Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS45298.roa
File: AS45298.roa (raw, json)
Hash identifier: emw0NXJPYoJDTrXD0P2o6v0KaamLexr+geMNjqBuH64=
Subject key identifier: 9B:FF:E4:60:82:C1:2C:C1:9B:48:12:96:E8:19:E8:60:BF:DE:88:30
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 591EEC63CCE428D94B939B3700EB3FABDB36018A
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS45298.roa
Signing time: Mon 08 Jun 2026 02:22:08 +0000
ROA not before: Mon 08 Jun 2026 02:17:08 +0000
ROA not after: Mon 07 Jun 2027 02:22:08 +0000
asID: 45298
IP address blocks: 43.249.208.0/22 maxlen: 22
49.50.4.0/23 maxlen: 23
49.50.4.0/23 maxlen: 24
103.206.240.0/22 maxlen: 22
103.228.8.0/24 maxlen: 24
103.247.244.0/23 maxlen: 23
103.253.106.0/23 maxlen: 23
202.43.72.0/22 maxlen: 22
203.89.146.0/23 maxlen: 23
203.171.221.0/24 maxlen: 24
203.209.190.0/24 maxlen: 24
2405:700::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 18 Jun 2026 03:08:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:1e:ec:63:cc:e4:28:d9:4b:93:9b:37:00:eb:3f:ab:db:36:01:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: Jun 8 02:17:08 2026 GMT
Not After : Jun 7 02:22:08 2027 GMT
Subject: CN=9BFFE46082C12CC19B481296E819E860BFDE8830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1a:b1:ce:12:ae:ae:f9:3d:0b:83:0b:1b:7a:
3a:43:f9:4e:3a:2a:51:2f:e2:24:b5:fc:6c:80:de:
f1:5d:17:c4:9a:3e:a9:00:9e:29:08:0b:f1:9b:d3:
49:13:d8:2a:0d:82:a2:e3:de:b4:80:70:02:70:46:
7a:45:53:d2:b1:a0:d4:b0:8b:e0:aa:24:f9:55:0c:
f6:f7:30:25:d3:39:1a:ff:d0:27:95:21:50:9d:cb:
01:fd:a5:19:28:e6:3c:7e:80:1c:08:0e:86:42:2b:
e8:83:d8:40:9f:36:ae:5a:6d:6d:d9:72:de:fd:f5:
44:2f:96:5a:07:fa:5b:43:71:65:3f:4d:9b:e7:a6:
5f:57:d3:6c:ea:c6:6d:93:63:f2:c5:e9:38:06:38:
fb:8b:ee:14:82:8d:d7:cf:c4:c3:c8:77:77:0f:61:
a0:1f:69:a8:19:cf:15:18:f5:47:56:de:94:1b:b2:
c1:a9:ea:58:1c:5a:2a:2e:89:b7:e0:86:7b:97:d7:
20:d5:d9:d7:e4:d0:de:c9:6e:2e:b5:36:b2:75:bc:
22:55:e5:db:96:80:f6:a4:d4:de:fd:65:93:fe:79:
6f:ef:18:2b:cb:3b:16:de:8b:45:39:57:fc:48:42:
56:8b:ef:42:b3:6f:c0:cf:d0:13:f8:d8:80:c7:7e:
3a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:FF:E4:60:82:C1:2C:C1:9B:48:12:96:E8:19:E8:60:BF:DE:88:30
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS45298.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.249.208.0/22
49.50.4.0/23
103.206.240.0/22
103.228.8.0/24
