Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS4787.roa
File: AS4787.roa (raw, json)
Hash identifier: 9Uy6yJYyYjCqTvHXiXYKSMfpc7kFCUXkHHNjIEtJ1ys=
Subject key identifier: 1A:9D:B5:EF:00:FF:05:03:80:08:A3:2F:8F:7C:B2:04:01:5C:22:FC
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 50BA9BE5D976B10A18B77BB2F71277ADEEDD642C
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS4787.roa
Signing time: Sat 02 May 2026 21:33:33 +0000
ROA not before: Sat 02 May 2026 21:28:33 +0000
ROA not after: Sat 01 May 2027 21:33:33 +0000
asID: 4787
IP address blocks: 103.86.152.0/22 maxlen: 24
103.109.160.0/23 maxlen: 24
103.109.172.0/22 maxlen: 24
103.111.200.0/22 maxlen: 24
103.112.222.0/24 maxlen: 24
103.113.48.0/22 maxlen: 24
103.113.52.0/22 maxlen: 24
103.113.73.0/24 maxlen: 24
103.114.173.0/24 maxlen: 24
103.164.132.0/23 maxlen: 24
103.164.134.0/23 maxlen: 24
202.51.24.0/21 maxlen: 24
2001:df4:cd00::/48 maxlen: 48
2403:3440::/32 maxlen: 48
2403:34c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 04 May 2026 01:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:ba:9b:e5:d9:76:b1:0a:18:b7:7b:b2:f7:12:77:ad:ee:dd:64:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: May 2 21:28:33 2026 GMT
Not After : May 1 21:33:33 2027 GMT
Subject: CN=1A9DB5EF00FF05038008A32F8F7CB204015C22FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:69:f3:53:c6:54:fe:a3:f5:79:cb:f4:79:f0:
a0:3b:5a:21:62:fe:22:66:cc:88:9b:d3:2b:67:ad:
3c:e0:3e:f2:5d:b9:e3:e3:c8:90:36:38:f0:ac:bb:
06:45:24:86:0c:6e:ef:fe:38:07:69:07:37:1d:95:
ec:a1:a5:16:f0:f7:92:e1:af:69:2a:98:68:c5:dd:
62:39:2f:e2:2e:be:56:67:1d:c0:78:b3:4a:7b:67:
97:b8:6b:5c:fa:8c:cd:c8:5c:c0:60:22:47:9e:86:
2f:08:55:74:d3:a6:d9:a6:17:13:7e:28:49:21:e7:
51:d9:6a:b1:de:d2:2d:eb:34:10:23:e5:95:95:74:
69:38:ac:6d:10:09:92:94:20:ac:9f:a8:19:45:69:
28:43:b0:b1:2c:02:ad:c6:c8:4e:a1:f6:e9:22:d7:
01:a2:fb:28:52:74:6c:38:17:09:27:37:13:a8:65:
77:ea:4a:f1:4b:b2:79:c1:b8:1a:85:e3:7c:76:da:
a1:7b:0e:8b:a9:d2:a7:4e:ac:02:6c:8c:66:a3:05:
fb:dd:9a:b3:c7:a6:39:57:79:17:d3:e7:61:15:ac:
28:85:e2:52:5e:9b:9e:ee:ce:3a:39:50:e1:f8:00:
ce:ae:81:df:ec:e9:fb:7a:ad:56:9a:87:7c:ea:5a:
94:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:9D:B5:EF:00:FF:05:03:80:08:A3:2F:8F:7C:B2:04:01:5C:22:FC
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS4787.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.86.152.0/22
103.109.160.0/23
103.109.172.0/22
103.111.200.0/22
103.112.222.0/24
103.113.48.0/21
