Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139994.roa
File: AS139994.roa (raw, json)
Hash identifier: uIgzViUf4HgIiEPMuQgN0xYW33qEAp/IXHV5RwEoFwg=
Subject key identifier: 1A:35:D7:56:5C:2F:34:3F:12:C1:7C:13:5D:BD:8D:2E:86:FA:B9:BD
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 68E3B25990FE1796BA5711EA865CB12354D0333F
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139994.roa
Signing time: Mon 13 Oct 2025 05:10:40 +0000
ROA not before: Mon 13 Oct 2025 05:05:40 +0000
ROA not after: Mon 12 Oct 2026 05:10:40 +0000
asID: 139994
IP address blocks: 140.213.196.0/24 maxlen: 24
140.213.197.0/24 maxlen: 24
140.213.198.0/24 maxlen: 24
140.213.199.0/24 maxlen: 24
140.213.200.0/24 maxlen: 24
140.213.201.0/24 maxlen: 24
140.213.202.0/24 maxlen: 24
140.213.203.0/24 maxlen: 24
157.85.197.0/24 maxlen: 24
157.85.198.0/24 maxlen: 24
157.85.206.0/24 maxlen: 24
157.85.207.0/24 maxlen: 24
157.85.208.0/24 maxlen: 24
157.85.209.0/24 maxlen: 24
157.85.210.0/24 maxlen: 24
157.85.211.0/24 maxlen: 24
157.85.212.0/24 maxlen: 24
157.85.213.0/24 maxlen: 24
157.85.218.0/24 maxlen: 24
157.85.219.0/24 maxlen: 24
157.85.220.0/24 maxlen: 24
157.85.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Oct 2025 03:04:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:e3:b2:59:90:fe:17:96:ba:57:11:ea:86:5c:b1:23:54:d0:33:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Validity
Not Before: Oct 13 05:05:40 2025 GMT
Not After : Oct 12 05:10:40 2026 GMT
Subject: CN=1A35D7565C2F343F12C17C135DBD8D2E86FAB9BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c7:64:63:e5:67:6a:17:7b:b8:fb:b1:56:fa:
d8:22:14:d7:64:85:fc:7c:32:4f:56:5f:32:83:b3:
74:c0:56:c6:8d:13:e2:e4:2e:cd:3f:d3:d2:9b:f8:
de:40:44:33:75:33:2d:5e:a4:65:37:d4:55:80:68:
cf:7b:0f:ae:69:41:a4:a2:40:8e:8c:e8:ad:63:00:
8f:61:3d:62:0e:dc:10:39:d1:a7:82:43:1e:5f:15:
96:55:2d:a5:22:61:37:4d:c9:ea:d3:8e:d5:ed:1b:
bd:47:d5:ba:ac:f3:7b:67:77:c5:0b:1d:3e:3c:2a:
4f:50:29:71:93:e4:da:a6:be:c6:0a:bc:97:bf:47:
94:86:ac:5d:89:01:b8:c5:8d:3f:71:c8:e8:7d:96:
39:78:32:bb:ef:06:9b:67:5a:ef:e2:21:a0:d8:93:
b9:94:d1:55:47:3d:21:f5:2c:b1:55:24:12:a4:33:
24:11:3f:48:fb:9a:ee:7b:dd:02:c1:76:e6:ed:58:
eb:45:ff:f1:97:78:95:29:2e:91:c6:3c:22:ed:8a:
69:96:5d:a1:d5:e4:09:0f:b9:95:2d:e4:b2:ef:28:
78:83:0b:3b:cf:f7:09:5f:31:28:87:c9:59:d9:2c:
d8:f3:bb:25:60:6f:41:ae:7e:d3:a7:07:73:70:65:
b4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:35:D7:56:5C:2F:34:3F:12:C1:7C:13:5D:BD:8D:2E:86:FA:B9:BD
