Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS138818.roa
File: AS138818.roa (raw, json)
Hash identifier: B43qXze0VBY15iSIpQuyP4piAAa0V3ZLT3DhbjvKSG4=
Subject key identifier: 93:1F:25:E5:A4:B7:A8:EC:D3:2D:22:66:C9:8E:0F:B2:A0:8C:E8:9F
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 0650C31D5667A5CD2A6B93CED335E764338B861C
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138818.roa
Signing time: Sat 02 May 2026 21:36:05 +0000
ROA not before: Sat 02 May 2026 21:31:05 +0000
ROA not after: Sat 01 May 2027 21:36:05 +0000
asID: 138818
IP address blocks: 103.103.136.0/22 maxlen: 24
103.114.79.0/24 maxlen: 24
114.141.91.0/24 maxlen: 24
114.141.92.0/24 maxlen: 24
114.141.93.0/24 maxlen: 24
114.141.94.0/24 maxlen: 24
114.141.95.0/24 maxlen: 24
2406:be40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 04 May 2026 01:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:50:c3:1d:56:67:a5:cd:2a:6b:93:ce:d3:35:e7:64:33:8b:86:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: May 2 21:31:05 2026 GMT
Not After : May 1 21:36:05 2027 GMT
Subject: CN=931F25E5A4B7A8ECD32D2266C98E0FB2A08CE89F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:96:0f:72:3c:07:e4:52:c8:cf:76:c3:c6:12:
9a:84:a7:55:cc:e4:3b:45:00:14:66:59:90:b3:68:
a5:24:a5:fc:c2:29:45:80:fe:41:5f:92:3f:0d:56:
c8:10:a5:3c:6b:39:f2:9d:ea:1d:93:eb:d8:39:29:
33:4c:cb:46:00:5d:3b:54:bb:d3:23:e9:c1:8a:51:
c3:1b:8c:e2:38:43:82:af:47:a9:1c:55:f5:16:7e:
64:9b:76:1f:09:70:15:b0:df:db:7f:e8:11:ab:59:
8c:27:2a:ad:a4:1f:fa:92:3a:cb:78:7c:65:60:f6:
9a:97:28:87:5e:32:a4:31:e9:44:c1:2e:fd:7f:c2:
9c:40:b5:1f:cb:f1:94:03:b0:47:a9:67:13:cb:13:
d5:e5:bf:40:bf:a2:68:50:13:e8:b2:eb:b4:7a:91:
d4:7d:70:af:b3:51:3e:15:0d:ab:3a:c9:ba:17:e1:
72:73:49:83:d5:df:e0:01:46:92:2f:49:bd:22:c8:
86:01:19:6e:e1:e2:7b:6a:57:6e:9d:20:1d:87:59:
07:9e:c4:66:33:bf:10:96:e2:d7:03:8e:5c:fd:92:
d4:b7:fd:31:50:af:89:b8:99:f7:a1:f0:04:52:9b:
4e:9a:0f:06:ad:6d:44:fd:be:ee:5e:89:ed:8b:65:
e8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:1F:25:E5:A4:B7:A8:EC:D3:2D:22:66:C9:8E:0F:B2:A0:8C:E8:9F
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138818.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.103.136.0/22
103.114.79.0/24
114.141.91.0-114.141.95.255
IPv6:
2406:be40::/32
Signature Algorithm: sha256WithRSAEncryption
9d:4e:9e:31:dd:c3:48:4c:a3:68:25:10:75:52:74:51:87:9d:
17:45:2b:09:da:75:6f:0e:c2:db:76:0b:93:f8:33:bf:1b:5f:
6a:fd:66:75:0e:5a:d7:18:16:54:b7:a9:db:99:c9:83:22:bd:
c2:29:84:e0:fa:25:3c:1d:c3:17:b2:29:60:0c:3a:6b:40:ed:
48:29:79:ce:31:15:89:50:7a:f7:a3:82:0a:7f:5c:19:9a:72:
13:d8:cd:f6:05:52:3f:81:79:ad:9b:d2:fd:15:bb:89:c1:a9:
50:b2:2c:55:e9:57:bb:03:3c:30:7d:4e:3d:e2:4c:30:95:2e:
9c:95:22:36:f7:38:d1:2b:fe:a4:ec:42:0e:04:12:83:1a:e1:
88:7a:71:4e:98:15:00:ac:8a:47:f3:5c:22:a9:5b:61:a8:11:
c3:55:ae:43:be:ae:f8:ee:7e:2f:20:6e:64:a2:62:21:a7:6d:
49:db:0a:dc:b9:85:53:6c:38:65:73:4f:7b:0b:96:5b:10:4e:
88:5a:22:e7:5a:24:9c:a4:4f:37:c7:9b:b7:d6:54:7b:b9:c2:
25:10:d9:df:43:eb:91:4f:3e:b8:00:cd:ef:4b:5d:88:5a:6f:
bf:14:0a:78:75:39:2f:02:33:40:45:cb:d2:cc:21:69:11:b5:
19:0b:e1:53
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUBlDDHVZnpc0qa5PO0zXnZDOLhhwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMzEwNVoX
DTI3MDUwMTIxMzYwNVowMzExMC8GA1UEAxMoOTMxRjI1RTVBNEI3QThFQ0QzMkQy
MjY2Qzk4RTBGQjJBMDhDRTg5RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGWD3I8B+RSyM92w8YSmoSnVczkO0UAFGZZkLNopSSl/MIpRYD+QV+SPw1W
yBClPGs58p3qHZPr2DkpM0zLRgBdO1S70yPpwYpRwxuM4jhDgq9HqRxV9RZ+ZJt2
HwlwFbDf23/oEatZjCcqraQf+pI6y3h8ZWD2mpcoh14ypDHpRMEu/X/CnEC1H8vx
lAOwR6lnE8sT1eW/QL+iaFAT6LLrtHqR1H1wr7NRPhUNqzrJuhfhcnNJg9Xf4AFG
ki9JvSLIhgEZbuHie2pXbp0gHYdZB57EZjO/EJbi1wOOXP2S1Lf9MVCvibiZ96Hw
BFKbTpoPBq1tRP2+7l6J7Ytl6OECAwEAAaOCAe8wggHrMB0GA1UdDgQWBBSTHyXl
pLeo7NMtImbJjg+yoIzonzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM4ODE4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIA
ATAaAwQCZ2eIAwQAZ3JPMAwDBAByjVsDBAVyjUAwDQQCAAIwBwMFACQGvkAwDQYJ
KoZIhvcNAQELBQADggEBAJ1OnjHdw0hMo2glEHVSdFGHnRdFKwnadW8Owtt2C5P4
M78bX2r9ZnUOWtcYFlS3qduZyYMivcIphOD6JTwdwxeyKWAMOmtA7Ugpec4xFYlQ
evejggp/XBmachPYzfYFUj+Bea2b0v0Vu4nBqVCyLFXpV7sDPDB9Tj3iTDCVLpyV
Ijb3ONEr/qTsQg4EEoMa4Yh6cU6YFQCsikfzXCKpW2GoEcNVrkO+rvjufi8gbmSi
YiGnbUnbCty5hVNsOGVzT3sLllsQTohaIudaJJykTzfHm7fWVHu5wiUQ2d9D65FP
PrgAze9LXYhab78UCnh1OS8CM0BFy9LMIWkRtRkL4VM=
-----END CERTIFICATE-----
Generated at Sun May 3 00:42:22 2026 by rpki-client