Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS55685.roa
File: AS55685.roa (raw, json)
Hash identifier: H8mfixqfZt+quCPVCpzVxd9Vxk8yzv31xbo9qtfw1lY=
Subject key identifier: 63:E4:0F:10:D2:66:BD:F7:15:BC:9C:BD:4E:03:12:61:AB:29:F0:74
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 6006C245F132D31A9BCB5F76D49E33ECADEC9311
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS55685.roa
Signing time: Mon 21 Jul 2025 09:25:13 +0000
ROA not before: Mon 21 Jul 2025 09:20:13 +0000
ROA not after: Mon 20 Jul 2026 09:25:13 +0000
asID: 55685
IP address blocks: 103.247.40.0/24 maxlen: 24
103.247.41.0/24 maxlen: 24
103.247.42.0/24 maxlen: 24
103.247.43.0/24 maxlen: 24
202.51.192.0/21 maxlen: 24
202.51.192.0/22 maxlen: 24
202.51.196.0/23 maxlen: 24
202.51.200.0/24 maxlen: 24
202.51.201.0/24 maxlen: 24
202.51.202.0/24 maxlen: 24
202.51.203.0/24 maxlen: 24
202.51.204.0/22 maxlen: 24
202.51.208.0/24 maxlen: 24
202.51.209.0/24 maxlen: 24
202.51.210.0/23 maxlen: 24
202.51.212.0/24 maxlen: 24
202.51.213.0/24 maxlen: 24
202.51.215.0/24 maxlen: 24
202.51.216.0/24 maxlen: 24
202.51.217.0/24 maxlen: 24
202.51.218.0/24 maxlen: 24
202.145.4.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 09 Aug 2025 13:36:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:06:c2:45:f1:32:d3:1a:9b:cb:5f:76:d4:9e:33:ec:ad:ec:93:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Jul 21 09:20:13 2025 GMT
Not After : Jul 20 09:25:13 2026 GMT
Subject: CN=63E40F10D266BDF715BC9CBD4E031261AB29F074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9a:50:f4:4b:f3:98:88:cb:39:d3:db:90:5e:
b1:92:55:13:49:16:98:58:4f:25:7a:98:b4:1a:3f:
f1:5f:6d:d1:96:cb:a1:ef:41:70:de:e4:d5:e9:c4:
ac:b3:c7:60:90:d5:cb:b7:9d:fd:7b:fb:5a:b7:6a:
3b:7c:5a:a2:1d:31:f7:a6:33:fd:65:b3:51:7b:d1:
8a:df:ab:16:4b:2e:13:81:00:b4:06:f3:b2:ce:b8:
88:dd:10:b2:e6:54:d8:db:c3:68:65:a0:cf:53:77:
06:d3:c1:36:45:a0:fb:fd:73:6e:00:2e:47:ee:25:
58:93:93:ea:8c:01:67:c5:10:3d:a1:a7:ed:7e:60:
7a:5f:43:98:12:2d:b1:fa:3b:b2:49:61:cd:cf:a6:
0d:52:92:7f:f1:73:49:d8:88:4b:ba:67:b8:6d:95:
2f:62:47:06:b5:8d:c8:a8:7c:65:4f:99:d9:e4:bc:
da:c7:7c:3e:99:b3:1f:a6:fa:b4:16:a8:dd:97:99:
b8:85:07:d6:74:39:f2:63:6c:48:a9:2c:44:40:bc:
26:77:e4:ab:01:39:1b:8f:27:ea:8c:51:14:5b:45:
84:f0:be:71:a6:af:87:df:e6:ee:1c:d7:3e:da:58:
75:69:85:3d:6c:80:6c:16:fb:3d:23:fe:92:2b:e1:
93:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E4:0F:10:D2:66:BD:F7:15:BC:9C:BD:4E:03:12:61:AB:29:F0:74
