Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS23756.roa
File: AS23756.roa (raw, json)
Hash identifier: 8h8kIMc+AbrO9lcq5pXGkXGVGlEuebHFRYpFRsUhC8I=
Subject key identifier: 13:AD:B0:84:FE:CA:A4:1F:30:95:AD:CE:7D:F3:4D:25:1E:54:B0:7B
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 261E20DF5DCC2492471A09D4047BC0317CE462E5
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS23756.roa
Signing time: Sun 03 May 2026 08:14:58 +0000
ROA not before: Sun 03 May 2026 08:09:58 +0000
ROA not after: Sun 02 May 2027 08:14:58 +0000
asID: 23756
IP address blocks: 103.242.204.0/22 maxlen: 24
117.102.224.0/19 maxlen: 24
150.107.132.0/22 maxlen: 24
202.6.224.0/20 maxlen: 24
2406:6200::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 09:32:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:1e:20:df:5d:cc:24:92:47:1a:09:d4:04:7b:c0:31:7c:e4:62:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: May 3 08:09:58 2026 GMT
Not After : May 2 08:14:58 2027 GMT
Subject: CN=13ADB084FECAA41F3095ADCE7DF34D251E54B07B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:33:d1:ee:f0:f9:35:7f:cd:8b:d0:d2:c4:8a:
b1:05:1b:bb:82:e5:89:44:e1:f7:a0:44:47:46:ca:
c5:7e:80:dc:ac:4e:c7:53:8d:d8:aa:01:65:ef:c8:
d4:7c:11:8c:e0:aa:50:a6:c9:67:99:e3:2d:7d:bf:
91:2d:f8:da:a4:d7:a1:06:a3:1a:2d:57:01:06:b0:
f2:01:12:ea:4b:43:7e:58:3d:11:2a:1d:d6:24:71:
10:05:b0:9b:9f:c1:58:21:ce:c4:27:fa:be:58:bf:
fd:96:17:90:a1:a1:a3:37:56:bf:6e:65:e0:10:66:
c1:e3:50:ff:34:01:60:28:6c:0f:39:d1:04:af:2e:
87:51:f2:6b:84:59:4e:e0:56:7f:42:67:62:d4:89:
ee:f0:fc:32:f4:a4:72:fe:46:4d:2e:a0:c2:cc:d4:
a0:f5:b7:6a:a3:51:72:6c:61:04:92:95:94:8c:b6:
86:49:b0:5e:86:78:fe:18:13:57:e3:a0:1d:08:57:
17:00:f2:54:bb:e8:64:b6:36:5a:de:bb:54:fa:11:
80:7e:0a:9a:70:7b:2e:19:47:c7:14:86:a3:f3:d8:
fe:ce:98:57:b8:5e:fa:43:98:83:1c:02:3b:7f:b7:
e6:e6:f2:46:3b:d4:40:0b:43:88:83:aa:77:ef:b9:
99:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:AD:B0:84:FE:CA:A4:1F:30:95:AD:CE:7D:F3:4D:25:1E:54:B0:7B
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS23756.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.242.204.0/22
117.102.224.0/19
150.107.132.0/22
202.6.224.0/20
IPv6:
2406:6200::/32
Signature Algorithm: sha256WithRSAEncryption
0a:6e:5f:84:b8:87:dd:76:e2:ca:a4:c4:29:47:b5:0a:c2:8a:
ab:5e:25:21:54:27:79:2d:b7:3e:a6:d8:de:9f:d5:3a:ac:78:
60:2a:e8:6b:f3:00:77:11:26:01:a2:d3:1f:ee:87:15:2b:89:
7a:32:35:57:fc:6a:e5:0a:64:c8:71:c9:10:2c:f9:ba:1e:a4:
08:66:7d:5e:3f:6c:1a:5d:1b:7a:f3:44:55:12:6e:12:14:90:
14:e3:94:a3:0e:85:d3:43:69:f3:fd:33:9c:99:f8:93:62:12:
71:c3:7b:c4:05:10:b8:a7:69:40:8c:bc:28:51:d7:98:8e:42:
3d:ad:78:70:a7:4b:8d:62:28:95:e5:2a:ce:3e:22:db:19:95:
b0:5b:73:e5:b6:4d:6a:7c:83:ad:f6:92:95:97:b4:58:48:84:
83:28:e5:4b:0e:1d:4c:75:5d:2a:d5:5b:f4:be:43:40:93:c5:
00:7b:0c:6e:51:c6:cf:3c:d6:a0:2e:58:7d:5d:4e:98:7e:a5:
27:40:fb:30:68:a6:d7:1b:db:6f:4f:bc:1f:e2:0d:57:df:e8:
b3:3f:a7:1b:0e:9a:9c:5b:43:66:3e:b3:8c:d7:c5:f7:ed:c2:
57:1c:44:6d:12:c9:f5:a9:aa:5a:72:43:f4:34:07:21:13:6c:
b4:5b:8a:81
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgIUJh4g313MJJJHGgnUBHvAMXzkYuUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzA4MDk1OFoX
DTI3MDUwMjA4MTQ1OFowMzExMC8GA1UEAxMoMTNBREIwODRGRUNBQTQxRjMwOTVB
RENFN0RGMzREMjUxRTU0QjA3QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIoz0e7w+TV/zYvQ0sSKsQUbu4LliUTh96BER0bKxX6A3KxOx1ON2KoBZe/I
1HwRjOCqUKbJZ5njLX2/kS342qTXoQajGi1XAQaw8gES6ktDflg9ESod1iRxEAWw
m5/BWCHOxCf6vli//ZYXkKGhozdWv25l4BBmweNQ/zQBYChsDznRBK8uh1Hya4RZ
TuBWf0JnYtSJ7vD8MvSkcv5GTS6gwszUoPW3aqNRcmxhBJKVlIy2hkmwXoZ4/hgT
V+OgHQhXFwDyVLvoZLY2Wt67VPoRgH4KmnB7LhlHxxSGo/PY/s6YV7he+kOYgxwC
O3+35ubyRjvUQAtDiIOqd++5mc8CAwEAAaOCAewwggHoMB0GA1UdDgQWBBQTrbCE
/sqkHzCVrc59800lHlSwezAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMjM3NTYucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgAB
MBgDBAJn8swDBAV1ZuADBAKWa4QDBATKBuAwDQQCAAIwBwMFACQGYgAwDQYJKoZI
hvcNAQELBQADggEBAApuX4S4h9124sqkxClHtQrCiqteJSFUJ3kttz6m2N6f1Tqs
eGAq6GvzAHcRJgGi0x/uhxUriXoyNVf8auUKZMhxyRAs+boepAhmfV4/bBpdG3rz
RFUSbhIUkBTjlKMOhdNDafP9M5yZ+JNiEnHDe8QFELinaUCMvChR15iOQj2teHCn
S41iKJXlKs4+ItsZlbBbc+W2TWp8g632kpWXtFhIhIMo5UsOHUx1XSrVW/S+Q0CT
xQB7DG5Rxs881qAuWH1dTph+pSdA+zBoptcb229PvB/iDVff6LM/pxsOmpxbQ2Y+
s4zXxfftwlccRG0SyfWpqlpyQ/Q0ByETbLRbioE=
-----END CERTIFICATE-----
Generated at Tue May 12 22:42:12 2026 by rpki-client