Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: K70ttH4X3lmrADQkzDL3sttG76XKRZ5SGIlvemWLA9g=
Subject key identifier: 7F:A2:9E:35:2F:4A:92:7E:40:BC:15:6C:BE:42:CD:2E:4A:33:A0:73
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 3115F9CFAB42AE87F795E059199FAE713655CA1E
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa
Signing time: Tue 13 Jan 2026 06:38:58 +0000
ROA not before: Tue 13 Jan 2026 06:33:58 +0000
ROA not after: Tue 12 Jan 2027 06:38:58 +0000
asID: 0
IP address blocks: 157.10.212.0/23 maxlen: 24
157.15.68.0/24 maxlen: 24
157.15.170.0/23 maxlen: 24
157.20.120.0/23 maxlen: 24
157.20.167.0/24 maxlen: 24
157.20.232.0/24 maxlen: 24
157.66.34.0/23 maxlen: 24
157.66.54.0/23 maxlen: 24
157.66.82.0/23 maxlen: 24
157.66.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 05 Mar 2026 09:03:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:15:f9:cf:ab:42:ae:87:f7:95:e0:59:19:9f:ae:71:36:55:ca:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Validity
Not Before: Jan 13 06:33:58 2026 GMT
Not After : Jan 12 06:38:58 2027 GMT
Subject: CN=7FA29E352F4A927E40BC156CBE42CD2E4A33A073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:99:0c:dc:aa:41:a7:91:1a:f7:af:22:e7:9f:
c1:53:6f:15:ad:a7:cf:e9:b1:84:33:f2:2b:79:76:
5f:2e:62:aa:4b:00:dc:00:33:38:b3:40:cf:90:aa:
7b:1d:7f:b0:01:0e:45:44:37:3e:7f:bb:44:d2:0e:
5c:7e:0e:10:17:8e:fc:4f:d3:6d:a4:1c:66:74:7b:
f6:78:86:d3:21:14:79:71:62:1c:ba:9e:a9:62:89:
95:bf:de:ec:05:0b:7a:7a:e1:5c:ef:e6:dc:65:af:
90:f0:07:7f:81:a1:0c:80:40:6e:02:bd:70:e2:26:
44:12:29:c4:d5:33:b4:fb:e7:7d:80:d5:a2:c0:11:
88:9e:b6:a0:3b:2b:90:ea:8f:17:e2:03:bd:aa:76:
88:c0:79:a9:fd:33:21:99:ad:c9:8d:de:94:bc:07:
3d:69:78:27:67:ca:aa:56:05:9c:35:36:b5:87:76:
ac:70:eb:e3:e9:86:f1:4b:82:2d:87:71:39:04:ba:
08:8f:ba:fe:3f:f5:54:2d:72:c8:30:db:56:57:26:
2b:30:23:81:4a:bc:c3:75:5e:df:bf:9f:e9:c7:a2:
30:0a:55:13:9d:a6:d5:be:78:c9:57:dd:cc:a4:66:
a3:4e:93:42:0b:07:a7:14:38:7d:f6:9c:7e:14:b6:
1d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A2:9E:35:2F:4A:92:7E:40:BC:15:6C:BE:42:CD:2E:4A:33:A0:73
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.10.212.0/23
157.15.68.0/24
157.15.170.0/23
157.20.120.0/23
157.20.167.0/24
157.20.232.0/24
157.66.34.0/23
157.66.54.0/23
157.66.82.0/23
157.66.126.0/23
Signature Algorithm: sha256WithRSAEncryption
32:69:9d:bf:8e:c9:cf:1f:5d:f4:4b:14:8c:80:7d:cf:e6:48:
ed:cc:90:fe:6b:16:b6:1e:51:ae:41:a1:32:9d:25:cc:9c:f1:
57:b5:44:a8:3c:e5:ed:5b:82:8e:5d:37:b7:e5:85:ba:bc:cd:
35:69:be:c3:53:4f:5c:e2:e8:d0:d1:5e:d6:5e:92:a4:f7:ab:
00:ef:52:a7:e5:82:ac:7f:37:ad:57:2c:66:ac:ad:a5:25:3f:
46:28:03:c9:f8:7e:3a:a2:a5:ac:de:8c:1a:17:fe:d5:09:d4:
f0:b0:4a:c5:8a:8d:99:bd:6b:a8:c9:ee:52:65:c7:3f:9c:09:
72:cf:b3:d9:7d:1a:26:d6:9a:3d:d6:88:58:39:58:89:b0:05:
93:f5:3d:2f:07:d1:50:2e:23:3b:12:6b:bc:21:83:a0:a9:90:
1e:68:b9:6a:eb:7c:bc:55:58:bd:f8:4d:d7:04:52:9a:21:8c:
9b:ca:45:a6:51:02:9f:f5:92:1c:b8:12:15:f6:59:64:3a:57:
1f:7d:c0:e0:5d:1b:a4:de:c5:40:ed:7e:a7:7c:ca:b5:a7:d9:
f4:41:d7:73:ef:ef:c9:22:10:ee:37:22:82:33:56:20:bc:78:
20:d9:13:31:f5:f4:87:77:fc:5c:36:4b:d0:60:b3:60:e7:a1:
c5:2c:80:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIUMRX5z6tCrof3leBZGZ+ucTZVyh4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDExMzA2MzM1OFoX
DTI3MDExMjA2Mzg1OFowMzExMC8GA1UEAxMoN0ZBMjlFMzUyRjRBOTI3RTQwQkMx
NTZDQkU0MkNEMkU0QTMzQTA3MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKZDNyqQaeRGvevIuefwVNvFa2nz+mxhDPyK3l2Xy5iqksA3AAzOLNAz5Cq
ex1/sAEORUQ3Pn+7RNIOXH4OEBeO/E/TbaQcZnR79niG0yEUeXFiHLqeqWKJlb/e
7AULenrhXO/m3GWvkPAHf4GhDIBAbgK9cOImRBIpxNUztPvnfYDVosARiJ62oDsr
kOqPF+IDvap2iMB5qf0zIZmtyY3elLwHPWl4J2fKqlYFnDU2tYd2rHDr4+mG8UuC
LYdxOQS6CI+6/j/1VC1yyDDbVlcmKzAjgUq8w3Ve37+f6ceiMApVE52m1b54yVfd
zKRmo06TQgsHpxQ4ffacfhS2HakCAwEAAaOCAgEwggH9MB0GA1UdDgQWBBR/op41
L0qSfkC8FWy+Qs0uSjOgczAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzAucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgAB
MDwDBAGdCtQDBACdD0QDBAGdD6oDBAGdFHgDBACdFKcDBACdFOgDBAGdQiIDBAGd
QjYDBAGdQlIDBAGdQn4wDQYJKoZIhvcNAQELBQADggEBADJpnb+Oyc8fXfRLFIyA
fc/mSO3MkP5rFrYeUa5BoTKdJcyc8Ve1RKg85e1bgo5dN7flhbq8zTVpvsNTT1zi
6NDRXtZekqT3qwDvUqflgqx/N61XLGasraUlP0YoA8n4fjqipazejBoX/tUJ1PCw
SsWKjZm9a6jJ7lJlxz+cCXLPs9l9GibWmj3WiFg5WImwBZP1PS8H0VAuIzsSa7wh
g6CpkB5ouWrrfLxVWL34TdcEUpohjJvKRaZRAp/1khy4EhX2WWQ6Vx99wOBdG6Te
xUDtfqd8yrWn2fRB13Pv78kiEO43IoIzViC8eCDZEzH19Id3/Fw2S9Bgs2DnocUs
gLo=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:48:47 2026 by rpki-client