Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133815.roa
File: AS133815.roa (raw, json)
Hash identifier: DpHIiQAJ9HP8DXpImuyd0Zm/YU5FE2BjsQeemKiy+jw=
Subject key identifier: 51:3F:39:7F:19:DA:AF:8E:0C:E9:67:50:12:8B:21:D7:A3:CB:C2:0C
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 245433CFDC8849C14CD640486A23FAB0ED1E1271
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133815.roa
Signing time: Mon 14 Apr 2025 00:00:00 +0000
ROA not before: Sun 13 Apr 2025 23:55:00 +0000
ROA not after: Mon 13 Apr 2026 00:00:00 +0000
asID: 133815
IP address blocks: 103.141.150.0/23 maxlen: 24
103.141.152.0/23 maxlen: 24
103.149.224.0/23 maxlen: 24
103.149.230.0/23 maxlen: 24
103.149.232.0/23 maxlen: 24
103.149.234.0/23 maxlen: 24
103.150.4.0/23 maxlen: 24
103.150.12.0/23 maxlen: 24
103.150.14.0/23 maxlen: 24
103.150.16.0/23 maxlen: 24
103.150.34.0/23 maxlen: 24
103.151.18.0/23 maxlen: 24
103.151.100.0/23 maxlen: 24
103.151.194.0/23 maxlen: 24
103.152.70.0/23 maxlen: 24
103.152.90.0/23 maxlen: 24
103.152.96.0/23 maxlen: 24
103.152.110.0/23 maxlen: 24
103.188.40.0/23 maxlen: 24
103.188.50.0/23 maxlen: 24
103.188.52.0/23 maxlen: 24
103.190.216.0/23 maxlen: 24
103.190.218.0/23 maxlen: 24
103.190.220.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Apr 2025 20:52:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:54:33:cf:dc:88:49:c1:4c:d6:40:48:6a:23:fa:b0:ed:1e:12:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Apr 13 23:55:00 2025 GMT
Not After : Apr 13 00:00:00 2026 GMT
Subject: CN=513F397F19DAAF8E0CE96750128B21D7A3CBC20C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:20:62:cd:54:9d:7c:46:a8:2f:7b:ff:0f:da:
a6:cb:ed:4a:0c:49:ac:f2:59:aa:fc:61:0e:07:8d:
04:d6:91:5a:0a:39:b2:e1:80:11:77:ac:6d:f1:16:
99:63:fb:b9:21:74:73:90:fc:74:f9:7f:70:63:96:
41:fc:8b:6d:4a:28:22:e6:7b:8a:6c:33:10:db:36:
c4:70:61:8a:27:79:af:3b:67:0a:b7:2b:b0:60:10:
ae:9e:16:19:6b:df:79:96:d5:d2:9a:30:5a:e6:3c:
73:91:31:fa:b0:27:a1:4a:ca:8e:6c:e7:1c:33:72:
d2:e8:2a:6c:de:e4:a3:f5:85:91:6d:2b:0d:f1:23:
16:e7:71:24:9b:1b:44:30:e5:db:e4:7e:f3:1e:c6:
cc:e3:9e:3e:85:d3:6a:76:02:e6:11:0a:91:a1:20:
6a:bf:8b:60:33:ff:40:2d:87:b5:b2:c8:ad:e1:81:
51:ba:5b:41:bc:de:9b:78:58:c9:e6:0d:32:ea:7f:
c3:06:18:73:24:a2:63:a8:ac:5d:e8:17:8a:2e:09:
0d:62:bc:3a:9e:33:89:7f:18:ba:ed:20:2f:13:6c:
cd:c9:a2:3b:b6:96:0f:d6:cf:d5:09:a8:cf:6b:33:
2e:30:22:39:76:b4:fd:6b:ab:33:7c:53:e4:31:90:
98:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:3F:39:7F:19:DA:AF:8E:0C:E9:67:50:12:8B:21:D7:A3:CB:C2:0C
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133815.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.141.150.0-103.141.153.255
