Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS9875.roa
File: AS9875.roa (raw, json)
Hash identifier: xT99MISUsNtx/YqoLcSnu3QLBDQEvhBnrVMjoVMWePE=
Subject key identifier: 58:2D:38:0A:61:4D:47:30:58:C7:75:89:B7:E2:A7:E8:0F:52:84:3D
Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial: 55B348A30F4FBA76E52647F77DABAEF8A4E759DC
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS9875.roa
Signing time: Mon 04 May 2026 04:33:07 +0000
ROA not before: Mon 04 May 2026 04:28:07 +0000
ROA not after: Mon 03 May 2027 04:33:07 +0000
asID: 9875
IP address blocks: 103.93.224.0/22 maxlen: 24
103.93.228.0/22 maxlen: 24
103.94.96.0/22 maxlen: 24
103.159.228.0/23 maxlen: 24
103.159.230.0/23 maxlen: 24
103.159.232.0/23 maxlen: 24
103.159.234.0/23 maxlen: 24
103.167.142.0/23 maxlen: 24
103.167.144.0/23 maxlen: 24
103.167.146.0/23 maxlen: 24
103.167.148.0/23 maxlen: 24
103.168.106.0/23 maxlen: 24
103.168.108.0/23 maxlen: 24
103.168.110.0/23 maxlen: 24
103.168.112.0/23 maxlen: 24
103.169.110.0/24 maxlen: 24
103.169.111.0/24 maxlen: 24
103.169.112.0/23 maxlen: 24
103.169.114.0/24 maxlen: 24
103.169.115.0/24 maxlen: 24
103.169.118.0/23 maxlen: 24
103.169.120.0/23 maxlen: 24
103.169.122.0/23 maxlen: 24
103.169.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 09:32:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:b3:48:a3:0f:4f:ba:76:e5:26:47:f7:7d:ab:ae:f8:a4:e7:59:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Validity
Not Before: May 4 04:28:07 2026 GMT
Not After : May 3 04:33:07 2027 GMT
Subject: CN=582D380A614D473058C77589B7E2A7E80F52843D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:59:f6:ea:b1:e5:85:9d:9f:24:d3:54:60:6c:
e4:59:31:1c:09:f1:1f:2d:ef:b5:e8:41:58:1c:61:
06:a9:fd:62:64:a7:2f:ad:90:ea:a7:ef:0d:c3:f3:
16:aa:6c:64:09:55:24:da:31:1a:35:d9:09:52:4e:
e7:04:51:c3:3b:4c:9c:39:e1:76:8c:fe:65:8f:5e:
cf:85:96:a4:f7:a4:61:15:5e:04:e5:80:f4:c9:e1:
f1:06:b3:41:e9:ab:62:4a:ec:35:e6:77:a8:4c:9d:
af:9f:46:b9:b4:de:fc:62:c3:b6:39:14:e6:88:95:
60:83:83:7a:31:93:2f:e4:f7:88:09:07:83:6a:4d:
aa:e9:31:8b:7f:91:a5:92:65:0c:23:fc:6a:d5:14:
fa:3a:85:d2:e0:a0:7b:3f:e7:db:4f:00:ba:da:bd:
2e:0b:7e:67:f2:9e:df:4b:f4:92:db:d4:45:d3:f6:
3f:29:18:d6:7b:d3:a1:cc:43:c5:f1:60:09:a7:7c:
53:9d:ca:54:1d:93:71:08:a5:cc:3f:ad:08:83:ca:
ee:37:b4:60:b8:c4:8f:e5:6a:28:a4:c4:20:57:57:
33:56:1a:3b:e9:e7:ec:2b:95:36:4d:cc:33:c7:3b:
f8:b4:9f:ac:be:ed:f6:20:c2:80:1b:81:ae:02:c2:
16:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:2D:38:0A:61:4D:47:30:58:C7:75:89:B7:E2:A7:E8:0F:52:84:3D
X509v3 Authority Key Identifier:
keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS9875.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.93.224.0/21
103.94.96.0/22
103.159.228.0-103.159.235.255
103.167.142.0-103.167.149.255
103.168.106.0-103.168.113.255
103.169.110.0-103.169.115.255
103.169.118.0-103.169.125.255
Signature Algorithm: sha256WithRSAEncryption
94:87:a5:d4:ad:5a:3d:b2:d9:81:52:89:c5:df:85:b0:92:4c:
46:d7:dc:5e:90:83:2a:00:70:10:44:f9:4e:ff:8f:8d:0d:45:
d2:46:6d:d3:88:1d:04:26:a4:2f:4d:0c:8f:f0:99:38:db:50:
8f:8b:03:fd:30:63:ab:8e:12:72:5b:d6:6d:db:5c:ec:04:48:
bb:1d:94:af:f8:35:94:72:75:b6:be:d5:8e:ef:a1:96:2b:7e:
a9:0d:34:38:be:cb:03:28:58:bc:e0:7e:20:2f:44:18:54:54:
83:53:43:3b:e8:08:d5:d2:fa:d9:66:ec:a7:0d:28:3b:da:17:
48:b5:d3:e4:55:3c:d2:36:23:9c:5b:da:9a:1f:6f:04:76:3d:
23:8f:b1:44:1c:50:58:93:f3:ed:bd:22:ef:dc:03:5c:90:cd:
1a:6c:a7:17:23:5f:79:74:13:27:0f:92:76:7b:c7:c7:59:9d:
25:67:e9:01:ee:cc:54:32:ed:5f:0a:40:5c:54:3a:71:26:7a:
a5:44:62:26:7c:d7:88:ab:a6:76:c3:6c:bd:c5:dc:31:b9:d3:
bd:74:20:c9:16:5f:58:47:a0:65:4a:6a:ab:57:ec:a9:f7:21:
66:52:32:c9:80:d8:f2:b8:a7:fb:e2:9d:82:f0:95:6e:00:2c:
52:40:f4:7a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUVbNIow9PunblJkf3fauu+KTnWdwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwNDA0MjgwN1oX
DTI3MDUwMzA0MzMwN1owMzExMC8GA1UEAxMoNTgyRDM4MEE2MTRENDczMDU4Qzc3
NTg5QjdFMkE3RTgwRjUyODQzRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNZ9uqx5YWdnyTTVGBs5FkxHAnxHy3vtehBWBxhBqn9YmSnL62Q6qfvDcPz
FqpsZAlVJNoxGjXZCVJO5wRRwztMnDnhdoz+ZY9ez4WWpPekYRVeBOWA9Mnh8Qaz
QemrYkrsNeZ3qEydr59GubTe/GLDtjkU5oiVYIODejGTL+T3iAkHg2pNqukxi3+R
pZJlDCP8atUU+jqF0uCgez/n208Autq9Lgt+Z/Ke30v0ktvURdP2PykY1nvTocxD
xfFgCad8U53KVB2TcQilzD+tCIPK7je0YLjEj+VqKKTEIFdXM1YaO+nn7CuVNk3M
M8c7+LSfrL7t9iDCgBuBrgLCFlcCAwEAAaOCAhYwggISMB0GA1UdDgQWBBRYLTgK
YU1HMFjHdYm34qfoD1KEPTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBQBggrBgEFBQcBCwREMEIwQAYIKwYBBQUHMAuGNHJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTOTg3NS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjBrBggrBgEFBQcBBwEB/wRcMFowWAQCAAEw
UgMEA2dd4AMEAmdeYDAMAwQCZ5/kAwQCZ5/oMAwDBAFnp44DBAFnp5QwDAMEAWeo
agMEAWeocDAMAwQBZ6luAwQCZ6lwMAwDBAFnqXYDBAFnqXwwDQYJKoZIhvcNAQEL
BQADggEBAJSHpdStWj2y2YFSicXfhbCSTEbX3F6QgyoAcBBE+U7/j40NRdJGbdOI
HQQmpC9NDI/wmTjbUI+LA/0wY6uOEnJb1m3bXOwESLsdlK/4NZRydba+1Y7voZYr
fqkNNDi+ywMoWLzgfiAvRBhUVINTQzvoCNXS+tlm7KcNKDvaF0i10+RVPNI2I5xb
2pofbwR2PSOPsUQcUFiT8+29Iu/cA1yQzRpspxcjX3l0EycPknZ7x8dZnSVn6QHu
zFQy7V8KQFxUOnEmeqVEYiZ814irpnbDbL3F3DG50710IMkWX1hHoGVKaqtX7Kn3
IWZSMsmA2PK4p/vinYLwlW4ALFJA9Ho=
-----END CERTIFICATE-----
Generated at Tue May 12 22:43:23 2026 by rpki-client