Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS4787.roa
File: AS4787.roa (raw, json)
Hash identifier: 9kMXag3S5sIsYs6KhV1hKCfOb+ozgLUyG+K9Galdr88=
Subject key identifier: 7E:F0:1F:8F:8C:A9:31:BE:9D:09:C7:1D:4B:E7:C6:BC:1F:57:0B:7A
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 33BAA5B4D071941E6118EF00C446211CE86D2207
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS4787.roa
Signing time: Wed 06 May 2026 04:40:17 +0000
ROA not before: Wed 06 May 2026 04:35:17 +0000
ROA not after: Wed 05 May 2027 04:40:17 +0000
asID: 4787
IP address blocks: 103.86.152.0/22 maxlen: 24
103.109.160.0/23 maxlen: 24
103.109.172.0/22 maxlen: 24
103.111.200.0/22 maxlen: 24
103.113.48.0/22 maxlen: 24
103.113.52.0/22 maxlen: 24
103.113.73.0/24 maxlen: 24
103.164.132.0/23 maxlen: 24
103.164.134.0/23 maxlen: 24
202.51.24.0/21 maxlen: 24
2001:df4:cd00::/48 maxlen: 48
2403:3440::/32 maxlen: 48
2403:34c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 09:32:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:ba:a5:b4:d0:71:94:1e:61:18:ef:00:c4:46:21:1c:e8:6d:22:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: May 6 04:35:17 2026 GMT
Not After : May 5 04:40:17 2027 GMT
Subject: CN=7EF01F8F8CA931BE9D09C71D4BE7C6BC1F570B7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:dd:3b:e0:54:46:42:7e:4d:75:79:6f:43:6b:
84:9c:bb:f8:4b:2a:55:d3:df:05:ed:78:47:5c:5e:
b2:d3:02:8f:a4:67:25:af:8e:40:b2:11:9a:91:6b:
aa:54:e7:11:d2:cc:83:5d:23:86:01:d3:ed:46:45:
4c:ab:61:77:d8:53:46:02:f6:c4:06:ce:8b:aa:b1:
e5:60:ad:57:3d:84:8c:b0:4e:4f:d9:b2:75:5c:95:
95:36:25:bc:39:fa:b4:e7:4c:a1:a7:57:a5:8d:2d:
6a:cf:5e:7b:69:db:bb:b0:91:90:f6:c9:ca:03:ac:
c4:28:74:38:47:6d:91:7f:0c:54:b3:4f:c4:7c:1c:
27:fd:1b:08:2f:69:d5:cc:9b:1a:4b:c9:63:4f:6a:
0e:6b:f8:03:eb:cd:57:e3:ec:37:9d:81:46:e6:3a:
b5:d3:bd:0f:f8:7e:32:de:75:d5:60:34:31:20:aa:
07:89:2d:17:bb:5c:0a:ae:b5:66:b5:2a:e9:72:5f:
3b:21:51:a6:96:60:7f:09:86:1b:f4:78:b9:99:48:
19:91:9a:79:5f:61:3f:b0:ed:60:14:88:dd:a1:c8:
2d:f9:9f:5c:55:3b:a7:63:6f:26:c6:b0:c9:63:29:
2b:61:e7:ee:df:61:42:20:4f:61:26:dc:7a:76:bb:
64:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:F0:1F:8F:8C:A9:31:BE:9D:09:C7:1D:4B:E7:C6:BC:1F:57:0B:7A
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS4787.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.86.152.0/22
103.109.160.0/23
103.109.172.0/22
103.111.200.0/22
103.113.48.0/21
103.113.73.0/24
103.164.132.0/22