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139994.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.213.196.0-140.213.203.255
157.85.197.0-157.85.198.255
157.85.206.0-157.85.213.255
157.85.218.0-157.85.221.255
Signature Algorithm: sha256WithRSAEncryption
02:2e:ba:6b:de:7d:b3:02:f8:b4:fd:c0:5f:e1:cb:b0:ea:dc:
4c:7e:ee:55:ec:7f:17:52:fe:be:da:9c:33:53:e5:6d:d6:10:
e1:3d:5b:71:6a:2c:db:fc:b5:cc:f4:1c:06:15:14:33:9f:81:
e5:62:9f:75:5e:43:9b:94:09:aa:89:7a:cb:c8:e4:3b:08:97:
76:de:02:96:71:b0:b6:86:ef:26:bd:70:ed:2a:a2:3c:7a:aa:
4b:59:87:b5:a0:46:e1:88:e2:3d:32:24:78:1b:f7:7e:6c:bc:
40:a4:96:4d:eb:04:03:81:f4:04:b9:5e:9a:c1:ee:2a:26:2d:
03:b9:a5:97:4e:1e:b6:14:91:04:b2:e7:eb:ea:f9:de:93:21:
63:ba:8d:0a:0d:77:cb:de:b0:38:14:92:0e:ff:6f:f7:01:e7:
0e:f4:c9:2a:2b:90:50:85:49:f9:e6:aa:8e:82:36:9f:99:05:
21:96:63:f5:b1:64:7a:75:3b:82:a1:48:81:7c:a5:5d:c8:86:
00:10:3d:55:53:8e:29:95:39:c8:4e:16:68:54:5e:6e:9e:f2:
7e:80:74:37:50:58:fa:75:89:5a:4d:1a:f5:f2:9c:75:0d:c9:
31:99:b5:0b:f0:31:b5:98:b7:9a:e5:d9:1d:ea:39:d0:57:52:
02:db:10:3b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIUaOOyWZD+F5a6VxHqhlyxI1TQMz8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTAxMzA1MDU0MFoX
DTI2MTAxMjA1MTA0MFowMzExMC8GA1UEAxMoMUEzNUQ3NTY1QzJGMzQzRjEyQzE3
QzEzNURCRDhEMkU4NkZBQjlCRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzHZGPlZ2oXe7j7sVb62CIU12SF/HwyT1ZfMoOzdMBWxo0T4uQuzT/T0pv4
3kBEM3UzLV6kZTfUVYBoz3sPrmlBpKJAjozorWMAj2E9Yg7cEDnRp4JDHl8VllUt
pSJhN03J6tOO1e0bvUfVuqzze2d3xQsdPjwqT1ApcZPk2qa+xgq8l79HlIasXYkB
uMWNP3HI6H2WOXgyu+8Gm2da7+IhoNiTuZTRVUc9IfUssVUkEqQzJBE/SPua7nvd
AsF25u1Y60X/8Zd4lSkukcY8Iu2KaZZdodXkCQ+5lS3ksu8oeIMLO8/3CV8xKIfJ
Wdks2PO7JWBvQa5+06cHc3BltK8CAwEAAaOCAgIwggH+MB0GA1UdDgQWBBQaNddW
XC80PxLBfBNdvY0uhvq5vTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzOTk5NC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBRBggrBgEFBQcBBwEB/wRCMEAw
PgQCAAEwODAMAwQCjNXEAwQCjNXIMAwDBACdVcUDBACdVcYwDAMEAZ1VzgMEAZ1V
1DAMAwQBnVXaAwQBnVXcMA0GCSqGSIb3DQEBCwUAA4IBAQACLrpr3n2zAvi0/cBf
4cuw6txMfu5V7H8XUv6+2pwzU+Vt1hDhPVtxaizb/LXM9BwGFRQzn4HlYp91XkOb
lAmqiXrLyOQ7CJd23gKWcbC2hu8mvXDtKqI8eqpLWYe1oEbhiOI9MiR4G/d+bLxA
pJZN6wQDgfQEuV6awe4qJi0DuaWXTh62FJEEsufr6vnekyFjuo0KDXfL3rA4FJIO
/2/3AecO9MkqK5BQhUn55qqOgjafmQUhlmP1sWR6dTuCoUiBfKVdyIYAED1VU44p
lTnIThZoVF5unvJ+gHQ3UFj6dYlaTRr18px1DckxmbUL8DG1mLea5dkd6jnQV1IC
2xA7
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:08:32 2025 by rpki-client