Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS55685.roa
File: AS55685.roa (raw, json)
Hash identifier: Anu56PCaD5hgoiPqEFosPfOsypueOBLWpbvjBjy9N5c=
Subject key identifier: EB:1B:F5:52:6C:50:3E:E6:9E:A2:AA:C0:72:6E:55:0D:F2:0D:4B:BB
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 0529EC14549CF7965622BCA9E38841B9E6B78D
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS55685.roa
Signing time: Fri 15 Aug 2025 07:59:51 +0000
ROA not before: Fri 15 Aug 2025 07:54:51 +0000
ROA not after: Fri 14 Aug 2026 07:59:51 +0000
asID: 55685
IP address blocks: 103.247.40.0/24 maxlen: 24
103.247.41.0/24 maxlen: 24
103.247.42.0/24 maxlen: 24
103.247.43.0/24 maxlen: 24
202.51.192.0/21 maxlen: 24
202.51.192.0/22 maxlen: 24
202.51.196.0/23 maxlen: 24
202.51.200.0/24 maxlen: 24
202.51.201.0/24 maxlen: 24
202.51.202.0/24 maxlen: 24
202.51.203.0/24 maxlen: 24
202.51.204.0/22 maxlen: 24
202.51.208.0/24 maxlen: 24
202.51.209.0/24 maxlen: 24
202.51.210.0/23 maxlen: 24
202.51.212.0/24 maxlen: 24
202.51.213.0/24 maxlen: 24
202.51.215.0/24 maxlen: 24
202.51.216.0/24 maxlen: 24
202.51.217.0/24 maxlen: 24
202.145.4.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 26 Aug 2025 07:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:29:ec:14:54:9c:f7:96:56:22:bc:a9:e3:88:41:b9:e6:b7:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Aug 15 07:54:51 2025 GMT
Not After : Aug 14 07:59:51 2026 GMT
Subject: CN=EB1BF5526C503EE69EA2AAC0726E550DF20D4BBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f4:56:da:e5:cf:6d:0e:8f:6e:34:91:0b:77:
a3:24:4a:db:cb:a4:59:b9:c0:71:78:2e:ba:fb:95:
b4:6e:11:de:8c:e9:8e:f8:86:20:51:94:77:32:bc:
61:9b:e9:9b:f7:fe:78:7e:9a:19:4a:9f:56:af:3f:
7a:bd:04:23:5b:a0:aa:2e:ba:6e:91:5a:95:9a:a2:
d9:88:cc:a3:63:2c:97:4a:c7:28:00:18:5d:ae:17:
d5:49:41:5e:0b:e5:19:c5:ce:6b:ba:32:f9:5f:63:
08:2f:74:14:d4:59:66:47:6e:81:22:5f:d1:e6:df:
50:df:29:aa:cb:a9:52:87:5f:e7:55:91:22:c6:9d:
c9:ab:fb:04:4d:57:b2:47:f5:e2:4e:ab:28:6b:82:
e1:22:1f:09:c2:6a:1b:8c:17:9d:e6:96:5d:bf:59:
3a:bb:f6:4c:46:b9:2b:42:80:42:40:ba:d4:f9:4a:
31:79:3c:d8:ae:63:b8:d9:f8:6c:dc:22:53:d5:a7:
1f:03:73:25:2f:c1:56:8a:de:8e:60:5d:25:0b:5e:
44:af:86:a2:b8:01:82:81:d9:21:85:de:dc:2c:de:
32:bf:85:dc:f9:ed:f2:c8:55:f9:c2:57:76:9d:5e:
96:72:2d:d3:12:ff:21:dd:80:2a:e1:07:8c:e3:7c:
28:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:1B:F5:52:6C:50:3E:E6:9E:A2:AA:C0:72:6E:55:0D:F2:0D:4B:BB
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS55685.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.247.40.0/22
202.51.192.0-202.51.213.255
202.51.215.0-202.51.217.255
202.145.4.0/23
Signature Algorithm: sha256WithRSAEncryption
