Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS17670.roa
File: AS17670.roa (raw, json)
Hash identifier: xJQkd8J3j/o/ybMw8cl3Wfu5XhInhxb6S1dhuVmy9tc=
Subject key identifier: 0C:74:61:BD:BD:88:53:83:C9:6D:9F:BE:7B:92:89:7B:8C:E4:EB:89
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 6896154BF18D4376A9FA5676537EB0AEF9C3BAFD
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS17670.roa
Signing time: Tue 06 May 2025 07:00:00 +0000
ROA not before: Tue 06 May 2025 06:55:00 +0000
ROA not after: Tue 05 May 2026 07:00:00 +0000
asID: 17670
IP address blocks: 103.162.236.0/23 maxlen: 24
103.163.6.0/23 maxlen: 24
103.196.164.0/23 maxlen: 24
103.203.248.0/23 maxlen: 24
202.80.208.0/24 maxlen: 24
202.80.210.0/23 maxlen: 24
202.80.212.0/23 maxlen: 24
202.80.214.0/23 maxlen: 24
202.80.216.0/23 maxlen: 24
202.80.218.0/23 maxlen: 24
202.80.221.0/24 maxlen: 24
202.80.222.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 02 Jul 2025 07:23:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:96:15:4b:f1:8d:43:76:a9:fa:56:76:53:7e:b0:ae:f9:c3:ba:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: May 6 06:55:00 2025 GMT
Not After : May 5 07:00:00 2026 GMT
Subject: CN=0C7461BDBD885383C96D9FBE7B92897B8CE4EB89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:31:2a:a8:f5:97:29:38:2c:ba:fa:b1:e2:8f:
dc:1c:a5:6d:84:8a:67:49:5b:3c:a4:1e:e4:83:36:
bd:36:03:27:85:98:06:fb:c7:79:86:17:27:f3:69:
40:bd:f8:ec:ca:d3:ab:4c:9f:03:db:b8:c7:55:a6:
43:bd:e5:b6:25:92:46:28:1f:da:6c:47:30:53:c3:
dd:26:f7:78:e5:e1:6d:b4:82:1c:15:17:22:41:28:
1d:30:1b:f2:29:57:65:b0:22:ee:12:e0:65:2d:05:
f4:b0:91:10:d0:f0:86:e9:67:fd:ab:18:1f:3c:cc:
57:d0:38:e8:0c:09:88:e7:92:fc:10:cd:d6:0c:81:
53:bd:16:61:b2:0c:91:c3:5b:9e:f0:47:34:08:3d:
95:b9:31:b6:be:6c:29:08:cd:86:ca:bd:7f:26:c9:
4e:3a:55:29:12:27:bf:f2:31:8d:e7:23:4d:fe:57:
61:69:ad:53:a0:cb:8c:64:cb:3e:dd:9c:af:91:87:
ee:c6:09:f6:cb:dc:04:92:05:33:25:55:9e:1e:ab:
f1:52:ea:83:cb:22:fe:8c:e9:e7:55:c1:e3:85:4f:
e9:93:32:eb:ec:cb:07:49:82:3b:06:ae:87:2b:af:
64:a1:ee:f0:04:20:39:30:0c:67:fe:34:68:70:fe:
73:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:74:61:BD:BD:88:53:83:C9:6D:9F:BE:7B:92:89:7B:8C:E4:EB:89
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS17670.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.162.236.0/23
