Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS9875.roa
File: AS9875.roa (raw, json)
Hash identifier: xQaUFr/ANHjTWLHS6SCzGdh9+857cHZYQ+jWoyYq+NE=
Subject key identifier: A9:BE:11:90:73:55:12:D6:75:68:C7:05:55:5E:03:28:46:75:AB:D8
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 62B5214BD3C370EC4D74C7B23CD28F7B5C43DF6B
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS9875.roa
Signing time: Sat 02 May 2026 09:22:22 +0000
ROA not before: Sat 02 May 2026 09:17:22 +0000
ROA not after: Sat 01 May 2027 09:22:22 +0000
asID: 9875
IP address blocks: 103.93.224.0/22 maxlen: 24
103.93.228.0/22 maxlen: 24
103.94.96.0/22 maxlen: 24
103.159.228.0/23 maxlen: 24
103.159.230.0/23 maxlen: 24
103.159.232.0/23 maxlen: 24
103.159.234.0/23 maxlen: 24
103.167.142.0/23 maxlen: 24
103.167.148.0/23 maxlen: 24
103.168.106.0/23 maxlen: 24
103.168.108.0/23 maxlen: 24
103.168.110.0/23 maxlen: 24
103.168.112.0/23 maxlen: 24
103.169.111.0/24 maxlen: 24
103.169.112.0/23 maxlen: 24
103.169.118.0/23 maxlen: 24
103.169.120.0/23 maxlen: 24
103.169.122.0/23 maxlen: 24
103.169.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 04 May 2026 03:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:b5:21:4b:d3:c3:70:ec:4d:74:c7:b2:3c:d2:8f:7b:5c:43:df:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: May 2 09:17:22 2026 GMT
Not After : May 1 09:22:22 2027 GMT
Subject: CN=A9BE1190735512D67568C705555E03284675ABD8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f6:ac:2f:fa:6b:cf:03:69:89:76:fa:4f:b4:
2f:07:a2:02:5a:bf:37:b4:d1:7f:1b:c9:f9:bc:a3:
2c:46:f4:05:48:73:dc:b3:1a:60:0b:ee:bd:01:14:
65:4b:5b:bb:93:aa:07:49:c5:8f:dc:f2:f1:e7:9f:
fd:48:10:a1:7a:e0:89:94:6b:cb:ce:be:57:67:27:
b7:5a:aa:b7:a5:1e:2f:2b:b5:4b:71:8d:89:fd:b7:
85:e6:0c:70:4b:47:13:26:22:a6:0b:ee:35:cd:c2:
ee:14:a6:0a:84:64:d7:22:a1:93:74:53:f0:0c:ad:
80:f6:ca:50:79:3c:39:33:70:65:22:e6:14:f7:cd:
22:33:ba:66:e4:b1:75:fc:d1:54:e8:58:fd:30:31:
3d:26:9c:91:e4:50:6d:c3:fe:dd:2b:1a:02:4c:04:
64:79:fa:64:39:bc:bb:34:9b:a1:e1:c1:ff:37:05:
1c:4d:c5:ca:e8:27:7f:a7:f6:b1:d6:00:f0:6e:86:
d3:1e:dc:d1:68:ed:83:e0:e4:ce:0e:47:cb:4f:9d:
6e:30:1d:94:d5:30:1e:06:70:8f:ff:43:cd:12:3a:
fd:e1:80:9d:8c:cb:59:d2:18:55:91:d3:b6:2e:80:
e0:ef:ac:3d:fa:4d:81:32:1b:2f:e4:39:79:c7:f6:
c1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:BE:11:90:73:55:12:D6:75:68:C7:05:55:5E:03:28:46:75:AB:D8
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS9875.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.93.224.0/21
