Route Origin Authorization
$ rpki-client -vvf rpki-rsync.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/AS38496.roa
File: AS38496.roa (raw, json)
Hash identifier: yYz1sIG6N2Kn9PvkhdiFovkBZr7zFMKsgWeqKN8ae+8=
Subject key identifier: D1:2E:F5:02:66:A5:E8:96:F4:EC:A5:76:03:80:54:A5:FA:D8:C1:91
Certificate issuer: /CN=1FD138814ED6ED10A74AEDE620ECC6CB414D8D49
Certificate serial: 4DDC1DBB39916FD8E0AD46E9E51D25A7DF49D28A
Authority key identifier: 1F:D1:38:81:4E:D6:ED:10:A7:4A:ED:E6:20:EC:C6:CB:41:4D:8D:49
Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/1FD138814ED6ED10A74AEDE620ECC6CB414D8D49.cer
Subject info access: rsync://rpki-rsync.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/AS38496.roa
Signing time: Sun 03 May 2026 03:14:41 +0000
ROA not before: Sun 03 May 2026 03:09:41 +0000
ROA not after: Sun 02 May 2027 03:14:41 +0000
asID: 38496
IP address blocks: 103.31.156.0/22 maxlen: 24
112.78.96.0/21 maxlen: 24
114.31.240.0/24 maxlen: 24
114.31.241.0/24 maxlen: 24
114.31.242.0/24 maxlen: 24
114.31.243.0/24 maxlen: 24
114.31.244.0/24 maxlen: 24
114.31.245.0/24 maxlen: 24
114.31.246.0/24 maxlen: 24
114.31.247.0/24 maxlen: 24
114.110.40.0/21 maxlen: 24
114.134.72.0/21 maxlen: 24
115.178.120.0/24 maxlen: 24
115.178.121.0/24 maxlen: 24
115.178.122.0/24 maxlen: 24
116.66.200.0/21 maxlen: 21
116.66.200.0/23 maxlen: 23
116.66.200.0/24 maxlen: 24
116.66.201.0/24 maxlen: 24
116.66.202.0/23 maxlen: 24
116.66.202.0/24 maxlen: 24
116.66.203.0/24 maxlen: 24
116.66.204.0/24 maxlen: 24
116.66.206.0/23 maxlen: 23
116.66.206.0/24 maxlen: 24
116.66.207.0/24 maxlen: 24
116.254.120.0/21 maxlen: 24
117.103.8.0/24 maxlen: 24
117.103.9.0/24 maxlen: 24
117.103.10.0/24 maxlen: 24
117.103.11.0/24 maxlen: 24
117.103.12.0/24 maxlen: 24
117.103.13.0/24 maxlen: 24
117.103.14.0/24 maxlen: 24
117.103.15.0/24 maxlen: 24
182.23.160.0/24 maxlen: 24
182.23.161.0/24 maxlen: 24
182.23.163.0/24 maxlen: 24
182.23.164.0/24 maxlen: 24
182.23.165.0/24 maxlen: 24
182.23.166.0/24 maxlen: 24
182.23.167.0/24 maxlen: 24
182.23.168.0/24 maxlen: 24
182.23.169.0/24 maxlen: 24
182.23.172.0/24 maxlen: 24
182.23.173.0/24 maxlen: 24
182.23.174.0/24 maxlen: 24
202.87.176.0/24 maxlen: 24
202.87.184.0/24 maxlen: 24
202.87.188.0/24 maxlen: 24
203.191.40.0/24 maxlen: 24
203.191.41.0/24 maxlen: 24
203.191.42.0/24 maxlen: 24
203.191.43.0/24 maxlen: 24
223.27.144.0/24 maxlen: 24
223.27.145.0/24 maxlen: 24
223.27.146.0/24 maxlen: 24
223.27.148.0/24 maxlen: 24
223.27.149.0/24 maxlen: 24
223.27.150.0/23 maxlen: 24
223.27.150.0/24 maxlen: 24
223.27.151.0/24 maxlen: 24
223.27.152.0/24 maxlen: 24
223.27.153.0/24 maxlen: 24
223.27.154.0/23 maxlen: 24
223.27.154.0/24 maxlen: 24
223.27.156.0/24 maxlen: 24
