Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS23693.roa
File: AS23693.roa (raw, json)
Hash identifier: uiBCyeHEpC3f8R6/sfXdwWrZq6zCWHG31pi6mKKHwww=
Subject key identifier: 52:DA:91:6B:84:B2:E4:8A:43:A8:F3:85:DE:25:01:DA:EA:E8:76:7C
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 57487D5F17E689BB5C2FD0CADDF42C816E82B959
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS23693.roa
Signing time: Tue 09 Jun 2026 04:59:26 +0000
ROA not before: Tue 09 Jun 2026 04:54:26 +0000
ROA not after: Tue 08 Jun 2027 04:59:26 +0000
asID: 23693
IP address blocks: 202.158.129.0/24 maxlen: 24
202.158.130.0/24 maxlen: 24
202.158.131.0/24 maxlen: 24
202.158.134.0/24 maxlen: 24
202.158.135.0/24 maxlen: 24
2404:c0:c000::/39 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 16 Jun 2026 03:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:48:7d:5f:17:e6:89:bb:5c:2f:d0:ca:dd:f4:2c:81:6e:82:b9:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: Jun 9 04:54:26 2026 GMT
Not After : Jun 8 04:59:26 2027 GMT
Subject: CN=52DA916B84B2E48A43A8F385DE2501DAEAE8767C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:69:f2:c5:9f:5d:95:9c:3d:84:d6:8a:81:13:
2d:5b:12:93:22:bd:e0:f1:86:4b:c4:40:aa:a0:21:
fe:30:09:9c:a3:60:14:5e:72:79:0b:65:75:24:63:
21:d8:ca:32:8b:72:9c:e5:44:cf:b0:e9:36:f6:a4:
3f:dd:b2:2d:35:d0:aa:eb:50:e0:13:2d:71:23:1e:
83:30:f0:e9:b9:b4:22:b8:b0:95:b6:26:bd:b0:f1:
e4:ca:07:24:ac:90:fc:1b:99:24:2b:fa:f4:d7:6c:
35:7b:0e:a4:b5:24:bb:68:b4:dc:0a:f3:1d:35:a2:
67:23:a3:b2:78:49:a3:45:07:00:ba:2c:cc:a1:6a:
49:e4:a5:f3:80:7d:e4:57:3c:8e:be:18:90:ec:f3:
c0:42:58:fd:32:8d:96:62:f0:20:db:0e:25:59:cd:
d7:24:cf:db:88:e2:47:20:32:17:54:9f:a9:3c:35:
6b:f1:f2:4b:96:96:98:f0:c1:17:c7:ca:be:89:e3:
0b:36:e3:d4:53:0a:4a:42:b6:69:67:0b:2c:62:f7:
03:ae:f8:62:81:45:96:27:e1:99:f6:0c:40:24:64:
d1:2e:7b:a1:9b:bc:06:2c:42:5c:1f:f2:cc:4d:4e:
c3:ae:ce:40:a8:a9:1f:7f:b9:73:41:fe:5f:8c:78:
75:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DA:91:6B:84:B2:E4:8A:43:A8:F3:85:DE:25:01:DA:EA:E8:76:7C
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS23693.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.158.129.0-202.158.131.255
202.158.134.0/23
IPv6:
2404:c0:c000::/39
Signature Algorithm: sha256WithRSAEncryption
58:b1:b7:b5:3d:5e:2b:ae:9b:7e:02:7f:0b:fc:22:79:4b:1b:
f8:15:f9:5c:08:6f:c7:29:54:46:ba:49:b3:d8:1c:fb:b5:9c:
d7:40:49:69:62:5e:63:3a:d7:45:e3:40:43:02:20:cd:5b:6f:
70:ac:d1:ff:6f:f3:0a:c3:95:ec:48:9b:6c:bb:4d:11:57:24:
78:bd:fc:3a:98:83:1b:86:ae:1d:f6:af:0f:6a:47:5d:c0:4c:
98:1a:51:25:2e:7f:a7:42:09:24:e9:79:f4:23:ad:ed:d3:51:
9b:1f:7e:b9:69:55:3a:78:ae:31:e7:bc:04:60:6d:09:f4:61:
e5:ad:38:62:52:2a:a9:c1:53:e4:1b:00:b5:93:1a:17:b2:2f:
9b:0f:87:69:9b:4f:a5:e3:f5:99:1d:a2:dd:7e:e0:2d:87:ee:
ac:49:f7:f9:f8:a8:dc:22:d9:46:21:a3:87:a6:ea:06:77:89:
72:56:bc:16:b2:69:c9:d5:01:a0:74:cd:d7:f3:06:46:b5:17:
d2:2f:d6:95:e7:64:b2:9f:92:c3:db:55:d7:5e:05:a9:89:16:
6a:58:9a:5b:fd:34:c6:3c:1d:81:01:8e:9d:64:9d:28:55:7d:
8c:cc:56:3a:65:92:aa:6c:7d:fc:6d:c5:97:64:09:ce:e8:fb:
e8:b4:13:71
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIUV0h9XxfmibtcL9DK3fQsgW6CuVkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDYwOTA0NTQyNloX
DTI3MDYwODA0NTkyNlowMzExMC8GA1UEAxMoNTJEQTkxNkI4NEIyRTQ4QTQzQThG
Mzg1REUyNTAxREFFQUU4NzY3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxp8sWfXZWcPYTWioETLVsSkyK94PGGS8RAqqAh/jAJnKNgFF5yeQtldSRj
IdjKMotynOVEz7DpNvakP92yLTXQqutQ4BMtcSMegzDw6bm0IriwlbYmvbDx5MoH
JKyQ/BuZJCv69NdsNXsOpLUku2i03ArzHTWiZyOjsnhJo0UHALoszKFqSeSl84B9
5Fc8jr4YkOzzwEJY/TKNlmLwINsOJVnN1yTP24jiRyAyF1SfqTw1a/HyS5aWmPDB
F8fKvonjCzbj1FMKSkK2aWcLLGL3A674YoFFlifhmfYMQCRk0S57oZu8BixCXB/y
zE1Ow67OQKipH3+5c0H+X4x4dX0CAwEAAaOCAekwggHlMB0GA1UdDgQWBBRS2pFr
hLLkikOo84XeJQHa6uh2fDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMjM2OTMucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMBoEAgAB
MBQwDAMEAMqegQMEAsqegAMEAcqehjAOBAIAAjAIAwYBJAQAwMAwDQYJKoZIhvcN
AQELBQADggEBAFixt7U9Xiuum34Cfwv8InlLG/gV+VwIb8cpVEa6SbPYHPu1nNdA
SWliXmM610XjQEMCIM1bb3Cs0f9v8wrDlexIm2y7TRFXJHi9/DqYgxuGrh32rw9q
R13ATJgaUSUuf6dCCSTpefQjre3TUZsffrlpVTp4rjHnvARgbQn0YeWtOGJSKqnB
U+QbALWTGheyL5sPh2mbT6Xj9Zkdot1+4C2H7qxJ9/n4qNwi2UYho4em6gZ3iXJW
vBayacnVAaB0zdfzBka1F9Iv1pXnZLKfksPbVddeBamJFmpYmlv9NMY8HYEBjp1k
nShVfYzMVjplkqpsffxtxZdkCc7o++i0E3E=
-----END CERTIFICATE-----
Generated at Mon Jun 15 12:32:22 2026 by rpki-client