Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS142166.roa
File:                     AS142166.roa (raw, json)
Hash identifier:          5IhZfF3puhQE9CrXGsaIYAdPuMDXwQ6yhI2BTFefGcw=
Subject key identifier:   2F:94:44:92:43:4D:87:6A:14:DE:F4:BB:49:61:53:2B:95:D2:D6:50
Certificate issuer:       /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
Certificate serial:       2E83998DF8AEFFD669EB4762DF515C921157E9BC
Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS142166.roa
Signing time:             Sat 02 May 2026 09:23:26 +0000
ROA not before:           Sat 02 May 2026 09:18:26 +0000
ROA not after:            Sat 01 May 2027 09:23:26 +0000
asID:                     142166
IP address blocks:        144.79.90.0/24 maxlen: 24
                          144.79.91.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 03 May 2026 20:26:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:83:99:8d:f8:ae:ff:d6:69:eb:47:62:df:51:5c:92:11:57:e9:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
        Validity
            Not Before: May  2 09:18:26 2026 GMT
            Not After : May  1 09:23:26 2027 GMT
        Subject: CN=2F944492434D876A14DEF4BB4961532B95D2D650
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:9c:a6:f6:bc:d4:6e:11:9e:02:c6:55:72:f2:
                    a8:ac:20:4f:39:d8:f3:d6:d9:8e:93:dc:54:04:a3:
                    a0:aa:41:24:1a:04:ed:4d:d4:fd:9e:8c:46:ff:5b:
                    0a:b2:6f:08:07:34:69:07:4e:8c:6f:b6:81:d5:ea:
                    63:0c:d6:da:e3:59:61:18:ff:1c:09:2e:72:34:cc:
                    5a:39:6a:89:5c:82:29:b8:d5:4f:aa:01:ed:a1:b5:
                    93:52:63:df:21:c3:ac:75:95:cd:29:6a:35:35:cd:
                    41:95:b9:d3:2d:dc:48:b9:2e:a9:e1:06:13:2a:ff:
                    ee:b3:33:52:f9:b8:20:74:9f:3f:ce:6e:5a:8f:ec:
                    c0:8f:d9:f7:57:90:96:6e:63:3e:76:08:44:f2:c8:
                    de:6f:a1:dd:0a:b6:7f:14:19:a1:8e:0e:07:c2:71:
                    1c:46:ec:48:5a:a6:5d:06:5f:dc:0d:b7:d4:66:ef:
                    02:6f:cd:10:4f:22:69:e9:be:95:9b:ae:84:8d:e0:
                    51:d9:d6:87:6a:bc:1e:b3:c1:d6:6a:8f:91:78:7b:
                    5c:25:98:87:c6:a8:d7:27:4f:10:7a:cb:8e:d2:4a:
                    62:58:a1:69:c6:a8:04:bd:23:18:84:47:26:02:8e:
                    42:1a:0a:9e:20:31:a9:b5:32:5f:44:bd:b0:5e:2a:
                    6e:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:94:44:92:43:4D:87:6A:14:DE:F4:BB:49:61:53:2B:95:D2:D6:50
            X509v3 Authority Key Identifier:
                keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS142166.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.79.90.0/23

    Signature Algorithm: sha256WithRSAEncryption
         31:50:56:db:09:8a:5e:03:da:8b:88:f8:07:cc:25:4f:7d:5c:
         dc:21:47:48:84:93:bc:62:61:cf:aa:1c:68:9d:dd:f4:9b:96:
         ff:ed:4d:cd:2f:72:ea:e4:30:d8:6f:38:a0:77:45:7a:69:2b:
         48:52:d5:60:d0:bc:68:78:4a:db:c1:3e:08:b5:87:c2:5b:37:
         00:5d:81:a1:7e:bf:9f:02:95:4a:be:e3:e4:96:19:36:5b:cf:
         3e:07:30:46:63:b7:84:3a:a6:fb:22:3c:d3:78:86:bc:7b:5e:
         1d:c4:95:dc:30:06:de:ef:e5:e9:92:01:f8:bd:4a:16:e5:9a:
         0e:a8:c0:67:c7:54:2c:8c:0a:56:de:ad:e3:65:1d:5e:64:f7:
         20:df:a0:0f:5f:53:57:5a:ec:8e:23:0b:20:5a:82:16:f2:c3:
         64:0b:0c:45:f6:69:03:ce:30:75:65:f1:12:35:f7:f4:f3:69:
         8e:9f:32:3f:3b:a4:4e:ea:8b:d7:82:bd:65:2d:10:70:36:6e:
         5f:24:70:fe:e3:7a:c8:f1:91:8e:40:de:56:6a:1e:e5:4f:08:
         3e:5b:eb:f5:3a:94:53:ee:5a:5b:6f:ac:75:68:47:dd:fd:ee:
         07:ff:a8:dc:02:6f:4f:e8:80:db:83:ec:62:b2:14:27:d5:f0:
         f9:99:3e:90
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIULoOZjfiu/9Zp60di31FckhFX6bwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0
NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTgyNloX
DTI3MDUwMTA5MjMyNlowMzExMC8GA1UEAxMoMkY5NDQ0OTI0MzREODc2QTE0REVG
NEJCNDk2MTUzMkI5NUQyRDY1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKucpva81G4RngLGVXLyqKwgTznY89bZjpPcVASjoKpBJBoE7U3U/Z6MRv9b
CrJvCAc0aQdOjG+2gdXqYwzW2uNZYRj/HAkucjTMWjlqiVyCKbjVT6oB7aG1k1Jj
3yHDrHWVzSlqNTXNQZW50y3cSLkuqeEGEyr/7rMzUvm4IHSfP85uWo/swI/Z91eQ
lm5jPnYIRPLI3m+h3Qq2fxQZoY4OB8JxHEbsSFqmXQZf3A231GbvAm/NEE8iaem+
lZuuhI3gUdnWh2q8HrPB1mqPkXh7XCWYh8ao1ydPEHrLjtJKYlihacaoBL0jGIRH
JgKOQhoKniAxqbUyX0S9sF4qbtkCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQvlESS
Q02HahTe9LtJYVMrldLWUDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT
YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB
NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG
MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz
Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTQyMTY2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQBkE9aMA0GCSqGSIb3DQEBCwUAA4IBAQAxUFbbCYpeA9qLiPgHzCVPfVzc
IUdIhJO8YmHPqhxond30m5b/7U3NL3Lq5DDYbzigd0V6aStIUtVg0LxoeErbwT4I
tYfCWzcAXYGhfr+fApVKvuPklhk2W88+BzBGY7eEOqb7IjzTeIa8e14dxJXcMAbe
7+XpkgH4vUoW5ZoOqMBnx1QsjApW3q3jZR1eZPcg36APX1NXWuyOIwsgWoIW8sNk
CwxF9mkDzjB1ZfESNff082mOnzI/O6RO6ovXgr1lLRBwNm5fJHD+43rI8ZGOQN5W
ah7lTwg+W+v1OpRT7lpbb6x1aEfd/e4H/6jcAm9P6IDbg+xishQn1fD5mT6Q
-----END CERTIFICATE-----