Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS17670.roa
File: AS17670.roa (raw, json)
Hash identifier: NmPQuxbpzLwK+P2BYxzmPzR2VGxK5j19RKbZE9z4DYQ=
Subject key identifier: 85:12:83:3E:15:61:32:52:55:6A:EA:A8:F6:12:D2:78:9A:91:3C:6B
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 10A0322997DDB12DC904FA0A09F6F149B87E7A64
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS17670.roa
Signing time: Sat 02 May 2026 21:29:37 +0000
ROA not before: Sat 02 May 2026 21:24:37 +0000
ROA not after: Sat 01 May 2027 21:29:37 +0000
asID: 17670
IP address blocks: 103.162.236.0/23 maxlen: 24
103.163.6.0/23 maxlen: 24
103.196.164.0/23 maxlen: 24
103.203.248.0/23 maxlen: 24
202.80.208.0/24 maxlen: 24
202.80.209.0/24 maxlen: 24
202.80.210.0/23 maxlen: 24
202.80.212.0/23 maxlen: 24
202.80.214.0/23 maxlen: 24
202.80.216.0/23 maxlen: 24
202.80.218.0/23 maxlen: 24
202.80.220.0/23 maxlen: 24
202.80.221.0/24 maxlen: 24
202.80.222.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 04 May 2026 01:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:a0:32:29:97:dd:b1:2d:c9:04:fa:0a:09:f6:f1:49:b8:7e:7a:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: May 2 21:24:37 2026 GMT
Not After : May 1 21:29:37 2027 GMT
Subject: CN=8512833E15613252556AEAA8F612D2789A913C6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f6:f1:f4:48:2d:cf:ed:89:dc:28:64:1a:9c:
d1:19:94:ae:30:9a:fb:36:bc:68:9f:8c:3b:9d:d1:
66:3d:10:bb:d6:79:eb:de:56:f7:07:36:5a:2a:85:
59:a1:d2:32:3f:47:94:22:9e:3c:84:31:59:91:8d:
fe:ae:b6:7a:c7:f0:c0:37:cd:87:a5:9a:36:2c:20:
42:91:23:6f:b7:94:48:c0:20:bd:e2:ea:a5:60:68:
ad:9d:17:5c:0d:e2:1a:5a:8a:47:c4:be:33:40:2f:
0e:d3:2d:d6:bf:85:e1:f2:d6:8e:6f:82:7a:86:a5:
1b:7d:82:e2:7d:c0:49:79:85:ea:7f:25:b8:87:2c:
d1:cf:37:25:31:0c:90:5d:bd:95:3b:15:8d:fe:49:
c6:b2:c1:88:08:32:81:94:71:1d:84:36:c7:09:70:
e0:9d:cd:ba:7d:69:8b:f5:0d:75:d3:27:51:7d:5b:
41:8a:1b:c7:68:91:6a:9f:74:e4:1f:c4:70:fc:56:
d1:b8:b3:a6:6d:d1:17:28:eb:9f:57:18:70:89:86:
c7:96:75:6c:45:88:c3:65:50:9b:2a:6d:af:3a:4e:
bb:0d:e5:85:c1:a8:30:a7:95:90:44:0d:91:37:28:
10:5d:95:1b:5d:17:e5:9f:0d:07:52:14:d6:f7:f8:
06:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:12:83:3E:15:61:32:52:55:6A:EA:A8:F6:12:D2:78:9A:91:3C:6B