223.27.157.0/24 maxlen: 24
223.27.158.0/24 maxlen: 24
223.27.159.0/24 maxlen: 24
2401:2400::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/1FD138814ED6ED10A74AEDE620ECC6CB414D8D49.crl
rsync://rpki-rsync.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/1FD138814ED6ED10A74AEDE620ECC6CB414D8D49.mft
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/1FD138814ED6ED10A74AEDE620ECC6CB414D8D49.cer
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 09:32:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:dc:1d:bb:39:91:6f:d8:e0:ad:46:e9:e5:1d:25:a7:df:49:d2:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1FD138814ED6ED10A74AEDE620ECC6CB414D8D49
Validity
Not Before: May 3 03:09:41 2026 GMT
Not After : May 2 03:14:41 2027 GMT
Subject: CN=D12EF50266A5E896F4ECA576038054A5FAD8C191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:02:ce:53:9a:50:10:ac:0b:62:52:10:de:52:
bb:28:a5:61:24:4a:a0:88:86:22:81:2f:bd:d4:69:
96:44:8b:13:a6:c9:d3:0b:9e:0d:e4:e8:b6:c5:ac:
dd:38:da:c6:88:ef:26:48:8a:1c:b5:8d:1d:ff:32:
46:9d:31:ab:fe:60:f7:c2:d3:7c:50:dd:d1:d9:aa:
40:fa:49:3a:ca:f0:36:3f:9e:f9:58:d5:c0:ea:70:
80:79:3e:28:3b:6c:68:91:eb:bb:26:7b:6e:bb:35:
22:ae:5a:56:f8:04:8a:80:40:e8:b2:00:ae:c0:fd:
32:64:13:4e:b9:f0:93:8c:65:69:54:df:55:f1:bf:
14:d1:dc:06:89:76:13:16:f9:a3:32:1d:1d:69:e0:
2b:55:d3:84:ed:52:d4:40:21:bb:96:b7:2a:b4:88:
4b:75:47:87:db:1b:26:fa:f9:d5:fc:aa:66:f2:2e:
7e:72:64:fe:d4:fc:1f:2d:00:09:28:fe:fd:49:c4:
53:09:e6:0d:9c:88:86:5a:7a:0d:a9:4b:d8:03:0f:
30:96:33:ec:04:0d:1a:a4:b8:82:65:ec:d6:59:a1:
03:cb:05:1d:28:37:27:1d:7f:49:6a:2f:3c:03:9c:
fa:cf:5e:02:38:80:0f:77:1b:e1:6a:10:1c:f5:e8:
f9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:2E:F5:02:66:A5:E8:96:F4:EC:A5:76:03:80:54:A5:FA:D8:C1:91
X509v3 Authority Key Identifier:
keyid:1F:D1:38:81:4E:D6:ED:10:A7:4A:ED:E6:20:EC:C6:CB:41:4D:8D:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/1FD138814ED6ED10A74AEDE620ECC6CB414D8D49.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/1FD138814ED6ED10A74AEDE620ECC6CB414D8D49.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/AS38496.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.31.156.0/22
112.78.96.0/21
114.31.240.0/21
114.110.40.0/21
114.134.72.0/21
115.178.120.0-115.178.122.255
116.66.200.0/21
116.254.120.0/21
117.103.8.0/21
182.23.160.0/23
182.23.163.0-182.23.169.255
182.23.172.0-182.23.174.255
202.87.176.0/24
202.87.184.0/24
202.87.188.0/24
203.191.40.0/22
223.27.144.0-223.27.146.255
223.27.148.0-223.27.159.255
IPv6:
2401:2400::/32
Signature Algorithm: sha256WithRSAEncryption
37:14:1d:7b:c3:c3:39:e0:f0:c6:61:07:70:70:32:71:0e:84:
09:bb:89:29:03:25:71:e4:f9:8a:aa:eb:88:2b:92:c1:ad:29:
51:77:85:90:a7:f1:75:66:f0:25:e5:5c:b5:36:4e:0d:50:5c:
