Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: JIwAKEIlcxt538b3I5Q0Q3SEUHphuuMqAGn+Va1DEkI=
Subject key identifier: 01:D2:CD:08:57:87:1C:B7:84:2B:C8:38:B7:95:79:46:C5:E1:7F:D9
Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
Certificate serial: 0E83482346C09E93D6579A07AB801C23026138BC
Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS0.roa
Signing time: Fri 22 May 2026 11:41:17 +0000
ROA not before: Fri 22 May 2026 11:36:17 +0000
ROA not after: Fri 21 May 2027 11:41:17 +0000
asID: 0
IP address blocks: 157.10.212.0/23 maxlen: 24
157.15.68.0/24 maxlen: 24
157.15.170.0/23 maxlen: 24
157.20.167.0/24 maxlen: 24
157.20.232.0/24 maxlen: 24
157.66.54.0/23 maxlen: 24
157.66.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 21:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:83:48:23:46:c0:9e:93:d6:57:9a:07:ab:80:1c:23:02:61:38:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
Validity
Not Before: May 22 11:36:17 2026 GMT
Not After : May 21 11:41:17 2027 GMT
Subject: CN=01D2CD0857871CB7842BC838B7957946C5E17FD9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4c:f1:21:e9:8a:15:95:47:3c:59:a3:9f:83:
a6:a4:be:24:61:6f:1a:e8:3d:2b:66:5b:69:89:a5:
25:26:63:9e:88:de:41:fb:d8:c6:42:99:b9:aa:cb:
98:78:fb:b1:c7:27:12:4f:ba:af:6c:21:c7:d8:d4:
f1:f3:01:18:5f:fb:71:80:bf:0a:49:8f:79:55:fb:
8f:f3:bc:bb:ae:e2:9a:54:d6:7f:0c:2f:f2:d5:84:
09:b6:7a:52:34:dc:7f:1f:47:ea:34:00:42:43:1b:
09:03:7e:f4:9b:36:de:4c:7d:4d:35:d1:bf:f7:c3:
c5:91:c7:b5:9c:38:95:ec:cb:4c:bd:7e:cd:07:97:
bc:02:15:91:48:4e:3d:9d:ac:79:11:ab:bd:64:47:
4b:b3:e1:f1:ea:7e:5f:68:df:c4:0e:83:db:4a:7c:
f6:45:61:b8:79:31:c8:df:ce:af:05:69:c3:6e:1e:
2f:9a:3f:45:0e:e3:32:88:17:87:4e:44:9c:13:c2:
72:83:09:a4:64:8b:c9:5c:0a:bc:da:1a:5c:30:78:
d7:92:ac:24:d9:c3:56:f5:8b:17:61:7c:96:f0:70:
a4:0c:5b:44:3c:da:75:81:c8:7f:aa:b4:e8:43:cd:
31:d3:f4:8b:0a:83:ce:65:d3:4f:a8:07:37:2f:3c:
9f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:D2:CD:08:57:87:1C:B7:84:2B:C8:38:B7:95:79:46:C5:E1:7F:D9
X509v3 Authority Key Identifier:
keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.10.212.0/23
157.15.68.0/24
157.15.170.0/23
157.20.167.0/24
157.20.232.0/24
157.66.54.0/23
157.66.126.0/23
Signature Algorithm: sha256WithRSAEncryption
19:1f:84:31:12:95:cb:a3:a8:d5:9a:22:ae:ef:81:15:eb:9d:
f3:4d:cb:d7:85:e2:44:46:67:7c:4f:b0:86:fa:8c:5e:9a:d8:
45:15:29:04:0b:e2:32:ef:b3:76:fd:52:1f:6c:85:6a:00:b7:
83:07:ab:ef:22:e0:21:9d:d6:19:26:d9:79:a2:20:61:3a:6f:
83:38:2d:02:a2:0d:f9:12:b7:7e:aa:aa:58:ff:0f:6a:64:14:
c0:e3:ca:25:36:05:ca:8e:f0:be:5c:88:02:18:c7:b1:40:ef:
f0:6b:ab:08:ad:08:78:46:eb:e9:bd:8b:0e:47:38:78:ba:5e:
54:17:e3:69:9e:42:7f:7a:e0:73:55:ce:a3:9a:e8:1a:96:83:
ee:99:5f:ba:be:9c:11:86:75:ed:ca:3c:3f:f7:cd:9a:09:b1:
2a:52:4b:5f:a2:d5:a6:2f:60:72:d0:d7:ce:d9:bf:8b:d9:4c:
04:ea:a8:08:c5:d2:4d:35:01:ab:8d:ff:b4:de:f7:e0:26:19:
4d:0b:b0:d2:36:22:fd:07:74:51:f3:86:4a:e5:bc:1d:3d:e8:
5c:b4:53:03:c1:5d:09:d7:5c:ce:c1:ce:5b:45:11:ea:1c:38:
d1:6e:99:d4:4e:70:cf:b0:0f:98:f1:53:48:35:36:ec:04:bf:
c9:a1:09:62
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgIUDoNII0bAnpPWV5oHq4AcIwJhOLwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0
NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUyMjExMzYxN1oX
DTI3MDUyMTExNDExN1owMzExMC8GA1UEAxMoMDFEMkNEMDg1Nzg3MUNCNzg0MkJD
ODM4Qjc5NTc5NDZDNUUxN0ZEOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVM8SHpihWVRzxZo5+DpqS+JGFvGug9K2ZbaYmlJSZjnojeQfvYxkKZuarL
mHj7sccnEk+6r2whx9jU8fMBGF/7cYC/CkmPeVX7j/O8u67imlTWfwwv8tWECbZ6
UjTcfx9H6jQAQkMbCQN+9Js23kx9TTXRv/fDxZHHtZw4lezLTL1+zQeXvAIVkUhO
PZ2seRGrvWRHS7Ph8ep+X2jfxA6D20p89kVhuHkxyN/OrwVpw24eL5o/RQ7jMogX
h05EnBPCcoMJpGSLyVwKvNoaXDB415KsJNnDVvWLF2F8lvBwpAxbRDzadYHIf6q0
6EPNMdP0iwqDzmXTT6gHNy88n7sCAwEAAaOCAeswggHnMB0GA1UdDgQWBBQB0s0I
V4cct4QryDi3lXlGxeF/2TAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT
YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB
NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG
MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz
Rm5DMDJJLmNlcjBNBggrBgEFBQcBCwRBMD8wPQYIKwYBBQUHMAuGMXJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgME
AZ0K1AMEAJ0PRAMEAZ0PqgMEAJ0UpwMEAJ0U6AMEAZ1CNgMEAZ1CfjANBgkqhkiG
9w0BAQsFAAOCAQEAGR+EMRKVy6Oo1Zoiru+BFeud803L14XiREZnfE+whvqMXprY
RRUpBAviMu+zdv1SH2yFagC3gwer7yLgIZ3WGSbZeaIgYTpvgzgtAqIN+RK3fqqq
WP8PamQUwOPKJTYFyo7wvlyIAhjHsUDv8GurCK0IeEbr6b2LDkc4eLpeVBfjaZ5C
f3rgc1XOo5roGpaD7plfur6cEYZ17co8P/fNmgmxKlJLX6LVpi9gctDXztm/i9lM
BOqoCMXSTTUBq43/tN734CYZTQuw0jYi/Qd0UfOGSuW8HT3oXLRTA8FdCddczsHO
W0UR6hw40W6Z1E5wz7APmPFTSDU27AS/yaEJYg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:49:22 2026 by rpki-client