Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS138608.roa
File: AS138608.roa (raw, json)
Hash identifier: KNdOqzoDb5CMSC2awrPOLMZAWwujYKMDSOyDgWXOdd4=
Subject key identifier: 3F:5F:5D:7A:36:7E:4C:70:D0:E5:E6:4D:FB:9A:74:BC:30:1C:E0:27
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 7C3D92DD29AC5F51B0C75B576EB121EDDFC1BB37
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138608.roa
Signing time: Sat 02 May 2026 21:19:18 +0000
ROA not before: Sat 02 May 2026 21:14:18 +0000
ROA not after: Sat 01 May 2027 21:19:18 +0000
asID: 138608
IP address blocks: 103.13.206.0/23 maxlen: 24
103.13.206.0/24 maxlen: 24
103.13.207.0/24 maxlen: 24
103.30.194.0/23 maxlen: 24
103.37.124.0/23 maxlen: 24
103.56.82.0/23 maxlen: 24
103.67.186.0/23 maxlen: 24
103.67.186.0/24 maxlen: 24
103.67.187.0/24 maxlen: 24
103.171.19.0/24 maxlen: 24
103.187.146.0/23 maxlen: 24
103.189.234.0/23 maxlen: 24
103.210.54.0/23 maxlen: 24
103.250.10.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 03 May 2026 21:59:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:3d:92:dd:29:ac:5f:51:b0:c7:5b:57:6e:b1:21:ed:df:c1:bb:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: May 2 21:14:18 2026 GMT
Not After : May 1 21:19:18 2027 GMT
Subject: CN=3F5F5D7A367E4C70D0E5E64DFB9A74BC301CE027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c9:bb:de:f4:fe:09:d2:75:5d:30:68:5b:10:
3e:34:01:c6:a1:a4:c4:4b:00:d9:8d:ce:73:5e:e9:
d3:2e:d0:ea:0b:67:cd:d5:80:1c:7d:52:78:08:d9:
93:a3:43:a8:a4:07:77:dd:62:92:16:6a:9a:34:3a:
0c:54:56:80:7b:65:07:6f:7a:6b:6c:69:44:89:30:
8e:bf:e5:b7:fd:f9:c0:9b:3f:f3:65:c1:ff:26:b1:
d6:d4:ee:f3:2a:30:b1:92:7a:ec:40:6a:db:5e:cc:
0d:65:91:0c:c4:8d:a5:0f:50:31:3a:a4:4f:08:c7:
ea:f8:a7:03:a9:2e:70:fc:ae:4c:38:d5:2a:1d:a6:
24:0f:74:6c:49:27:78:1c:5d:09:31:65:a6:eb:3a:
a5:95:ab:ad:65:65:c4:b0:c1:88:ef:d6:df:42:8b:
4b:99:5f:7a:00:27:42:ad:2d:42:5e:bc:d0:78:41:
73:02:7b:d1:96:2e:18:1e:ad:5c:73:1e:06:3b:98:
c9:c5:47:04:f1:c8:4b:94:93:c2:e1:8a:45:be:4c:
d0:f9:c7:cc:24:60:4e:01:5e:49:55:f3:14:34:98:
55:2c:65:c7:c3:c2:ab:2e:90:c2:33:ec:1f:ee:76:
4c:5b:c3:19:af:cd:71:80:7f:94:cc:fb:33:99:44:
1b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:5F:5D:7A:36:7E:4C:70:D0:E5:E6:4D:FB:9A:74:BC:30:1C:E0:27
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138608.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.13.206.0/23
