Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4787.roa
File: AS4787.roa (raw, json)
Hash identifier: vjIQ8BW8CSDzq7QH0QMWzlTLk501f3PdtJqEzUUxvL0=
Subject key identifier: D1:40:CB:6A:2C:32:57:7F:5B:B2:F8:8B:2A:C1:A1:48:17:B5:10:22
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 0525E584529E9459A4D0C8E49D6E7B73CCEACED8
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4787.roa
Signing time: Tue 27 May 2025 02:10:17 +0000
ROA not before: Tue 27 May 2025 02:05:17 +0000
ROA not after: Tue 26 May 2026 02:10:17 +0000
asID: 4787
IP address blocks: 103.86.152.0/22 maxlen: 24
103.109.160.0/23 maxlen: 24
103.109.172.0/22 maxlen: 24
103.111.200.0/22 maxlen: 24
103.112.222.0/24 maxlen: 24
103.113.48.0/22 maxlen: 24
103.113.73.0/24 maxlen: 24
103.114.173.0/24 maxlen: 24
103.164.132.0/23 maxlen: 24
103.164.134.0/23 maxlen: 24
202.51.24.0/21 maxlen: 24
2001:df4:cd00::/48 maxlen: 48
2403:3440::/32 maxlen: 48
2403:34c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 18 Jun 2025 11:39:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:25:e5:84:52:9e:94:59:a4:d0:c8:e4:9d:6e:7b:73:cc:ea:ce:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: May 27 02:05:17 2025 GMT
Not After : May 26 02:10:17 2026 GMT
Subject: CN=D140CB6A2C32577F5BB2F88B2AC1A14817B51022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:20:49:9b:2b:68:96:57:e4:f8:d7:ed:bb:66:
6f:e9:89:4d:be:27:9f:2b:e9:28:7c:ed:b8:bc:51:
ba:fc:73:17:45:70:c4:b4:89:10:a3:30:79:46:15:
30:ea:43:82:f7:b2:0e:b3:88:fd:37:11:09:b9:20:
10:9c:59:77:4a:02:3c:74:f1:8b:d1:9c:c5:6a:87:
f4:cd:76:39:c4:f1:ef:ad:31:d5:9a:3f:47:ad:2c:
30:4f:64:a2:c3:f1:a1:f8:13:75:57:6c:8f:50:1a:
61:4d:aa:af:20:e9:4f:cb:69:3f:b4:83:f1:4c:75:
7c:12:46:60:18:c5:38:dd:34:c5:f5:53:24:62:40:
c4:5a:3f:20:71:bd:71:b0:b1:67:8c:81:d1:e3:50:
47:7d:33:3d:5a:05:1a:4c:33:7f:7f:22:6d:fa:38:
ba:c9:34:90:0d:e8:6d:70:14:53:bd:59:90:ad:54:
25:f6:2c:b5:62:99:6d:d3:f0:6e:bb:64:98:68:34:
c4:34:2c:6a:f9:36:3e:2f:32:93:04:e7:c2:dc:4a:
30:e1:17:dd:a0:ff:fe:a0:58:25:3c:c4:e8:8c:18:
8c:f8:3d:a8:c3:9e:7d:a1:b5:1c:21:eb:9d:da:37:
09:03:c4:ed:52:63:93:21:54:99:b5:71:29:6f:5b:
ec:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:40:CB:6A:2C:32:57:7F:5B:B2:F8:8B:2A:C1:A1:48:17:B5:10:22
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4787.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.86.152.0/22
103.109.160.0/23
103.109.172.0/22
103.111.200.0/22
103.112.222.0/24
