Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138077.roa
File: AS138077.roa (raw, json)
Hash identifier: 1/bVR/LpSPSMQV7Tlmal54q/4qCkfrNPPPswEcb4nkU=
Subject key identifier: 64:3C:67:94:83:78:F6:81:A3:94:A9:FC:EC:1C:87:31:2E:3D:72:CB
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 29DADA9507612C85A0BED509862B87A3588C2369
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138077.roa
Signing time: Tue 10 Mar 2026 02:24:52 +0000
ROA not before: Tue 10 Mar 2026 02:19:52 +0000
ROA not after: Tue 09 Mar 2027 02:24:52 +0000
asID: 138077
IP address blocks: 103.7.187.0/24 maxlen: 24
103.52.2.0/23 maxlen: 24
103.87.70.0/23 maxlen: 24
103.137.38.0/23 maxlen: 24
103.150.178.0/24 maxlen: 24
103.150.179.0/24 maxlen: 24
103.160.54.0/23 maxlen: 24
103.160.154.0/23 maxlen: 24
103.169.204.0/23 maxlen: 24
117.103.116.0/23 maxlen: 24
202.56.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 29 Mar 2026 16:25:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:da:da:95:07:61:2c:85:a0:be:d5:09:86:2b:87:a3:58:8c:23:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Mar 10 02:19:52 2026 GMT
Not After : Mar 9 02:24:52 2027 GMT
Subject: CN=643C67948378F681A394A9FCEC1C87312E3D72CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:66:a3:80:3a:e9:df:1e:3e:ac:d3:f6:c2:26:
37:98:b1:5e:32:33:94:f9:3e:da:0a:b3:cf:ab:59:
25:2d:ed:85:fc:11:01:4e:e8:7b:0d:3e:3f:41:d3:
d0:25:12:ed:e1:6a:a2:09:04:e1:7d:0d:ce:09:c3:
22:71:3f:c2:f3:74:01:99:e3:cc:b4:a9:66:d9:af:
df:03:c8:06:38:89:06:d3:af:f9:e4:41:df:23:74:
b2:06:77:26:b8:26:5b:f7:a1:77:bf:db:56:0e:f8:
60:12:4f:cf:dd:31:84:ca:b5:ca:dd:4a:ad:a2:aa:
88:8a:64:02:95:22:2e:49:7b:6a:48:29:60:f1:bf:
96:85:b6:b9:be:97:9e:95:c1:31:19:26:dc:29:1a:
b8:02:9e:67:61:08:0f:22:df:c5:cc:4d:0f:79:8b:
78:3a:fb:df:95:d8:50:c1:d2:bb:27:3f:38:55:ef:
70:62:49:d0:a5:d7:f8:6a:27:dd:bd:47:72:2a:99:
44:99:e1:df:e5:fe:5f:ac:3f:82:88:30:79:89:d1:
be:d3:d5:de:71:26:8d:e0:d2:5e:dd:7d:68:e6:39:
0d:f3:ab:4e:79:fc:d1:b7:fa:4e:c4:44:3a:40:69:
41:5f:11:48:1a:e5:0d:cc:a2:7f:14:88:aa:a2:55:
23:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:3C:67:94:83:78:F6:81:A3:94:A9:FC:EC:1C:87:31:2E:3D:72:CB
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138077.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.7.187.0/24
103.52.2.0/23
103.87.70.0/23