103.113.73.0/24
103.114.173.0/24
103.164.132.0/22
202.51.24.0/21
IPv6:
2001:df4:cd00::/48
2403:3440::/32
2403:34c0::/32
Signature Algorithm: sha256WithRSAEncryption
8e:0a:18:2c:8a:a1:1d:9c:47:49:84:1d:42:c5:e0:9a:59:da:
f9:bd:4b:6c:16:6a:14:24:d3:74:24:c1:05:8f:2a:f5:36:1c:
3d:ea:25:02:a3:4e:84:56:2c:d1:af:94:91:28:8e:9e:26:ef:
42:09:f2:1c:b1:dd:72:1a:18:5c:38:c7:37:86:f1:bc:2c:38:
05:a9:34:f6:28:4b:54:fd:c2:80:77:1b:d8:cc:4d:cc:1b:67:
35:52:19:9a:24:10:22:98:bb:4e:cb:04:49:26:7f:b1:61:8e:
76:55:e2:a0:f6:c1:30:c7:7d:fc:df:e6:5b:d0:c4:bf:d3:bc:
50:4a:00:b1:bd:7b:14:c9:c2:2e:dc:05:dc:02:00:08:32:c4:
a4:42:31:4d:1a:b7:33:d6:ac:20:e7:f9:9c:58:40:ec:13:52:
f2:09:d6:64:76:93:ed:f7:17:08:23:d8:bf:09:04:d7:32:0b:
bc:aa:65:80:34:54:91:b2:ef:8b:06:35:b6:e3:43:7b:41:b7:
a9:20:ee:43:63:88:b7:46:58:f6:eb:35:72:54:1d:a2:60:8c:
77:4b:11:df:c0:8b:91:73:4c:1a:02:23:bd:cc:9d:53:ba:25:
e8:14:64:22:22:0b:c2:2d:b5:5b:9a:57:9a:37:c3:73:a5:88:
9b:45:5f:4f
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUULqb5dl2sQoYt3uy9xJ3re7dZCwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMjgzM1oX
DTI3MDUwMTIxMzMzM1owMzExMC8GA1UEAxMoMUE5REI1RUYwMEZGMDUwMzgwMDhB
MzJGOEY3Q0IyMDQwMTVDMjJGQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5p81PGVP6j9XnL9HnwoDtaIWL+ImbMiJvTK2etPOA+8l254+PIkDY48Ky7
BkUkhgxu7/44B2kHNx2V7KGlFvD3kuGvaSqYaMXdYjkv4i6+VmcdwHizSntnl7hr
XPqMzchcwGAiR56GLwhVdNOm2aYXE34oSSHnUdlqsd7SLes0ECPllZV0aTisbRAJ
kpQgrJ+oGUVpKEOwsSwCrcbITqH26SLXAaL7KFJ0bDgXCSc3E6hld+pK8UuyecG4
GoXjfHbaoXsOi6nSp06sAmyMZqMF+92as8emOVd5F9PnYRWsKIXiUl6bnu7OOjlQ
4fgAzq6B3+zp+3qtVpqHfOpalP8CAwEAAaOCAh8wggIbMB0GA1UdDgQWBBQanbXv
AP8FA4AIoy+PfLIEAVwi/DAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBQBggrBgEFBQcBCwREMEIwQAYIKwYBBQUHMAuGNHJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTNDc4Ny5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjB0BggrBgEFBQcBBwEB/wRlMGMwQgQCAAEw
PAMEAmdWmAMEAWdtoAMEAmdtrAMEAmdvyAMEAGdw3gMEA2dxMAMEAGdxSQMEAGdy
rQMEAmekhAMEA8ozGDAdBAIAAjAXAwcAIAEN9M0AAwUAJAM0QAMFACQDNMAwDQYJ
KoZIhvcNAQELBQADggEBAI4KGCyKoR2cR0mEHULF4JpZ2vm9S2wWahQk03QkwQWP
KvU2HD3qJQKjToRWLNGvlJEojp4m70IJ8hyx3XIaGFw4xzeG8bwsOAWpNPYoS1T9
woB3G9jMTcwbZzVSGZokECKYu07LBEkmf7FhjnZV4qD2wTDHffzf5lvQxL/TvFBK
ALG9exTJwi7cBdwCAAgyxKRCMU0atzPWrCDn+ZxYQOwTUvIJ1mR2k+33Fwgj2L8J
BNcyC7yqZYA0VJGy74sGNbbjQ3tBt6kg7kNjiLdGWPbrNXJUHaJgjHdLEd/Ai5Fz
TBoCI73MnVO6JegUZCIiC8IttVuaV5o3w3OliJtFX08=
-----END CERTIFICATE-----
Generated at Sun May 3 00:39:35 2026 by rpki-client