Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58369.roa
File: AS58369.roa (raw, json)
Hash identifier: bKDO209giFhWCpgG7DKPY8WbM4uKQduPAB3N5vUQXHw=
Subject key identifier: 8C:88:11:D6:9F:CA:A6:A4:B8:2D:DC:D6:E3:D3:03:FE:65:29:03:69
Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial: 25CD885AEF392DFFB311D150AC7CF4E2C7446C08
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58369.roa
Signing time: Wed 13 Aug 2025 03:28:55 +0000
ROA not before: Wed 13 Aug 2025 03:23:55 +0000
ROA not after: Wed 12 Aug 2026 03:28:55 +0000
asID: 58369
IP address blocks: 103.18.46.0/23 maxlen: 24
103.41.250.0/23 maxlen: 24
103.75.64.0/23 maxlen: 24
103.130.182.0/23 maxlen: 24
103.132.200.0/23 maxlen: 24
103.144.21.0/24 maxlen: 24
103.144.126.0/23 maxlen: 24
103.144.212.0/23 maxlen: 24
103.148.232.0/23 maxlen: 24
103.151.14.0/23 maxlen: 24
103.153.186.0/23 maxlen: 24
103.156.216.0/23 maxlen: 24
103.157.82.0/23 maxlen: 24
103.159.220.0/23 maxlen: 24
103.165.244.0/23 maxlen: 24
103.166.210.0/23 maxlen: 24
103.167.12.0/23 maxlen: 24
103.167.108.0/23 maxlen: 24
103.167.108.0/24 maxlen: 24
103.167.109.0/24 maxlen: 24
103.168.168.0/23 maxlen: 24
103.172.248.0/23 maxlen: 24
103.173.76.0/23 maxlen: 24
103.177.104.0/23 maxlen: 24
103.188.170.0/23 maxlen: 24
103.224.73.0/24 maxlen: 24
115.187.30.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 26 Aug 2025 11:16:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:cd:88:5a:ef:39:2d:ff:b3:11:d1:50:ac:7c:f4:e2:c7:44:6c:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Validity
Not Before: Aug 13 03:23:55 2025 GMT
Not After : Aug 12 03:28:55 2026 GMT
Subject: CN=8C8811D69FCAA6A4B82DDCD6E3D303FE65290369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fc:cb:f8:f5:a1:f0:41:9a:6b:bb:54:10:85:
7a:12:21:67:2a:d2:3b:fe:7b:63:65:5a:b6:46:78:
cf:f6:06:a3:a7:24:6e:b5:88:7a:90:d0:bc:57:cf:
59:f8:f8:88:4d:3b:68:65:46:ce:44:82:bb:61:19:
22:e1:af:4b:04:8c:95:cc:f2:b2:79:ea:c5:5d:d7:
9b:9a:1e:36:05:bd:03:a8:1a:92:36:8c:4e:92:17:
94:6a:ef:03:cc:52:79:9a:f6:dc:99:7a:3b:f7:e0:
34:a3:3e:55:d6:f3:df:19:58:80:e7:a9:b3:cf:43:
f7:aa:64:cf:f3:b5:61:79:0c:0f:49:86:64:f3:6d:
9a:48:cd:85:ef:fd:13:88:80:ab:6f:84:b4:b9:2e:
91:b0:5e:58:c7:73:75:6f:6b:5d:17:df:be:d9:aa:
d1:1c:91:fa:22:96:67:a5:0d:44:4d:8a:e7:8d:42:
d3:4f:a9:02:0f:ea:33:18:2c:20:d4:c7:c9:8c:9e:
7c:33:7a:84:9f:12:57:32:e2:9e:88:be:1f:3d:be:
9b:07:7b:76:77:57:a2:ae:9b:24:7d:80:6c:8c:91:
5b:12:e1:4a:66:47:2f:fa:1b:f3:f4:fa:ea:ef:30:
5a:b1:55:2e:ef:2c:df:f0:72:d7:df:67:52:5c:1d:
8c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:88:11:D6:9F:CA:A6:A4:B8:2D:DC:D6:E3:D3:03:FE:65:29:03:69
X509v3 Authority Key Identifier:
keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58369.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.18.46.0/23
