Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS45298.roa
File: AS45298.roa (raw, json)
Hash identifier: YVgWBuquJdb5PvNfEgYicq9NnKRj6FRNDjG5l6XggCI=
Subject key identifier: 26:46:40:DD:B6:CD:15:38:74:AA:42:0B:66:DF:0F:F1:10:62:8A:2F
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 1ED16322E2C719827F484BC7739AFB743EF9187A
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS45298.roa
Signing time: Sun 03 May 2026 05:39:37 +0000
ROA not before: Sun 03 May 2026 05:34:37 +0000
ROA not after: Sun 02 May 2027 05:39:37 +0000
asID: 45298
IP address blocks: 43.249.208.0/22 maxlen: 22
49.50.4.0/23 maxlen: 23
103.206.240.0/22 maxlen: 22
103.228.8.0/24 maxlen: 24
103.247.244.0/23 maxlen: 23
103.253.106.0/23 maxlen: 23
202.43.72.0/22 maxlen: 22
203.89.146.0/23 maxlen: 23
203.171.221.0/24 maxlen: 24
203.209.190.0/24 maxlen: 24
2405:700::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 09:32:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:d1:63:22:e2:c7:19:82:7f:48:4b:c7:73:9a:fb:74:3e:f9:18:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: May 3 05:34:37 2026 GMT
Not After : May 2 05:39:37 2027 GMT
Subject: CN=264640DDB6CD153874AA420B66DF0FF110628A2F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c8:10:9e:ed:62:19:3c:4f:50:67:ec:17:cb:
ab:da:6e:f8:3a:39:d9:50:fd:36:58:e7:7e:dd:4c:
6a:b9:8b:53:c6:8d:56:9a:fb:9c:9a:df:ea:8a:9c:
56:0e:1a:f7:ad:95:53:64:d4:02:52:24:28:1d:94:
8d:bf:f7:6f:99:bf:b2:25:27:77:e0:6f:e2:46:26:
f1:1f:fa:82:27:b1:52:c9:b2:0b:4d:cc:a1:81:1c:
b2:22:66:a2:96:4d:4f:7e:4e:c5:0c:54:f0:f2:e7:
dc:3b:e7:cf:de:14:0c:f6:d0:3e:51:99:a4:da:5e:
44:4e:c9:fa:cd:0c:40:42:46:f7:cf:a3:3b:db:ee:
49:6a:38:b8:51:31:06:37:98:67:94:4a:85:fe:7d:
70:4a:33:ef:74:ad:89:6d:84:37:6b:a5:bb:25:12:
c4:c1:bb:89:68:60:c8:d3:11:00:1a:11:49:99:bb:
c1:0b:b0:42:4e:3e:41:1a:af:7d:ab:77:7e:f9:25:
70:d0:e1:a2:48:6d:53:0e:b1:96:03:c6:3e:84:41:
78:86:61:b3:5e:57:29:9d:4c:3d:af:f8:d9:3d:61:
3d:d0:53:73:d0:05:e9:95:08:17:1e:ec:58:a6:4e:
73:46:49:c2:3a:b3:8a:39:2f:c5:f3:7c:b5:46:74:
5e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:46:40:DD:B6:CD:15:38:74:AA:42:0B:66:DF:0F:F1:10:62:8A:2F
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS45298.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.249.208.0/22
49.50.4.0/23
103.206.240.0/22
103.228.8.0/24
103.247.244.0/23
