Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS138818.roa
File: AS138818.roa (raw, json)
Hash identifier: +I3Qyl+kQZZYDTEaMmuCP3056UBcUF2dMUtZf/4z0X4=
Subject key identifier: D7:46:B2:1C:85:91:69:41:7C:72:2C:53:74:F2:C5:FD:22:1C:DF:9B
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 43854C0749F20358F7831AC806F91AF933FED0FE
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138818.roa
Signing time: Sun 03 May 2026 14:04:39 +0000
ROA not before: Sun 03 May 2026 13:59:39 +0000
ROA not after: Sun 02 May 2027 14:04:39 +0000
asID: 138818
IP address blocks: 103.31.46.0/24 maxlen: 24
103.103.136.0/22 maxlen: 24
103.114.79.0/24 maxlen: 24
103.238.201.0/24 maxlen: 24
103.238.202.0/24 maxlen: 24
103.238.203.0/24 maxlen: 24
103.245.226.0/24 maxlen: 24
110.232.65.0/24 maxlen: 24
110.232.68.0/24 maxlen: 24
110.232.69.0/24 maxlen: 24
110.232.70.0/24 maxlen: 24
110.232.91.0/24 maxlen: 24
114.141.91.0/24 maxlen: 24
114.141.92.0/24 maxlen: 24
114.141.93.0/24 maxlen: 24
114.141.94.0/24 maxlen: 24
114.141.95.0/24 maxlen: 24
202.162.202.0/24 maxlen: 24
2406:be40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 09:32:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:85:4c:07:49:f2:03:58:f7:83:1a:c8:06:f9:1a:f9:33:fe:d0:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: May 3 13:59:39 2026 GMT
Not After : May 2 14:04:39 2027 GMT
Subject: CN=D746B21C859169417C722C5374F2C5FD221CDF9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5c:a7:79:57:28:4b:d6:c8:51:a1:da:46:e1:
98:9b:68:9c:dd:37:79:07:82:cd:52:8e:e0:25:7b:
44:a9:b8:fe:14:ca:04:4a:ab:6d:a0:02:3c:26:67:
07:49:5f:91:dd:78:a9:d3:28:8b:c3:d3:9e:af:61:
56:55:44:f5:71:b2:41:b3:93:d8:5b:22:93:a6:b7:
d7:2b:66:e5:1f:98:44:e6:64:38:f3:9f:d8:51:c5:
34:9d:6c:ff:f1:ae:7a:e8:8d:ee:2e:ff:ab:45:df:
09:3e:a3:dd:53:8c:ff:e1:7b:c0:c6:03:19:6f:c2:
8c:20:cd:df:00:2c:41:8d:3d:93:fe:d8:83:a2:44:
00:ba:01:12:a1:13:69:c1:b8:f4:d1:82:6f:08:74:
91:b1:0e:84:85:0a:68:68:02:fd:3d:67:31:c2:95:
fc:86:2c:28:11:60:b6:50:b5:42:7a:78:cb:ff:1c:
88:6f:48:75:c0:86:b2:6f:c2:97:23:c1:7f:b3:5a:
0d:46:38:73:f0:d5:31:1a:34:3f:e2:6f:1b:70:75:
53:e0:bc:53:cd:aa:db:db:0d:c3:48:ec:56:12:24:
51:a5:b7:af:be:c7:33:fb:18:02:de:fd:e0:56:f7:
e8:4d:f2:13:c4:67:75:6f:51:ff:93:35:fa:74:ad:
04:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:46:B2:1C:85:91:69:41:7C:72:2C:53:74:F2:C5:FD:22:1C:DF:9B
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138818.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.31.46.0/24
