Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS58389.roa
File: AS58389.roa (raw, json)
Hash identifier: A+mIJ+xCrWH0vjohJWwzeRZGy5NChMvt3rbHlWEn1+s=
Subject key identifier: 1F:59:45:2A:6E:06:7B:21:19:F3:E9:50:F9:95:E7:45:15:AE:AA:77
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 12DB030C55598CC8A07DC37D5BF0EF3DE01FAFA9
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS58389.roa
Signing time: Sat 02 May 2026 21:37:41 +0000
ROA not before: Sat 02 May 2026 21:32:41 +0000
ROA not after: Sat 01 May 2027 21:37:41 +0000
asID: 58389
IP address blocks: 43.240.229.0/24 maxlen: 24
103.11.28.0/24 maxlen: 24
103.11.29.0/24 maxlen: 24
103.11.30.0/24 maxlen: 24
103.11.31.0/24 maxlen: 24
103.143.222.0/23 maxlen: 24
114.198.240.0/21 maxlen: 24
114.198.243.0/24 maxlen: 24
116.68.164.0/24 maxlen: 24
116.68.165.0/24 maxlen: 24
116.68.167.0/24 maxlen: 24
202.47.182.0/24 maxlen: 24
202.47.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 04 May 2026 01:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:db:03:0c:55:59:8c:c8:a0:7d:c3:7d:5b:f0:ef:3d:e0:1f:af:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: May 2 21:32:41 2026 GMT
Not After : May 1 21:37:41 2027 GMT
Subject: CN=1F59452A6E067B2119F3E950F995E74515AEAA77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:06:13:c8:7c:c3:e1:54:37:f9:cb:a1:76:e7:
29:79:46:37:81:79:c6:56:fa:c8:51:bd:7e:66:af:
ef:73:88:32:aa:f7:67:56:78:e4:48:18:b4:99:21:
b8:6c:dc:df:22:fa:c1:12:d1:88:46:44:df:3f:df:
4e:51:ec:e7:11:4b:a4:9e:4b:a1:74:78:33:65:e2:
39:cc:36:55:66:85:db:bc:77:14:0f:98:d8:43:2f:
ba:e0:3f:5e:c0:f8:a8:62:77:3d:3c:4f:d1:be:e0:
ad:d2:01:7e:a1:18:2b:3a:e3:aa:84:08:5c:89:1e:
78:5e:8a:db:72:e2:d2:80:39:b6:86:4b:41:81:10:
35:d5:a1:d9:fd:3d:5f:87:0a:1e:d8:ac:bd:56:aa:
38:e3:71:3e:b3:b0:31:c9:33:13:b5:1c:0d:40:50:
70:f0:d0:4c:13:41:70:10:b9:64:3b:6c:e2:7b:03:
f8:d4:6e:ab:84:52:a3:b6:1b:eb:49:f2:ad:5e:af:
f9:e6:99:8f:15:cf:7f:d9:ff:db:46:69:96:67:de:
e7:18:cd:9f:71:42:9e:69:48:2e:69:db:a1:62:4b:
60:a3:0d:96:7b:fc:da:e1:df:61:1e:53:f1:45:d0:
a6:90:9c:43:23:3a:5c:1c:50:2f:1a:6f:04:5d:94:
94:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:59:45:2A:6E:06:7B:21:19:F3:E9:50:F9:95:E7:45:15:AE:AA:77
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS58389.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.229.0/24