103.253.106.0/23
202.43.72.0/22
203.89.146.0/23
203.171.221.0/24
203.209.190.0/24
IPv6:
2405:700::/32
Signature Algorithm: sha256WithRSAEncryption
9d:9d:68:da:8a:a4:35:84:6d:ca:af:e0:d8:46:c5:b5:b4:27:
42:b9:cb:48:fc:ab:e4:05:79:4c:62:4c:4e:30:d8:cf:54:b4:
ce:bb:8a:32:dc:e4:73:01:2d:a4:ac:05:8a:c0:d4:0e:24:ad:
4a:6a:9a:c0:b9:14:a6:90:a6:3e:88:94:b6:fb:e0:79:21:ed:
48:05:a7:f4:b9:d8:b1:26:e0:01:7f:94:5e:45:bc:74:1d:e2:
b2:56:57:7f:18:05:a6:76:f4:05:7b:d8:33:e0:7f:fe:cc:ba:
d1:32:71:67:fe:a4:6e:3f:5e:36:12:a8:c0:80:d9:27:5a:29:
dc:fd:e7:55:76:3e:33:ff:af:9a:55:02:0f:28:33:16:bd:b8:
73:4a:d6:64:83:67:0a:51:0c:b1:21:91:be:6a:ec:70:be:fe:
df:e7:c0:a6:76:3c:9a:c0:3d:27:60:c0:2a:84:ec:13:6a:d1:
a6:a2:1a:b4:9f:54:0b:e0:19:0c:0e:3e:3f:34:52:fa:c2:32:
8d:cb:cf:c5:9c:64:fd:cd:a6:ed:76:4c:54:7f:2c:e9:1f:2e:
ac:5c:cf:b1:e1:6d:f0:3d:9c:31:37:0a:6b:eb:0e:8b:97:f5:
ee:2f:b4:f7:29:cf:04:c8:f9:ee:1e:e2:32:45:ea:d4:d0:8c:
93:52:a1:73
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUHtFjIuLHGYJ/SEvHc5r7dD75GHowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzA1MzQzN1oX
DTI3MDUwMjA1MzkzN1owMzExMC8GA1UEAxMoMjY0NjQwRERCNkNEMTUzODc0QUE0
MjBCNjZERjBGRjExMDYyOEEyRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjIEJ7tYhk8T1Bn7BfLq9pu+Do52VD9Nljnft1MarmLU8aNVpr7nJrf6oqc
Vg4a962VU2TUAlIkKB2Ujb/3b5m/siUnd+Bv4kYm8R/6giexUsmyC03MoYEcsiJm
opZNT35OxQxU8PLn3Dvnz94UDPbQPlGZpNpeRE7J+s0MQEJG98+jO9vuSWo4uFEx
BjeYZ5RKhf59cEoz73StiW2EN2uluyUSxMG7iWhgyNMRABoRSZm7wQuwQk4+QRqv
fat3fvklcNDhokhtUw6xlgPGPoRBeIZhs15XKZ1MPa/42T1hPdBTc9AF6ZUIFx7s
WKZOc0ZJwjqzijkvxfN8tUZ0XlUCAwEAAaOCAhAwggIMMB0GA1UdDgQWBBQmRkDd
ts0VOHSqQgtm3w/xEGKKLzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTNDUyOTgucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYIKwYBBQUHAQcBAf8EVTBTMEIEAgAB
MDwDBAIr+dADBAExMgQDBAJnzvADBABn5AgDBAFn9/QDBAFn/WoDBALKK0gDBAHL
WZIDBADLq90DBADL0b4wDQQCAAIwBwMFACQFBwAwDQYJKoZIhvcNAQELBQADggEB
AJ2daNqKpDWEbcqv4NhGxbW0J0K5y0j8q+QFeUxiTE4w2M9UtM67ijLc5HMBLaSs
BYrA1A4krUpqmsC5FKaQpj6IlLb74Hkh7UgFp/S52LEm4AF/lF5FvHQd4rJWV38Y
BaZ29AV72DPgf/7MutEycWf+pG4/XjYSqMCA2SdaKdz951V2PjP/r5pVAg8oMxa9
uHNK1mSDZwpRDLEhkb5q7HC+/t/nwKZ2PJrAPSdgwCqE7BNq0aaiGrSfVAvgGQwO
Pj80UvrCMo3Lz8WcZP3Npu12TFR/LOkfLqxcz7HhbfA9nDE3CmvrDouX9e4vtPcp
zwTI+e4e4jJF6tTQjJNSoXM=
-----END CERTIFICATE-----
Generated at Tue May 12 22:42:10 2026 by rpki-client