Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4787.roa
File: AS4787.roa (raw, json)
Hash identifier: wlkT7GgLpCf35tO8i2yk7Ozy4FM73+grklzwHOEJfH0=
Subject key identifier: 63:F9:79:40:E2:E9:77:1F:73:30:20:E2:D4:C5:69:EE:B3:09:3D:E8
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 3CF1DED435770747D78D91E5FF0FDBB5B5B9F11E
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4787.roa
Signing time: Fri 06 Feb 2026 08:00:55 +0000
ROA not before: Fri 06 Feb 2026 07:55:55 +0000
ROA not after: Fri 05 Feb 2027 08:00:55 +0000
asID: 4787
IP address blocks: 103.86.152.0/22 maxlen: 24
103.109.160.0/23 maxlen: 24
103.109.172.0/22 maxlen: 24
103.111.200.0/22 maxlen: 24
103.112.222.0/24 maxlen: 24
103.113.48.0/22 maxlen: 24
103.113.52.0/22 maxlen: 24
103.113.73.0/24 maxlen: 24
103.114.173.0/24 maxlen: 24
103.164.132.0/23 maxlen: 24
103.164.134.0/23 maxlen: 24
202.51.24.0/21 maxlen: 24
2001:df4:cd00::/48 maxlen: 48
2403:3440::/32 maxlen: 48
2403:34c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 05 Mar 2026 02:17:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:f1:de:d4:35:77:07:47:d7:8d:91:e5:ff:0f:db:b5:b5:b9:f1:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Feb 6 07:55:55 2026 GMT
Not After : Feb 5 08:00:55 2027 GMT
Subject: CN=63F97940E2E9771F733020E2D4C569EEB3093DE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9b:52:15:b1:49:d2:65:cd:87:64:10:97:4f:
da:9a:58:18:93:aa:ae:b5:92:e7:5d:3f:45:4e:b1:
c2:c5:23:0b:dd:32:17:87:70:8a:74:a9:a2:c1:b7:
10:ad:f4:97:2a:9b:68:66:86:f7:b2:db:a3:a6:43:
1d:05:a7:35:d6:14:3d:ca:6f:bd:d5:3d:7f:ff:cb:
0b:29:c7:bf:89:dc:38:7a:79:8e:6c:19:9d:a6:15:
47:a3:ad:0f:2b:b2:76:fd:6b:f9:63:13:b7:b7:4e:
80:3b:71:b1:5b:05:68:62:58:64:7e:cf:8e:54:3c:
e9:cd:92:54:34:a4:a2:d7:41:6d:f4:72:ef:fe:35:
52:be:fd:00:ad:a5:ef:31:89:df:78:84:19:60:33:
a6:87:7b:4b:5a:30:4f:ee:41:88:36:7c:6e:a4:a9:
5d:68:18:32:e0:e3:32:de:04:a2:d1:84:a7:71:73:
2a:0f:2c:4f:57:a0:c7:03:a1:39:73:1f:88:3e:0d:
7b:d8:5a:31:ac:a1:1f:21:97:a0:b3:b6:90:77:c2:
4b:b5:a5:14:d0:08:94:b9:51:26:10:f9:88:7f:2e:
21:3a:80:89:5a:22:21:05:89:2c:c2:da:4f:39:01:
8f:64:2d:5d:72:98:e4:13:9d:0e:c4:6c:3d:bc:dc:
1e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:F9:79:40:E2:E9:77:1F:73:30:20:E2:D4:C5:69:EE:B3:09:3D:E8
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4787.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.86.152.0/22
103.109.160.0/23
103.109.172.0/22
103.111.200.0/22