103.30.194.0/23
103.37.124.0/23
103.56.82.0/23
103.67.186.0/23
103.171.19.0/24
103.187.146.0/23
103.189.234.0/23
103.210.54.0/23
103.250.10.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:ab:88:a6:dc:00:bd:45:f4:59:55:4e:30:2c:0d:68:ba:8f:
fa:a2:fc:61:08:8a:68:96:49:06:bd:e6:c2:f0:8d:32:7f:7c:
8b:96:43:5f:9b:19:df:02:11:02:1a:0f:5b:10:68:fe:4a:37:
72:e8:d5:7d:7d:8e:70:ec:23:d8:b4:f0:52:52:1e:cc:9d:e7:
8e:53:c3:7d:3f:7b:e2:f9:87:56:3e:26:84:d3:9d:ae:0b:91:
e8:af:75:2f:4c:d4:3a:b1:21:be:ed:55:aa:bf:b4:6a:11:55:
73:37:fc:87:a5:d9:db:7f:4f:8c:5e:b7:37:60:5d:99:d0:5e:
ee:ce:17:f5:45:42:0c:41:1a:de:ce:b4:74:b2:44:f0:a3:c6:
57:bf:81:06:7b:1a:ea:fc:44:5f:6f:d9:8b:9d:fe:b6:20:f0:
40:0e:af:c6:60:ad:24:fd:54:c8:f7:ff:ec:28:64:81:01:f3:
1f:8d:1e:38:35:fd:30:74:2f:e8:4d:46:a2:d4:b9:81:55:06:
16:dc:d1:f4:90:e5:e1:68:f2:fe:04:01:59:2d:a5:9e:74:d3:
db:cd:a2:f4:40:3d:40:91:27:88:63:87:f0:c3:ba:f0:c2:29:
2d:3d:45:30:b2:d2:6c:4a:4b:dc:7b:62:0a:3a:e5:07:8a:ea:
de:7f:4a:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIUfD2S3SmsX1Gwx1tXbrEh7d/BuzcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMTQxOFoX
DTI3MDUwMTIxMTkxOFowMzExMC8GA1UEAxMoM0Y1RjVEN0EzNjdFNEM3MEQwRTVF
NjRERkI5QTc0QkMzMDFDRTAyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTJu970/gnSdV0waFsQPjQBxqGkxEsA2Y3Oc17p0y7Q6gtnzdWAHH1SeAjZ
k6NDqKQHd91ikhZqmjQ6DFRWgHtlB296a2xpRIkwjr/lt/35wJs/82XB/yax1tTu
8yowsZJ67EBq217MDWWRDMSNpQ9QMTqkTwjH6vinA6kucPyuTDjVKh2mJA90bEkn
eBxdCTFlpus6pZWrrWVlxLDBiO/W30KLS5lfegAnQq0tQl680HhBcwJ70ZYuGB6t
XHMeBjuYycVHBPHIS5STwuGKRb5M0PnHzCRgTgFeSVXzFDSYVSxlx8PCqy6QwjPs
H+52TFvDGa/NcYB/lMz7M5lEGy0CAwEAAaOCAgIwggH+MB0GA1UdDgQWBBQ/X116
Nn5McNDl5k37mnS8MBzgJzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM4NjA4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIA
ATA8AwQBZw3OAwQBZx7CAwQBZyV8AwQBZzhSAwQBZ0O6AwQAZ6sTAwQBZ7uSAwQB
Z73qAwQBZ9I2AwQBZ/oKMA0GCSqGSIb3DQEBCwUAA4IBAQCnq4im3AC9RfRZVU4w
LA1ouo/6ovxhCIpolkkGvebC8I0yf3yLlkNfmxnfAhECGg9bEGj+Sjdy6NV9fY5w
7CPYtPBSUh7MneeOU8N9P3vi+YdWPiaE052uC5Hor3UvTNQ6sSG+7VWqv7RqEVVz
N/yHpdnbf0+MXrc3YF2Z0F7uzhf1RUIMQRrezrR0skTwo8ZXv4EGexrq/ERfb9mL
nf62IPBADq/GYK0k/VTI9//sKGSBAfMfjR44Nf0wdC/oTUai1LmBVQYW3NH0kOXh
aPL+BAFZLaWedNPbzaL0QD1AkSeIY4fww7rwwiktPUUwstJsSkvce2IKOuUHiure
f0oi
-----END CERTIFICATE-----
Generated at Sat May 2 22:50:47 2026 by rpki-client