Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS4787.roa
File: AS4787.roa (raw, json)
Hash identifier: S7LQVKDuRaOoEYGiSOmjxejCC+rRTyoxIobEyp1wv7o=
Subject key identifier: 20:F3:A6:13:91:8F:93:D1:8D:E8:81:36:85:27:F3:D2:58:63:01:E2
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 7E72012166D62FB16C8CC91B5ABEE0C9D0DBE2E7
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS4787.roa
Signing time: Thu 11 Jun 2026 03:26:53 +0000
ROA not before: Thu 11 Jun 2026 03:21:53 +0000
ROA not after: Thu 10 Jun 2027 03:26:53 +0000
asID: 4787
IP address blocks: 103.86.152.0/22 maxlen: 24
103.109.160.0/23 maxlen: 24
103.109.172.0/22 maxlen: 24
103.111.200.0/22 maxlen: 24
103.113.48.0/22 maxlen: 24
103.113.52.0/22 maxlen: 24
103.113.73.0/24 maxlen: 24
103.164.132.0/23 maxlen: 24
103.164.134.0/23 maxlen: 24
202.51.24.0/21 maxlen: 24
2403:3440::/32 maxlen: 48
2403:34c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 18 Jun 2026 03:08:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:72:01:21:66:d6:2f:b1:6c:8c:c9:1b:5a:be:e0:c9:d0:db:e2:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: Jun 11 03:21:53 2026 GMT
Not After : Jun 10 03:26:53 2027 GMT
Subject: CN=20F3A613918F93D18DE881368527F3D2586301E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:5e:01:79:aa:8f:a7:69:6e:99:52:b0:4e:6b:
a9:3f:00:e6:ab:47:09:3a:80:8a:db:fc:6b:ed:dc:
08:66:c7:58:c2:75:0d:18:f3:27:c8:69:54:92:66:
46:5a:0e:77:a4:9e:66:bf:ff:ec:02:33:3b:68:8b:
cd:8f:e6:ab:bb:d2:4d:19:56:c1:59:90:af:c1:b1:
86:1d:6d:2b:9c:20:bc:59:d7:72:d4:cc:c6:3e:7f:
c3:18:08:00:73:63:79:20:84:44:15:98:5a:1a:92:
02:fd:db:c3:33:b4:75:49:43:d4:57:64:0f:b2:da:
44:b2:da:58:73:93:1e:0b:57:5c:a1:65:63:bf:96:
77:e5:da:27:e5:16:26:80:19:b0:0f:6c:21:34:9c:
55:7d:27:a5:e3:97:d2:7c:a7:a0:35:ba:2e:8a:c4:
72:b4:43:b6:7f:bc:d2:2c:ae:72:99:c8:df:e8:91:
44:b5:20:8c:b4:96:ea:3c:ac:30:b2:2a:3b:31:a3:
17:5b:41:6c:6a:e6:8b:37:09:1d:ba:7a:37:84:59:
08:cc:52:cd:62:49:68:2e:73:f1:b1:b2:55:47:4a:
76:39:64:ed:8d:38:cd:72:3b:3e:8a:d0:05:d8:39:
4c:ed:cd:62:65:6d:61:e6:93:9a:3e:6a:76:ac:e5:
75:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F3:A6:13:91:8F:93:D1:8D:E8:81:36:85:27:F3:D2:58:63:01:E2
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS4787.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.86.152.0/22
103.109.160.0/23
103.109.172.0/22
103.111.200.0/22
103.113.48.0/21
103.113.73.0/24
