Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/AS38496.roa
File: AS38496.roa (raw, json)
Hash identifier: l96GpdfvAhNqsRPZv4dtmD7WPPu/t/V+vi82QrJFXsw=
Subject key identifier: 43:C3:6B:2B:F5:46:47:C0:6E:24:79:A2:D0:10:7F:46:9E:4F:0F:D0
Certificate issuer: /CN=6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC
Certificate serial: 2DBDEACF4574B7679C6B85F32912021143687A4E
Authority key identifier: 6A:D9:56:36:B6:B3:E0:D5:F9:0E:E4:1F:3C:3D:6D:51:F8:FC:06:EC
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/AS38496.roa
Signing time: Mon 28 Apr 2025 03:14:18 +0000
ROA not before: Mon 28 Apr 2025 03:09:18 +0000
ROA not after: Mon 27 Apr 2026 03:14:18 +0000
asID: 38496
IP address blocks: 103.31.156.0/22 maxlen: 24
112.78.96.0/21 maxlen: 24
114.31.240.0/24 maxlen: 24
114.31.241.0/24 maxlen: 24
114.31.242.0/24 maxlen: 24
114.31.243.0/24 maxlen: 24
114.31.244.0/24 maxlen: 24
114.31.245.0/24 maxlen: 24
114.31.246.0/24 maxlen: 24
114.31.247.0/24 maxlen: 24
114.110.40.0/21 maxlen: 24
114.134.72.0/21 maxlen: 24
115.178.120.0/24 maxlen: 24
115.178.121.0/24 maxlen: 24
115.178.122.0/24 maxlen: 24
115.178.123.0/24 maxlen: 24
116.66.200.0/21 maxlen: 21
116.66.200.0/23 maxlen: 23
116.66.200.0/24 maxlen: 24
116.66.201.0/24 maxlen: 24
116.66.202.0/23 maxlen: 24
116.66.202.0/24 maxlen: 24
116.66.203.0/24 maxlen: 24
116.66.204.0/24 maxlen: 24
116.66.206.0/23 maxlen: 23
116.66.206.0/24 maxlen: 24
116.66.207.0/24 maxlen: 24
116.254.120.0/21 maxlen: 24
117.103.8.0/24 maxlen: 24
117.103.9.0/24 maxlen: 24
117.103.10.0/24 maxlen: 24
117.103.11.0/24 maxlen: 24
117.103.12.0/24 maxlen: 24
117.103.13.0/24 maxlen: 24
117.103.14.0/24 maxlen: 24
117.103.15.0/24 maxlen: 24
182.23.160.0/24 maxlen: 24
182.23.161.0/24 maxlen: 24
182.23.163.0/24 maxlen: 24
182.23.164.0/24 maxlen: 24
182.23.165.0/24 maxlen: 24
182.23.166.0/24 maxlen: 24
182.23.167.0/24 maxlen: 24
182.23.168.0/24 maxlen: 24
182.23.169.0/24 maxlen: 24
182.23.172.0/24 maxlen: 24
182.23.173.0/24 maxlen: 24
182.23.174.0/24 maxlen: 24
202.87.176.0/24 maxlen: 24
202.87.184.0/24 maxlen: 24
202.87.188.0/24 maxlen: 24
203.191.40.0/24 maxlen: 24
203.191.41.0/24 maxlen: 24
203.191.42.0/24 maxlen: 24
203.191.43.0/24 maxlen: 24
203.191.44.0/24 maxlen: 24
203.191.45.0/24 maxlen: 24
203.191.47.0/24 maxlen: 24
223.27.144.0/24 maxlen: 24
223.27.145.0/24 maxlen: 24
223.27.146.0/24 maxlen: 24
223.27.148.0/24 maxlen: 24
223.27.149.0/24 maxlen: 24
223.27.150.0/23 maxlen: 24
223.27.150.0/24 maxlen: 24
223.27.151.0/24 maxlen: 24