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS17670.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.162.236.0/23
103.163.6.0/23
103.196.164.0/23
103.203.248.0/23
202.80.208.0/20
Signature Algorithm: sha256WithRSAEncryption
13:e4:ac:17:12:9c:25:6d:5f:70:8f:03:12:d6:6a:cb:89:e4:
05:12:36:28:c8:64:0e:db:6f:7e:95:73:f3:bd:0c:37:04:5d:
47:06:7c:49:28:10:48:02:e5:df:e0:0c:b1:c3:9d:9b:cd:63:
ef:f6:3b:24:a9:8e:c8:d3:61:46:1e:1d:e4:d9:a6:10:56:58:
88:6b:72:a9:36:61:a2:5c:ab:b5:b1:34:4c:30:3d:39:03:cd:
13:39:47:04:3f:cb:cf:e2:bf:f9:76:17:bb:b9:89:f7:ff:bd:
e2:d3:60:0e:bf:e7:a2:bf:16:7f:dd:b0:a4:16:26:00:30:03:
c7:f3:54:bd:55:12:8a:40:8e:43:93:88:dc:a5:89:bb:0d:13:
b5:ad:1e:54:45:32:21:8d:45:1c:da:4c:f6:fb:36:c1:ec:28:
40:ab:89:c4:96:e6:c9:d3:a8:60:f1:10:9b:33:92:9c:4b:e2:
e8:54:c6:7e:3b:02:e0:9c:0d:ef:84:08:45:38:c5:2f:e2:1d:
b1:c1:d1:fe:c3:72:a1:23:c8:a3:06:bb:dd:9e:dc:20:ad:c7:
2d:cf:f0:16:fc:a8:c7:e1:eb:c2:0f:7e:a1:77:2a:5c:50:0f:
12:46:9a:af:a3:cf:1c:09:02:40:b1:35:2c:c6:46:aa:9f:ac:
ff:09:31:97
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIUEKAyKZfdsS3JBPoKCfbxSbh+emQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMjQzN1oX
DTI3MDUwMTIxMjkzN1owMzExMC8GA1UEAxMoODUxMjgzM0UxNTYxMzI1MjU1NkFF
QUE4RjYxMkQyNzg5QTkxM0M2QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK328fRILc/tidwoZBqc0RmUrjCa+za8aJ+MO53RZj0Qu9Z5695W9wc2WiqF
WaHSMj9HlCKePIQxWZGN/q62esfwwDfNh6WaNiwgQpEjb7eUSMAgveLqpWBorZ0X
XA3iGlqKR8S+M0AvDtMt1r+F4fLWjm+CeoalG32C4n3ASXmF6n8luIcs0c83JTEM
kF29lTsVjf5JxrLBiAgygZRxHYQ2xwlw4J3Nun1pi/UNddMnUX1bQYobx2iRap90
5B/EcPxW0bizpm3RFyjrn1cYcImGx5Z1bEWIw2VQmyptrzpOuw3lhcGoMKeVkEQN
kTcoEF2VG10X5Z8NB1IU1vf4BrkCAwEAAaOCAeMwggHfMB0GA1UdDgQWBBSFEoM+
FWEyUlVq6qj2EtJ4mpE8azAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTc2NzAucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgAB
MB4DBAFnouwDBAFnowYDBAFnxKQDBAFny/gDBATKUNAwDQYJKoZIhvcNAQELBQAD
ggEBABPkrBcSnCVtX3CPAxLWasuJ5AUSNijIZA7bb36Vc/O9DDcEXUcGfEkoEEgC
5d/gDLHDnZvNY+/2OySpjsjTYUYeHeTZphBWWIhrcqk2YaJcq7WxNEwwPTkDzRM5
RwQ/y8/iv/l2F7u5iff/veLTYA6/56K/Fn/dsKQWJgAwA8fzVL1VEopAjkOTiNyl
ibsNE7WtHlRFMiGNRRzaTPb7NsHsKECricSW5snTqGDxEJszkpxL4uhUxn47AuCc
De+ECEU4xS/iHbHB0f7DcqEjyKMGu92e3CCtxy3P8Bb8qMfh68IPfqF3KlxQDxJG
mq+jzxwJAkCxNSzGRqqfrP8JMZc=
-----END CERTIFICATE-----
Generated at Sun May 3 00:40:33 2026 by rpki-client