Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS135478.roa
File: AS135478.roa (raw, json)
Hash identifier: PK+X8mUAcvbrZwm6rktKphHg1ErKWy8hbdZr/jWby48=
Subject key identifier: 96:BA:E6:3B:4A:40:06:CE:88:F8:BB:B9:B0:26:27:4B:1E:62:82:18
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 5CC7993733CEB7C4480CA9A5335BEAC77B01A2FE
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS135478.roa
Signing time: Sat 02 May 2026 21:03:01 +0000
ROA not before: Sat 02 May 2026 20:58:01 +0000
ROA not after: Sat 01 May 2027 21:03:01 +0000
asID: 135478
IP address blocks: 103.121.96.0/22 maxlen: 24
103.121.100.0/22 maxlen: 24
103.121.108.0/22 maxlen: 24
103.121.132.0/22 maxlen: 24
103.121.136.0/22 maxlen: 24
103.121.144.0/22 maxlen: 24
103.121.168.0/22 maxlen: 24
103.121.180.0/22 maxlen: 24
103.121.244.0/22 maxlen: 24
103.129.4.0/22 maxlen: 24
103.129.20.0/22 maxlen: 24
103.129.24.0/22 maxlen: 24
103.129.40.0/22 maxlen: 24
103.129.48.0/22 maxlen: 24
103.129.56.0/22 maxlen: 24
103.129.68.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 04 May 2026 01:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:c7:99:37:33:ce:b7:c4:48:0c:a9:a5:33:5b:ea:c7:7b:01:a2:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: May 2 20:58:01 2026 GMT
Not After : May 1 21:03:01 2027 GMT
Subject: CN=96BAE63B4A4006CE88F8BBB9B026274B1E628218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7b:3d:38:b6:4c:3f:65:bf:27:69:15:c6:96:
93:a0:cf:91:11:fd:d0:6e:54:a0:31:4c:1d:19:e5:
ca:cc:f5:47:4b:99:9e:33:4e:f1:5c:60:2d:e9:51:
0f:1c:37:7f:55:e9:60:d9:fd:39:8c:41:da:ae:21:
e4:79:40:1d:51:e7:e9:1b:39:de:9b:a9:60:dd:d4:
f2:d7:cd:81:1d:79:df:41:9c:0b:7e:d0:ce:02:0e:
93:e4:bc:9a:0f:71:20:7f:ff:0f:05:83:c4:10:59:
b9:d1:6f:81:3d:94:b3:52:96:c9:90:c4:6c:63:7a:
73:e3:2b:ae:e4:15:23:e4:a4:4f:8c:39:12:7a:75:
9b:05:bf:54:3a:ce:b2:ab:63:35:c9:27:40:78:e0:
d6:dc:f3:14:0a:e3:eb:71:cf:87:3a:e4:d9:27:80:
93:9c:13:e9:49:54:67:e0:8c:28:2a:24:ca:8d:17:
4e:56:a4:9d:c8:6c:9f:ea:20:77:d8:91:9c:80:36:
8e:91:e5:d2:35:80:f2:d9:de:a5:7c:31:33:53:53:
0d:60:73:67:8a:18:ca:ad:db:f3:aa:b4:0d:8e:80:
0f:52:1b:03:42:c2:8c:79:10:32:4e:0d:0c:d5:6d:
0c:02:27:c7:17:cf:b4:c2:93:28:fb:b3:f8:98:95:
a4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BA:E6:3B:4A:40:06:CE:88:F8:BB:B9:B0:26:27:4B:1E:62:82:18
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS135478.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.121.96.0/21
103.121.108.0/22
