Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS132641.roa
File: AS132641.roa (raw, json)
Hash identifier: 8e3N4iSyKRjholYUDjcP8YPl5RP13s3s/DXDYEmaVYU=
Subject key identifier: BF:B9:99:C6:A3:2D:85:AE:B6:95:F6:95:48:C2:EF:20:E3:A8:61:5D
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 096F494075542BF8BAEC24D3E1004A035A05EECB
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS132641.roa
Signing time: Sat 02 May 2026 21:36:00 +0000
ROA not before: Sat 02 May 2026 21:31:00 +0000
ROA not after: Sat 01 May 2027 21:36:00 +0000
asID: 132641
IP address blocks: 43.251.96.0/22 maxlen: 24
103.19.108.0/22 maxlen: 24
103.132.140.0/22 maxlen: 24
103.145.218.0/23 maxlen: 24
103.145.224.0/23 maxlen: 24
103.145.240.0/23 maxlen: 24
103.145.244.0/23 maxlen: 24
2406:a500:c3e7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 04 May 2026 01:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:6f:49:40:75:54:2b:f8:ba:ec:24:d3:e1:00:4a:03:5a:05:ee:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: May 2 21:31:00 2026 GMT
Not After : May 1 21:36:00 2027 GMT
Subject: CN=BFB999C6A32D85AEB695F69548C2EF20E3A8615D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7d:e6:4f:51:e9:56:3f:5b:18:00:bd:53:bf:
1b:e7:f1:97:4a:32:d0:c0:30:96:fd:06:ee:41:6c:
6b:e1:c1:0b:88:52:7c:ee:42:16:ff:7c:7e:38:d6:
b8:60:5c:92:73:0d:69:03:31:b5:20:ee:2f:9f:99:
9a:48:30:47:04:23:dd:9e:34:7f:07:20:fc:ba:72:
0e:91:24:31:c9:3b:e3:b4:5c:ac:2a:ca:d9:2d:fd:
61:87:14:91:58:46:31:8a:8e:21:09:8c:5a:2c:5c:
33:6f:47:a7:db:bb:50:8a:43:aa:69:d6:e4:6a:66:
05:52:02:f8:49:1e:91:f3:28:e5:e2:a9:ac:79:e9:
53:b6:fe:ff:9b:a5:f0:22:65:68:56:fd:0e:8e:8b:
55:b2:ce:bb:2c:41:56:68:9f:35:40:81:f0:55:b0:
c6:30:24:9c:44:66:14:49:9f:78:73:6b:a1:31:ce:
20:89:56:38:01:5f:5e:8e:d4:54:1e:66:83:75:f5:
40:a6:e3:aa:73:fa:b9:e7:a5:78:1c:e1:47:c5:a2:
56:98:7b:d5:d2:3f:a2:54:7c:ed:e4:b2:0c:cb:ff:
49:91:df:65:06:4e:ac:b8:74:e0:f8:14:3c:30:78:
8c:eb:99:4a:9a:e8:26:e6:cb:39:47:3b:79:e9:ad:
a8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B9:99:C6:A3:2D:85:AE:B6:95:F6:95:48:C2:EF:20:E3:A8:61:5D
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS132641.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.251.96.0/22
103.19.108.0/22
103.132.140.0/22
103.145.218.0/23
103.145.224.0/23
103.145.240.0/23
103.145.244.0/23
IPv6:
2406:a500:c3e7::/48
Signature Algorithm: sha256WithRSAEncryption
4d:b9:ca:13:30:98:43:31:da:af:81:9e:78:6d:90:8e:da:47:
d5:2a:cd:f1:40:93:92:92:10:e3:76:4a:e9:7f:e9:ba:ca:6d:
6f:3d:27:ba:60:03:e2:e4:ba:7b:c9:fe:15:f3:c3:e8:cb:d5:
ba:61:3b:fb:1e:e4:ce:16:8a:b2:9b:bf:11:a7:b2:46:3e:33:
ce:a7:3f:ea:11:1a:1d:a6:d4:4c:e8:5a:68:65:54:ef:3b:93:
46:c5:8b:fe:68:f6:bd:0e:6c:c2:76:d2:75:90:c4:48:9b:68:
48:55:dc:16:0f:31:ba:b3:44:84:38:a6:c5:79:4a:58:19:82:
f6:f5:f3:bd:25:d2:84:1c:4e:26:59:ed:17:d7:8c:a3:94:b1:
d1:60:7e:78:9f:d6:51:7f:15:d4:95:0d:7d:82:03:f5:48:69:
1e:e4:f3:bc:6f:57:e8:b1:14:1f:a9:7c:c2:5c:ee:0a:24:3b:
03:85:9e:8e:a7:88:aa:a9:a7:90:64:5c:ca:76:77:ed:d2:ea:
07:bc:30:95:5b:b7:b2:e2:d0:3f:e5:ff:72:a2:ca:36:5a:2b:
dd:b7:c1:a0:0c:42:7c:df:2c:20:53:50:ed:39:76:7d:51:db:
39:d8:6b:7d:73:bd:52:7d:f7:b6:85:c9:a6:a8:e6:a0:55:8e:
9b:fb:5b:23
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIUCW9JQHVUK/i67CTT4QBKA1oF7sswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMzEwMFoX
DTI3MDUwMTIxMzYwMFowMzExMC8GA1UEAxMoQkZCOTk5QzZBMzJEODVBRUI2OTVG
Njk1NDhDMkVGMjBFM0E4NjE1RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM595k9R6VY/WxgAvVO/G+fxl0oy0MAwlv0G7kFsa+HBC4hSfO5CFv98fjjW
uGBcknMNaQMxtSDuL5+ZmkgwRwQj3Z40fwcg/LpyDpEkMck747RcrCrK2S39YYcU
kVhGMYqOIQmMWixcM29Hp9u7UIpDqmnW5GpmBVIC+EkekfMo5eKprHnpU7b+/5ul
8CJlaFb9Do6LVbLOuyxBVmifNUCB8FWwxjAknERmFEmfeHNroTHOIIlWOAFfXo7U
VB5mg3X1QKbjqnP6ueeleBzhR8WiVph71dI/olR87eSyDMv/SZHfZQZOrLh04PgU
PDB4jOuZSproJubLOUc7eemtqHcCAwEAAaOCAgEwggH9MB0GA1UdDgQWBBS/uZnG
oy2FrraV9pVIwu8g46hhXTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTMyNjQxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIA
ATAqAwQCK/tgAwQCZxNsAwQCZ4SMAwQBZ5HaAwQBZ5HgAwQBZ5HwAwQBZ5H0MA8E
AgACMAkDBwAkBqUAw+cwDQYJKoZIhvcNAQELBQADggEBAE25yhMwmEMx2q+Bnnht
kI7aR9UqzfFAk5KSEON2Sul/6brKbW89J7pgA+LkunvJ/hXzw+jL1bphO/se5M4W
irKbvxGnskY+M86nP+oRGh2m1EzoWmhlVO87k0bFi/5o9r0ObMJ20nWQxEibaEhV
3BYPMbqzRIQ4psV5SlgZgvb1870l0oQcTiZZ7RfXjKOUsdFgfnif1lF/FdSVDX2C
A/VIaR7k87xvV+ixFB+pfMJc7gokOwOFno6niKqpp5BkXMp2d+3S6ge8MJVbt7Li
0D/l/3KiyjZaK923waAMQnzfLCBTUO05dn1R2znYa31zvVJ997aFyaao5qBVjpv7
WyM=
-----END CERTIFICATE-----
Generated at Sun May 3 00:41:49 2026 by rpki-client