92:d5:83:60:25:51:4c:7e:6e:45:a6:b2:d4:ed:de:b9:ba:a5:
a4:51:97:4d:30:be:00:61:ac:6a:5b:7d:95:c6:b8:94:4d:ee:
1a:29:ed:3e:6d:94:ae:a3:73:f3:06:69:80:be:98:ee:06:13:
2d:4c:a2:d3:aa:c5:d3:91:5d:c4:4c:e5:bf:e7:d3:b1:90:88:
26:98:8d:79:bc:73:9a:a3:ef:b1:9c:0d:b8:67:e8:e7:42:f3:
7c:7d:63:d9:75:9d:28:ba:ae:0b:4f:70:02:1a:6a:90:0a:4f:
98:90:5e:5c:b9:1a:ee:c1:c7:9e:3f:24:5f:24:13:17:fc:65:
61:3c:bb:0d:e7:95:78:b5:c2:db:d5:48:49:59:af:08:56:d9:
aa:06:dc:cd:f1:74:d7:ca:32:6b:ca:14:99:55:99:68:fe:aa:
9c:d5:3d:48:43:e1:e7:f3:b8:2f:9c:c6:cb:ca:1d:fb:03:bd:
30:b4:3c:a6:ea:57:ef:c1:ee:89:fe:54:dd:1d:2d:b8:25:e1:
fa:47:57:bf:f6:43:f2:86:3d:ae:e3:6d:fd:bf:b3:c9:ca:55:
43:96:e8:8a:bc:2d:ba:b7:81:e9:2b:20:d4:c0:3c:8f:ac:58:
14:7f:1a:12:23:c9:24:0a:83:69:71:00:93:f4:35:74:66:ed:
41:23:68:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgITBSnsFFSc95ZWIryp44hBuea3jTANBgkqhkiG9w0BAQsF
ADBKMRUwEwYDVQQDEwxBOTE4NjIxNDAwMDAxMTAvBgNVBAUTKEJBOEY3N0QyMUU1
OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIwHhcNMjUwODE1MDc1NDUxWhcN
MjYwODE0MDc1OTUxWjAzMTEwLwYDVQQDEyhFQjFCRjU1MjZDNTAzRUU2OUVBMkFB
QzA3MjZFNTUwREYyMEQ0QkJCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAufRW2uXPbQ6PbjSRC3ejJErby6RZucBxeC66+5W0bhHejOmO+IYgUZR3Mrxh
m+mb9/54fpoZSp9Wrz96vQQjW6CqLrpukVqVmqLZiMyjYyyXSscoABhdrhfVSUFe
C+UZxc5rujL5X2MIL3QU1FlmR26BIl/R5t9Q3ymqy6lSh1/nVZEixp3Jq/sETVey
R/XiTqsoa4LhIh8JwmobjBed5pZdv1k6u/ZMRrkrQoBCQLrU+UoxeTzYrmO42fhs
3CJT1acfA3MlL8FWit6OYF0lC15Er4aiuAGCgdkhhd7cLN4yv4Xc+e3yyFX5wld2
nV6Wci3TEv8h3YAq4QeM43woBwIDAQABo4IB8TCCAe0wHQYDVR0OBBYEFOsb9VJs
UD7mnqKqwHJuVQ3yDUu7MB8GA1UdIwQYMBaAFLqPd9IeWP6ck5prcOJYVhfhgzdr
MA4GA1UdDwEB/wQEAwIHgDBpBgNVHR8EYjBgMF6gXKBahlhyc3luYzovL3JlcG8t
cnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0JBOEY3N0QyMUU1OEZFOUM5
MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggr
BgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdF
RjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3VvOTMwaDVZX3B5VG1tdHc0bGhX
Ri1HRE4ycy5jZXIwUwYIKwYBBQUHAQsERzBFMEMGCCsGAQUFBzALhjdyc3luYzov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FTNTU2ODUucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwQQYIKwYBBQUHAQcBAf8EMjAwMC4E
AgABMCgDBAJn9ygwDAMEBsozwAMEAcoz1DAMAwQAyjPXAwQByjPYAwQBypEEMA0G
CSqGSIb3DQEBCwUAA4IBAQCS1YNgJVFMfm5FprLU7d65uqWkUZdNML4AYaxqW32V
xriUTe4aKe0+bZSuo3PzBmmAvpjuBhMtTKLTqsXTkV3ETOW/59OxkIgmmI15vHOa
o++xnA24Z+jnQvN8fWPZdZ0ouq4LT3ACGmqQCk+YkF5cuRruwceePyRfJBMX/GVh
PLsN55V4tcLb1UhJWa8IVtmqBtzN8XTXyjJryhSZVZlo/qqc1T1IQ+Hn87gvnMbL
yh37A70wtDym6lfvwe6J/lTdHS24JeH6R1e/9kPyhj2u4239v7PJylVDluiKvC26
t4HpKyDUwDyPrFgUfxoSI8kkCoNpcQCT9DV0Zu1BI2hN
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:53:41 2025 by rpki-client