Route Origin Authorization 

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141613.roa
File:                     AS141613.roa (raw, json)
Hash identifier:          X9ALX5eCg2HAkPkzzxGIaSWBqxJJA2nEvj21fB20dXo=
Subject key identifier:   B1:92:C0:7B:D7:36:D1:CE:55:10:BC:E9:C5:0D:36:97:32:41:DB:9B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       2479B030E610070DAC9A073EC97754DF6E37B03A
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141613.roa
Signing time:             Wed 16 Oct 2024 07:00:00 +0000
ROA not before:           Wed 16 Oct 2024 06:55:00 +0000
ROA not after:            Wed 15 Oct 2025 07:00:00 +0000
asID:                     141613
IP address blocks:        2001:df1:9d40::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 22:23:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:79:b0:30:e6:10:07:0d:ac:9a:07:3e:c9:77:54:df:6e:37:b0:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Oct 16 06:55:00 2024 GMT
            Not After : Oct 15 07:00:00 2025 GMT
        Subject: CN=B192C07BD736D1CE5510BCE9C50D36973241DB9B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:4b:a6:45:14:77:bf:50:dd:82:5b:4d:25:7c:
                    d9:00:b0:25:57:46:25:68:99:ea:10:1f:c7:60:45:
                    83:3a:65:f6:10:46:6d:54:fa:36:98:ef:a3:e7:c8:
                    f9:bb:49:dc:42:02:d7:92:6b:04:b9:db:db:3d:09:
                    6b:46:27:12:dd:9f:5c:2d:a5:3b:64:e3:6d:6c:10:
                    e9:9e:7e:30:6b:dc:58:86:ff:9d:af:7c:ff:00:a3:
                    6f:38:1f:38:c2:1e:a7:4c:43:b7:82:68:22:85:51:
                    82:86:b0:a8:ed:56:b3:0f:62:fc:d6:35:f3:99:90:
                    f7:de:6c:30:3c:16:91:90:f4:4c:05:7d:2f:12:ed:
                    c8:9c:51:39:01:36:2a:41:22:be:70:ef:85:17:73:
                    d5:d2:2f:94:2f:56:30:9a:11:ee:38:a7:c9:9c:17:
                    0b:9b:ef:ca:9e:d6:cd:a6:10:85:6b:d1:b3:fb:7a:
                    27:f9:fa:60:a8:b8:19:1e:a0:44:18:dc:22:ba:69:
                    72:41:db:0e:a0:93:9c:d6:b8:fe:d6:e2:0f:cd:aa:
                    ff:75:8e:10:4c:29:b3:19:a0:78:bc:d0:6e:a7:fb:
                    7c:c9:0e:cb:ed:af:cb:20:f9:ed:55:79:bb:a3:f3:
                    cb:fa:9f:19:00:30:55:4c:69:0c:84:42:56:9d:38:
                    c7:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:92:C0:7B:D7:36:D1:CE:55:10:BC:E9:C5:0D:36:97:32:41:DB:9B
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141613.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df1:9d40::/48

    Signature Algorithm: sha256WithRSAEncryption
         3f:63:45:7a:ea:81:0c:a3:2f:51:64:15:f0:69:d1:80:27:2d:
         b1:de:bd:ab:01:27:0f:29:4e:27:9b:47:31:f4:70:44:17:e4:
         4e:20:44:6b:ff:36:f2:3d:a6:d6:f5:96:c1:c2:69:d7:0d:81:
         8c:4e:33:34:77:e7:08:41:9c:e2:ee:31:8f:00:e3:51:22:97:
         a5:b5:a5:b6:74:c1:74:d3:03:0b:1e:a9:e4:da:85:58:2a:0a:
         11:07:3d:f1:c2:89:02:93:4d:fa:1f:4e:f6:f0:d9:14:95:1c:
         de:0a:63:fc:88:bb:e2:b4:60:b9:22:53:b5:5d:09:83:1c:ff:
         0d:8e:ec:02:11:f6:d2:ac:66:84:d7:c2:ad:79:80:a8:a6:dd:
         16:53:de:8a:3b:12:ca:d8:2f:8b:68:de:3b:44:e3:17:ef:44:
         8e:c3:17:d7:31:7f:41:a5:e2:20:bc:95:ab:60:44:a8:26:84:
         af:72:22:46:ca:a1:d7:ed:2b:ed:16:f6:8e:ac:84:76:6a:db:
         79:74:41:79:14:21:a6:86:76:83:8e:b3:a1:43:3b:13:04:06:
         e5:79:a4:c8:aa:9c:f5:98:9f:b3:5c:f7:e8:42:0e:c2:47:0a:
         c0:2d:54:c3:ec:b7:56:73:e2:c8:fc:a8:b1:9c:bb:f0:f6:9f:
         3f:94:84:56
-----BEGIN CERTIFICATE-----
MIIE4DCCA8igAwIBAgIUJHmwMOYQBw2smgc+yXdU3243sDowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTAxNjA2NTUwMFoX
DTI1MTAxNTA3MDAwMFowMzExMC8GA1UEAxMoQjE5MkMwN0JENzM2RDFDRTU1MTBC
Q0U5QzUwRDM2OTczMjQxREI5QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBLpkUUd79Q3YJbTSV82QCwJVdGJWiZ6hAfx2BFgzpl9hBGbVT6Npjvo+fI
+btJ3EIC15JrBLnb2z0Ja0YnEt2fXC2lO2TjbWwQ6Z5+MGvcWIb/na98/wCjbzgf
OMIep0xDt4JoIoVRgoawqO1Wsw9i/NY185mQ995sMDwWkZD0TAV9LxLtyJxROQE2
KkEivnDvhRdz1dIvlC9WMJoR7jinyZwXC5vvyp7WzaYQhWvRs/t6J/n6YKi4GR6g
RBjcIrppckHbDqCTnNa4/tbiD82q/3WOEEwpsxmgeLzQbqf7fMkOy+2vyyD57VV5
u6Pzy/qfGQAwVUxpDIRCVp04x5MCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSxksB7
1zbRzlUQvOnFDTaXMkHbmzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTYxMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACABDfGdQDANBgkqhkiG9w0BAQsFAAOCAQEAP2NFeuqBDKMvUWQV
8GnRgCctsd69qwEnDylOJ5tHMfRwRBfkTiBEa/828j2m1vWWwcJp1w2BjE4zNHfn
CEGc4u4xjwDjUSKXpbWltnTBdNMDCx6p5NqFWCoKEQc98cKJApNN+h9O9vDZFJUc
3gpj/Ii74rRguSJTtV0Jgxz/DY7sAhH20qxmhNfCrXmAqKbdFlPeijsSytgvi2je
O0TjF+9EjsMX1zF/QaXiILyVq2BEqCaEr3IiRsqh1+0r7Rb2jqyEdmrbeXRBeRQh
poZ2g46zoUM7EwQG5XmkyKqc9Zifs1z36EIOwkcKwC1Uw+y3VnPiyPyosZy78Paf
P5SEVg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:01:55 2024 by rpki-client on console-fra.rpki-client.org