Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS136073.roa
File:                     AS136073.roa (raw, json)
Hash identifier:          eyDaxaemQstMh/9K7nTlr7a2emtXEjbAW+GE8MPC1ak=
Subject key identifier:   38:28:FE:89:C1:1B:1D:A6:73:67:4E:8F:AF:12:52:9F:C7:5C:9B:13
Certificate issuer:       /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial:       1D6927F42EA602D8091262A3EC5B82175D99C3F3
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS136073.roa
Signing time:             Sat 02 May 2026 09:21:56 +0000
ROA not before:           Sat 02 May 2026 09:16:56 +0000
ROA not after:            Sat 01 May 2027 09:21:56 +0000
asID:                     136073
IP address blocks:        103.55.160.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 04 May 2026 01:58:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:69:27:f4:2e:a6:02:d8:09:12:62:a3:ec:5b:82:17:5d:99:c3:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
        Validity
            Not Before: May  2 09:16:56 2026 GMT
            Not After : May  1 09:21:56 2027 GMT
        Subject: CN=3828FE89C11B1DA673674E8FAF12529FC75C9B13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:6f:a8:0d:39:ec:6a:50:cf:b7:22:c4:6e:23:
                    68:ed:66:06:a1:d1:4c:59:05:a3:90:07:03:73:fc:
                    7e:18:9a:35:8c:db:21:ce:ed:ca:5b:24:6f:0f:c3:
                    5e:50:8c:39:92:af:b8:21:1a:fa:f3:d8:38:0f:51:
                    b6:4d:e5:ad:a5:9f:cb:ad:f0:dc:c4:e2:25:34:b2:
                    f5:a6:7e:15:1a:00:73:8c:db:81:d6:f3:9d:0e:65:
                    11:4b:5d:f2:21:d0:06:eb:2a:00:8a:e5:f9:85:8f:
                    ed:d2:f4:d0:79:cd:fb:56:a6:c2:67:07:49:95:23:
                    19:8e:44:a1:00:89:7a:12:57:8a:d1:fd:e8:d8:62:
                    eb:cb:0c:a2:7d:7e:0f:c4:21:2e:88:fc:89:90:2e:
                    fa:9d:21:78:d4:cf:f7:75:23:22:ba:16:cb:da:07:
                    89:f7:34:a3:ab:9f:36:19:8b:ae:07:23:da:1e:82:
                    18:22:e5:9a:11:bf:dc:f2:98:43:32:4b:74:89:8b:
                    39:06:c0:bf:fb:15:92:ec:c7:2e:24:c4:c6:59:22:
                    70:25:f4:56:b5:3f:f4:f9:1a:43:e8:9d:74:18:bb:
                    95:44:b9:dc:57:cc:96:ef:7f:41:01:38:77:98:d6:
                    a6:dd:62:60:74:8b:3e:2f:44:bc:b0:bd:40:2c:e6:
                    2f:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:28:FE:89:C1:1B:1D:A6:73:67:4E:8F:AF:12:52:9F:C7:5C:9B:13
            X509v3 Authority Key Identifier:
                keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS136073.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.55.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:6c:a2:fb:ac:30:a0:7f:21:99:fe:70:06:0b:df:b1:25:30:
         bd:ce:6c:a4:3c:d8:1c:3a:23:5c:2b:af:63:5f:98:06:0d:55:
         a7:9d:24:22:98:ab:af:62:de:05:b7:ca:92:67:db:a6:cb:41:
         15:43:df:c8:49:25:f9:ce:de:d5:a3:a2:b2:1e:0b:e6:75:3b:
         5b:2a:5a:3a:45:58:dd:e2:18:75:5f:33:be:99:b4:fb:9e:24:
         cb:ec:08:da:ff:1a:60:fc:7e:fb:0e:24:52:7d:7a:63:fc:59:
         a2:ac:f8:4a:5e:35:54:41:49:a9:6e:33:fa:de:ad:6c:a8:68:
         95:82:f4:51:5c:8e:80:bc:0d:94:44:11:ef:93:33:e9:7c:0b:
         65:c8:46:82:83:b1:a9:11:78:1c:66:50:94:c6:de:32:20:19:
         5e:ee:8b:1e:5f:4d:9a:32:74:09:c6:24:ac:e3:aa:ad:ff:30:
         46:d2:9b:d1:f7:4a:e1:be:66:aa:ee:13:fa:2d:ee:f2:9b:20:
         d0:ae:fa:bf:30:b6:0c:cc:7f:df:c8:d3:8a:54:5c:c0:a3:56:
         8b:bb:01:ee:69:cc:f8:6a:29:9b:66:8a:62:9b:de:26:f8:78:
         84:6e:2b:5a:87:d6:53:1a:7e:db:c7:4c:9a:61:09:bd:4d:ec:
         ef:7b:a8:58
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUHWkn9C6mAtgJEmKj7FuCF12Zw/MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTY1NloX
DTI3MDUwMTA5MjE1NlowMzExMC8GA1UEAxMoMzgyOEZFODlDMTFCMURBNjczNjc0
RThGQUYxMjUyOUZDNzVDOUIxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpvqA057GpQz7cixG4jaO1mBqHRTFkFo5AHA3P8fhiaNYzbIc7tylskbw/D
XlCMOZKvuCEa+vPYOA9Rtk3lraWfy63w3MTiJTSy9aZ+FRoAc4zbgdbznQ5lEUtd
8iHQBusqAIrl+YWP7dL00HnN+1amwmcHSZUjGY5EoQCJehJXitH96Nhi68sMon1+
D8QhLoj8iZAu+p0heNTP93UjIroWy9oHifc0o6ufNhmLrgcj2h6CGCLlmhG/3PKY
QzJLdImLOQbAv/sVkuzHLiTExlkicCX0VrU/9PkaQ+iddBi7lUS53FfMlu9/QQE4
d5jWpt1iYHSLPi9EvLC9QCzmL6UCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQ4KP6J
wRsdpnNnTo+vElKfx1ybEzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM2MDczLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQAZzegMA0GCSqGSIb3DQEBCwUAA4IBAQBMbKL7rDCgfyGZ/nAGC9+xJTC9
zmykPNgcOiNcK69jX5gGDVWnnSQimKuvYt4Ft8qSZ9umy0EVQ9/ISSX5zt7Vo6Ky
HgvmdTtbKlo6RVjd4hh1XzO+mbT7niTL7Aja/xpg/H77DiRSfXpj/FmirPhKXjVU
QUmpbjP63q1sqGiVgvRRXI6AvA2URBHvkzPpfAtlyEaCg7GpEXgcZlCUxt4yIBle
7oseX02aMnQJxiSs46qt/zBG0pvR90rhvmaq7hP6Le7ymyDQrvq/MLYMzH/fyNOK
VFzAo1aLuwHuacz4aimbZopim94m+HiEbitah9ZTGn7bx0yaYQm9Tezve6hY
-----END CERTIFICATE-----