103.164.132.0/22
202.51.24.0/21
IPv6:
2403:3440::/32
2403:34c0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:cf:21:07:24:31:28:ac:a5:03:05:90:a7:08:79:27:e2:36:
8b:b3:2a:73:6d:fa:1b:cb:a8:7a:b2:84:b6:f3:8d:02:ae:5d:
64:17:92:fd:77:7b:87:d5:11:fb:9f:40:d0:12:c3:97:b3:fb:
db:b1:91:e4:86:a7:ed:de:73:1c:40:d5:15:92:dc:9f:44:37:
5e:06:89:52:e6:9d:80:57:68:2c:02:3e:74:3f:7b:90:12:6d:
86:b0:59:42:0f:b6:e5:2d:1a:db:e4:d5:d9:bb:8c:70:6a:3e:
e7:b1:bd:25:bd:cc:76:f2:18:8d:08:39:1a:67:91:3a:8d:b5:
88:de:9a:ec:eb:5d:d1:da:e6:e8:36:00:a7:78:76:34:94:95:
2e:d0:ee:05:34:c3:40:49:aa:89:30:9c:d9:d2:2e:98:73:90:
77:11:23:96:43:03:fd:a4:1f:f1:12:e1:d6:cb:a7:0f:1d:74:
b2:92:98:7e:43:11:e2:d3:45:14:23:2a:91:db:a7:dd:54:c2:
81:51:3a:79:24:07:cd:25:2c:94:e8:00:66:91:cf:a7:f5:8e:
e6:ef:d0:f5:78:70:c3:a1:ea:ab:52:cd:d0:33:7e:a4:2a:4b:
27:a7:ac:1a:eb:ec:8e:0d:f1:43:6f:ec:98:60:67:e4:49:ed:
a1:ce:fc:ad
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUfnIBIWbWL7FsjMkbWr7gydDb4ucwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDYxMTAzMjE1M1oX
DTI3MDYxMDAzMjY1M1owMzExMC8GA1UEAxMoMjBGM0E2MTM5MThGOTNEMThERTg4
MTM2ODUyN0YzRDI1ODYzMDFFMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJFeAXmqj6dpbplSsE5rqT8A5qtHCTqAitv8a+3cCGbHWMJ1DRjzJ8hpVJJm
RloOd6SeZr//7AIzO2iLzY/mq7vSTRlWwVmQr8Gxhh1tK5wgvFnXctTMxj5/wxgI
AHNjeSCERBWYWhqSAv3bwzO0dUlD1FdkD7LaRLLaWHOTHgtXXKFlY7+Wd+XaJ+UW
JoAZsA9sITScVX0npeOX0nynoDW6LorEcrRDtn+80iyucpnI3+iRRLUgjLSW6jys
MLIqOzGjF1tBbGrmizcJHbp6N4RZCMxSzWJJaC5z8bGyVUdKdjlk7Y04zXI7PorQ
Bdg5TO3NYmVtYeaTmj5qdqzldcUCAwEAAaOCAgowggIGMB0GA1UdDgQWBBQg86YT
kY+T0Y3ogTaFJ/PSWGMB4jAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBQBggrBgEFBQcBCwREMEIwQAYIKwYBBQUHMAuGNHJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTNDc4Ny5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBggrBgEFBQcBBwEB/wRQME4wNgQCAAEw
MAMEAmdWmAMEAWdtoAMEAmdtrAMEAmdvyAMEA2dxMAMEAGdxSQMEAmekhAMEA8oz
GDAUBAIAAjAOAwUAJAM0QAMFACQDNMAwDQYJKoZIhvcNAQELBQADggEBAFvPIQck
MSispQMFkKcIeSfiNouzKnNt+hvLqHqyhLbzjQKuXWQXkv13e4fVEfufQNASw5ez
+9uxkeSGp+3ecxxA1RWS3J9EN14GiVLmnYBXaCwCPnQ/e5ASbYawWUIPtuUtGtvk
1dm7jHBqPuexvSW9zHbyGI0IORpnkTqNtYjemuzrXdHa5ug2AKd4djSUlS7Q7gU0
w0BJqokwnNnSLphzkHcRI5ZDA/2kH/ES4dbLpw8ddLKSmH5DEeLTRRQjKpHbp91U
woFROnkkB80lLJToAGaRz6f1jubv0PV4cMOh6qtSzdAzfqQqSyenrBrr7I4N8UNv
7JhgZ+RJ7aHO/K0=
-----END CERTIFICATE-----
Generated at Wed Jun 17 08:24:12 2026 by rpki-client