103.11.28.0/22
103.143.222.0/23
114.198.240.0/21
116.68.164.0/23
116.68.167.0/24
202.47.182.0/23
Signature Algorithm: sha256WithRSAEncryption
55:16:d8:63:14:d1:ea:98:24:f5:18:41:7f:17:15:bc:d1:1a:
5f:36:e2:94:ad:70:51:22:fd:88:23:3d:b1:b7:90:1d:fa:2a:
ed:fc:4e:d8:1e:77:ee:fe:19:64:73:3a:03:e7:1d:cd:92:38:
fc:8d:1f:53:89:64:01:1f:20:86:e8:aa:1a:82:4e:53:6a:1c:
98:16:c4:bd:97:36:2b:a7:06:e7:82:f6:22:b2:b3:a1:aa:42:
34:1b:7d:2c:ca:29:ee:95:d1:38:67:df:cd:74:27:9e:39:3a:
8e:40:2f:0f:43:44:9a:86:fc:01:83:d6:70:a9:a6:ab:82:d8:
04:a9:01:bf:2b:61:59:6a:12:92:0c:3c:c0:10:d9:67:6d:6e:
03:b1:2b:29:d9:2d:36:64:88:60:38:c1:d3:1c:78:53:72:bf:
c6:9e:6c:f5:59:be:6f:15:5d:42:18:58:b5:8f:c9:7f:09:46:
1e:5d:37:32:0d:58:a2:b1:d8:37:fd:f4:7a:a1:98:f8:75:5b:
b5:e0:35:74:81:fd:69:c5:ff:61:86:fe:89:8c:83:8d:48:f1:
25:c9:5e:26:b9:51:9e:52:14:a4:f1:a3:df:91:47:9e:f5:1f:
5d:69:8d:f7:b7:dc:07:90:7d:d7:1a:4c:05:32:47:6f:dc:50:
d5:1e:07:91
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUEtsDDFVZjMigfcN9W/DvPeAfr6kwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMzI0MVoX
DTI3MDUwMTIxMzc0MVowMzExMC8GA1UEAxMoMUY1OTQ1MkE2RTA2N0IyMTE5RjNF
OTUwRjk5NUU3NDUxNUFFQUE3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkGE8h8w+FUN/nLoXbnKXlGN4F5xlb6yFG9fmav73OIMqr3Z1Z45EgYtJkh
uGzc3yL6wRLRiEZE3z/fTlHs5xFLpJ5LoXR4M2XiOcw2VWaF27x3FA+Y2EMvuuA/
XsD4qGJ3PTxP0b7grdIBfqEYKzrjqoQIXIkeeF6K23Li0oA5toZLQYEQNdWh2f09
X4cKHtisvVaqOONxPrOwMckzE7UcDUBQcPDQTBNBcBC5ZDts4nsD+NRuq4RSo7Yb
60nyrV6v+eaZjxXPf9n/20Zplmfe5xjNn3FCnmlILmnboWJLYKMNlnv82uHfYR5T
8UXQppCcQyM6XBxQLxpvBF2UlM0CAwEAAaOCAe8wggHrMB0GA1UdDgQWBBQfWUUq
bgZ7IRnz6VD5ledFFa6qdzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTNTgzODkucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgAB
MCoDBAAr8OUDBAJnCxwDBAFnj94DBANyxvADBAF0RKQDBAB0RKcDBAHKL7YwDQYJ
KoZIhvcNAQELBQADggEBAFUW2GMU0eqYJPUYQX8XFbzRGl824pStcFEi/YgjPbG3
kB36Ku38Ttged+7+GWRzOgPnHc2SOPyNH1OJZAEfIIboqhqCTlNqHJgWxL2XNiun
BueC9iKys6GqQjQbfSzKKe6V0Thn3810J545Oo5ALw9DRJqG/AGD1nCppquC2ASp
Ab8rYVlqEpIMPMAQ2WdtbgOxKynZLTZkiGA4wdMceFNyv8aebPVZvm8VXUIYWLWP
yX8JRh5dNzINWKKx2Df99HqhmPh1W7XgNXSB/WnF/2GG/omMg41I8SXJXia5UZ5S
FKTxo9+RR571H11pjfe33AeQfdcaTAUyR2/cUNUeB5E=
-----END CERTIFICATE-----
Generated at Sun May 3 00:42:10 2026 by rpki-client