103.94.96.0/22
103.159.228.0-103.159.235.255
103.167.142.0/23
103.167.148.0/23
103.168.106.0-103.168.113.255
103.169.111.0-103.169.113.255
103.169.118.0-103.169.125.255
Signature Algorithm: sha256WithRSAEncryption
2e:42:3e:2a:dc:94:bb:f5:74:3e:e4:2b:f8:96:fe:a3:6f:1b:
b2:55:78:2e:56:c5:54:5c:c8:0c:c5:f7:c1:17:53:ba:cc:8a:
52:81:53:71:7d:45:09:d3:0f:10:34:7c:7b:92:9c:aa:26:32:
8e:71:d8:9c:2b:2f:07:bf:10:58:cd:fa:43:cc:0a:f5:b5:fe:
59:bb:60:5a:cd:73:61:d9:36:97:98:b7:8a:cb:0e:e5:37:97:
4c:9b:4a:90:2b:ef:38:be:87:5e:a3:e8:2a:09:e6:28:a4:b8:
f7:70:c2:fc:e3:9d:ca:fa:ad:4a:2b:6f:a0:ae:af:a1:09:7c:
96:6e:00:e7:76:2e:e9:fd:8d:7f:d5:c5:54:7f:68:7e:31:5c:
54:43:ca:e0:69:3f:1c:11:13:51:77:5d:0f:42:c8:12:81:96:
3c:d6:4f:1c:51:4f:b8:cd:58:a6:e6:d1:ed:0d:64:40:53:cc:
e5:19:ba:89:7d:17:58:04:1d:4c:61:08:79:55:a6:6b:74:f2:
38:c5:8f:a5:a8:9c:63:b0:10:6d:57:e3:79:cc:67:4d:4f:67:
4a:d5:77:e1:2d:90:b2:1e:d4:80:8e:fe:dd:3f:a2:81:bd:ff:
d7:1a:77:81:90:84:5f:c6:ea:6b:92:9e:2a:dc:a7:9f:0b:59:
15:21:8e:c4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIUYrUhS9PDcOxNdMeyPNKPe1xD32swDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTcyMloX
DTI3MDUwMTA5MjIyMlowMzExMC8GA1UEAxMoQTlCRTExOTA3MzU1MTJENjc1NjhD
NzA1NTU1RTAzMjg0Njc1QUJEODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANP2rC/6a88DaYl2+k+0LweiAlq/N7TRfxvJ+byjLEb0BUhz3LMaYAvuvQEU
ZUtbu5OqB0nFj9zy8eef/UgQoXrgiZRry86+V2cnt1qqt6UeLyu1S3GNif23heYM
cEtHEyYipgvuNc3C7hSmCoRk1yKhk3RT8AytgPbKUHk8OTNwZSLmFPfNIjO6ZuSx
dfzRVOhY/TAxPSackeRQbcP+3SsaAkwEZHn6ZDm8uzSboeHB/zcFHE3Fyugnf6f2
sdYA8G6G0x7c0Wjtg+Dkzg5Hy0+dbjAdlNUwHgZwj/9DzRI6/eGAnYzLWdIYVZHT
ti6A4O+sPfpNgTIbL+Q5ecf2wW8CAwEAAaOCAhQwggIQMB0GA1UdDgQWBBSpvhGQ
c1US1nVoxwVVXgMoRnWr2DAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBQBggrBgEFBQcBCwREMEIwQAYIKwYBBQUHMAuGNHJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTOTg3NS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjBpBggrBgEFBQcBBwEB/wRaMFgwVgQCAAEw
UAMEA2dd4AMEAmdeYDAMAwQCZ5/kAwQCZ5/oAwQBZ6eOAwQBZ6eUMAwDBAFnqGoD
BAFnqHAwDAMEAGepbwMEAWepcDAMAwQBZ6l2AwQBZ6l8MA0GCSqGSIb3DQEBCwUA
A4IBAQAuQj4q3JS79XQ+5Cv4lv6jbxuyVXguVsVUXMgMxffBF1O6zIpSgVNxfUUJ
0w8QNHx7kpyqJjKOcdicKy8HvxBYzfpDzAr1tf5Zu2BazXNh2TaXmLeKyw7lN5dM
m0qQK+84vodeo+gqCeYopLj3cML8453K+q1KK2+grq+hCXyWbgDndi7p/Y1/1cVU
f2h+MVxUQ8rgaT8cERNRd10PQsgSgZY81k8cUU+4zVim5tHtDWRAU8zlGbqJfRdY
BB1MYQh5VaZrdPI4xY+lqJxjsBBtV+N5zGdNT2dK1XfhLZCyHtSAjv7dP6KBvf/X
GneBkIRfxuprkp4q3KefC1kVIY7E
-----END CERTIFICATE-----
Generated at Sun May 3 01:40:37 2026 by rpki-client