103.149.224.0/23
103.149.230.0-103.149.235.255
103.150.4.0/23
103.150.12.0-103.150.17.255
103.150.34.0/23
103.151.18.0/23
103.151.100.0/23
103.151.194.0/23
103.152.70.0/23
103.152.90.0/23
103.152.96.0/23
103.152.110.0/23
103.188.40.0/23
103.188.50.0-103.188.53.255
103.190.216.0-103.190.221.255
Signature Algorithm: sha256WithRSAEncryption
66:fc:69:08:59:67:27:35:b1:a5:b9:02:ab:b0:b6:4c:b9:07:
71:97:48:31:4f:2b:34:5a:b7:4e:1c:c9:89:a9:b2:b1:69:a3:
b6:4d:a9:9a:e5:eb:c5:67:ed:50:09:f2:a8:9a:39:44:bc:94:
07:cb:4a:96:8e:91:72:48:34:65:e7:b9:c8:00:b3:4d:79:41:
1c:8f:99:e1:3b:d3:51:05:3f:35:e6:16:2c:1f:46:98:ee:88:
40:44:46:04:15:68:f3:b0:cc:7a:c8:b0:0d:5b:3f:6e:65:b9:
13:a1:e8:5b:b5:c9:a7:ae:4c:f4:2c:4c:3f:71:15:18:ab:8e:
07:fa:af:e1:f7:a8:eb:5d:ba:9e:bf:f0:74:ca:35:90:77:be:
6e:9a:20:b8:5a:26:d3:f8:66:90:5e:58:50:46:e0:91:79:82:
d9:6e:b5:6c:51:08:41:29:8a:83:20:48:29:fd:66:f6:9c:e4:
40:de:fa:90:30:0d:fb:a4:13:ba:23:45:b3:32:1f:b0:31:43:
df:f4:fd:61:29:c8:ef:f5:77:d5:fb:e8:32:9a:4c:74:aa:c4:
0e:c0:54:56:4b:39:ee:f3:6e:23:ad:68:2a:66:16:3b:92:06:
4d:31:6c:0b:31:32:38:15:c6:9f:95:eb:24:be:17:fe:ec:17:
43:94:4f:6b
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIUJFQzz9yIScFM1kBIaiP6sO0eEnEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDQxMzIzNTUwMFoX
DTI2MDQxMzAwMDAwMFowMzExMC8GA1UEAxMoNTEzRjM5N0YxOURBQUY4RTBDRTk2
NzUwMTI4QjIxRDdBM0NCQzIwQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwgYs1UnXxGqC97/w/apsvtSgxJrPJZqvxhDgeNBNaRWgo5suGAEXesbfEW
mWP7uSF0c5D8dPl/cGOWQfyLbUooIuZ7imwzENs2xHBhiid5rztnCrcrsGAQrp4W
GWvfeZbV0powWuY8c5Ex+rAnoUrKjmznHDNy0ugqbN7ko/WFkW0rDfEjFudxJJsb
RDDl2+R+8x7GzOOePoXTanYC5hEKkaEgar+LYDP/QC2HtbLIreGBUbpbQbzem3hY
yeYNMup/wwYYcySiY6isXegXii4JDWK8Op4ziX8Yuu0gLxNszcmiO7aWD9bP1Qmo
z2szLjAiOXa0/WurM3xT5DGQmJUCAwEAAaOCAlcwggJTMB0GA1UdDgQWBBRRPzl/
GdqvjgzpZ1ASiyHXo8vCDDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzMzgxNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBpQYIKwYBBQUHAQcBAf8EgZUw
gZIwgY8EAgABMIGIMAwDBAFnjZYDBAFnjZgDBAFnleAwDAMEAWeV5gMEAmeV6AME
AWeWBDAMAwQCZ5YMAwQBZ5YQAwQBZ5YiAwQBZ5cSAwQBZ5dkAwQBZ5fCAwQBZ5hG
AwQBZ5haAwQBZ5hgAwQBZ5huAwQBZ7woMAwDBAFnvDIDBAFnvDQwDAMEA2e+2AME
AWe+3DANBgkqhkiG9w0BAQsFAAOCAQEAZvxpCFlnJzWxpbkCq7C2TLkHcZdIMU8r
NFq3ThzJiamysWmjtk2pmuXrxWftUAnyqJo5RLyUB8tKlo6Rckg0Zee5yACzTXlB
HI+Z4TvTUQU/NeYWLB9GmO6IQERGBBVo87DMesiwDVs/bmW5E6HoW7XJp65M9CxM
P3EVGKuOB/qv4feo6126nr/wdMo1kHe+bpoguFom0/hmkF5YUEbgkXmC2W61bFEI
QSmKgyBIKf1m9pzkQN76kDAN+6QTuiNFszIfsDFD3/T9YSnI7/V31fvoMppMdKrE
DsBUVks57vNuI61oKmYWO5IGTTFsCzEyOBXGn5XrJL4X/uwXQ5RPaw==
-----END CERTIFICATE-----
Generated at Thu Apr 24 20:37:17 2025 by rpki-client on console.sobornost.net