Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141059.roa
File:                     AS141059.roa (raw, json)
Hash identifier:          hlarsn2A/ruBwbXT/7KsHCbFo4J3g0z0acUzNyBzIuQ=
Subject key identifier:   3C:01:6C:68:24:4A:6B:1D:DA:C3:EA:59:A0:E5:BB:40:C6:CF:00:14
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       224559711D41757422C720416C82D6FB385B7305
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141059.roa
Signing time:             Tue 09 Jan 2024 04:00:10 +0000
ROA not before:           Tue 09 Jan 2024 03:55:10 +0000
ROA not after:            Tue 07 Jan 2025 04:00:10 +0000
asID:                     141059
IP address blocks:        103.155.125.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 22:23:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:45:59:71:1d:41:75:74:22:c7:20:41:6c:82:d6:fb:38:5b:73:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jan  9 03:55:10 2024 GMT
            Not After : Jan  7 04:00:10 2025 GMT
        Subject: CN=3C016C68244A6B1DDAC3EA59A0E5BB40C6CF0014
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:9c:51:05:6b:80:1a:1c:0a:9d:b8:54:d7:c7:
                    1e:74:20:14:2f:f5:bd:fd:5f:ca:83:8b:6b:d7:67:
                    e5:c1:7c:a4:3c:be:b5:6c:7e:2b:e3:1f:20:63:3f:
                    82:59:23:1d:d5:03:4b:6c:3f:9b:4a:bc:b3:d7:33:
                    cc:e2:16:f7:d2:fe:6e:c5:56:2a:a6:cd:ed:de:c5:
                    fe:53:55:86:1b:f2:07:09:75:bc:f8:7b:27:64:d2:
                    7f:af:b2:34:74:49:36:d2:a6:86:62:12:0d:c2:2d:
                    8a:00:55:9c:91:28:76:94:24:2d:e7:ae:66:d2:94:
                    97:31:67:5c:3d:e6:b9:43:0a:49:93:70:d0:f1:65:
                    75:d5:43:b4:79:3d:0f:0a:69:20:5c:0a:75:62:22:
                    5b:60:bf:8a:31:0d:c3:08:c4:dd:27:ed:ba:b0:7d:
                    5d:13:b3:9c:36:d7:21:3b:2e:0f:52:b7:58:cd:a0:
                    ba:ce:f6:8d:c8:ba:b5:a8:24:85:b5:ca:9e:c9:ae:
                    47:84:25:fe:75:0d:88:ad:43:8c:45:73:39:67:a4:
                    f0:90:e5:61:7f:38:a1:8b:68:2a:a5:b9:71:47:3b:
                    ad:6e:e2:9d:3b:3b:1c:b5:e1:1f:64:ec:ed:fc:77:
                    4f:77:f7:0c:59:ec:51:c4:4d:3c:1b:d4:51:39:98:
                    72:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:01:6C:68:24:4A:6B:1D:DA:C3:EA:59:A0:E5:BB:40:C6:CF:00:14
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141059.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.155.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:74:ca:03:b8:f1:0e:8a:f5:bc:1e:35:3a:20:3f:9e:bf:08:
         be:bb:d6:82:cb:fa:33:a2:d2:67:6e:68:bd:5e:ee:c4:08:4e:
         0f:e7:92:08:a6:61:f6:a8:cf:25:1c:0b:00:4c:bc:95:46:80:
         9e:ec:c5:76:fb:d3:4e:e4:08:49:b9:7e:ba:24:67:46:80:3d:
         c2:4e:ea:5c:aa:db:fd:8a:8e:27:49:c9:b6:a8:df:46:74:1e:
         ce:41:4c:c6:6d:a8:89:6e:02:f1:1e:77:e4:a1:e3:dd:8e:78:
         c5:97:d9:66:8f:7e:23:bd:90:f8:a9:2c:a0:87:08:52:45:73:
         4a:7e:4e:df:04:58:07:0f:a0:2d:4a:2b:89:cc:2e:1d:f2:e2:
         18:2f:14:f8:11:17:5b:03:fc:ca:f4:af:27:de:41:81:ba:1d:
         e3:dd:f6:fd:e3:d8:b2:a5:40:49:6a:20:40:87:50:77:f7:14:
         9e:06:29:62:27:ae:2a:03:9d:68:7f:3e:51:0f:7a:c3:29:1d:
         a0:29:52:41:ca:72:1a:7e:61:53:f1:1b:1f:79:a8:be:4a:91:
         24:36:49:1d:f1:73:5b:5d:72:42:55:71:43:16:44:30:e0:06:
         f4:64:e2:ef:30:20:c4:43:ed:78:01:61:81:26:c7:fd:dd:0d:
         7e:60:2e:98
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUIkVZcR1BdXQixyBBbILW+zhbcwUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUxMFoX
DTI1MDEwNzA0MDAxMFowMzExMC8GA1UEAxMoM0MwMTZDNjgyNDRBNkIxRERBQzNF
QTU5QTBFNUJCNDBDNkNGMDAxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWcUQVrgBocCp24VNfHHnQgFC/1vf1fyoOLa9dn5cF8pDy+tWx+K+MfIGM/
glkjHdUDS2w/m0q8s9czzOIW99L+bsVWKqbN7d7F/lNVhhvyBwl1vPh7J2TSf6+y
NHRJNtKmhmISDcItigBVnJEodpQkLeeuZtKUlzFnXD3muUMKSZNw0PFlddVDtHk9
DwppIFwKdWIiW2C/ijENwwjE3SfturB9XROznDbXITsuD1K3WM2gus72jci6tagk
hbXKnsmuR4Ql/nUNiK1DjEVzOWek8JDlYX84oYtoKqW5cUc7rW7inTs7HLXhH2Ts
7fx3T3f3DFnsUcRNPBvUUTmYcqUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQ8AWxo
JEprHdrD6lmg5btAxs8AFDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTA1OS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAGebfTANBgkqhkiG9w0BAQsFAAOCAQEANnTKA7jxDor1vB41OiA/
nr8IvrvWgsv6M6LSZ25ovV7uxAhOD+eSCKZh9qjPJRwLAEy8lUaAnuzFdvvTTuQI
Sbl+uiRnRoA9wk7qXKrb/YqOJ0nJtqjfRnQezkFMxm2oiW4C8R535KHj3Y54xZfZ
Zo9+I72Q+KksoIcIUkVzSn5O3wRYBw+gLUoricwuHfLiGC8U+BEXWwP8yvSvJ95B
gbod4932/ePYsqVASWogQIdQd/cUngYpYieuKgOdaH8+UQ96wykdoClSQcpyGn5h
U/EbH3movkqRJDZJHfFzW11yQlVxQxZEMOAG9GTi7zAgxEPteAFhgSbH/d0NfmAu
mA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:01:54 2024 by rpki-client on console-fra.rpki-client.org