Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4800.roa
File: AS4800.roa (raw, json)
Hash identifier: J82WIwA11ldcV+YgLEcnqDcun1yz9m9nB1WnlcOM5n0=
Subject key identifier: 4D:EE:8E:92:5A:3B:18:E4:23:1B:26:B4:B6:09:64:94:8C:BE:DF:A0
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 4F684EC16709A6AD5F1BF293A25A3DB8DEDF7B12
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4800.roa
Signing time: Wed 18 Jun 2025 07:00:00 +0000
ROA not before: Wed 18 Jun 2025 06:55:00 +0000
ROA not after: Wed 17 Jun 2026 07:00:00 +0000
asID: 4800
IP address blocks: 36.50.64.0/23 maxlen: 24
36.50.66.0/23 maxlen: 24
36.50.68.0/23 maxlen: 24
36.50.70.0/23 maxlen: 24
36.50.120.0/23 maxlen: 24
36.50.126.0/23 maxlen: 24
36.50.136.0/23 maxlen: 24
36.50.242.0/23 maxlen: 24
36.50.244.0/23 maxlen: 24
36.50.246.0/23 maxlen: 24
103.1.156.0/23 maxlen: 24
103.7.194.0/23 maxlen: 24
103.8.64.0/23 maxlen: 24
103.8.66.0/23 maxlen: 24
103.8.184.0/23 maxlen: 24
103.8.186.0/23 maxlen: 24
103.8.192.0/23 maxlen: 24
103.8.194.0/23 maxlen: 24
103.9.140.0/23 maxlen: 24
103.12.206.0/23 maxlen: 24
103.12.224.0/23 maxlen: 24
103.12.226.0/23 maxlen: 24
103.13.4.0/23 maxlen: 24
103.39.198.0/23 maxlen: 24
103.40.0.0/23 maxlen: 24
103.42.246.0/23 maxlen: 24
103.43.56.0/23 maxlen: 24
103.43.58.0/23 maxlen: 24
103.43.60.0/23 maxlen: 24
103.43.62.0/23 maxlen: 24
103.44.8.0/23 maxlen: 24
103.44.10.0/23 maxlen: 24
103.44.92.0/23 maxlen: 24
103.44.94.0/23 maxlen: 24
103.44.152.0/23 maxlen: 24
103.44.154.0/23 maxlen: 24
103.55.248.0/23 maxlen: 24
103.55.250.0/23 maxlen: 24
103.60.92.0/23 maxlen: 24
103.60.94.0/23 maxlen: 24
103.65.120.0/23 maxlen: 24
103.65.122.0/23 maxlen: 24
103.65.124.0/23 maxlen: 24
103.65.126.0/23 maxlen: 24
103.101.40.0/23 maxlen: 24
103.101.164.0/23 maxlen: 24
103.102.48.0/23 maxlen: 24
103.102.54.0/23 maxlen: 24
103.103.4.0/23 maxlen: 24
103.103.216.0/23 maxlen: 24
103.104.8.0/23 maxlen: 24
103.106.12.0/23 maxlen: 24
103.108.80.0/23 maxlen: 24
103.108.84.0/23 maxlen: 24
103.142.104.0/23 maxlen: 24
103.149.24.0/23 maxlen: 24
103.152.80.0/23 maxlen: 24
103.168.122.0/23 maxlen: 24
103.168.124.0/23 maxlen: 24
103.168.126.0/23 maxlen: 24
103.168.128.0/23 maxlen: 24
103.168.130.0/23 maxlen: 24
103.168.132.0/23 maxlen: 24
103.168.136.0/23 maxlen: 24
103.169.16.0/23 maxlen: 24
103.169.18.0/23 maxlen: 24
103.169.20.0/23 maxlen: 24
103.169.22.0/23 maxlen: 24
103.169.24.0/23 maxlen: 24
103.169.26.0/23 maxlen: 24
103.169.28.0/23 maxlen: 24
103.169.30.0/23 maxlen: 24
103.175.210.0/23 maxlen: 24
103.183.60.0/23 maxlen: 24
103.183.186.0/23 maxlen: 24
103.187.150.0/23 maxlen: 24
103.187.152.0/23 maxlen: 24
103.187.154.0/23 maxlen: 24
103.187.156.0/23 maxlen: 24
103.187.184.0/23 maxlen: 24
103.187.186.0/23 maxlen: 24
103.187.188.0/23 maxlen: 24
103.187.218.0/23 maxlen: 24
103.187.220.0/23 maxlen: 24
103.187.234.0/23 maxlen: 24
103.187.236.0/23 maxlen: 24
103.188.32.0/23 maxlen: 24
103.188.34.0/23 maxlen: 24
103.188.36.0/23 maxlen: 24
