdoDBAGdVdwwDQYJKoZIhvcNAQELBQADggEBAA/HXwmFnmPjb2papyiZCUk7
CAozzjASJwtODOZpFNSJRrGmnrGOsTBXJCaE/BsMEF41iSD7Gng938zuhypBWlkz
3lX2nGkG7OposCYy71hPDfLz02NvoMTzzXknRXYsgHt6pfDL3GPgaALTOVCrdWeh
y9yUTug1T8e4BZDU+J/Bati4U3tMRsG6IqKs22joMVOJDTqnC9Txpc+G54GQWYw/
ZjfmczKusF9UQ1Va4NppRPnc/UeR0njJ1PeFO4Dni2tlJtuU01wZ4DCAZjX6Ehto
4zQO/67q0ve9DE4wfsWjPNLN8nk0BisaQdxHYHvFjFD8jtsxH3TVtbssqjeuhpo=
-----END CERTIFICATE-----
Generated at Sat May 2 21:05:39 2026 by rpki-client