Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24212.roa
File: AS24212.roa (raw, json)
Hash identifier: bsx5Ay963LqNIh4ApRogP2EhcBsTIvuWJC9bXbEgzXs=
Subject key identifier: F8:12:27:86:F5:FA:55:F7:E7:2A:B9:29:2D:09:F9:30:6D:56:30:F5
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 4F77CAD8ADF14B92F4382B5CB3975415656DA8A5
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24212.roa
Signing time: Mon 27 Oct 2025 03:37:32 +0000
ROA not before: Mon 27 Oct 2025 03:32:32 +0000
ROA not after: Mon 26 Oct 2026 03:37:32 +0000
asID: 24212
IP address blocks: 202.146.128.0/24 maxlen: 24
202.146.129.0/24 maxlen: 24
202.146.130.0/24 maxlen: 24
202.146.131.0/24 maxlen: 24
202.146.132.0/24 maxlen: 24
202.146.133.0/24 maxlen: 24
202.146.134.0/24 maxlen: 24
202.146.135.0/24 maxlen: 24
202.146.136.0/24 maxlen: 24
202.146.137.0/24 maxlen: 24
202.146.138.0/24 maxlen: 24
202.146.139.0/24 maxlen: 24
202.146.140.0/24 maxlen: 24
202.146.141.0/24 maxlen: 24
202.146.142.0/24 maxlen: 24
202.146.143.0/24 maxlen: 24
202.146.144.0/24 maxlen: 24
202.146.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Nov 2025 00:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:77:ca:d8:ad:f1:4b:92:f4:38:2b:5c:b3:97:54:15:65:6d:a8:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Oct 27 03:32:32 2025 GMT
Not After : Oct 26 03:37:32 2026 GMT
Subject: CN=F8122786F5FA55F7E72AB9292D09F9306D5630F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3c:09:80:89:ba:69:41:60:6f:ef:af:4b:6c:
f9:00:22:76:e6:97:7d:67:4b:32:39:c5:03:fd:04:
a9:af:30:75:3f:2c:df:d0:ee:a8:76:c4:63:aa:93:
68:80:05:18:dc:6f:7f:ed:33:8a:6b:4d:0f:65:d4:
e9:7f:8b:94:b1:30:40:7e:95:c8:72:bd:05:39:52:
b1:30:ba:6f:40:5f:47:b0:be:f1:02:14:36:6d:7f:
b1:6c:b6:20:f1:db:43:94:02:26:b5:33:6f:6f:d0:
26:17:59:13:c0:da:2e:a8:3a:aa:11:27:57:e2:a4:
85:c6:72:3a:0b:5d:74:f1:7b:4e:5f:8c:6d:d9:50:
db:21:07:42:53:aa:f7:4b:35:44:57:78:c5:45:b8:
6e:ff:97:ed:24:f6:3f:f0:a5:36:9b:94:82:36:70:
78:4e:38:a6:71:2f:3b:04:ec:a1:8e:0a:5c:d5:92:
ee:86:7e:a7:5c:2c:af:88:7b:54:39:ef:d2:02:9d:
1a:2e:d6:81:9e:2f:07:7b:75:94:60:f4:a1:dd:e3:
11:e1:ad:63:61:c2:fd:1c:4d:f8:41:f3:02:d4:76:
f6:a3:5b:a9:1b:22:3d:e8:7e:be:b0:c8:84:a1:96:
04:a9:79:f3:d1:42:02:ca:2b:67:7e:06:78:e5:59:
8e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:12:27:86:F5:FA:55:F7:E7:2A:B9:29:2D:09:F9:30:6D:56:30:F5