103.41.250.0/23
103.75.64.0/23
103.130.182.0/23
103.132.200.0/23
103.144.21.0/24
103.144.126.0/23
103.144.212.0/23
103.148.232.0/23
103.151.14.0/23
103.153.186.0/23
103.156.216.0/23
103.157.82.0/23
103.159.220.0/23
103.165.244.0/23
103.166.210.0/23
103.167.12.0/23
103.167.108.0/23
103.168.168.0/23
103.172.248.0/23
103.173.76.0/23
103.177.104.0/23
103.188.170.0/23
103.224.73.0/24
115.187.30.0/23
Signature Algorithm: sha256WithRSAEncryption
63:f6:fb:d1:85:1d:4d:d7:d5:66:86:be:55:27:05:8e:0b:a4:
59:a6:e7:8d:0f:56:9b:78:c5:9a:ac:d4:18:84:3e:bc:39:36:
1f:1f:16:7f:2f:2f:c5:08:8f:31:eb:49:d0:35:f0:9a:f2:bc:
dc:61:75:b2:db:26:4f:12:c9:b7:72:7b:c6:54:e1:ca:0f:56:
49:73:bb:49:43:5f:ba:6f:11:f2:2f:90:a8:c8:2a:03:8c:48:
a8:7d:29:d8:52:f3:3f:c3:b6:09:fe:3a:6d:9a:96:25:8a:ac:
b3:b5:9c:e3:00:ab:b2:01:5b:66:28:57:a3:2a:40:0b:a4:1c:
37:55:a3:39:a7:a7:b0:e8:bd:b7:6e:d2:ea:52:e6:02:72:83:
05:65:09:a4:e7:06:45:b0:b7:e9:61:79:b2:6a:49:17:c2:8b:
40:23:65:28:58:b3:66:cc:80:2e:74:81:bb:1c:70:4f:3a:db:
ee:a9:89:ee:ae:21:cc:3c:3a:14:87:3e:f1:26:76:4c:9c:f2:
14:ed:8e:8e:a8:c3:22:7c:09:80:03:95:88:c7:0d:f2:81:ed:
4b:0a:3f:2b:36:68:99:df:c8:ca:ab:31:fe:ad:f4:19:a4:62:
b3:0e:3a:b2:86:19:14:f4:5d:c9:c6:c2:a3:53:f3:8d:a2:7c:
b7:1a:b3:4d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIUJc2IWu85Lf+zEdFQrHz04sdEbAgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDgxMzAzMjM1NVoX
DTI2MDgxMjAzMjg1NVowMzExMC8GA1UEAxMoOEM4ODExRDY5RkNBQTZBNEI4MkRE
Q0Q2RTNEMzAzRkU2NTI5MDM2OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKv8y/j1ofBBmmu7VBCFehIhZyrSO/57Y2VatkZ4z/YGo6ckbrWIepDQvFfP
Wfj4iE07aGVGzkSCu2EZIuGvSwSMlczysnnqxV3Xm5oeNgW9A6gakjaMTpIXlGrv
A8xSeZr23Jl6O/fgNKM+Vdbz3xlYgOeps89D96pkz/O1YXkMD0mGZPNtmkjNhe/9
E4iAq2+EtLkukbBeWMdzdW9rXRffvtmq0RyR+iKWZ6UNRE2K541C00+pAg/qMxgs
INTHyYyefDN6hJ8SVzLinoi+Hz2+mwd7dndXoq6bJH2AbIyRWxLhSmZHL/ob8/T6
6u8wWrFVLu8s3/By199nUlwdjC8CAwEAAaOCAmQwggJgMB0GA1UdDgQWBBSMiBHW
n8qmpLgt3Nbj0wP+ZSkDaTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzU4MzY5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCB
oDCBnQQCAAEwgZYDBAFnEi4DBAFnKfoDBAFnS0ADBAFngrYDBAFnhMgDBABnkBUD
BAFnkH4DBAFnkNQDBAFnlOgDBAFnlw4DBAFnmboDBAFnnNgDBAFnnVIDBAFnn9wD
BAFnpfQDBAFnptIDBAFnpwwDBAFnp2wDBAFnqKgDBAFnrPgDBAFnrUwDBAFnsWgD
BAFnvKoDBABn4EkDBAFzux4wDQYJKoZIhvcNAQELBQADggEBAGP2+9GFHU3X1WaG
vlUnBY4LpFmm540PVpt4xZqs1BiEPrw5Nh8fFn8vL8UIjzHrSdA18JryvNxhdbLb
Jk8Sybdye8ZU4coPVklzu0lDX7pvEfIvkKjIKgOMSKh9KdhS8z/Dtgn+Om2aliWK
rLO1nOMAq7IBW2YoV6MqQAukHDdVozmnp7Dovbdu0upS5gJygwVlCaTnBkWwt+lh
ebJqSRfCi0AjZShYs2bMgC50gbsccE862+6pie6uIcw8OhSHPvEmdkyc8hTtjo6o
wyJ8CYADlYjHDfKB7UsKPys2aJnfyMqrMf6t9BmkYrMOOrKGGRT0XcnGwqNT842i
fLcas00=
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:11:38 2025 by rpki-client