Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS24203.roa
File: AS24203.roa (raw, json)
Hash identifier: RcXWrM2D/80OjwnXWkmtP3NtA2nvrJyw1XUDYH81Go8=
Subject key identifier: 48:27:FB:39:57:61:E8:70:93:97:FF:11:38:9A:22:2D:DA:88:0A:92
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 038B1992680EDA919BB5AB1E806758B03A3D3537
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS24203.roa
Signing time: Mon 13 Oct 2025 05:12:17 +0000
ROA not before: Mon 13 Oct 2025 05:07:17 +0000
ROA not after: Mon 12 Oct 2026 05:12:17 +0000
asID: 24203
IP address blocks: 157.85.192.0/19 maxlen: 19
157.85.192.0/24 maxlen: 24
157.85.193.0/24 maxlen: 24
157.85.194.0/24 maxlen: 24
157.85.195.0/24 maxlen: 24
157.85.196.0/24 maxlen: 24
157.85.199.0/24 maxlen: 24
157.85.200.0/24 maxlen: 24
157.85.201.0/24 maxlen: 24
157.85.202.0/24 maxlen: 24
157.85.203.0/24 maxlen: 24
157.85.204.0/24 maxlen: 24
157.85.205.0/24 maxlen: 24
157.85.210.0/24 maxlen: 24
157.85.214.0/24 maxlen: 24
157.85.215.0/24 maxlen: 24
157.85.216.0/24 maxlen: 24
157.85.217.0/24 maxlen: 24
157.85.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Oct 2025 03:04:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:8b:19:92:68:0e:da:91:9b:b5:ab:1e:80:67:58:b0:3a:3d:35:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Validity
Not Before: Oct 13 05:07:17 2025 GMT
Not After : Oct 12 05:12:17 2026 GMT
Subject: CN=4827FB395761E8709397FF11389A222DDA880A92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3a:39:7c:b9:dd:3b:4f:3f:88:9c:c6:25:6c:
53:78:48:02:1e:79:b2:32:c1:35:d1:9d:1b:46:fd:
d1:30:24:b8:19:11:01:73:56:53:25:28:e6:53:a4:
7d:16:84:05:6f:b6:2b:9d:c6:bd:9f:04:cf:a9:73:
20:5c:7c:05:50:82:10:9c:b7:2f:cd:b6:0d:f4:b4:
bb:46:f6:2a:0f:47:6d:dc:3a:51:51:cb:15:63:bc:
2f:b3:78:d2:07:86:23:d0:62:48:ca:d5:e7:e8:02:
49:93:3f:bc:8c:b0:1a:de:67:44:15:a6:7d:9c:cc:
c8:43:6d:2c:e6:53:4a:96:dc:09:3b:fc:77:13:0a:
a7:6c:7a:83:48:53:7c:6b:ae:48:6a:bf:a5:cc:7d:
eb:f3:bf:58:f8:7c:fb:db:cc:fd:cf:a1:b5:33:30:
ef:ba:f6:1b:e8:33:10:bf:ec:53:8c:ea:4d:2a:26:
59:ba:26:e0:ba:15:3a:9c:69:05:1a:48:a3:71:25:
3d:b8:8c:23:46:5e:fb:68:14:ee:32:6c:22:50:a6:
9e:8a:37:8f:07:57:a1:32:3e:47:59:75:90:67:9b:
8e:84:af:0e:55:2b:fe:6a:65:37:35:bc:0b:32:5c:
0b:09:f9:90:fc:ac:12:7f:fc:b4:0d:dc:0a:8b:0b:
41:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:27:FB:39:57:61:E8:70:93:97:FF:11:38:9A:22:2D:DA:88:0A:92
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS24203.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.85.192.0/19
Signature Algorithm: sha256WithRSAEncryption
0d:e3:aa:54:9a:1e:21:50:9d:79:c7:f2:9b:b6:27:9a:16:a1:
43:46:a0:93:4c:b6:c2:c7:62:cd:c0:41:a3:1f:e1:37:7d:c0:
ee:ff:26:40:40:2d:f4:7a:52:aa:10:cc:80:e1:54:94:c7:32:
8e:80:08:99:a5:72:7c:d2:1c:9f:2f:35:c2:d9:bc:39:91:eb:
fd:b3:49:f4:c7:fa:12:3c:ae:06:30:12:6a:5e:fd:fb:b7:3b:
1b:fe:fd:ce:29:63:83:32:30:f9:f5:cd:2c:ac:7d:fc:de:33:
e5:f5:bb:1f:c9:84:7e:eb:07:63:f1:1e:56:ab:f2:7b:6a:30:
93:1a:ed:13:64:13:d5:16:67:5c:84:3d:f5:ae:3e:f1:8c:8e:
76:16:c5:4c:79:6f:81:14:5b:91:92:3f:e0:9b:3b:89:78:57:
08:5c:07:71:fe:92:a6:ff:f1:b1:b7:b6:3b:89:df:d5:b5:19:
2c:dd:9a:e0:96:b8:e0:51:9a:7e:8a:dc:0f:b7:08:5e:47:85:
2d:4d:7a:15:8d:11:14:cc:b0:e1:33:7c:18:f2:83:e8:35:ff:
1b:76:02:be:cd:ba:ef:31:af:f8:89:cd:b5:51:04:13:f8:30:
cf:69:76:d3:31:3b:34:17:7c:19:93:6b:d2:a3:34:21:24:9d:
70:db:36:f7
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUA4sZkmgO2pGbtasegGdYsDo9NTcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTAxMzA1MDcxN1oX
DTI2MTAxMjA1MTIxN1owMzExMC8GA1UEAxMoNDgyN0ZCMzk1NzYxRTg3MDkzOTdG
RjExMzg5QTIyMkREQTg4MEE5MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL06OXy53TtPP4icxiVsU3hIAh55sjLBNdGdG0b90TAkuBkRAXNWUyUo5lOk
fRaEBW+2K53GvZ8Ez6lzIFx8BVCCEJy3L822DfS0u0b2Kg9Hbdw6UVHLFWO8L7N4
0geGI9BiSMrV5+gCSZM/vIywGt5nRBWmfZzMyENtLOZTSpbcCTv8dxMKp2x6g0hT
fGuuSGq/pcx96/O/WPh8+9vM/c+htTMw77r2G+gzEL/sU4zqTSomWbom4LoVOpxp
BRpIo3ElPbiMI0Ze+2gU7jJsIlCmnoo3jwdXoTI+R1l1kGebjoSvDlUr/mplNzW8
CzJcCwn5kPysEn/8tA3cCosLQXcCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRIJ/s5
V2HocJOX/xE4miIt2ogKkjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzI0MjAzLnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQFnVXAMA0GCSqGSIb3DQEBCwUAA4IBAQAN46pUmh4hUJ15x/Kbtiea
FqFDRqCTTLbCx2LNwEGjH+E3fcDu/yZAQC30elKqEMyA4VSUxzKOgAiZpXJ80hyf
LzXC2bw5kev9s0n0x/oSPK4GMBJqXv37tzsb/v3OKWODMjD59c0srH383jPl9bsf
yYR+6wdj8R5Wq/J7ajCTGu0TZBPVFmdchD31rj7xjI52FsVMeW+BFFuRkj/gmzuJ
eFcIXAdx/pKm//Gxt7Y7id/VtRks3ZrglrjgUZp+itwPtwheR4UtTXoVjREUzLDh
M3wY8oPoNf8bdgK+zbrvMa/4ic21UQQT+DDPaXbTMTs0F3wZk2vSozQhJJ1w2zb3
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:16:38 2025 by rpki-client