103.137.38.0/23
103.150.178.0/23
103.160.54.0/23
103.160.154.0/23
103.169.204.0/23
117.103.116.0/23
202.56.172.0/22
Signature Algorithm: sha256WithRSAEncryption
64:d6:53:48:e0:5b:93:e5:37:1b:a8:0c:42:a1:eb:e2:1b:08:
36:b5:43:39:2e:2f:a4:9e:2f:d6:4a:b4:4a:f1:9d:44:58:df:
2e:af:a6:af:df:81:bc:91:9b:3d:a1:68:5a:c7:67:96:2a:5a:
6a:20:2c:cf:14:35:55:85:c9:a1:54:8a:de:a5:98:0b:45:ef:
01:a2:8e:8a:5b:db:0f:35:db:03:b0:62:2c:70:56:0e:3a:50:
14:da:6e:b3:50:55:89:c4:38:26:f8:de:60:ce:19:b8:26:0d:
a0:72:a5:dd:71:fe:d0:51:8e:9a:69:1c:fd:9c:fc:7e:ef:98:
ab:2f:e9:f1:eb:7c:2d:37:2a:9e:d9:e2:a0:8f:c7:05:47:56:
3f:99:27:9b:98:fc:8e:a5:71:b0:17:aa:18:0c:08:2a:7a:ee:
ea:c4:88:92:b2:d0:1b:6c:22:e6:5c:9c:0f:61:a3:31:31:4f:
ed:d3:1e:e2:ea:1a:0c:bd:c4:db:e1:a5:9f:2b:10:d8:d7:82:
31:38:2a:87:b8:f3:a6:7b:3b:75:d4:3b:6f:0f:a2:15:97:de:
d0:01:48:d6:8e:8d:94:59:36:68:ec:0e:8b:fe:08:6e:7a:f1:
26:dc:e6:35:09:aa:0d:84:91:8f:95:41:98:8f:12:5c:ce:a6:
e5:86:5e:30
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUKdralQdhLIWgvtUJhiuHo1iMI2kwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDMxMDAyMTk1MloX
DTI3MDMwOTAyMjQ1MlowMzExMC8GA1UEAxMoNjQzQzY3OTQ4Mzc4RjY4MUEzOTRB
OUZDRUMxQzg3MzEyRTNENzJDQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhmo4A66d8ePqzT9sImN5ixXjIzlPk+2gqzz6tZJS3thfwRAU7oew0+P0HT
0CUS7eFqogkE4X0NzgnDInE/wvN0AZnjzLSpZtmv3wPIBjiJBtOv+eRB3yN0sgZ3
JrgmW/ehd7/bVg74YBJPz90xhMq1yt1KraKqiIpkApUiLkl7akgpYPG/loW2ub6X
npXBMRkm3CkauAKeZ2EIDyLfxcxND3mLeDr735XYUMHSuyc/OFXvcGJJ0KXX+Gon
3b1HciqZRJnh3+X+X6w/gogweYnRvtPV3nEmjeDSXt19aOY5DfOrTnn80bf6TsRE
OkBpQV8RSBrlDcyifxSIqqJVIxcCAwEAAaOCAgYwggICMB0GA1UdDgQWBBRkPGeU
g3j2gaOUqfzsHIcxLj1yyzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODA3Ny5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQw
QgQCAAEwPAMEAGcHuwMEAWc0AgMEAWdXRgMEAWeJJgMEAWeWsgMEAWegNgMEAWeg
mgMEAWepzAMEAXVndAMEAso4rDANBgkqhkiG9w0BAQsFAAOCAQEAZNZTSOBbk+U3
G6gMQqHr4hsINrVDOS4vpJ4v1kq0SvGdRFjfLq+mr9+BvJGbPaFoWsdnlipaaiAs
zxQ1VYXJoVSK3qWYC0XvAaKOilvbDzXbA7BiLHBWDjpQFNpus1BVicQ4JvjeYM4Z
uCYNoHKl3XH+0FGOmmkc/Zz8fu+Yqy/p8et8LTcqntnioI/HBUdWP5knm5j8jqVx
sBeqGAwIKnru6sSIkrLQG2wi5lycD2GjMTFP7dMe4uoaDL3E2+GlnysQ2NeCMTgq
h7jzpns7ddQ7bw+iFZfe0AFI1o6NlFk2aOwOi/4IbnrxJtzmNQmqDYSRj5VBmI8S
XM6m5YZeMA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:31:40 2026 by rpki-client