103.163.6.0/23
103.196.164.0/23
103.203.248.0/23
202.80.208.0/24
202.80.210.0-202.80.219.255
202.80.221.0-202.80.223.255
Signature Algorithm: sha256WithRSAEncryption
8a:19:86:59:88:3c:e2:b5:e1:80:fd:4b:6a:93:78:f0:4e:a8:
05:b3:4f:a6:d5:52:ed:08:81:47:91:50:2b:fd:bf:80:66:e8:
a8:69:bc:d9:a9:c6:c2:db:a7:b1:4d:02:98:65:12:48:8c:98:
84:76:6e:fe:3b:fc:39:08:d7:50:55:cc:b1:a5:1d:a6:77:9c:
06:0a:09:85:4c:14:88:31:8a:eb:fd:94:6b:e7:48:a1:0c:d2:
24:bf:49:2a:9f:da:20:b2:f7:59:46:cb:08:2a:24:f1:60:f2:
07:7a:98:56:95:b6:27:31:71:9e:c1:23:7a:d1:f4:13:84:aa:
5e:2d:57:e6:94:7b:ca:59:a0:00:bd:67:38:27:17:5a:c3:40:
76:33:4e:0c:fb:0a:46:16:2a:95:13:61:4a:7e:4a:8a:c1:a7:
f9:ba:8e:5e:36:2f:c2:7d:48:b9:bc:c8:2e:7f:9e:65:89:8f:
fb:f1:4e:04:af:3b:b2:6a:8a:46:93:34:44:e9:6c:17:a2:10:
a5:53:8a:d8:18:26:dc:c4:8c:40:0f:b9:fc:68:9f:95:01:04:
33:2c:fb:dc:6a:ce:31:ad:77:20:5e:65:b5:42:0e:2f:c9:6f:
50:57:e1:43:26:86:ce:08:2c:54:7a:25:87:69:2d:07:7a:72:
df:ea:4b:a8
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIUaJYVS/GNQ3ap+lZ2U36wrvnDuv0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUwNjA2NTUwMFoX
DTI2MDUwNTA3MDAwMFowMzExMC8GA1UEAxMoMEM3NDYxQkRCRDg4NTM4M0M5NkQ5
RkJFN0I5Mjg5N0I4Q0U0RUI4OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsxKqj1lyk4LLr6seKP3BylbYSKZ0lbPKQe5IM2vTYDJ4WYBvvHeYYXJ/Np
QL347MrTq0yfA9u4x1WmQ73ltiWSRigf2mxHMFPD3Sb3eOXhbbSCHBUXIkEoHTAb
8ilXZbAi7hLgZS0F9LCRENDwhuln/asYHzzMV9A46AwJiOeS/BDN1gyBU70WYbIM
kcNbnvBHNAg9lbkxtr5sKQjNhsq9fybJTjpVKRInv/IxjecjTf5XYWmtU6DLjGTL
Pt2cr5GH7sYJ9svcBJIFMyVVnh6r8VLqg8si/ozp51XB44VP6ZMy6+zLB0mCOwau
hyuvZKHu8AQgOTAMZ/40aHD+cwMCAwEAAaOCAgMwggH/MB0GA1UdDgQWBBQMdGG9
vYhTg8ltn757kol7jOTriTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE3NjcwLnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBA
BAIAATA6AwQBZ6LsAwQBZ6MGAwQBZ8SkAwQBZ8v4AwQAylDQMAwDBAHKUNIDBALK
UNgwDAMEAMpQ3QMEBcpQwDANBgkqhkiG9w0BAQsFAAOCAQEAihmGWYg84rXhgP1L
apN48E6oBbNPptVS7QiBR5FQK/2/gGboqGm82anGwtunsU0CmGUSSIyYhHZu/jv8
OQjXUFXMsaUdpnecBgoJhUwUiDGK6/2Ua+dIoQzSJL9JKp/aILL3WUbLCCok8WDy
B3qYVpW2JzFxnsEjetH0E4SqXi1X5pR7ylmgAL1nOCcXWsNAdjNODPsKRhYqlRNh
Sn5KisGn+bqOXjYvwn1IubzILn+eZYmP+/FOBK87smqKRpM0ROlsF6IQpVOK2Bgm
3MSMQA+5/GiflQEEMyz73GrOMa13IF5ltUIOL8lvUFfhQyaGzggsVHolh2ktB3py
3+pLqA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 12:10:22 2025 by rpki-client