223.27.152.0/24 maxlen: 24
223.27.153.0/24 maxlen: 24
223.27.154.0/23 maxlen: 24
223.27.154.0/24 maxlen: 24
223.27.156.0/24 maxlen: 24
223.27.157.0/24 maxlen: 24
223.27.158.0/24 maxlen: 24
223.27.159.0/24 maxlen: 24
2401:2400::/32 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.crl
rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 08 May 2025 00:25:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:bd:ea:cf:45:74:b7:67:9c:6b:85:f3:29:12:02:11:43:68:7a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC
Validity
Not Before: Apr 28 03:09:18 2025 GMT
Not After : Apr 27 03:14:18 2026 GMT
Subject: CN=43C36B2BF54647C06E2479A2D0107F469E4F0FD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0d:c5:b5:16:ce:31:f2:c9:b2:c8:92:b1:cd:
ed:be:d0:b3:0d:32:58:e9:25:43:bb:2d:31:c2:dc:
c6:0e:d0:ec:97:6d:24:fa:ec:e1:ee:8f:80:b4:ad:
78:dc:49:a8:d6:10:59:bd:7a:21:cf:03:13:95:1e:
c4:a0:21:e1:ae:c9:f0:13:25:93:0a:21:2b:54:14:
81:1f:65:9d:ad:85:0b:b6:d0:f3:e4:40:6a:5d:e5:
05:1f:b5:f4:c1:f3:4f:29:2d:4c:70:fd:6f:b1:99:
cb:c6:86:40:4e:f2:7d:bc:2e:6b:41:55:72:ca:28:
4b:55:ef:f5:1a:c8:b5:a3:10:4e:4b:ca:07:14:50:
dd:a7:fe:90:f3:de:1e:c2:21:85:32:c3:3d:7f:92:
f5:cb:80:65:c0:d0:5c:9d:ba:e1:47:1e:30:64:df:
a3:ff:9a:1d:67:eb:47:f7:5e:41:8f:ff:f2:f5:40:
46:06:31:68:2d:fa:1f:4b:18:d8:a0:21:85:82:e3:
97:d1:a6:a9:74:e0:6b:34:60:7b:33:52:1a:dd:64:
16:ff:59:cd:6d:75:a4:2f:38:5e:ec:58:be:2c:82:
e6:16:e5:4c:8a:2e:09:9d:c1:76:fa:e9:7b:16:ab:
66:66:26:0a:e3:0b:79:9d:1c:4a:f2:ed:f2:02:86:
dc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:C3:6B:2B:F5:46:47:C0:6E:24:79:A2:D0:10:7F:46:9E:4F:0F:D0
X509v3 Authority Key Identifier:
keyid:6A:D9:56:36:B6:B3:E0:D5:F9:0E:E4:1F:3C:3D:6D:51:F8:FC:06:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/AS38496.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.31.156.0/22
112.78.96.0/21
114.31.240.0/21
114.110.40.0/21
114.134.72.0/21
115.178.120.0/22
116.66.200.0/21
116.254.120.0/21
117.103.8.0/21
182.23.160.0/23
182.23.163.0-182.23.169.255
182.23.172.0-182.23.174.255
202.87.176.0/24
202.87.184.0/24
202.87.188.0/24
203.191.40.0-203.191.45.255
203.191.47.0/24
223.27.144.0-223.27.146.255
223.27.148.0-223.27.159.255
IPv6:
2401:2400::/32
Signature Algorithm: sha256WithRSAEncryption
6f:fc:d0:10:7f:39:5f:37:a7:1f:73:b8:55:5e:0a:66:c5:66:
c5:11:bc:d5:c4:b3:20:c0:30:06:d1:dd:3d:36:5a:7a:aa:5d:
e4:2a:8e:0e:bb:e2:51:80:48:ad:16:6a:41:9d:44:54:52:d8:
50:bd:0a:2a:75:42:b4:bc:98:fa:27:02:35:57:c4:aa:52:71:
c6:21:b4:c4:23:69:c3:c9:0c:e9:04:bc:68:39:60:b9:91:87:
3b:3d:c1:66:fa:c7:bf:b3:be:ca:c0:be:ce:1c:59:0e:ef:a7:
ec:8f:1b:d2:7a:56:68:01:53:eb:fd:ce:88:ce:7c:f6:e4:77:
8a:87:60:5c:07:be:73:82:5f:6a:e4:01:aa:4f:9d:b7:36:61:
ae:13:ab:5d:0f:f8:cd:c0:d3:34:b3:a4:f2:b2:ba:da:cd:7c:
93:fb:8a:b2:28:b1:a2:89:21:45:c4:2e:57:9e:01:b1:f6:a4:
c8:cc:22:6c:2f:ff:e2:a8:df:74:62:1b:20:94:23:12:42:f8:
d7:3f:a7:79:86:f8:73:2e:51:9c:4a:41:29:31:7e:e6:85:a7:
ce:cd:85:a3:12:3e:23:b4:a3:22:0b:e7:9f:ab:96:49:ba:1d:
ca:71:52:6c:4e:29:30:0a:40:dc:79:91:68:6d:ea:82:bc:81:
40:e3:19:48
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIULb3qz0V0t2eca4XzKRICEUNoek4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkFEOTU2MzZCNkIzRTBENUY5MEVFNDFGM0MzRDZENTFG
OEZDMDZFQzAeFw0yNTA0MjgwMzA5MThaFw0yNjA0MjcwMzE0MThaMDMxMTAvBgNV
BAMTKDQzQzM2QjJCRjU0NjQ3QzA2RTI0NzlBMkQwMTA3RjQ2OUU0RjBGRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvDcW1Fs4x8smyyJKxze2+0LMN
MljpJUO7LTHC3MYO0OyXbST67OHuj4C0rXjcSajWEFm9eiHPAxOVHsSgIeGuyfAT
JZMKIStUFIEfZZ2thQu20PPkQGpd5QUftfTB808pLUxw/W+xmcvGhkBO8n28LmtB
VXLKKEtV7/UayLWjEE5LygcUUN2n/pDz3h7CIYUywz1/kvXLgGXA0FyduuFHHjBk
36P/mh1n60f3XkGP//L1QEYGMWgt+h9LGNigIYWC45fRpql04Gs0YHszUhrdZBb/
Wc1tdaQvOF7sWL4sguYW5UyKLgmdwXb66XsWq2ZmJgrjC3mdHEry7fIChtyVAgMB
AAGjggKmMIICojAdBgNVHQ4EFgQUQ8NrK/VGR8BuJHmi0BB/Rp5PD9AwHwYDVR0j
BBgwFoAUatlWNraz4NX5DuQfPD1tUfj8BuwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
ODczNDlmYi00NjVlLTRlOGItYTk3NC05MGU5MzliY2IwZmIvMC82QUQ5NTYzNkI2
QjNFMEQ1RjkwRUU0MUYzQzNENkQ1MUY4RkMwNkVDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNkFEOTU2MzZCNkIzRTBENUY5MEVFNDFGM0MzRDZENTFGOEZD
MDZFQy5jZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jl
cG8tcnBraS5pZG5pYy5uZXQvcmVwby9lODczNDlmYi00NjVlLTRlOGItYTk3NC05
MGU5MzliY2IwZmIvMC9BUzM4NDk2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszCBoQQCAAEwgZoDBAJnH5wDBANwTmAD
BANyH/ADBANybigDBANyhkgDBAJzsngDBAN0QsgDBAN0/ngDBAN1ZwgDBAG2F6Aw
DAMEALYXowMEAbYXqDAMAwQCthesAwQAtheuAwQAylewAwQAyle4AwQAyle8MAwD
BAPLvygDBAHLvywDBADLvy8wDAMEBN8bkAMEAN8bkjAMAwQC3xuUAwQF3xuAMA0E
AgACMAcDBQAkASQAMA0GCSqGSIb3DQEBCwUAA4IBAQBv/NAQfzlfN6cfc7hVXgpm
xWbFEbzVxLMgwDAG0d09Nlp6ql3kKo4Ou+JRgEitFmpBnURUUthQvQoqdUK0vJj6
JwI1V8SqUnHGIbTEI2nDyQzpBLxoOWC5kYc7PcFm+se/s77KwL7OHFkO76fsjxvS
elZoAVPr/c6Iznz25HeKh2BcB75zgl9q5AGqT523NmGuE6tdD/jNwNM0s6Tysrra
zXyT+4qyKLGiiSFFxC5XngGx9qTIzCJsL//iqN90YhsglCMSQvjXP6d5hvhzLlGc
SkEpMX7mhafOzYWjEj4jtKMiC+efq5ZJuh3KcVJsTikwCkDceZFobeqCvIFA4xlI
-----END CERTIFICATE-----
Generated at Tue May 6 19:14:11 2025 by rpki-client