103.247.244.0/23
103.253.106.0/23
202.43.72.0/22
203.89.146.0/23
203.171.221.0/24
203.209.190.0/24
IPv6:
2405:700::/32
Signature Algorithm: sha256WithRSAEncryption
88:ea:b3:70:64:14:6b:ba:a6:99:6a:24:47:11:d9:ed:23:ba:
d0:a3:01:8a:ad:15:56:bb:10:44:67:64:df:02:1e:a3:1d:8b:
ca:ba:19:ff:99:c9:5d:2a:fb:06:41:bd:ef:88:30:12:3a:c8:
c5:e9:2c:0b:9f:69:ed:95:4b:be:94:db:4c:24:09:69:f2:13:
d3:dd:68:67:31:f2:18:16:f3:82:1a:05:6b:0a:f1:6e:99:fd:
36:fd:9f:96:0f:a1:c6:26:e2:de:d8:c4:7f:70:6f:1b:21:a7:
da:87:fb:a9:06:d0:36:2e:a4:8a:af:51:0c:b3:b6:fd:c0:c6:
28:57:64:5c:a2:07:4d:7b:3f:e5:f3:73:c7:48:2b:c2:f8:5d:
e1:62:c1:b7:76:b7:76:26:81:bc:cb:fc:4d:eb:ee:91:a6:64:
76:b3:2d:03:7d:23:c5:fe:dc:7e:14:59:bf:64:bc:69:9c:6d:
94:bd:53:dc:a1:9e:d6:a3:0b:f1:ec:e3:12:ab:c8:f2:df:15:
ea:a6:78:74:cc:9c:1b:59:34:c6:49:64:18:74:25:50:43:c4:
b0:e2:16:8a:fc:07:8a:60:4a:64:a4:29:eb:50:d8:00:95:2b:
5d:7a:f5:94:ad:34:90:d0:02:79:eb:d7:80:3b:29:7e:c8:fa:
bb:26:fa:7c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUWR7sY8zkKNlLk5s3AOs/q9s2AYowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDYwODAyMTcwOFoX
DTI3MDYwNzAyMjIwOFowMzExMC8GA1UEAxMoOUJGRkU0NjA4MkMxMkNDMTlCNDgx
Mjk2RTgxOUU4NjBCRkRFODgzMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0asc4Srq75PQuDCxt6OkP5TjoqUS/iJLX8bIDe8V0XxJo+qQCeKQgL8ZvT
SRPYKg2CouPetIBwAnBGekVT0rGg1LCL4Kok+VUM9vcwJdM5Gv/QJ5UhUJ3LAf2l
GSjmPH6AHAgOhkIr6IPYQJ82rlptbdly3v31RC+WWgf6W0NxZT9Nm+emX1fTbOrG
bZNj8sXpOAY4+4vuFIKN18/Ew8h3dw9hoB9pqBnPFRj1R1belBuywanqWBxaKi6J
t+CGe5fXINXZ1+TQ3sluLrU2snW8IlXl25aA9qTU3v1lk/55b+8YK8s7Ft6LRTlX
/EhCVovvQrNvwM/QE/jYgMd+OrcCAwEAAaOCAhAwggIMMB0GA1UdDgQWBBSb/+Rg
gsEswZtIEpboGehgv96IMDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTNDUyOTgucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYIKwYBBQUHAQcBAf8EVTBTMEIEAgAB
MDwDBAIr+dADBAExMgQDBAJnzvADBABn5AgDBAFn9/QDBAFn/WoDBALKK0gDBAHL
WZIDBADLq90DBADL0b4wDQQCAAIwBwMFACQFBwAwDQYJKoZIhvcNAQELBQADggEB
AIjqs3BkFGu6pplqJEcR2e0jutCjAYqtFVa7EERnZN8CHqMdi8q6Gf+ZyV0q+wZB
ve+IMBI6yMXpLAufae2VS76U20wkCWnyE9PdaGcx8hgW84IaBWsK8W6Z/Tb9n5YP
ocYm4t7YxH9wbxshp9qH+6kG0DYupIqvUQyztv3AxihXZFyiB017P+Xzc8dIK8L4
XeFiwbd2t3YmgbzL/E3r7pGmZHazLQN9I8X+3H4UWb9kvGmcbZS9U9yhntajC/Hs
4xKryPLfFeqmeHTMnBtZNMZJZBh0JVBDxLDiFor8B4pgSmSkKetQ2ACVK1169ZSt
NJDQAnnr14A7KX7I+rsm+nw=
-----END CERTIFICATE-----
Generated at Wed Jun 17 08:26:03 2026 by rpki-client