47:09:08:02:13:3f:dc:09:c3:b9:a0:87:0b:22:63:de:dc:91:
2c:8f:30:d9:da:91:58:c1:e5:36:92:8c:d4:95:dc:43:d4:5d:
b1:05:4d:0d:e7:5d:8e:4c:67:a5:a2:e1:6c:ee:cc:93:4c:20:
3c:48:05:10:47:62:04:a3:36:9a:2c:c9:41:aa:69:93:6a:ec:
fc:b3:11:75:f3:c9:0c:83:f1:a1:a7:bc:9a:39:94:38:44:16:
33:9b:f7:de:8a:3a:09:a5:7d:91:da:da:6b:6c:13:49:2d:66:
99:7c:3e:07:94:2c:b4:25:b4:5e:e6:f3:5a:8e:40:ec:84:7e:
6d:de:f1:d1:65:1c:c4:60:c9:c1:e9:14:4d:3d:b3:47:b0:bd:
0d:12:cb:ae:06:d7:c6:90:73:d4:36:06:e2:a9:4b:cd:5f:9b:
d9:a4:dc:d8:85:e0:9a:b5:18:42:10:e8:30:b2:67:e3:c7:c5:
1c:5b:b6:27:3d:48:e8:55:d6:b7:b9:85:e9:44:e4:98:54:8f:
88:50:2e:77
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIUTdwduzmRb9jgrUbp5R0lp99J0oowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUZEMTM4ODE0RUQ2RUQxMEE3NEFFREU2MjBFQ0M2Q0I0
MTREOEQ0OTAeFw0yNjA1MDMwMzA5NDFaFw0yNzA1MDIwMzE0NDFaMDMxMTAvBgNV
BAMTKEQxMkVGNTAyNjZBNUU4OTZGNEVDQTU3NjAzODA1NEE1RkFEOEMxOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClAs5TmlAQrAtiUhDeUrsopWEk
SqCIhiKBL73UaZZEixOmydMLng3k6LbFrN042saI7yZIihy1jR3/MkadMav+YPfC
03xQ3dHZqkD6STrK8DY/nvlY1cDqcIB5Pig7bGiR67sme267NSKuWlb4BIqAQOiy
AK7A/TJkE0658JOMZWlU31XxvxTR3AaJdhMW+aMyHR1p4CtV04TtUtRAIbuWtyq0
iEt1R4fbGyb6+dX8qmbyLn5yZP7U/B8tAAko/v1JxFMJ5g2ciIZaeg2pS9gDDzCW
M+wEDRqkuIJl7NZZoQPLBR0oNycdf0lqLzwDnPrPXgI4gA93G+FqEBz16Pk5AgMB
AAGjggKgMIICnDAdBgNVHQ4EFgQU0S71Amal6Jb07KV2A4BUpfrYwZEwHwYDVR0j
BBgwFoAUH9E4gU7W7RCnSu3mIOzGy0FNjUkwDgYDVR0PAQH/BAQDAgeAMIGGBgNV
HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v
ZTg3MzQ5ZmItNDY1ZS00ZThiLWE5NzQtOTBlOTM5YmNiMGZiLzAvMUZEMTM4ODE0
RUQ2RUQxMEE3NEFFREU2MjBFQ0M2Q0I0MTREOEQ0OS5jcmwwcgYIKwYBBQUHAQEE
ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl
cG8vSUROSUMvMS8xRkQxMzg4MTRFRDZFRDEwQTc0QUVERTYyMEVDQzZDQjQxNEQ4
RDQ5LmNlcjBwBggrBgEFBQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBr
aS1yc3luYy5pZG5pYy5uZXQvcmVwby9lODczNDlmYi00NjVlLTRlOGItYTk3NC05
MGU5MzliY2IwZmIvMC9BUzM4NDk2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBmwQCAAEwgZQDBAJnH5wDBANwTmAD
BANyH/ADBANybigDBANyhkgwDAMEA3OyeAMEAHOyegMEA3RCyAMEA3T+eAMEA3Vn
CAMEAbYXoDAMAwQAthejAwQBtheoMAwDBAK2F6wDBAC2F64DBADKV7ADBADKV7gD
BADKV7wDBALLvygwDAMEBN8bkAMEAN8bkjAMAwQC3xuUAwQF3xuAMA0EAgACMAcD
BQAkASQAMA0GCSqGSIb3DQEBCwUAA4IBAQA3FB17w8M54PDGYQdwcDJxDoQJu4kp
AyVx5PmKquuIK5LBrSlRd4WQp/F1ZvAl5Vy1Nk4NUFxHCQgCEz/cCcO5oIcLImPe
3JEsjzDZ2pFYweU2kozUldxD1F2xBU0N512OTGelouFs7syTTCA8SAUQR2IEozaa
LMlBqmmTauz8sxF188kMg/Ghp7yaOZQ4RBYzm/feijoJpX2R2tprbBNJLWaZfD4H
lCy0JbRe5vNajkDshH5t3vHRZRzEYMnB6RRNPbNHsL0NEsuuBtfGkHPUNgbiqUvN
X5vZpNzYheCatRhCEOgwsmfjx8UcW7YnPUjoVda3uYXpROSYVI+IUC53
-----END CERTIFICATE-----
Generated at Tue May 12 23:00:50 2026 by rpki-client