Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23679.roa
File: AS23679.roa (raw, json)
Hash identifier: iTExk4vlq2Y55P3A1+oiuhGlp7kuczyP62yC1Hjiz7U=
Subject key identifier: 34:E0:8D:3B:7B:23:91:9D:81:B6:4E:24:91:FC:06:54:21:9E:1A:95
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 213AC5EE89E72AF1D685C75A15EF98992C113212
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23679.roa
Signing time: Thu 02 Oct 2025 02:59:02 +0000
ROA not before: Thu 02 Oct 2025 02:54:02 +0000
ROA not after: Thu 01 Oct 2026 02:59:02 +0000
asID: 23679
IP address blocks: 103.31.46.0/24 maxlen: 24
103.114.76.0/24 maxlen: 24
103.114.77.0/24 maxlen: 24
103.114.78.0/24 maxlen: 24
110.232.65.0/24 maxlen: 24
110.232.68.0/23 maxlen: 24
110.232.70.0/24 maxlen: 24
110.232.91.0/24 maxlen: 24
124.158.116.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 22 Oct 2025 17:51:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:3a:c5:ee:89:e7:2a:f1:d6:85:c7:5a:15:ef:98:99:2c:11:32:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Oct 2 02:54:02 2025 GMT
Not After : Oct 1 02:59:02 2026 GMT
Subject: CN=34E08D3B7B23919D81B64E2491FC0654219E1A95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:91:6b:ed:fc:b0:f2:0d:38:8d:57:69:76:6d:
e4:18:b7:e5:4c:11:1e:89:1c:a4:b9:33:1d:17:39:
ef:e5:d0:9b:b5:cf:11:51:1f:04:8c:68:3b:71:e2:
b2:0d:e7:fb:a7:af:c7:bc:10:a9:d8:39:ee:d5:33:
25:1c:a0:cd:85:76:8f:fb:f6:e3:69:03:43:e0:32:
ba:ec:96:27:bb:be:81:74:1a:6a:2a:70:2d:4b:e5:
75:52:aa:ab:74:ad:14:b1:a9:2f:fe:0d:cb:84:f7:
cd:00:23:03:40:c7:e9:e0:d0:68:c3:fa:d5:5d:1e:
ac:53:6a:ad:bb:20:a3:7c:44:1d:42:a4:6e:50:d2:
8f:19:20:89:ad:58:25:bb:52:a5:54:ed:34:e9:97:
d5:c3:f2:2d:ef:eb:20:e3:eb:d9:25:74:29:4e:d3:
38:19:b4:d6:32:97:9d:a1:4f:b2:c7:d0:fc:c4:d0:
17:a5:bd:66:1d:df:c0:4b:b7:62:58:1d:0d:a3:fd:
2d:98:33:ba:88:9b:a2:79:bb:8f:3c:0e:4f:1b:66:
d7:98:be:1c:1f:e1:88:3e:db:3d:d9:c6:d0:a5:00:
ec:f8:65:91:4f:fb:40:98:e8:4c:85:fe:97:c3:3a:
24:a2:48:ae:ff:ab:8f:f8:ee:cb:07:18:e4:d9:7e:
40:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E0:8D:3B:7B:23:91:9D:81:B6:4E:24:91:FC:06:54:21:9E:1A:95
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23679.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.31.46.0/24
103.114.76.0-103.114.78.255
110.232.65.0/24
110.232.68.0-110.232.70.255
110.232.91.0/24
124.158.116.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:7f:e3:c7:a6:ae:b6:eb:48:70:4d:2c:03:9b:f0:ce:ac:55:
0e:a0:a3:95:b3:b1:e6:51:07:95:b1:02:b0:eb:3b:b5:ea:12:
91:9f:00:4a:9b:81:4f:4b:f1:5f:81:bf:e1:64:88:e0:50:70:
c3:6b:ae:8c:6b:55:7b:59:b3:9c:d8:68:ed:4e:32:a7:52:14:
34:23:9e:3b:53:3a:ba:72:79:42:d2:ee:78:18:34:7e:68:ff:
31:06:5e:bb:9f:c6:c9:a6:f3:39:fe:c5:75:f0:29:7c:80:17:
bc:ff:2b:dc:a3:85:c5:63:08:bd:9c:6d:f6:82:6a:c1:90:17:
0a:76:1f:1c:a4:20:aa:50:bf:a3:bd:e7:24:bb:a6:68:ec:9f:
3a:f6:0f:8d:f9:05:65:b5:d8:13:35:0c:87:36:61:9e:f9:ec:
44:19:e5:db:73:db:31:ed:22:39:e8:53:4f:02:09:cd:c3:f4:
51:ee:fb:39:1a:3b:45:e9:9b:fe:67:71:a6:58:8d:34:b9:13:
f9:e5:88:31:5d:ba:5c:d6:0d:a9:35:b1:25:35:03:84:d9:ad:
06:df:e0:60:b0:d3:b1:61:12:a0:da:98:45:e4:69:8f:dc:76:
b8:73:6a:da:97:33:f3:83:a5:db:ea:9c:fd:31:40:6e:7f:0b:
19:43:29:90
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIUITrF7onnKvHWhcdaFe+YmSwRMhIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTAwMjAyNTQwMloX
DTI2MTAwMTAyNTkwMlowMzExMC8GA1UEAxMoMzRFMDhEM0I3QjIzOTE5RDgxQjY0
RTI0OTFGQzA2NTQyMTlFMUE5NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSRa+38sPINOI1XaXZt5Bi35UwRHokcpLkzHRc57+XQm7XPEVEfBIxoO3Hi
sg3n+6evx7wQqdg57tUzJRygzYV2j/v242kDQ+AyuuyWJ7u+gXQaaipwLUvldVKq
q3StFLGpL/4Ny4T3zQAjA0DH6eDQaMP61V0erFNqrbsgo3xEHUKkblDSjxkgia1Y
JbtSpVTtNOmX1cPyLe/rIOPr2SV0KU7TOBm01jKXnaFPssfQ/MTQF6W9Zh3fwEu3
YlgdDaP9LZgzuoibonm7jzwOTxtm15i+HB/hiD7bPdnG0KUA7PhlkU/7QJjoTIX+
l8M6JKJIrv+rj/juywcY5Nl+QCMCAwEAAaOCAf0wggH5MB0GA1UdDgQWBBQ04I07
eyORnYG2TiSR/AZUIZ4alTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzIzNjc5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6
BAIAATA0AwQAZx8uMAwDBAJnckwDBABnck4DBABu6EEwDAMEAm7oRAMEAG7oRgME
AG7oWwMEAXyedDANBgkqhkiG9w0BAQsFAAOCAQEAL3/jx6aututIcE0sA5vwzqxV
DqCjlbOx5lEHlbECsOs7teoSkZ8ASpuBT0vxX4G/4WSI4FBww2uujGtVe1mznNho
7U4yp1IUNCOeO1M6unJ5QtLueBg0fmj/MQZeu5/GyabzOf7FdfApfIAXvP8r3KOF
xWMIvZxt9oJqwZAXCnYfHKQgqlC/o73nJLumaOyfOvYPjfkFZbXYEzUMhzZhnvns
RBnl23PbMe0iOehTTwIJzcP0Ue77ORo7Remb/mdxpliNNLkT+eWIMV26XNYNqTWx
JTUDhNmtBt/gYLDTsWESoNqYReRpj9x2uHNq2pcz84Ol2+qc/TFAbn8LGUMpkA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:03:56 2025 by rpki-client