103.112.222.0/24
103.113.48.0/21
103.113.73.0/24
103.114.173.0/24
103.164.132.0/22
202.51.24.0/21
IPv6:
2001:df4:cd00::/48
2403:3440::/32
2403:34c0::/32
Signature Algorithm: sha256WithRSAEncryption
29:ad:b2:01:f4:b1:a5:f2:29:05:29:fd:ce:3b:03:19:50:9c:
3d:c4:a2:12:80:4d:a0:c8:16:39:36:91:5e:b1:f7:ca:d9:08:
09:d9:68:49:b1:62:7c:ef:d9:d2:2a:1d:eb:16:12:5c:b8:14:
a8:b9:da:fc:44:5c:58:df:a9:9c:50:79:45:5f:52:37:da:f2:
c0:da:df:c1:b2:f6:5a:b7:d1:39:36:31:c3:55:d0:0a:ce:75:
f0:2f:d4:ec:c1:03:4c:e4:7a:39:f3:e2:5e:77:78:cd:47:ce:
16:16:f8:07:9b:84:a5:11:ba:20:be:19:58:ae:bb:26:03:0d:
65:b4:ec:55:0e:43:24:8a:b4:34:03:49:68:8c:06:70:09:0d:
df:55:8f:b0:aa:6a:7c:8f:07:a0:ce:af:c8:ed:6d:fd:6e:98:
a8:46:ad:02:68:c2:1b:b2:e1:0b:d2:c9:e1:1f:b0:00:4e:15:
6b:fe:ad:66:7c:c8:58:a0:27:3b:26:d2:5e:fa:00:c8:bf:41:
16:f8:ad:a6:43:7e:44:51:c2:96:6d:34:3f:0e:ae:5d:ee:34:
e1:0c:6f:7b:39:da:6e:46:f7:7d:4a:6d:21:96:a8:c5:97:61:
b7:81:54:d6:7f:31:44:0a:35:7d:22:4b:b4:e7:34:bf:cc:a0:
e8:18:62:f7
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUPPHe1DV3B0fXjZHl/w/btbW58R4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDIwNjA3NTU1NVoX
DTI3MDIwNTA4MDA1NVowMzExMC8GA1UEAxMoNjNGOTc5NDBFMkU5NzcxRjczMzAy
MEUyRDRDNTY5RUVCMzA5M0RFODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2bUhWxSdJlzYdkEJdP2ppYGJOqrrWS510/RU6xwsUjC90yF4dwinSposG3
EK30lyqbaGaG97Lbo6ZDHQWnNdYUPcpvvdU9f//LCynHv4ncOHp5jmwZnaYVR6Ot
Dyuydv1r+WMTt7dOgDtxsVsFaGJYZH7PjlQ86c2SVDSkotdBbfRy7/41Ur79AK2l
7zGJ33iEGWAzpod7S1owT+5BiDZ8bqSpXWgYMuDjMt4EotGEp3FzKg8sT1egxwOh
OXMfiD4Ne9haMayhHyGXoLO2kHfCS7WlFNAIlLlRJhD5iH8uITqAiVoiIQWJLMLa
TzkBj2QtXXKY5BOdDsRsPbzcHpMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRj+XlA
4ul3H3MwIOLUxWnuswk96DAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzQ3ODcucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwdAYIKwYBBQUHAQcBAf8EZTBjMEIE
AgABMDwDBAJnVpgDBAFnbaADBAJnbawDBAJnb8gDBABncN4DBANncTADBABncUkD
BABncq0DBAJnpIQDBAPKMxgwHQQCAAIwFwMHACABDfTNAAMFACQDNEADBQAkAzTA
MA0GCSqGSIb3DQEBCwUAA4IBAQAprbIB9LGl8ikFKf3OOwMZUJw9xKISgE2gyBY5
NpFesffK2QgJ2WhJsWJ879nSKh3rFhJcuBSoudr8RFxY36mcUHlFX1I32vLA2t/B
svZat9E5NjHDVdAKznXwL9TswQNM5Ho58+Jed3jNR84WFvgHm4SlEbogvhlYrrsm
Aw1ltOxVDkMkirQ0A0lojAZwCQ3fVY+wqmp8jwegzq/I7W39bpioRq0CaMIbsuEL
0snhH7AAThVr/q1mfMhYoCc7JtJe+gDIv0EW+K2mQ35EUcKWbTQ/Dq5d7jThDG97
OdpuRvd9Sm0hlqjFl2G3gVTWfzFECjV9Iku05zS/zKDoGGL3
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:01:51 2026 by rpki-client