103.188.38.0/23 maxlen: 24
103.190.222.0/23 maxlen: 24
103.190.224.0/23 maxlen: 24
103.191.0.0/23 maxlen: 24
103.191.2.0/23 maxlen: 24
103.191.4.0/23 maxlen: 24
103.191.6.0/23 maxlen: 24
103.191.8.0/23 maxlen: 24
103.191.10.0/23 maxlen: 24
103.191.12.0/23 maxlen: 24
103.200.204.0/23 maxlen: 24
103.200.206.0/23 maxlen: 24
103.203.68.0/23 maxlen: 24
103.203.70.0/23 maxlen: 24
103.203.204.0/23 maxlen: 24
103.203.206.0/23 maxlen: 24
103.252.86.0/23 maxlen: 24
103.253.164.0/23 maxlen: 24
103.254.124.0/23 maxlen: 24
113.192.32.0/23 maxlen: 24
113.192.34.0/23 maxlen: 24
113.192.36.0/23 maxlen: 24
113.192.38.0/23 maxlen: 24
210.87.94.0/23 maxlen: 24
210.87.102.0/23 maxlen: 24
2400:8000::/32 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 02 Jul 2025 07:23:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:68:4e:c1:67:09:a6:ad:5f:1b:f2:93:a2:5a:3d:b8:de:df:7b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Jun 18 06:55:00 2025 GMT
Not After : Jun 17 07:00:00 2026 GMT
Subject: CN=4DEE8E925A3B18E4231B26B4B60964948CBEDFA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e2:dd:cd:4a:e4:65:90:b3:91:3b:13:bd:00:
14:60:76:80:4a:6f:68:15:ee:51:b1:1f:4d:85:60:
4f:e0:38:82:8b:53:18:c4:cd:69:bf:cb:81:87:c2:
b2:f3:43:6b:36:4c:63:4b:ed:b4:6c:d1:68:aa:4e:
b1:e8:35:de:68:18:72:fa:80:a8:ad:80:75:7a:34:
2f:de:37:5b:24:be:6d:75:f5:5f:44:c6:0a:7b:27:
f1:44:17:b8:77:a4:a5:53:f5:f1:a0:f7:cf:11:22:
cb:b8:f3:13:87:03:ee:86:a9:a3:9a:8d:6c:b6:70:
7c:b1:84:92:b2:12:19:ba:f3:c3:f1:87:42:dc:a3:
56:c1:82:21:fc:55:93:08:53:7d:19:7e:9a:7a:41:
bc:78:ab:d1:9f:cf:f3:16:59:2a:81:c8:81:59:28:
49:1a:cd:3f:9e:03:a8:74:0d:5b:6b:c6:b8:21:94:
59:72:ec:81:2f:43:ba:a4:61:36:49:7a:49:c6:1e:
54:e9:1f:91:db:f6:f3:50:cc:f1:0d:33:64:7a:dc:
b1:a7:35:34:9c:1e:66:56:19:ce:fe:92:b7:2e:c4:
c2:5f:55:be:4f:6f:e9:bd:fd:3d:97:82:52:6a:29:
76:17:9b:13:d2:b4:96:4d:89:7c:da:b3:e8:b4:b6:
91:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:EE:8E:92:5A:3B:18:E4:23:1B:26:B4:B6:09:64:94:8C:BE:DF:A0
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4800.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.50.64.0/21
36.50.120.0/23
36.50.126.0/23
36.50.136.0/23
36.50.242.0-36.50.247.255
103.1.156.0/23
103.7.194.0/23
103.8.64.0/22
103.8.184.0/22
103.8.192.0/22
103.9.140.0/23
103.12.206.0/23
103.12.224.0/22
103.13.4.0/23
103.39.198.0/23
103.40.0.0/23
103.42.246.0/23
103.43.56.0/21
103.44.8.0/22
103.44.92.0/22
103.44.152.0/22
103.55.248.0/22
103.60.92.0/22
103.65.120.0/21
103.101.40.0/23
103.101.164.0/23
103.102.48.0/23
103.102.54.0/23
103.103.4.0/23
103.103.216.0/23
103.104.8.0/23
103.106.12.0/23
103.108.80.0/23
103.108.84.0/23
103.142.104.0/23
103.149.24.0/23
103.152.80.0/23
103.168.122.0-103.168.133.255
103.168.136.0/23
103.169.16.0/20
103.175.210.0/23
103.183.60.0/23
103.183.186.0/23
103.187.150.0-103.187.157.255
103.187.184.0-103.187.189.255
103.187.218.0-103.187.221.255
103.187.234.0-103.187.237.255
103.188.32.0/21
