Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140443.roa
File:                     AS140443.roa (raw, json)
Hash identifier:          xeyQ/cagg3HPLne9V340xfNtwn9nKMN+xR3v1CfFBr4=
Subject key identifier:   37:4E:60:E0:5C:C4:94:D3:21:0B:54:2D:4C:71:5E:2B:6C:1F:3E:14
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       1A8FA044D9AB72A2C52BA02CB7A0167E631D620D
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140443.roa
Signing time:             Tue 20 Feb 2024 03:10:53 +0000
ROA not before:           Tue 20 Feb 2024 03:05:53 +0000
ROA not after:            Tue 18 Feb 2025 03:10:53 +0000
asID:                     140443
IP address blocks:        103.160.62.0/23 maxlen: 24
                          103.173.74.0/23 maxlen: 24
                          103.178.152.0/24 maxlen: 24
                          103.178.153.0/24 maxlen: 24
                          2001:df1:ff40::/48 maxlen: 48
                          2001:df4:f80::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 20:39:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:8f:a0:44:d9:ab:72:a2:c5:2b:a0:2c:b7:a0:16:7e:63:1d:62:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Feb 20 03:05:53 2024 GMT
            Not After : Feb 18 03:10:53 2025 GMT
        Subject: CN=374E60E05CC494D3210B542D4C715E2B6C1F3E14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:5f:40:59:05:df:b2:ad:9a:6a:b2:22:26:d9:
                    05:89:5c:d4:18:72:20:2a:4a:10:11:a3:27:6a:c0:
                    87:83:53:18:a7:74:2e:4c:a0:2a:be:66:0f:f5:95:
                    07:50:c4:b0:7f:70:62:d4:87:fe:5b:10:be:0b:9f:
                    9c:6f:f7:9c:ff:0c:3d:c3:41:f3:11:76:0d:72:a4:
                    14:9d:e2:54:e8:9d:e1:47:fb:4a:ed:1b:6d:09:de:
                    41:a1:5e:67:b4:63:97:ae:71:3a:ea:56:dc:1b:8d:
                    16:20:e6:88:43:ea:d0:99:bb:2f:c1:67:12:9b:7e:
                    46:55:06:a7:01:af:14:8a:d7:9f:9f:b3:61:b0:31:
                    d0:0a:69:c2:78:1d:54:27:7f:a9:a8:e1:0f:93:a1:
                    38:b1:c9:6b:f0:74:d1:6f:ed:34:b2:1a:5b:43:fb:
                    1b:b9:09:37:aa:cf:3f:58:d6:78:a9:7f:f1:ea:e2:
                    db:c9:99:ad:1d:5c:fc:67:5a:6a:7c:e1:1d:be:ce:
                    68:ef:84:64:61:ac:a8:5e:ee:56:61:f9:b6:d9:50:
                    be:ce:54:20:f9:71:01:20:4e:92:dd:9b:10:8b:5b:
                    93:98:62:93:ba:f4:38:17:90:ee:fe:2d:f9:5b:66:
                    5c:ec:18:5e:1a:59:1d:29:87:f6:9b:f7:0f:f1:4f:
                    dc:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:4E:60:E0:5C:C4:94:D3:21:0B:54:2D:4C:71:5E:2B:6C:1F:3E:14
