Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS133800.roa
File: AS133800.roa (raw, json)
Hash identifier: dS3Qyt+Rab/w93t/MCKAtCRyrvqQanXcxOcQC3fqwvw=
Subject key identifier: 91:B2:FF:8A:0D:62:A2:AA:0D:D8:75:DF:67:AA:CB:34:31:9A:22:2C
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 7B003D89438D3800173DDBF3960DF4A0BAA0B975
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS133800.roa
Signing time: Wed 03 Jun 2026 14:23:36 +0000
ROA not before: Wed 03 Jun 2026 14:18:36 +0000
ROA not after: Wed 02 Jun 2027 14:23:36 +0000
asID: 133800
IP address blocks: 103.28.75.0/24 maxlen: 24
103.31.204.0/23 maxlen: 24
103.44.26.0/23 maxlen: 24
103.77.104.0/23 maxlen: 24
103.89.0.0/22 maxlen: 24
103.89.4.0/22 maxlen: 24
103.93.52.0/22 maxlen: 24
103.93.56.0/22 maxlen: 24
103.93.64.0/22 maxlen: 24
103.93.128.0/22 maxlen: 24
103.93.132.0/22 maxlen: 24
103.93.160.0/22 maxlen: 24
103.125.180.0/23 maxlen: 24
103.127.96.0/23 maxlen: 24
103.127.98.0/23 maxlen: 24
103.127.132.0/23 maxlen: 24
103.127.134.0/23 maxlen: 24
103.127.136.0/23 maxlen: 24
103.127.138.0/23 maxlen: 24
103.127.208.0/23 maxlen: 24
103.127.210.0/23 maxlen: 24
103.129.148.0/23 maxlen: 24
103.150.80.0/23 maxlen: 24
103.150.84.0/23 maxlen: 24
103.150.86.0/23 maxlen: 24
103.150.88.0/23 maxlen: 24
103.150.90.0/23 maxlen: 24
103.150.92.0/23 maxlen: 24
103.150.96.0/23 maxlen: 24
103.150.98.0/23 maxlen: 24
103.150.100.0/23 maxlen: 24
103.150.102.0/23 maxlen: 24
103.150.116.0/23 maxlen: 24
103.150.120.0/23 maxlen: 24
103.150.190.0/23 maxlen: 24
103.150.192.0/23 maxlen: 24
103.150.194.0/23 maxlen: 24
103.150.196.0/23 maxlen: 24
103.175.216.0/23 maxlen: 24
103.175.218.0/23 maxlen: 24
103.175.220.0/23 maxlen: 24
103.196.146.0/23 maxlen: 24
103.196.152.0/23 maxlen: 24
103.196.154.0/23 maxlen: 24
116.206.196.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 18 Jun 2026 03:08:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:00:3d:89:43:8d:38:00:17:3d:db:f3:96:0d:f4:a0:ba:a0:b9:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: Jun 3 14:18:36 2026 GMT
Not After : Jun 2 14:23:36 2027 GMT
Subject: CN=91B2FF8A0D62A2AA0DD875DF67AACB34319A222C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f3:b2:46:4c:ad:0d:08:78:9b:47:88:f4:c3:
22:18:b6:84:93:7f:80:0c:e3:ad:f1:25:25:04:24:
3a:f0:d8:76:f8:11:bf:b8:d6:cf:48:a1:df:04:72:
f4:43:4c:e0:dd:09:ba:3a:31:be:52:cd:ae:03:68:
f7:39:53:b5:0e:b5:18:18:3b:a2:01:82:28:3b:9a:
9d:1a:eb:ac:c4:93:af:55:36:77:06:65:e5:e2:72:
e6:d7:ee:b5:52:5f:fc:54:2d:e8:4b:85:89:02:25:
bc:6b:fc:22:f0:68:1c:78:3b:9c:d2:05:d3:c0:e9:
2b:42:55:57:43:cf:0d:67:8d:43:29:4d:19:27:fc:
06:d2:2f:82:61:f6:58:15:08:10:b7:10:00:9a:4b:
e0:cb:dd:bd:3e:51:e9:73:41:31:2b:8a:59:15:5d:
a9:c2:e8:95:91:a9:76:e2:d2:8c:06:b8:6f:03:37:
73:44:e1:f8:95:86:90:4a:36:d6:1e:ce:de:9f:3a:
ca:76:9d:bd:2c:06:d0:8c:e3:4d:81:9d:b5:d3:80:
a7:4d:eb:8a:41:27:95:11:0d:c3:d8:22:f8:6e:1d:
55:ba:f2:a9:42:8d:80:b5:99:e3:3b:17:aa:39:ad:
a2:36:89:c5:75:ad:c4:1c:9a:e7:09:cb:a5:77:29:
