Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS38773.roa
File: AS38773.roa (raw, json)
Hash identifier: OoXSPpwSsLWuHc9HUF0sLtDsr6i9Ya2brN8YQKTN3lM=
Subject key identifier: 16:D1:28:D6:C0:59:77:2C:83:71:1B:36:9F:9D:E5:3C:54:5D:CA:22
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 6CB754432BA9D42A2333A5F8C8EF16794CA4AF93
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS38773.roa
Signing time: Sat 02 May 2026 20:20:25 +0000
ROA not before: Sat 02 May 2026 20:15:25 +0000
ROA not after: Sat 01 May 2027 20:20:25 +0000
asID: 38773
IP address blocks: 114.141.88.0/21 maxlen: 24
114.141.88.0/24 maxlen: 24
114.141.89.0/24 maxlen: 24
114.141.90.0/24 maxlen: 24
114.141.91.0/24 maxlen: 24
114.141.92.0/24 maxlen: 24
114.141.93.0/24 maxlen: 24
114.141.94.0/24 maxlen: 24
114.141.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 04 May 2026 01:58:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:b7:54:43:2b:a9:d4:2a:23:33:a5:f8:c8:ef:16:79:4c:a4:af:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: May 2 20:15:25 2026 GMT
Not After : May 1 20:20:25 2027 GMT
Subject: CN=16D128D6C059772C83711B369F9DE53C545DCA22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ec:c1:26:98:43:3d:e9:38:fa:f2:f8:89:2d:
da:70:07:e7:76:9b:04:8e:d0:9d:97:75:f9:16:9e:
72:c5:f1:ce:83:70:8d:0e:b7:f3:ca:a2:5f:2e:88:
c3:e9:34:54:57:9c:ff:c4:9e:7c:0f:4c:bf:43:f0:
e4:60:c5:3e:42:73:5a:08:65:26:34:d7:b3:d2:bd:
53:24:d2:14:50:17:df:46:78:de:40:94:71:dc:90:
3e:c8:f6:a2:a7:93:fb:03:06:f4:d6:ec:19:c6:88:
ac:c5:5a:a1:ba:5c:10:4f:6f:7a:9f:50:4c:d3:a8:
1a:3e:f1:42:76:e1:97:46:98:41:cc:f1:bd:e5:88:
45:c1:99:73:ea:2e:68:58:bb:34:50:ef:06:68:26:
8a:ca:00:22:2b:7b:f3:51:7f:08:1c:dc:9c:a7:18:
e4:57:cd:bc:cb:e8:e3:90:a6:5e:d9:0f:53:c6:cd:
f6:df:71:6c:cf:09:2b:af:13:96:b1:01:ee:84:7c:
48:dc:50:3a:e4:ec:45:59:38:5b:90:24:34:9e:eb:
6e:49:7f:82:a9:ef:83:35:be:0d:89:bc:60:89:58:
36:bc:b2:8c:d0:f6:02:47:4a:e0:0a:29:f4:85:c0:
9a:63:45:88:8f:c8:11:66:df:ba:1c:23:fe:f0:26:
bb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D1:28:D6:C0:59:77:2C:83:71:1B:36:9F:9D:E5:3C:54:5D:CA:22
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS38773.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
114.141.88.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:b2:bb:f7:61:b5:f9:73:d9:f2:e0:aa:9f:bf:18:89:37:39:
54:59:e0:ea:26:c7:33:32:8b:1a:a6:c2:3d:17:60:32:68:1a:
fc:45:c4:3c:af:ba:a2:de:ea:3f:e0:ed:86:83:6e:9e:cd:e9:
bc:ed:c9:0c:9c:e8:77:f3:4f:c0:03:e4:a3:48:c2:2b:a8:14:
64:24:77:1d:e0:eb:c3:83:60:28:d6:45:78:47:7a:10:a4:dc:
d9:08:fa:62:08:a3:6b:ec:00:fa:7c:c4:8a:56:8d:a3:15:5b:
69:9f:16:5d:0f:52:68:92:a3:78:db:1d:4d:80:e9:a7:cd:db:
fa:aa:f3:22:d9:f6:ee:53:f6:b1:1f:57:a5:4b:43:cf:35:df:
19:1a:de:d9:14:c8:89:74:1a:6d:c5:b5:fa:c6:ee:1a:32:19:
64:bc:66:1c:c5:01:31:ca:e5:0f:9b:04:ac:6b:68:4e:f9:f4:
6e:5c:b6:9b:e4:84:1f:9e:8a:6f:64:0c:c9:e9:ee:2b:2a:0b:
ba:90:c5:23:38:a3:ee:43:2d:8e:c9:3b:89:c4:12:02:f3:82:
e4:ad:0c:92:26:20:85:94:7f:e3:ba:0f:ec:6a:2a:b1:ed:3d:
5e:ce:bd:80:05:36:75:c8:94:91:df:88:57:22:46:55:42:9c:
9c:e6:bc:d1
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgIUbLdUQyup1CojM6X4yO8WeUykr5MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIwMTUyNVoX
DTI3MDUwMTIwMjAyNVowMzExMC8GA1UEAxMoMTZEMTI4RDZDMDU5NzcyQzgzNzEx
QjM2OUY5REU1M0M1NDVEQ0EyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvswSaYQz3pOPry+Ikt2nAH53abBI7QnZd1+RaecsXxzoNwjQ6388qiXy6I
w+k0VFec/8SefA9Mv0Pw5GDFPkJzWghlJjTXs9K9UyTSFFAX30Z43kCUcdyQPsj2
oqeT+wMG9NbsGcaIrMVaobpcEE9vep9QTNOoGj7xQnbhl0aYQczxveWIRcGZc+ou
aFi7NFDvBmgmisoAIit781F/CBzcnKcY5FfNvMvo45CmXtkPU8bN9t9xbM8JK68T
lrEB7oR8SNxQOuTsRVk4W5AkNJ7rbkl/gqnvgzW+DYm8YIlYNryyjND2AkdK4Aop
9IXAmmNFiI/IEWbfuhwj/vAmu0MCAwEAAaOCAcswggHHMB0GA1UdDgQWBBQW0SjW
wFl3LINxGzafneU8VF3KIjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMzg3NzMucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANyjVgwDQYJKoZIhvcNAQELBQADggEBAI2yu/dhtflz2fLgqp+/GIk3OVRZ
4OomxzMyixqmwj0XYDJoGvxFxDyvuqLe6j/g7YaDbp7N6bztyQyc6HfzT8AD5KNI
wiuoFGQkdx3g68ODYCjWRXhHehCk3NkI+mIIo2vsAPp8xIpWjaMVW2mfFl0PUmiS
o3jbHU2A6afN2/qq8yLZ9u5T9rEfV6VLQ8813xka3tkUyIl0Gm3FtfrG7hoyGWS8
ZhzFATHK5Q+bBKxraE759G5ctpvkhB+eim9kDMnp7isqC7qQxSM4o+5DLY7JO4nE
EgLzguStDJImIIWUf+O6D+xqKrHtPV7OvYAFNnXIlJHfiFciRlVCnJzmvNE=
-----END CERTIFICATE-----
Generated at Sun May 3 00:40:18 2026 by rpki-client