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24212.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.146.128.0-202.146.145.255
Signature Algorithm: sha256WithRSAEncryption
8a:76:ac:ae:eb:e9:00:49:fc:a5:7a:35:e5:a4:9d:f0:b5:88:
15:32:71:57:04:26:4f:83:ef:36:7f:54:ec:5b:8a:5f:29:f9:
c5:45:81:8c:0a:3b:76:97:6a:86:f7:68:ef:3a:2a:4e:9f:40:
72:58:74:51:4f:a0:19:66:25:81:8f:8b:33:08:39:de:31:4f:
44:6f:56:43:43:8d:0a:7b:6a:e8:e6:86:0d:47:de:15:ee:93:
0d:b8:50:d3:15:60:c2:7c:11:de:72:bc:20:a6:6b:af:7a:40:
ed:b7:19:32:de:f8:e2:26:68:d3:be:c8:f2:93:57:52:30:84:
f9:b1:36:36:50:58:78:1b:5f:6f:d6:a6:91:d7:8a:45:67:25:
c9:7a:bd:79:e3:19:ad:f2:46:46:75:d8:d2:73:7d:72:fa:ac:
f5:bf:ab:d4:89:17:99:96:d7:3b:07:07:00:1d:2b:b0:65:86:
60:06:c1:c7:8d:c5:0b:1b:6e:3c:aa:46:e8:78:13:a0:b5:75:
2c:d1:f6:8a:b1:e9:cc:50:d3:04:cc:8d:8d:b3:0e:a7:18:87:
1f:ec:b2:06:93:e4:df:e9:51:d9:63:1a:54:00:97:78:11:81:
fb:a2:7b:69:7d:6c:ec:fc:96:cb:01:98:8c:c7:f4:1c:77:7c:
6c:fc:a4:4b
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUT3fK2K3xS5L0OCtcs5dUFWVtqKUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTAyNzAzMzIzMloX
DTI2MTAyNjAzMzczMlowMzExMC8GA1UEAxMoRjgxMjI3ODZGNUZBNTVGN0U3MkFC
OTI5MkQwOUY5MzA2RDU2MzBGNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANM8CYCJumlBYG/vr0ts+QAiduaXfWdLMjnFA/0Eqa8wdT8s39DuqHbEY6qT
aIAFGNxvf+0zimtND2XU6X+LlLEwQH6VyHK9BTlSsTC6b0BfR7C+8QIUNm1/sWy2
IPHbQ5QCJrUzb2/QJhdZE8DaLqg6qhEnV+KkhcZyOgtddPF7Tl+MbdlQ2yEHQlOq
90s1RFd4xUW4bv+X7ST2P/ClNpuUgjZweE44pnEvOwTsoY4KXNWS7oZ+p1wsr4h7
VDnv0gKdGi7WgZ4vB3t1lGD0od3jEeGtY2HC/RxN+EHzAtR29qNbqRsiPeh+vrDI
hKGWBKl589FCAsorZ34GeOVZjm0CAwEAAaOCAdcwggHTMB0GA1UdDgQWBBT4EieG
9fpV9+cquSktCfkwbVYw9TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzI0MjEyLnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAU
BAIAATAOMAwDBAfKkoADBAHKkpAwDQYJKoZIhvcNAQELBQADggEBAIp2rK7r6QBJ
/KV6NeWknfC1iBUycVcEJk+D7zZ/VOxbil8p+cVFgYwKO3aXaob3aO86Kk6fQHJY
dFFPoBlmJYGPizMIOd4xT0RvVkNDjQp7aujmhg1H3hXukw24UNMVYMJ8Ed5yvCCm
a696QO23GTLe+OImaNO+yPKTV1IwhPmxNjZQWHgbX2/WppHXikVnJcl6vXnjGa3y
RkZ12NJzfXL6rPW/q9SJF5mW1zsHBwAdK7BlhmAGwceNxQsbbjyqRuh4E6C1dSzR
9oqx6cxQ0wTMjY2zDqcYhx/ssgaT5N/pUdljGlQAl3gRgfuie2l9bOz8lssBmIzH
9Bx3fGz8pEs=
-----END CERTIFICATE-----
Generated at Mon Nov 3 19:31:42 2025 by rpki-client