103.190.222.0-103.190.225.255
103.191.0.0-103.191.13.255
103.200.204.0/22
103.203.68.0/22
103.203.204.0/22
103.252.86.0/23
103.253.164.0/23
103.254.124.0/23
113.192.32.0/21
210.87.94.0/23
210.87.102.0/23
IPv6:
2400:8000::/32
Signature Algorithm: sha256WithRSAEncryption
6e:09:8d:67:e5:ab:07:6a:f4:40:ed:d1:90:aa:2b:5e:5c:36:
17:6e:83:5c:5c:29:99:7b:81:7a:6c:e0:00:b5:88:9c:dd:9d:
be:28:f7:e3:72:d2:45:fa:8f:65:d4:75:ea:41:cb:ff:9d:bc:
db:01:4c:71:ac:8e:84:33:a4:bd:cf:0a:e5:70:de:18:15:67:
04:10:26:86:16:18:89:59:ef:4f:ad:3c:8b:5d:16:f0:d8:e3:
e7:cc:08:f7:8c:c0:75:a2:ab:c3:e7:ad:19:02:0b:b3:41:87:
12:72:92:b3:72:71:fb:20:7c:a2:c2:58:af:e5:f0:47:95:8e:
23:d8:d6:5c:ef:75:af:83:14:e7:df:61:85:c1:58:a0:36:73:
a2:d6:1b:e3:c9:9c:0d:8f:45:38:1d:ca:98:98:25:bb:79:81:
3c:66:c6:f4:7a:5b:e6:7c:ae:07:cf:aa:44:fe:22:5c:e1:b1:
4f:cb:8c:ca:57:34:bc:88:60:61:d5:63:65:a6:54:57:0d:4d:
bc:5a:70:40:7c:0a:03:10:f2:72:38:40:b7:59:69:e0:6a:66:
7d:13:5f:26:6c:51:25:de:b7:c3:ef:bd:87:c0:40:de:02:27:
ad:1b:a4:26:2b:7e:d1:ff:2b:c0:96:c3:ce:15:c2:04:ca:75:
94:3f:96:bf
-----BEGIN CERTIFICATE-----
MIIGjzCCBXegAwIBAgIUT2hOwWcJpq1fG/KTolo9uN7fexIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYxODA2NTUwMFoX
DTI2MDYxNzA3MDAwMFowMzExMC8GA1UEAxMoNERFRThFOTI1QTNCMThFNDIzMUIy
NkI0QjYwOTY0OTQ4Q0JFREZBMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJTi3c1K5GWQs5E7E70AFGB2gEpvaBXuUbEfTYVgT+A4gotTGMTNab/LgYfC
svNDazZMY0vttGzRaKpOseg13mgYcvqAqK2AdXo0L943WyS+bXX1X0TGCnsn8UQX
uHekpVP18aD3zxEiy7jzE4cD7oapo5qNbLZwfLGEkrISGbrzw/GHQtyjVsGCIfxV
kwhTfRl+mnpBvHir0Z/P8xZZKoHIgVkoSRrNP54DqHQNW2vGuCGUWXLsgS9DuqRh
Nkl6ScYeVOkfkdv281DM8Q0zZHrcsac1NJweZlYZzv6Sty7Ewl9Vvk9v6b39PZeC
UmopdhebE9K0lk2JfNqz6LS2kcMCAwEAAaOCA4IwggN+MB0GA1UdDgQWBBRN7o6S
WjsY5CMbJrS2CWSUjL7foDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzQ4MDAucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwggHRBggrBgEFBQcBBwEB/wSCAcAw
ggG8MIIBqQQCAAEwggGhAwQDJDJAAwQBJDJ4AwQBJDJ+AwQBJDKIMAwDBAEkMvID
BAMkMvADBAFnAZwDBAFnB8IDBAJnCEADBAJnCLgDBAJnCMADBAFnCYwDBAFnDM4D
BAJnDOADBAFnDQQDBAFnJ8YDBAFnKAADBAFnKvYDBANnKzgDBAJnLAgDBAJnLFwD
BAJnLJgDBAJnN/gDBAJnPFwDBANnQXgDBAFnZSgDBAFnZaQDBAFnZjADBAFnZjYD
BAFnZwQDBAFnZ9gDBAFnaAgDBAFnagwDBAFnbFADBAFnbFQDBAFnjmgDBAFnlRgD
BAFnmFAwDAMEAWeoegMEAWeohAMEAWeoiAMEBGepEAMEAWev0gMEAWe3PAMEAWe3
ujAMAwQBZ7uWAwQBZ7ucMAwDBANnu7gDBAFnu7wwDAMEAWe72gMEAWe73DAMAwQB
Z7vqAwQBZ7vsAwQDZ7wgMAwDBAFnvt4DBAFnvuAwCwMDAGe/AwQBZ78MAwQCZ8jM
AwQCZ8tEAwQCZ8vMAwQBZ/xWAwQBZ/2kAwQBZ/58AwQDccAgAwQB0ldeAwQB0ldm
MA0EAgACMAcDBQAkAIAAMA0GCSqGSIb3DQEBCwUAA4IBAQBuCY1n5asHavRA7dGQ
qiteXDYXboNcXCmZe4F6bOAAtYic3Z2+KPfjctJF+o9l1HXqQcv/nbzbAUxxrI6E
M6S9zwrlcN4YFWcEECaGFhiJWe9PrTyLXRbw2OPnzAj3jMB1oqvD560ZAguzQYcS
cpKzcnH7IHyiwliv5fBHlY4j2NZc73WvgxTn32GFwVigNnOi1hvjyZwNj0U4HcqY
mCW7eYE8Zsb0elvmfK4Hz6pE/iJc4bFPy4zKVzS8iGBh1WNlplRXDU28WnBAfAoD
EPJyOEC3WWngamZ9E18mbFEl3rfD772HwEDeAietG6QmK37R/yvAlsPOFcIEynWU
P5a/
-----END CERTIFICATE-----
Generated at Sun Jun 29 12:08:18 2025 by rpki-client