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140443.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.160.62.0/23
                  103.173.74.0/23
                  103.178.152.0/23
                IPv6:
                  2001:df1:ff40::/48
                  2001:df4:f80::/48

    Signature Algorithm: sha256WithRSAEncryption
         25:18:69:ea:4a:72:e1:c7:f6:f5:98:5e:ac:8b:8f:51:97:db:
         b9:18:be:5a:a9:46:28:98:32:8e:30:39:7c:15:8f:aa:8e:4f:
         c3:93:f4:b1:be:f3:29:f8:2f:cf:74:ea:15:95:47:6f:9a:51:
         0c:ba:a0:b2:b0:a8:99:5e:09:6d:6d:1f:cd:2e:74:01:d2:97:
         cd:6f:5d:76:28:4b:e2:a9:b3:80:89:e0:06:6e:3e:d6:c9:fc:
         c6:53:e0:d2:ea:09:08:46:b5:58:65:e1:6b:8c:8d:74:e2:3d:
         d3:24:ab:6c:04:25:67:ef:dd:cf:a1:d7:82:b3:04:d8:6e:e6:
         a4:22:c2:78:6c:13:1c:85:e4:be:b9:cd:84:4f:59:da:e8:0f:
         f9:73:71:b0:4a:f1:6c:ca:b8:83:1e:c2:5c:50:d1:1c:12:8e:
         f7:92:e3:e8:9c:6f:08:e2:ab:fd:ae:79:22:fe:9f:82:3e:2f:
         60:dd:6a:aa:08:61:98:d8:02:cb:72:b0:71:61:99:7f:df:99:
         f2:10:3e:b5:ee:45:4c:30:a6:c9:01:31:5b:f4:c8:65:18:de:
         a1:47:69:eb:04:d3:10:a5:00:a7:52:54:3b:e7:fc:d5:e6:ac:
         7a:53:aa:63:f8:45:ac:df:10:52:47:1e:5c:76:44:7e:85:46:
         8e:4e:f6:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUGo+gRNmrcqLFK6Ast6AWfmMdYg0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDIyMDAzMDU1M1oX
DTI1MDIxODAzMTA1M1owMzExMC8GA1UEAxMoMzc0RTYwRTA1Q0M0OTREMzIxMEI1
NDJENEM3MTVFMkI2QzFGM0UxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5fQFkF37KtmmqyIibZBYlc1BhyICpKEBGjJ2rAh4NTGKd0LkygKr5mD/WV
B1DEsH9wYtSH/lsQvgufnG/3nP8MPcNB8xF2DXKkFJ3iVOid4Uf7Su0bbQneQaFe
Z7Rjl65xOupW3BuNFiDmiEPq0Jm7L8FnEpt+RlUGpwGvFIrXn5+zYbAx0Appwngd
VCd/qajhD5OhOLHJa/B00W/tNLIaW0P7G7kJN6rPP1jWeKl/8eri28mZrR1c/Gda
anzhHb7OaO+EZGGsqF7uVmH5ttlQvs5UIPlxASBOkt2bEItbk5hik7r0OBeQ7v4t
+VtmXOwYXhpZHSmH9pv3D/FP3BkCAwEAAaOCAfYwggHyMB0GA1UdDgQWBBQ3TmDg
XMSU0yELVC1McV4rbB8+FDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MDQ0My5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBFBggrBgEFBQcBBwEB/wQ2MDQw
GAQCAAEwEgMEAWegPgMEAWetSgMEAWeymDAYBAIAAjASAwcAIAEN8f9AAwcAIAEN
9A+AMA0GCSqGSIb3DQEBCwUAA4IBAQAlGGnqSnLhx/b1mF6si49Rl9u5GL5aqUYo
mDKOMDl8FY+qjk/Dk/SxvvMp+C/PdOoVlUdvmlEMuqCysKiZXgltbR/NLnQB0pfN
b112KEviqbOAieAGbj7WyfzGU+DS6gkIRrVYZeFrjI104j3TJKtsBCVn793PodeC
swTYbuakIsJ4bBMcheS+uc2ET1na6A/5c3GwSvFsyriDHsJcUNEcEo73kuPonG8I
4qv9rnki/p+CPi9g3WqqCGGY2ALLcrBxYZl/35nyED617kVMMKbJATFb9MhlGN6h
R2nrBNMQpQCnUlQ75/zV5qx6U6pj+EWs3xBSRx5cdkR+hUaOTvYR
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:14:24 2024 by rpki-client on console-fra.rpki-client.org