3f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B2:FF:8A:0D:62:A2:AA:0D:D8:75:DF:67:AA:CB:34:31:9A:22:2C
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS133800.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.28.75.0/24
103.31.204.0/23
103.44.26.0/23
103.77.104.0/23
103.89.0.0/21
103.93.52.0-103.93.59.255
103.93.64.0/22
103.93.128.0/21
103.93.160.0/22
103.125.180.0/23
103.127.96.0/22
103.127.132.0-103.127.139.255
103.127.208.0/22
103.129.148.0/23
103.150.80.0/23
103.150.84.0-103.150.93.255
103.150.96.0/21
103.150.116.0/23
103.150.120.0/23
103.150.190.0-103.150.197.255
103.175.216.0-103.175.221.255
103.196.146.0/23
103.196.152.0/22
116.206.196.0/22
Signature Algorithm: sha256WithRSAEncryption
37:47:5b:34:58:8f:91:7c:27:75:06:a9:d5:24:bf:11:d9:20:
7b:1d:1b:dd:72:5a:63:c2:2e:c1:dd:a0:fc:f0:a1:84:e8:ee:
97:97:74:04:33:cb:98:60:6c:29:51:97:cd:6c:d2:7f:b9:fb:
12:ae:96:55:05:06:85:43:5e:55:7b:f5:9c:0a:41:b4:d2:33:
4a:ef:a8:01:29:4a:71:11:e4:89:b3:c5:38:45:5b:5c:c9:93:
1b:81:78:49:5f:c9:38:c1:35:d1:51:65:bf:ec:ff:f6:e6:2d:
ca:dc:3c:9e:64:23:7f:20:b4:0a:23:89:76:05:0a:64:fc:81:
de:f8:4b:db:7f:30:f6:5f:c7:ea:0a:aa:1c:3b:f8:f8:31:b0:
05:d4:9f:91:79:c3:c6:5a:64:04:95:c0:c9:8f:96:8b:a2:03:
61:76:3b:6e:a3:ac:14:44:4b:f8:79:51:66:fe:3c:f2:bf:ac:
77:91:ef:a1:27:8f:99:d3:e6:92:f6:c7:f7:05:c3:b5:6f:c6:
b2:48:de:f8:15:5a:ed:6d:96:af:ea:b5:72:77:7a:2d:77:85:
29:12:41:9a:77:cc:84:a6:aa:ad:56:97:3b:f1:2b:c4:e1:54:
99:ff:03:66:9e:0a:25:57:0a:04:c1:30:dd:e0:fc:3d:d2:1e:
3b:54:df:80
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIUewA9iUONOAAXPdvzlg30oLqguXUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDYwMzE0MTgzNloX
DTI3MDYwMjE0MjMzNlowMzExMC8GA1UEAxMoOTFCMkZGOEEwRDYyQTJBQTBERDg3
NURGNjdBQUNCMzQzMTlBMjIyQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPzskZMrQ0IeJtHiPTDIhi2hJN/gAzjrfElJQQkOvDYdvgRv7jWz0ih3wRy
9ENM4N0JujoxvlLNrgNo9zlTtQ61GBg7ogGCKDuanRrrrMSTr1U2dwZl5eJy5tfu
tVJf/FQt6EuFiQIlvGv8IvBoHHg7nNIF08DpK0JVV0PPDWeNQylNGSf8BtIvgmH2
WBUIELcQAJpL4MvdvT5R6XNBMSuKWRVdqcLolZGpduLSjAa4bwM3c0Th+JWGkEo2
1h7O3p86ynadvSwG0IzjTYGdtdOAp03rikEnlRENw9gi+G4dVbryqUKNgLWZ4zsX
qjmtojaJxXWtxBya5wnLpXcpP3UCAwEAAaOCAoMwggJ/MB0GA1UdDgQWBBSRsv+K
DWKiqg3Ydd9nqss0MZoiLDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTMzODAwLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCB
vwQCAAEwgbgDBABnHEsDBAFnH8wDBAFnLBoDBAFnTWgDBANnWQAwDAMEAmddNAME
AmddOAMEAmddQAMEA2ddgAMEAmddoAMEAWd9tAMEAmd/YDAMAwQCZ3+EAwQCZ3+I
AwQCZ3/QAwQBZ4GUAwQBZ5ZQMAwDBAJnllQDBAFnllwDBANnlmADBAFnlnQDBAFn
lngwDAMEAWeWvgMEAWeWxDAMAwQDZ6/YAwQBZ6/cAwQBZ8SSAwQCZ8SYAwQCdM7E
MA0GCSqGSIb3DQEBCwUAA4IBAQA3R1s0WI+RfCd1BqnVJL8R2SB7HRvdclpjwi7B
3aD88KGE6O6Xl3QEM8uYYGwpUZfNbNJ/ufsSrpZVBQaFQ15Ve/WcCkG00jNK76gB
KUpxEeSJs8U4RVtcyZMbgXhJX8k4wTXRUWW/7P/25i3K3DyeZCN/ILQKI4l2BQpk
/IHe+EvbfzD2X8fqCqocO/j4MbAF1J+RecPGWmQElcDJj5aLogNhdjtuo6wUREv4
eVFm/jzyv6x3ke+hJ4+Z0+aS9sf3BcO1b8aySN74FVrtbZav6rVyd3otd4UpEkGa
d8yEpqqtVpc78SvE4VSZ/wNmngolVwoEwTDd4Pw90h47VN+A
-----END CERTIFICATE-----
Generated at Wed Jun 17 08:49:27 2026 by rpki-client