Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS154444.roa
File:                     AS154444.roa (raw, json)
Hash identifier:          SRfYGzCxr5vE8Jjyzb95uhQ0ZZSSbKerr+oFzskjD8E=
Subject key identifier:   23:1A:57:6D:A6:4B:68:63:E9:A9:51:61:CD:34:51:8A:83:4D:8E:22
Certificate issuer:       /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
Certificate serial:       737C21331171C08D89AD255281C6728255DCE0D2
Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS154444.roa
Signing time:             Sat 02 May 2026 09:22:49 +0000
ROA not before:           Sat 02 May 2026 09:17:49 +0000
ROA not after:            Sat 01 May 2027 09:22:49 +0000
asID:                     154444
IP address blocks:        144.79.94.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 03 May 2026 20:26:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:7c:21:33:11:71:c0:8d:89:ad:25:52:81:c6:72:82:55:dc:e0:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
        Validity
            Not Before: May  2 09:17:49 2026 GMT
            Not After : May  1 09:22:49 2027 GMT
        Subject: CN=231A576DA64B6863E9A95161CD34518A834D8E22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:29:16:38:38:05:1e:1b:31:57:79:2f:dc:85:
                    23:b3:92:4b:96:0b:2a:fd:44:62:9d:27:21:29:c6:
                    34:7f:40:a4:80:02:6a:d0:bf:13:1b:07:c8:e1:ae:
                    92:62:5e:fe:2d:98:8f:80:21:91:f4:d1:f1:44:80:
                    3f:cf:ff:43:70:e5:c2:95:93:d1:0c:b5:09:94:51:
                    07:a7:ab:0b:35:33:4c:3f:0c:1f:6e:56:4a:66:c0:
                    6e:8d:c3:bc:ae:61:1f:71:6b:54:39:23:b7:20:cd:
                    67:da:f9:01:9a:6e:dd:7a:9c:a0:98:8c:57:1d:e1:
                    bb:bf:d8:4f:2e:b0:37:bf:12:9d:33:86:9c:99:2c:
                    e6:0f:b4:5a:ab:45:48:9b:86:91:80:e2:e0:b8:d8:
                    4a:9f:fc:6b:01:d0:c3:69:6b:a6:77:40:7b:93:28:
                    76:38:44:3c:77:af:a7:50:fa:ae:72:a6:d9:e4:6a:
                    b7:63:4f:6f:f9:ba:c1:df:33:d0:94:27:dc:d0:b0:
                    de:6a:1a:78:ef:c3:e7:bd:eb:66:c4:3d:5d:ef:70:
                    9c:79:03:7f:db:7a:fe:f9:4c:9c:27:18:34:5f:48:
                    2b:5e:4a:36:40:39:77:67:11:d8:d7:a6:06:df:2f:
                    d4:b9:4e:47:99:7d:46:ec:b7:db:0c:2b:97:79:ba:
                    db:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:1A:57:6D:A6:4B:68:63:E9:A9:51:61:CD:34:51:8A:83:4D:8E:22
            X509v3 Authority Key Identifier:
                keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS154444.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.79.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         39:7b:c5:3e:0b:c3:d6:40:39:17:a0:22:66:33:f3:3c:91:df:
         87:bc:91:e0:d1:ee:4b:55:2f:23:83:f7:dd:8e:5d:d9:69:35:
         e2:c0:88:48:71:31:dc:9a:be:af:38:bc:0f:c9:ce:aa:e6:f8:
         1d:ea:96:52:91:ef:e8:68:b0:b8:ff:87:78:1d:14:2b:b8:83:
         16:ae:75:fa:10:4f:87:35:3a:56:ba:65:95:54:cb:1b:db:7f:
         0d:ad:55:4a:0b:9c:7e:b8:14:c2:5c:cd:49:bc:a0:ce:c2:12:
         3c:a1:bb:4e:ad:32:3b:ed:ad:a0:08:1a:1a:59:ec:6f:21:11:
         38:50:42:1e:a4:ae:7a:53:fa:e8:32:41:1e:96:29:e7:df:cf:
         12:f1:d9:83:f3:5d:b9:bd:7f:b1:d7:c1:a6:23:7b:43:86:8f:
         0b:91:54:20:07:7e:cb:72:8d:36:36:0f:49:34:38:a6:5d:d9:
         4d:2c:99:37:f5:75:f0:ca:d2:05:31:ec:a8:e4:31:b7:f6:b6:
         fe:2b:2f:4e:ee:1c:87:d6:8a:ae:2e:ee:59:61:5a:e5:0d:bf:
         53:4b:e4:38:57:83:a4:ce:ea:05:18:49:79:cd:ff:e9:16:2a:
         27:4e:47:92:b4:a9:1e:73:64:b4:e8:8d:cf:71:ed:9f:ff:2f:
         01:f6:31:2b
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUc3whMxFxwI2JrSVSgcZyglXc4NIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0
NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTc0OVoX
DTI3MDUwMTA5MjI0OVowMzExMC8GA1UEAxMoMjMxQTU3NkRBNjRCNjg2M0U5QTk1
MTYxQ0QzNDUxOEE4MzREOEUyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPcpFjg4BR4bMVd5L9yFI7OSS5YLKv1EYp0nISnGNH9ApIACatC/ExsHyOGu
kmJe/i2Yj4AhkfTR8USAP8//Q3DlwpWT0Qy1CZRRB6erCzUzTD8MH25WSmbAbo3D
vK5hH3FrVDkjtyDNZ9r5AZpu3XqcoJiMVx3hu7/YTy6wN78SnTOGnJks5g+0WqtF
SJuGkYDi4LjYSp/8awHQw2lrpndAe5ModjhEPHevp1D6rnKm2eRqt2NPb/m6wd8z
0JQn3NCw3moaeO/D573rZsQ9Xe9wnHkDf9t6/vlMnCcYNF9IK15KNkA5d2cR2Nem
Bt8v1LlOR5l9Ruy32wwrl3m62ysCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQjGldt
pktoY+mpUWHNNFGKg02OIjAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT
YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB
NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG
MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz
Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTU0NDQ0LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQBkE9eMA0GCSqGSIb3DQEBCwUAA4IBAQA5e8U+C8PWQDkXoCJmM/M8kd+H
vJHg0e5LVS8jg/fdjl3ZaTXiwIhIcTHcmr6vOLwPyc6q5vgd6pZSke/oaLC4/4d4
HRQruIMWrnX6EE+HNTpWumWVVMsb238NrVVKC5x+uBTCXM1JvKDOwhI8obtOrTI7
7a2gCBoaWexvIRE4UEIepK56U/roMkEelinn388S8dmD8125vX+x18GmI3tDho8L
kVQgB37Lco02Ng9JNDimXdlNLJk39XXwytIFMeyo5DG39rb+Ky9O7hyH1oquLu5Z
YVrlDb9TS+Q4V4OkzuoFGEl5zf/pFionTkeStKkec2S06I3Pce2f/y8B9jEr
-----END CERTIFICATE-----