103.121.132.0-103.121.139.255
103.121.144.0/22
103.121.168.0/22
103.121.180.0/22
103.121.244.0/22
103.129.4.0/22
103.129.20.0-103.129.27.255
103.129.40.0/22
103.129.48.0/22
103.129.56.0/22
103.129.68.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:d8:9f:0b:9e:2a:10:9c:e5:e0:8f:44:fd:c6:16:70:31:5c:
7e:91:d4:49:a6:3e:0e:a6:19:62:f1:30:bc:d4:4a:0b:e7:49:
14:f6:b8:5e:6f:14:87:8e:f4:1d:54:d9:54:1c:81:98:91:78:
c8:c9:b1:01:97:39:28:7a:4a:20:55:fe:e7:5d:05:8b:3f:76:
ae:a6:ee:38:b5:52:ad:ea:f6:b8:44:ca:f3:cf:62:17:a8:c8:
c6:68:f6:52:67:1c:9c:e4:58:8e:ff:63:1d:a3:ad:ea:7c:79:
64:d5:82:d1:2c:21:ca:54:7b:65:db:45:c8:b0:85:a5:a8:84:
6b:1f:c5:62:81:db:02:c7:96:f1:36:91:ee:8c:d4:4f:b9:c3:
3a:e2:6b:58:6a:4d:bc:f0:36:ab:50:c6:bc:16:2b:7e:d4:ac:
4c:31:9e:aa:1c:e8:32:a6:99:c4:51:5c:bf:4e:99:50:18:58:
12:cc:46:7e:9d:7a:97:f9:70:9a:4f:30:76:73:5c:bc:72:3c:
57:64:a7:07:cb:14:0d:ea:23:f6:51:1e:00:a1:22:f9:cd:65:
26:6c:d6:03:8d:b7:23:51:f1:58:88:a2:ae:b5:3d:86:20:cc:
5c:2e:64:2e:52:f4:39:af:5a:3d:38:17:30:f3:9f:5a:94:53:
f3:dc:1a:9f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUXMeZNzPOt8RIDKmlM1vqx3sBov4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIwNTgwMVoX
DTI3MDUwMTIxMDMwMVowMzExMC8GA1UEAxMoOTZCQUU2M0I0QTQwMDZDRTg4RjhC
QkI5QjAyNjI3NEIxRTYyODIxODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMh7PTi2TD9lvydpFcaWk6DPkRH90G5UoDFMHRnlysz1R0uZnjNO8VxgLelR
Dxw3f1XpYNn9OYxB2q4h5HlAHVHn6Rs53pupYN3U8tfNgR1530GcC37QzgIOk+S8
mg9xIH//DwWDxBBZudFvgT2Us1KWyZDEbGN6c+MrruQVI+SkT4w5Enp1mwW/VDrO
sqtjNcknQHjg1tzzFArj63HPhzrk2SeAk5wT6UlUZ+CMKCokyo0XTlaknchsn+og
d9iRnIA2jpHl0jWA8tnepXwxM1NTDWBzZ4oYyq3b86q0DY6AD1IbA0LCjHkQMk4N
DNVtDAInxxfPtMKTKPuz+JiVpDkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSWuuY7
SkAGzoj4u7mwJidLHmKCGDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM1NDc4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIA
ATBeAwQDZ3lgAwQCZ3lsMAwDBAJneYQDBAJneYgDBAJneZADBAJneagDBAJnebQD
BAJnefQDBAJngQQwDAMEAmeBFAMEAmeBGAMEAmeBKAMEAmeBMAMEAmeBOAMEAmeB
RDANBgkqhkiG9w0BAQsFAAOCAQEAC9ifC54qEJzl4I9E/cYWcDFcfpHUSaY+DqYZ
YvEwvNRKC+dJFPa4Xm8Uh470HVTZVByBmJF4yMmxAZc5KHpKIFX+510Fiz92rqbu
OLVSrer2uETK889iF6jIxmj2UmccnORYjv9jHaOt6nx5ZNWC0SwhylR7ZdtFyLCF
paiEax/FYoHbAseW8TaR7ozUT7nDOuJrWGpNvPA2q1DGvBYrftSsTDGeqhzoMqaZ
xFFcv06ZUBhYEsxGfp16l/lwmk8wdnNcvHI8V2SnB8sUDeoj9lEeAKEi+c1lJmzW
A423I1HxWIiirrU9hiDMXC5kLlL0Oa9aPTgXMPOfWpRT89wanw==
-----END CERTIFICATE-----
Generated at Sun May 3 01:44:42 2026 by rpki-client