Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138077.roa
File: AS138077.roa (raw, json)
Hash identifier: t0rzkgCefiOlwZfVIO0iywTk21EUh6peID+2jjGuAJk=
Subject key identifier: BF:A6:1E:E0:F6:A0:65:25:96:24:8F:00:A8:71:93:1B:65:7B:7E:93
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 6E87C856EE60041FF7D4EFD8C99E4F3CEBA2DCF3
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138077.roa
Signing time: Wed 15 Oct 2025 07:53:16 +0000
ROA not before: Wed 15 Oct 2025 07:48:16 +0000
ROA not after: Wed 14 Oct 2026 07:53:16 +0000
asID: 138077
IP address blocks: 103.7.187.0/24 maxlen: 24
103.52.2.0/23 maxlen: 24
103.87.70.0/23 maxlen: 24
103.137.38.0/23 maxlen: 24
103.160.54.0/23 maxlen: 24
103.160.154.0/23 maxlen: 24
103.169.204.0/23 maxlen: 24
117.103.116.0/23 maxlen: 24
202.56.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 22 Oct 2025 17:51:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:87:c8:56:ee:60:04:1f:f7:d4:ef:d8:c9:9e:4f:3c:eb:a2:dc:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Oct 15 07:48:16 2025 GMT
Not After : Oct 14 07:53:16 2026 GMT
Subject: CN=BFA61EE0F6A0652596248F00A871931B657B7E93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d0:d2:18:63:a6:ca:7e:fb:57:7e:35:00:33:
14:5d:db:8a:47:04:29:b7:26:8a:ac:5e:fd:3d:64:
76:78:05:1b:bf:d1:5d:ac:c0:ca:7e:47:ff:4c:74:
86:70:0b:fa:0a:57:6c:c9:cb:1a:16:47:da:2e:fe:
a2:3e:f4:14:86:57:a0:91:94:0a:cd:32:4f:46:cb:
c9:f0:56:f2:5f:ba:ca:66:f2:2a:9c:79:19:d7:b4:
4c:1f:19:26:25:ba:ba:87:e2:54:5b:3b:be:59:52:
c7:e3:62:f3:47:0c:db:09:12:e8:e8:5a:ad:2b:18:
b7:e7:22:e3:0b:15:97:f7:87:26:8f:6e:0f:30:08:
ae:ea:a4:e0:91:3e:2c:fb:0d:95:58:87:b6:ed:e1:
b6:ee:fb:88:c1:12:c9:54:cf:02:8b:47:fe:5a:53:
b1:c5:8e:b0:e1:ac:1c:4d:03:b8:85:82:66:b8:bb:
ef:ea:fb:c0:32:ae:b3:f2:3a:55:88:c0:1b:d9:7c:
1d:85:8d:39:d6:33:13:62:5f:c1:c9:84:5a:33:b5:
e3:51:3e:55:31:95:98:ed:4e:82:4d:67:f8:7f:ea:
3a:46:35:2c:25:0f:e0:ce:80:ae:05:3d:5a:71:51:
ed:f1:b9:d9:2a:f7:18:d0:fa:fd:de:cf:ea:70:64:
0c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A6:1E:E0:F6:A0:65:25:96:24:8F:00:A8:71:93:1B:65:7B:7E:93
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138077.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.7.187.0/24
103.52.2.0/23
103.87.70.0/23
103.137.38.0/23
103.160.54.0/23
103.160.154.0/23
103.169.204.0/23
117.103.116.0/23
202.56.172.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:27:f9:c6:45:ae:82:45:e6:4e:5c:6d:a9:70:b2:57:5e:94:
9b:81:9d:40:e5:69:60:ff:9c:2e:01:b9:b5:1d:49:2b:e7:72:
15:c1:cb:ba:60:b9:12:bd:90:ee:97:a6:fe:ec:e9:28:35:ef:
4f:b7:6e:f7:01:66:53:fd:ee:b5:55:88:30:f8:92:f2:e6:75:
44:f0:44:55:39:09:68:0d:43:01:01:4d:12:c7:ea:ca:b9:99:
48:d2:8b:01:cb:83:bd:72:a0:78:d4:71:ee:c4:0a:74:af:ac:
43:c6:5c:a9:1c:cb:cd:06:ef:31:05:e2:db:95:3a:16:51:ba:
bc:96:ea:79:af:f5:17:a7:4a:78:f2:f6:0f:b2:ae:4d:51:15:
1d:e5:b7:52:68:20:9b:1f:28:94:e7:91:92:39:7e:4b:0b:d9:
9a:88:bf:b4:d3:e0:09:6d:f3:19:70:48:59:08:63:6d:2b:ce:
17:60:c0:93:6f:81:28:a4:2e:9e:f8:9e:81:c6:99:34:5d:a5:
7c:36:b6:31:d5:d8:27:2a:57:48:ec:9c:62:9e:6e:cd:57:76:
c5:0e:1f:2d:c6:8d:09:3f:cd:30:5c:aa:bf:63:98:6e:2b:ec:
d2:2f:56:6a:1a:fb:06:7e:06:df:46:14:b5:3e:e2:5b:81:27:
e1:e2:3b:09
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIUbofIVu5gBB/31O/YyZ5PPOui3PMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTAxNTA3NDgxNloX
DTI2MTAxNDA3NTMxNlowMzExMC8GA1UEAxMoQkZBNjFFRTBGNkEwNjUyNTk2MjQ4
RjAwQTg3MTkzMUI2NTdCN0U5MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTQ0hhjpsp++1d+NQAzFF3bikcEKbcmiqxe/T1kdngFG7/RXazAyn5H/0x0
hnAL+gpXbMnLGhZH2i7+oj70FIZXoJGUCs0yT0bLyfBW8l+6ymbyKpx5Gde0TB8Z
JiW6uofiVFs7vllSx+Ni80cM2wkS6OharSsYt+ci4wsVl/eHJo9uDzAIruqk4JE+
LPsNlViHtu3htu77iMESyVTPAotH/lpTscWOsOGsHE0DuIWCZri77+r7wDKus/I6
VYjAG9l8HYWNOdYzE2JfwcmEWjO141E+VTGVmO1Ogk1n+H/qOkY1LCUP4M6ArgU9
WnFR7fG52Sr3GND6/d7P6nBkDH8CAwEAAaOCAgAwggH8MB0GA1UdDgQWBBS/ph7g
9qBlJZYkjwCocZMbZXt+kzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODA3Ny5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4w
PAQCAAEwNgMEAGcHuwMEAWc0AgMEAWdXRgMEAWeJJgMEAWegNgMEAWegmgMEAWep
zAMEAXVndAMEAso4rDANBgkqhkiG9w0BAQsFAAOCAQEAfSf5xkWugkXmTlxtqXCy
V16Um4GdQOVpYP+cLgG5tR1JK+dyFcHLumC5Er2Q7pem/uzpKDXvT7du9wFmU/3u
tVWIMPiS8uZ1RPBEVTkJaA1DAQFNEsfqyrmZSNKLAcuDvXKgeNRx7sQKdK+sQ8Zc
qRzLzQbvMQXi25U6FlG6vJbqea/1F6dKePL2D7KuTVEVHeW3Umggmx8olOeRkjl+
SwvZmoi/tNPgCW3zGXBIWQhjbSvOF2DAk2+BKKQunviegcaZNF2lfDa2MdXYJypX
SOycYp5uzVd2xQ4fLcaNCT/NMFyqv2OYbivs0i9Wahr7Bn4G30YUtT7iW4En4eI7
CQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:04:55 2025 by rpki-client