202.51.24.0/21
IPv6:
2001:df4:cd00::/48
2403:3440::/32
2403:34c0::/32
Signature Algorithm: sha256WithRSAEncryption
4c:ca:72:83:5d:85:c6:1b:34:51:2f:58:e6:a8:fe:dc:86:2a:
92:be:16:f8:8b:ef:0a:bf:3e:fd:ca:3b:af:3c:19:fb:6d:08:
28:89:20:7f:28:b7:fd:97:cd:ad:38:62:35:79:fe:dc:c0:2e:
69:6b:82:2d:f5:ca:f0:57:10:5d:43:66:fb:9f:cc:7f:d2:15:
1f:26:cb:f4:6c:dd:5d:9f:da:d7:a0:2f:7f:29:c1:91:ba:0e:
d5:2f:73:6f:76:20:56:2b:76:e2:11:b6:c4:73:1e:4e:97:b0:
0d:9d:9a:a7:4f:fa:24:06:6a:e0:ee:bd:71:ec:6f:90:2a:f6:
f8:b0:7a:ac:97:fa:2f:79:71:cf:90:a1:6c:e7:0c:d7:1f:b8:
55:32:62:0f:b9:ca:e8:b7:da:79:e4:cc:61:68:16:b3:61:2f:
37:02:36:bd:9e:a5:d1:7d:b6:93:fe:5a:11:2a:82:f0:a5:92:
b2:aa:de:ab:bc:c1:03:6d:77:02:99:a6:2b:04:0c:d3:9e:50:
14:6c:d6:70:d6:7d:97:a8:6a:06:a0:91:fa:84:ec:b9:00:67:
0d:a2:fd:52:8b:40:e7:94:07:89:e8:ea:e8:ff:a4:14:b9:ef:
39:03:35:da:4c:8b:44:f7:71:0c:00:3a:cb:e3:a5:a1:d3:26:
40:0c:0f:29
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIUM7qltNBxlB5hGO8AxEYhHOhtIgcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwNjA0MzUxN1oX
DTI3MDUwNTA0NDAxN1owMzExMC8GA1UEAxMoN0VGMDFGOEY4Q0E5MzFCRTlEMDlD
NzFENEJFN0M2QkMxRjU3MEI3QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI7dO+BURkJ+TXV5b0NrhJy7+EsqVdPfBe14R1xestMCj6RnJa+OQLIRmpFr
qlTnEdLMg10jhgHT7UZFTKthd9hTRgL2xAbOi6qx5WCtVz2EjLBOT9mydVyVlTYl
vDn6tOdMoadXpY0tas9ee2nbu7CRkPbJygOsxCh0OEdtkX8MVLNPxHwcJ/0bCC9p
1cybGkvJY09qDmv4A+vNV+PsN52BRuY6tdO9D/h+Mt511WA0MSCqB4ktF7tcCq61
ZrUq6XJfOyFRppZgfwmGG/R4uZlIGZGaeV9hP7DtYBSI3aHILfmfXFU7p2NvJsaw
yWMpK2Hn7t9hQiBPYSbcena7ZOcCAwEAAaOCAhMwggIPMB0GA1UdDgQWBBR+8B+P
jKkxvp0Jxx1L58a8H1cLejAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBQBggrBgEFBQcBCwREMEIwQAYIKwYBBQUHMAuGNHJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTNDc4Ny5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBggrBgEFBQcBBwEB/wRZMFcwNgQCAAEw
MAMEAmdWmAMEAWdtoAMEAmdtrAMEAmdvyAMEA2dxMAMEAGdxSQMEAmekhAMEA8oz
GDAdBAIAAjAXAwcAIAEN9M0AAwUAJAM0QAMFACQDNMAwDQYJKoZIhvcNAQELBQAD
ggEBAEzKcoNdhcYbNFEvWOao/tyGKpK+FviL7wq/Pv3KO688GfttCCiJIH8ot/2X
za04YjV5/tzALmlrgi31yvBXEF1DZvufzH/SFR8my/Rs3V2f2tegL38pwZG6DtUv
c292IFYrduIRtsRzHk6XsA2dmqdP+iQGauDuvXHsb5Aq9viweqyX+i95cc+QoWzn
DNcfuFUyYg+5yui32nnkzGFoFrNhLzcCNr2epdF9tpP+WhEqgvClkrKq3qu8wQNt
dwKZpisEDNOeUBRs1nDWfZeoagagkfqE7LkAZw2i/VKLQOeUB4no6uj/pBS57zkD
NdpMi0T3cQwAOsvjpaHTJkAMDyk=
-----END CERTIFICATE-----
Generated at Tue May 12 22:43:29 2026 by rpki-client