Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: zXweyglX4XJp/7XntrEFAE0phd3PZ3Yj/cdyrGtkhzk=
Subject key identifier: D6:3A:69:40:B3:72:8D:A2:0D:35:D2:46:F5:34:13:67:16:B6:A9:9A
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 160DAC9D25C52F75BB1BB5889F9F90D3084A905D
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa
Signing time: Mon 06 Apr 2026 04:55:45 +0000
ROA not before: Mon 06 Apr 2026 04:50:45 +0000
ROA not after: Mon 05 Apr 2027 04:55:45 +0000
asID: 0
IP address blocks: 157.10.212.0/23 maxlen: 24
157.15.68.0/24 maxlen: 24
157.15.170.0/23 maxlen: 24
157.20.120.0/23 maxlen: 24
157.20.167.0/24 maxlen: 24
157.20.232.0/24 maxlen: 24
157.66.34.0/23 maxlen: 24
157.66.54.0/23 maxlen: 24
157.66.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 20 Apr 2026 18:51:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:0d:ac:9d:25:c5:2f:75:bb:1b:b5:88:9f:9f:90:d3:08:4a:90:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Validity
Not Before: Apr 6 04:50:45 2026 GMT
Not After : Apr 5 04:55:45 2027 GMT
Subject: CN=D63A6940B3728DA20D35D246F534136716B6A99A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4c:4b:e2:e2:f0:b7:e4:3d:87:1a:f5:c1:9e:
32:a8:17:1e:92:fa:bf:6b:de:7a:09:dc:8f:14:8f:
e5:e4:aa:74:a8:00:a1:4b:e1:e3:f1:2b:be:cd:45:
cb:4a:99:38:28:e0:11:ce:d0:a0:f0:99:78:45:39:
63:e7:5b:80:f5:f3:15:65:03:24:a4:5e:64:92:c2:
b2:9d:5b:11:d4:bb:7a:25:ee:69:39:00:1f:af:f9:
df:b0:8b:28:1b:24:ef:7b:fa:3c:79:f7:80:7f:b7:
c6:11:40:f2:f0:8c:b9:79:bc:a5:79:3f:98:28:0e:
9d:77:8b:3c:52:74:dc:7b:98:5b:4e:32:bc:95:c5:
c2:ef:fe:1d:1c:9e:9a:a9:4c:7b:95:c6:80:d8:f1:
e4:53:8c:80:2a:96:22:33:77:18:82:8f:a2:92:bd:
68:c5:f7:b8:90:1e:77:7b:6a:f0:a7:c8:b6:2f:19:
c0:c3:5f:b2:59:ac:83:c9:af:4f:df:f6:97:47:e1:
9c:32:b3:b8:0d:3f:47:e4:de:9f:8c:28:1f:dd:73:
51:db:f7:af:2b:f4:0c:d9:ee:7a:36:55:63:4e:65:
76:d6:02:1f:c1:46:5a:57:60:ae:ef:62:e3:b5:d7:
bf:27:3a:4f:d0:e9:d0:08:b1:7e:fb:1e:55:9b:7c:
b9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:3A:69:40:B3:72:8D:A2:0D:35:D2:46:F5:34:13:67:16:B6:A9:9A
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.10.212.0/23
157.15.68.0/24
157.15.170.0/23
157.20.120.0/23
157.20.167.0/24
157.20.232.0/24
157.66.34.0/23
157.66.54.0/23
157.66.126.0/23
Signature Algorithm: sha256WithRSAEncryption
43:f1:b7:a4:6e:f8:5e:5d:fb:3c:30:43:2c:4c:20:cb:4c:99:
b4:41:5f:9f:08:04:e7:68:ef:02:58:9c:4f:6a:c8:bc:09:40:
4d:dc:51:b6:03:0f:76:de:26:1c:ae:80:d0:c7:b2:48:28:59:
d0:fb:9a:94:7d:18:0b:c3:93:69:97:81:49:ad:f9:2c:f5:be:
7d:eb:cc:a2:98:4b:00:c4:d4:d0:cc:f5:e1:8d:da:76:d1:70:
ff:a5:2e:45:f6:db:27:9b:b8:22:55:02:d2:f1:f3:12:a3:83:
3c:fe:f9:15:5a:6d:7f:3c:13:b4:31:ae:d4:2d:fd:9f:81:ee:
e6:5d:5e:8f:62:3a:c5:e5:8c:98:74:5a:24:c8:50:cb:92:11:
45:29:d0:83:b3:8b:6f:70:2a:ac:4a:8f:30:d7:7f:f5:25:d2:
7a:ca:12:6a:40:d3:82:3d:53:db:fa:bd:b9:26:ad:74:1d:3a:
53:18:82:c9:ee:23:d3:04:24:e3:cd:1a:98:ac:5a:8a:50:fd:
64:a5:82:36:00:b7:18:27:d4:ec:81:17:eb:72:6a:d5:b4:72:
ef:9a:8c:0d:94:6f:c0:f1:4b:f0:a1:ba:35:81:7a:85:ea:b8:
57:5e:dd:f9:77:01:39:b3:e0:e4:a7:8b:da:86:71:c0:9a:d2:
92:6f:ed:63
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIUFg2snSXFL3W7G7WIn5+Q0whKkF0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDQwNjA0NTA0NVoX
DTI3MDQwNTA0NTU0NVowMzExMC8GA1UEAxMoRDYzQTY5NDBCMzcyOERBMjBEMzVE
MjQ2RjUzNDEzNjcxNkI2QTk5QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5MS+Li8LfkPYca9cGeMqgXHpL6v2veegncjxSP5eSqdKgAoUvh4/Ervs1F
y0qZOCjgEc7QoPCZeEU5Y+dbgPXzFWUDJKReZJLCsp1bEdS7eiXuaTkAH6/537CL
KBsk73v6PHn3gH+3xhFA8vCMuXm8pXk/mCgOnXeLPFJ03HuYW04yvJXFwu/+HRye
mqlMe5XGgNjx5FOMgCqWIjN3GIKPopK9aMX3uJAed3tq8KfIti8ZwMNfslmsg8mv
T9/2l0fhnDKzuA0/R+Ten4woH91zUdv3ryv0DNnuejZVY05ldtYCH8FGWldgru9i
47XXvyc6T9Dp0AixfvseVZt8ucMCAwEAAaOCAfswggH3MB0GA1UdDgQWBBTWOmlA
s3KNog010kb1NBNnFrapmjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzAucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgAB
MDYDBAGdCtQDBACdD0QDBAGdD6oDBAGdFHgDBACdFKcDBACdFOgDBAGdQiIDBAGd
QjYDBAGdQn4wDQYJKoZIhvcNAQELBQADggEBAEPxt6Ru+F5d+zwwQyxMIMtMmbRB
X58IBOdo7wJYnE9qyLwJQE3cUbYDD3beJhyugNDHskgoWdD7mpR9GAvDk2mXgUmt
+Sz1vn3rzKKYSwDE1NDM9eGN2nbRcP+lLkX22yebuCJVAtLx8xKjgzz++RVabX88
E7QxrtQt/Z+B7uZdXo9iOsXljJh0WiTIUMuSEUUp0IOzi29wKqxKjzDXf/Ul0nrK
EmpA04I9U9v6vbkmrXQdOlMYgsnuI9MEJOPNGpisWopQ/WSlgjYAtxgn1OyBF+ty
atW0cu+ajA2Ub8DxS/ChujWBeoXquFde3fl3ATmz4OSni9qGccCa0pJv7WM=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:33:52 2026 by rpki-client