103.113.48.0/22
103.113.73.0/24
103.114.173.0/24
103.164.132.0/22
202.51.24.0/21
IPv6:
2001:df4:cd00::/48
2403:3440::/32
2403:34c0::/32
Signature Algorithm: sha256WithRSAEncryption
7f:92:80:49:57:73:f6:d6:03:87:8d:a9:30:d0:97:7f:09:cd:
0c:ca:01:74:c7:f7:28:4c:fc:1f:20:2b:58:f5:1e:00:02:83:
32:4d:40:39:be:ff:cc:a1:1f:32:a6:17:e4:ed:5a:2d:ba:1d:
ee:84:07:dc:96:c3:53:55:41:61:67:4d:a8:d4:0b:59:05:ca:
26:52:06:d6:2b:7d:ab:23:89:59:63:b4:da:8e:f3:1b:a3:b5:
89:1e:eb:98:de:a8:07:b3:12:9d:0e:54:21:28:d9:28:ae:7d:
81:09:6b:2c:39:13:06:2f:33:a6:21:3c:59:3f:46:25:d6:70:
de:12:30:6c:08:db:1c:8b:62:55:1b:cf:3e:6c:27:41:34:f7:
71:39:83:39:f0:1e:45:26:29:4b:0c:38:99:9a:1e:74:b9:00:
a4:78:51:d3:c1:4c:36:29:17:10:3e:13:df:73:6d:22:b4:92:
bb:85:b9:d4:7c:09:52:f5:3c:f4:e3:aa:bf:43:52:34:a5:c7:
45:0f:9c:59:e4:27:c2:45:6b:9a:07:79:e6:88:58:76:0c:8d:
cd:2c:ac:86:79:37:ea:ba:fc:02:db:9c:de:fe:54:bb:da:e9:
3b:83:eb:46:3a:35:ed:02:96:56:5b:a9:43:14:1c:f7:53:75:
4f:a5:dc:6e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUBSXlhFKelFmk0MjknW57c8zqztgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUyNzAyMDUxN1oX
DTI2MDUyNjAyMTAxN1owMzExMC8GA1UEAxMoRDE0MENCNkEyQzMyNTc3RjVCQjJG
ODhCMkFDMUExNDgxN0I1MTAyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0gSZsraJZX5PjX7btmb+mJTb4nnyvpKHztuLxRuvxzF0VwxLSJEKMweUYV
MOpDgveyDrOI/TcRCbkgEJxZd0oCPHTxi9GcxWqH9M12OcTx760x1Zo/R60sME9k
osPxofgTdVdsj1AaYU2qryDpT8tpP7SD8Ux1fBJGYBjFON00xfVTJGJAxFo/IHG9
cbCxZ4yB0eNQR30zPVoFGkwzf38ibfo4usk0kA3obXAUU71ZkK1UJfYstWKZbdPw
brtkmGg0xDQsavk2Pi8ykwTnwtxKMOEX3aD//qBYJTzE6IwYjPg9qMOefaG1HCHr
ndo3CQPE7VJjkyFUmbVxKW9b7IMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTRQMtq
LDJXf1uy+IsqwaFIF7UQIjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzQ3ODcucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwdAYIKwYBBQUHAQcBAf8EZTBjMEIE
AgABMDwDBAJnVpgDBAFnbaADBAJnbawDBAJnb8gDBABncN4DBAJncTADBABncUkD
BABncq0DBAJnpIQDBAPKMxgwHQQCAAIwFwMHACABDfTNAAMFACQDNEADBQAkAzTA
MA0GCSqGSIb3DQEBCwUAA4IBAQB/koBJV3P21gOHjakw0Jd/Cc0MygF0x/coTPwf
ICtY9R4AAoMyTUA5vv/MoR8yphfk7Votuh3uhAfclsNTVUFhZ02o1AtZBcomUgbW
K32rI4lZY7TajvMbo7WJHuuY3qgHsxKdDlQhKNkorn2BCWssORMGLzOmITxZP0Yl
1nDeEjBsCNsci2JVG88+bCdBNPdxOYM58B5FJilLDDiZmh50uQCkeFHTwUw2KRcQ
PhPfc20itJK7hbnUfAlS9Tz046q/Q1I0pcdFD5xZ5CfCRWuaB3nmiFh2DI3NLKyG
eTfquvwC25ze/lS72uk7g+tGOjXtApZWW6lDFBz3U3VPpdxu
-----END CERTIFICATE-----
Generated at Sun Jun 15 19:28:18 2025 by rpki-client