Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS63859.roa
File: AS63859.roa (raw, json)
Hash identifier: Zdlvu/oabFiGRC03yGt5sia9IKBTv0U4soOgQ+RXwi0=
Subject key identifier: DD:6C:16:7D:9A:F2:30:95:12:35:B0:14:7B:2E:50:47:7C:2E:B2:B7
Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
Certificate serial: 71FF3847B45921AB6101898064F5D5F598337785
Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS63859.roa
Signing time: Wed 06 May 2026 08:35:17 +0000
ROA not before: Wed 06 May 2026 08:30:17 +0000
ROA not after: Wed 05 May 2027 08:35:17 +0000
asID: 63859
IP address blocks: 9.154.220.0/24 maxlen: 24
9.154.221.0/24 maxlen: 24
9.154.222.0/24 maxlen: 24
9.154.223.0/24 maxlen: 24
9.154.224.0/24 maxlen: 24
9.154.225.0/24 maxlen: 24
9.154.226.0/24 maxlen: 24
9.154.227.0/24 maxlen: 24
9.154.228.0/24 maxlen: 24
9.154.229.0/24 maxlen: 24
9.154.230.0/24 maxlen: 24
9.154.231.0/24 maxlen: 24
9.154.232.0/24 maxlen: 24
9.154.233.0/24 maxlen: 24
9.154.234.0/24 maxlen: 24
9.154.235.0/24 maxlen: 24
157.66.208.0/23 maxlen: 24
157.66.208.0/24 maxlen: 24
157.66.209.0/24 maxlen: 24
157.66.210.0/23 maxlen: 24
157.66.210.0/24 maxlen: 24
157.66.211.0/24 maxlen: 24
158.140.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 07:47:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:ff:38:47:b4:59:21:ab:61:01:89:80:64:f5:d5:f5:98:33:77:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
Validity
Not Before: May 6 08:30:17 2026 GMT
Not After : May 5 08:35:17 2027 GMT
Subject: CN=DD6C167D9AF230951235B0147B2E50477C2EB2B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c6:4d:3e:3a:12:b8:77:ff:74:b2:67:3d:15:
3f:33:47:57:05:ed:c7:4c:c9:c9:4b:7a:91:6f:26:
4e:b7:73:14:34:5a:d5:44:d7:b3:24:36:91:0f:7f:
2a:09:6d:c4:14:5f:f5:94:76:51:19:30:32:60:f5:
7a:ee:cc:90:69:bb:b7:4d:72:c0:90:eb:96:74:04:
52:ed:d9:03:a1:ae:15:52:ca:f2:37:94:33:ba:09:
bc:ba:84:19:98:0e:53:be:f1:b9:ad:b0:fa:da:7a:
bd:cb:f1:83:99:65:e4:ba:61:7f:df:38:d5:e6:3e:
08:e6:fa:aa:66:10:f3:df:5a:c2:de:a6:c4:7d:c9:
7e:02:a3:a3:c4:f4:6a:35:a2:51:b8:46:98:8d:9e:
27:f1:f9:f6:85:ab:a3:aa:d4:03:15:72:69:57:1a:
56:73:38:8d:e9:de:73:d1:ed:bc:d5:fe:49:4a:97:
a3:63:af:03:d9:20:e2:aa:97:ae:27:a4:17:71:2a:
bd:b4:0c:ff:d8:a3:11:4f:5b:48:af:e6:66:b4:8b:
a7:ac:27:24:d1:5d:25:d3:15:19:b1:74:49:4f:15:
30:91:96:9f:bc:d3:d7:c7:be:51:1e:86:af:9b:f8:
87:87:08:7d:16:1d:a6:00:e1:3a:99:e1:c2:37:09:
68:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:6C:16:7D:9A:F2:30:95:12:35:B0:14:7B:2E:50:47:7C:2E:B2:B7
X509v3 Authority Key Identifier:
keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS63859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
9.154.220.0-9.154.235.255
157.66.208.0/22
158.140.160.0/19
Signature Algorithm: sha256WithRSAEncryption
55:f9:6a:7d:47:07:06:97:d0:f2:e8:ec:ce:f1:34:7a:a1:20:
6c:d2:09:16:64:e4:c2:4a:5d:73:ba:95:99:81:82:52:08:af:
06:1c:bb:41:97:9a:95:17:24:5a:c5:7b:75:56:fe:b0:49:de:
29:c3:8f:62:07:fa:8d:f1:b2:9f:56:43:88:8a:8d:d7:13:0b:
47:8f:ba:80:8d:c3:85:c3:68:56:3f:69:1a:45:e5:a3:e9:ab:
57:5d:68:e2:6e:71:ef:67:f8:46:f3:12:bd:2a:7d:43:c3:1e:
2d:cd:59:c5:2f:60:f6:77:c5:d4:22:37:02:74:1e:c3:16:61:
22:38:ce:7a:b0:d1:d1:d2:bc:3a:db:9d:ca:35:73:bc:54:89:
f5:b3:5a:8a:0d:d6:70:85:2e:c8:fd:73:62:0c:7a:53:5e:07:
be:b7:fb:aa:bb:53:41:90:7a:db:bb:24:21:e1:a8:d6:7e:97:
46:a8:d2:50:f7:a8:89:04:19:c2:e6:20:f6:ed:77:e7:ea:e9:
b3:7e:38:7c:d9:cc:7c:40:e6:de:8b:41:c8:af:1e:78:cf:94:
3b:ca:09:a0:59:85:86:78:f4:8e:1d:0d:93:9e:4f:da:27:09:
41:63:cf:cd:f1:af:a7:3f:fa:f6:e6:71:e7:6c:a2:d5:9a:64:
ed:00:15:46
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUcf84R7RZIathAYmAZPXV9Zgzd4UwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0
NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwNjA4MzAxN1oX
DTI3MDUwNTA4MzUxN1owMzExMC8GA1UEAxMoREQ2QzE2N0Q5QUYyMzA5NTEyMzVC
MDE0N0IyRTUwNDc3QzJFQjJCNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJTGTT46Erh3/3SyZz0VPzNHVwXtx0zJyUt6kW8mTrdzFDRa1UTXsyQ2kQ9/
KgltxBRf9ZR2URkwMmD1eu7MkGm7t01ywJDrlnQEUu3ZA6GuFVLK8jeUM7oJvLqE
GZgOU77xua2w+tp6vcvxg5ll5Lphf9841eY+COb6qmYQ899awt6mxH3JfgKjo8T0
ajWiUbhGmI2eJ/H59oWro6rUAxVyaVcaVnM4jenec9HtvNX+SUqXo2OvA9kg4qqX
riekF3EqvbQM/9ijEU9bSK/mZrSLp6wnJNFdJdMVGbF0SU8VMJGWn7zT18e+UR6G
r5v4h4cIfRYdpgDhOpnhwjcJaA0CAwEAAaOCAd8wggHbMB0GA1UdDgQWBBTdbBZ9
mvIwlRI1sBR7LlBHfC6ytzAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT
YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB
NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG
MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz
Rm5DMDJJLmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTNjM4NTkucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgAB
MBowDAMEAgma3AMEAgma6AMEAp1C0AMEBZ6MoDANBgkqhkiG9w0BAQsFAAOCAQEA
VflqfUcHBpfQ8ujszvE0eqEgbNIJFmTkwkpdc7qVmYGCUgivBhy7QZealRckWsV7
dVb+sEneKcOPYgf6jfGyn1ZDiIqN1xMLR4+6gI3DhcNoVj9pGkXlo+mrV11o4m5x
72f4RvMSvSp9Q8MeLc1ZxS9g9nfF1CI3AnQewxZhIjjOerDR0dK8OtudyjVzvFSJ
9bNaig3WcIUuyP1zYgx6U14Hvrf7qrtTQZB627skIeGo1n6XRqjSUPeoiQQZwuYg
9u135+rps344fNnMfEDm3otByK8eeM+UO8oJoFmFhnj0jh0Nk55P2icJQWPPzfGv
pz/69uZx52yi1Zpk7QAVRg==
-----END CERTIFICATE-----
Generated at Tue May 12 22:42:16 2026 by rpki-client