Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58389.roa
File: AS58389.roa (raw, json)
Hash identifier: nA3abWxe3ZeNWGG6SPoqhcGrJ+7rF266pJWgRewHgnE=
Subject key identifier: 2D:D1:2A:25:A5:17:3B:2D:7A:47:15:BB:63:05:F2:97:AE:45:84:0C
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 51F92A668ED504682EA35A738B7ACF86E073BC24
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58389.roa
Signing time: Thu 29 Jan 2026 02:32:51 +0000
ROA not before: Thu 29 Jan 2026 02:27:51 +0000
ROA not after: Thu 28 Jan 2027 02:32:51 +0000
asID: 58389
IP address blocks: 43.240.229.0/24 maxlen: 24
103.11.28.0/24 maxlen: 24
103.11.29.0/24 maxlen: 24
103.11.30.0/24 maxlen: 24
103.11.31.0/24 maxlen: 24
103.143.222.0/23 maxlen: 24
114.198.240.0/21 maxlen: 24
114.198.243.0/24 maxlen: 24
116.68.164.0/24 maxlen: 24
116.68.165.0/24 maxlen: 24
116.68.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 05 Mar 2026 02:17:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:f9:2a:66:8e:d5:04:68:2e:a3:5a:73:8b:7a:cf:86:e0:73:bc:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Jan 29 02:27:51 2026 GMT
Not After : Jan 28 02:32:51 2027 GMT
Subject: CN=2DD12A25A5173B2D7A4715BB6305F297AE45840C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:58:5f:cc:2c:7e:33:c3:db:07:3f:7d:95:6f:
d4:68:3d:b3:97:21:01:6c:dc:15:2a:e6:76:b8:fb:
5b:ef:76:27:c1:3c:f6:f6:16:d1:84:3e:0b:bd:5f:
76:48:e2:a2:a0:7f:d9:47:63:11:70:d8:9e:07:78:
a3:9b:47:5d:64:55:d0:2e:af:47:50:00:42:6b:18:
a8:3f:0e:2c:2a:e5:ad:5b:1b:8f:f8:2f:ab:03:c2:
7f:dc:eb:3e:05:3e:fb:3d:e4:55:ab:6e:f0:27:0b:
eb:03:4a:83:b9:be:6f:b7:9a:77:b5:11:78:06:7c:
f1:f5:68:c3:08:c7:59:42:b4:de:37:8c:ff:fe:c4:
18:a8:2a:11:e9:13:de:3e:32:8d:2e:89:2d:e6:32:
71:3c:af:6d:16:bf:46:46:02:51:9d:31:05:8c:ec:
33:f8:6f:89:98:a4:66:cb:73:93:4d:67:08:fa:11:
20:fd:f8:b8:e4:7d:4d:6d:85:97:b3:20:a9:59:a5:
2d:9d:ef:25:33:84:12:e3:ac:8d:27:32:52:9a:bd:
e7:8b:28:14:8d:df:03:34:06:ad:28:6e:7b:cb:64:
ac:23:bf:58:7a:7e:80:40:d6:7f:62:50:72:37:db:
3b:ab:3e:6b:64:6b:57:10:b4:b2:37:3b:0d:8b:3b:
02:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D1:2A:25:A5:17:3B:2D:7A:47:15:BB:63:05:F2:97:AE:45:84:0C
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58389.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.229.0/24
103.11.28.0/22
103.143.222.0/23
114.198.240.0/21
116.68.164.0/23
116.68.167.0/24
Signature Algorithm: sha256WithRSAEncryption
65:75:0e:5e:60:fd:03:e8:2b:57:98:86:6a:a7:64:e1:3f:b6:
14:f8:d7:cb:a9:41:8b:ef:c6:64:db:88:d6:53:5c:0f:9d:10:
0c:dd:fc:54:80:31:7c:16:f0:fb:65:07:51:61:6b:7c:e1:49:
eb:54:cc:35:4f:2b:67:39:0b:8c:dc:a6:35:bf:5d:da:bf:aa:
49:aa:5b:bd:f2:66:3f:2b:fc:f9:33:37:17:d9:ac:90:f4:a5:
fb:c7:70:17:4b:c0:e4:01:13:7c:9b:7f:b4:c7:5e:76:71:70:
68:84:b0:38:f9:d9:e3:32:df:ba:f2:88:58:4f:69:18:62:94:
b0:c9:16:42:60:c7:a9:93:2e:df:29:9c:61:7c:5a:31:db:37:
28:6a:9d:be:e0:32:bf:6b:df:cd:73:cd:b9:6e:b7:59:89:87:
b1:3e:ab:0c:bb:a0:07:99:4c:54:d5:07:57:13:92:3e:e8:7c:
a7:1b:31:79:78:ed:df:b8:fa:98:d4:c9:51:51:8f:b5:71:23:
8b:7e:b3:ab:45:8e:09:fd:e8:7d:72:50:83:3b:6f:eb:a5:6d:
14:42:dd:1f:79:03:a7:ea:c1:b0:d6:d7:47:88:ab:7f:f6:13:
57:4d:84:44:3c:54:90:f7:0f:ad:5b:83:0c:46:51:65:15:96:
79:15:8b:c2
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIUUfkqZo7VBGguo1pzi3rPhuBzvCQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDEyOTAyMjc1MVoX
DTI3MDEyODAyMzI1MVowMzExMC8GA1UEAxMoMkREMTJBMjVBNTE3M0IyRDdBNDcx
NUJCNjMwNUYyOTdBRTQ1ODQwQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBYX8wsfjPD2wc/fZVv1Gg9s5chAWzcFSrmdrj7W+92J8E89vYW0YQ+C71f
dkjioqB/2UdjEXDYngd4o5tHXWRV0C6vR1AAQmsYqD8OLCrlrVsbj/gvqwPCf9zr
PgU++z3kVatu8CcL6wNKg7m+b7ead7UReAZ88fVowwjHWUK03jeM//7EGKgqEekT
3j4yjS6JLeYycTyvbRa/RkYCUZ0xBYzsM/hviZikZstzk01nCPoRIP34uOR9TW2F
l7MgqVmlLZ3vJTOEEuOsjScyUpq954soFI3fAzQGrShue8tkrCO/WHp+gEDWf2JQ
cjfbO6s+a2RrVxC0sjc7DYs7AtUCAwEAAaOCAe0wggHpMB0GA1UdDgQWBBQt0Sol
pRc7LXpHFbtjBfKXrkWEDDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzU4Mzg5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAq
BAIAATAkAwQAK/DlAwQCZwscAwQBZ4/eAwQDcsbwAwQBdESkAwQAdESnMA0GCSqG
SIb3DQEBCwUAA4IBAQBldQ5eYP0D6CtXmIZqp2ThP7YU+NfLqUGL78Zk24jWU1wP
nRAM3fxUgDF8FvD7ZQdRYWt84UnrVMw1TytnOQuM3KY1v13av6pJqlu98mY/K/z5
MzcX2ayQ9KX7x3AXS8DkARN8m3+0x152cXBohLA4+dnjMt+68ohYT2kYYpSwyRZC
YMepky7fKZxhfFox2zcoap2+4DK/a9/Nc825brdZiYexPqsMu6AHmUxU1QdXE5I+
6HynGzF5eO3fuPqY1MlRUY+1cSOLfrOrRY4J/eh9clCDO2/rpW0UQt0feQOn6sGw
1tdHiKt/9hNXTYREPFSQ9w+tW4MMRlFlFZZ5FYvC
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:00:35 2026 by rpki-client