103.103.136.0/22
103.114.79.0/24
103.238.201.0-103.238.203.255
103.245.226.0/24
110.232.65.0/24
110.232.68.0-110.232.70.255
110.232.91.0/24
114.141.91.0-114.141.95.255
202.162.202.0/24
IPv6:
2406:be40::/32
Signature Algorithm: sha256WithRSAEncryption
08:68:ce:62:0a:b1:df:af:42:38:bd:1a:66:a8:af:0c:06:0b:
e8:e3:88:a5:b5:60:63:b2:74:bb:d2:e1:c3:4e:25:fa:1b:97:
3f:c9:9d:a0:59:84:4e:17:ed:84:24:7e:e9:2f:25:ad:2d:e6:
77:49:42:1d:14:43:f8:87:5b:c3:01:0d:be:db:05:30:a5:26:
79:28:1b:f3:3e:93:26:e8:0a:0e:ad:a8:7e:7f:0e:09:53:25:
fa:06:5b:a7:3a:e2:42:49:db:69:ff:36:41:dc:3f:1c:8c:da:
47:8c:cc:54:19:e4:7e:74:ae:c5:7b:4d:66:24:f3:7b:5b:7d:
48:53:34:e1:49:ab:10:e8:d0:37:f2:f2:f0:55:65:bf:eb:c1:
e0:00:49:7b:f6:d5:20:d1:5f:ac:6a:5f:d4:c6:d3:1d:d1:fb:
59:68:50:03:0a:52:0e:81:2e:c6:a9:42:a5:6b:15:ac:2b:0b:
50:73:6f:37:67:d4:ae:a2:0f:6d:ec:43:6a:4b:1c:eb:b6:85:
58:9f:44:bf:51:2a:ca:3b:41:a4:f3:61:f1:f6:7d:f4:a9:9a:
36:6b:74:51:02:13:24:20:0a:f2:51:e4:23:e9:89:58:b0:be:
c2:27:44:c1:75:87:29:3d:3f:d2:87:67:ad:81:3e:76:7d:83:
f6:be:d1:b7
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUQ4VMB0nyA1j3gxrIBvka+TP+0P4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzEzNTkzOVoX
DTI3MDUwMjE0MDQzOVowMzExMC8GA1UEAxMoRDc0NkIyMUM4NTkxNjk0MTdDNzIy
QzUzNzRGMkM1RkQyMjFDREY5QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlcp3lXKEvWyFGh2kbhmJtonN03eQeCzVKO4CV7RKm4/hTKBEqrbaACPCZn
B0lfkd14qdMoi8PTnq9hVlVE9XGyQbOT2Fsik6a31ytm5R+YROZkOPOf2FHFNJ1s
//GueuiN7i7/q0XfCT6j3VOM/+F7wMYDGW/CjCDN3wAsQY09k/7Yg6JEALoBEqET
acG49NGCbwh0kbEOhIUKaGgC/T1nMcKV/IYsKBFgtlC1Qnp4y/8ciG9IdcCGsm/C
lyPBf7NaDUY4c/DVMRo0P+JvG3B1U+C8U82q29sNw0jsVhIkUaW3r77HM/sYAt79
4Fb36E3yE8RndW9R/5M1+nStBJsCAwEAAaOCAikwggIlMB0GA1UdDgQWBBTXRrIc
hZFpQXxyLFN08sX9IhzfmzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM4ODE4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIA
ATBUAwQAZx8uAwQCZ2eIAwQAZ3JPMAwDBABn7skDBAJn7sgDBABn9eIDBABu6EEw
DAMEAm7oRAMEAG7oRgMEAG7oWzAMAwQAco1bAwQFco1AAwQAyqLKMA0EAgACMAcD
BQAkBr5AMA0GCSqGSIb3DQEBCwUAA4IBAQAIaM5iCrHfr0I4vRpmqK8MBgvo44il
tWBjsnS70uHDTiX6G5c/yZ2gWYROF+2EJH7pLyWtLeZ3SUIdFEP4h1vDAQ2+2wUw
pSZ5KBvzPpMm6AoOrah+fw4JUyX6BlunOuJCSdtp/zZB3D8cjNpHjMxUGeR+dK7F
e01mJPN7W31IUzThSasQ6NA38vLwVWW/68HgAEl79tUg0V+sal/UxtMd0ftZaFAD
ClIOgS7GqUKlaxWsKwtQc283Z9Suog9t7ENqSxzrtoVYn0S/USrKO0Gk82Hx9n30
qZo2a3RRAhMkIAryUeQj6YlYsL7CJ0TBdYcpPT/Sh2etgT52fYP2vtG3
-----END CERTIFICATE-----
Generated at Tue May 12 23:04:03 2026 by rpki-client