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS55685.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.247.40.0/22
202.51.192.0-202.51.213.255
202.51.215.0-202.51.218.255
202.145.4.0/23
Signature Algorithm: sha256WithRSAEncryption
25:b4:18:53:9c:38:a5:03:ab:df:19:3e:27:80:1c:b5:a1:86:
fa:2a:da:6d:8d:eb:2e:90:0c:a9:5a:bf:ba:3c:f1:24:2f:a7:
d3:ab:55:6c:bf:2c:46:89:87:35:63:02:79:dd:df:63:fd:2a:
3e:f8:44:79:8c:64:db:74:ca:22:ef:8f:57:81:f0:f4:3c:46:
7b:e4:1f:9a:34:3e:cd:15:2f:c9:87:42:f5:f2:48:23:4b:bf:
d5:8d:ec:e5:3b:b1:66:5a:cd:fb:9d:c5:3f:85:76:fa:2e:a8:
e6:ce:ea:21:f5:b1:2c:62:e2:6c:83:53:9c:91:ca:5f:4b:68:
fc:58:53:18:98:6c:4e:73:5c:d2:d3:35:75:98:e7:68:03:47:
fa:3c:4d:67:b8:22:6b:c2:a1:1d:ed:db:c4:c9:70:05:87:c3:
19:4a:35:64:6d:6b:5e:4d:4c:ce:fe:ce:97:d8:19:4f:89:30:
ab:eb:a5:17:33:56:07:a7:74:ee:8c:d6:75:dc:8a:44:3e:a1:
42:37:c7:f3:fb:40:d4:20:51:25:b7:fc:1d:57:dc:4e:97:de:
e6:ef:fd:4e:35:d7:52:97:c0:f6:e6:f9:1d:37:ae:47:f2:6f:
a9:b2:7a:36:be:18:aa:67:a4:aa:89:ac:17:af:37:a6:57:f0:
a3:6a:02:0c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUYAbCRfEy0xqby1921J4z7K3skxEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcyMTA5MjAxM1oX
DTI2MDcyMDA5MjUxM1owMzExMC8GA1UEAxMoNjNFNDBGMTBEMjY2QkRGNzE1QkM5
Q0JENEUwMzEyNjFBQjI5RjA3NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOaUPRL85iIyznT25BesZJVE0kWmFhPJXqYtBo/8V9t0ZbLoe9BcN7k1enE
rLPHYJDVy7ed/Xv7WrdqO3xaoh0x96Yz/WWzUXvRit+rFksuE4EAtAbzss64iN0Q
suZU2NvDaGWgz1N3BtPBNkWg+/1zbgAuR+4lWJOT6owBZ8UQPaGn7X5gel9DmBIt
sfo7sklhzc+mDVKSf/FzSdiIS7pnuG2VL2JHBrWNyKh8ZU+Z2eS82sd8PpmzH6b6
tBao3ZeZuIUH1nQ58mNsSKksREC8JnfkqwE5G48n6oxRFFtFhPC+caavh9/m7hzX
PtpYdWmFPWyAbBb7PSP+kivhk7UCAwEAAaOCAfEwggHtMB0GA1UdDgQWBBRj5A8Q
0ma99xW8nL1OAxJhqynwdDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzU1Njg1LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAu
BAIAATAoAwQCZ/coMAwDBAbKM8ADBAHKM9QwDAMEAMoz1wMEAMoz2gMEAcqRBDAN
BgkqhkiG9w0BAQsFAAOCAQEAJbQYU5w4pQOr3xk+J4ActaGG+irabY3rLpAMqVq/
ujzxJC+n06tVbL8sRomHNWMCed3fY/0qPvhEeYxk23TKIu+PV4Hw9DxGe+QfmjQ+
zRUvyYdC9fJII0u/1Y3s5TuxZlrN+53FP4V2+i6o5s7qIfWxLGLibINTnJHKX0to
/FhTGJhsTnNc0tM1dZjnaANH+jxNZ7gia8KhHe3bxMlwBYfDGUo1ZG1rXk1Mzv7O
l9gZT4kwq+ulFzNWB6d07ozWddyKRD6hQjfH8/tA1CBRJbf8HVfcTpfe5u/9TjXX
UpfA9ub5HTeuR/JvqbJ6Nr4YqmekqomsF683plfwo2oCDA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 03:58:18 2025 by rpki-client