Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS136876.roa
File:                     AS136876.roa (raw, json)
Hash identifier:          8wJGUaVc6stV8mr7sjGy5O5LNJRgvg49yhDS3ZJWPdU=
Subject key identifier:   5A:CA:90:88:04:83:1A:C9:67:48:BB:17:63:E2:AE:4C:A6:2F:96:39
Certificate issuer:       /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial:       1544FDAEED837F7CE5D984384BEC8E7E64D7FF46
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS136876.roa
Signing time:             Sat 02 May 2026 09:19:46 +0000
ROA not before:           Sat 02 May 2026 09:14:46 +0000
ROA not after:            Sat 01 May 2027 09:19:46 +0000
asID:                     136876
IP address blocks:        103.105.190.0/24 maxlen: 24
                          103.163.38.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 04 May 2026 01:58:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:44:fd:ae:ed:83:7f:7c:e5:d9:84:38:4b:ec:8e:7e:64:d7:ff:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
        Validity
            Not Before: May  2 09:14:46 2026 GMT
            Not After : May  1 09:19:46 2027 GMT
        Subject: CN=5ACA908804831AC96748BB1763E2AE4CA62F9639
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:6f:66:8d:6a:55:84:ae:b8:8f:45:9f:26:b7:
                    94:e8:d6:66:b2:37:c3:ea:a6:a0:05:ee:15:fc:85:
                    44:23:cf:ad:ea:6c:ed:8e:8b:5d:e0:02:48:37:6e:
                    d3:81:a5:5f:fb:99:1c:61:6e:0d:3a:71:8c:e0:96:
                    7b:60:7f:5d:77:8c:63:93:14:21:56:09:13:89:87:
                    fb:5b:eb:e4:6b:05:dd:ca:ab:43:1d:ab:1e:ed:49:
                    6b:be:49:9d:26:83:65:d2:de:fd:93:6c:89:4a:a0:
                    cd:73:95:a8:71:b2:60:5d:34:27:4c:ed:b9:8a:7e:
                    79:45:6b:6d:00:66:70:a6:3f:01:05:eb:70:bc:76:
                    5c:29:b1:f5:c0:3d:02:f4:be:70:95:a8:f0:7b:29:
                    ee:87:d5:62:02:11:f7:bd:77:ab:6f:80:e7:1c:f8:
                    63:5b:45:57:34:c2:cf:82:7d:18:1a:d8:af:92:c2:
                    ed:8b:07:8d:4b:4d:d3:92:b4:04:21:bd:22:ca:94:
                    56:10:92:62:67:c1:f6:25:63:5d:18:ae:e3:55:1b:
                    5c:35:24:ad:20:0c:5a:ab:7f:1f:f6:7c:1f:8a:c4:
                    e4:b2:21:ad:3c:a9:3a:01:09:44:5a:d3:09:96:bf:
                    2f:81:09:68:06:e3:bd:8b:f7:a9:7a:5f:6c:84:c5:
                    09:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:CA:90:88:04:83:1A:C9:67:48:BB:17:63:E2:AE:4C:A6:2F:96:39
            X509v3 Authority Key Identifier:
                keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS136876.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.105.190.0/24
                  103.163.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:a6:c0:a7:33:70:fc:67:a1:6a:24:95:36:4e:cb:cd:27:f7:
         b1:d7:6d:f2:e7:14:a3:f4:ab:2d:f9:86:22:5a:25:93:ef:d7:
         ef:c2:b0:b8:f4:a4:df:9c:c1:6e:d7:13:ba:4d:32:ec:42:54:
         a0:97:01:1d:d7:43:5a:f1:93:2b:4a:15:65:3e:df:8c:3b:02:
         10:f0:1c:00:54:f4:f9:4c:43:17:4f:4a:8e:f9:8c:26:78:f6:
         b2:53:d5:84:ab:0a:8c:44:4d:6e:62:9a:66:33:62:1b:ed:9c:
         81:69:2d:74:55:c6:a2:f6:eb:4e:f8:ba:64:6c:05:fc:8d:e4:
         b1:46:96:d7:7b:5b:26:c3:6e:ba:f0:2a:19:a5:25:ea:42:21:
         b8:d6:08:6c:79:cf:d4:6a:a2:57:1e:7d:d7:de:5a:68:a3:d0:
         9f:e6:4e:07:9a:ac:69:14:e2:23:ee:c1:d6:38:67:d3:15:1f:
         67:a9:73:19:45:40:d8:16:12:44:56:f3:a9:5b:12:32:79:87:
         dc:af:ca:bd:25:17:5c:da:8c:c3:90:00:cc:97:3b:6c:d4:e5:
         23:08:55:b0:f3:5c:da:c0:52:88:4d:a3:a8:f5:86:f9:61:43:
         07:7d:af:4d:1e:26:4f:00:2a:48:34:c8:38:9b:89:25:ca:ba:
         dd:66:df:1d
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgIUFUT9ru2Df3zl2YQ4S+yOfmTX/0YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTQ0NloX
DTI3MDUwMTA5MTk0NlowMzExMC8GA1UEAxMoNUFDQTkwODgwNDgzMUFDOTY3NDhC
QjE3NjNFMkFFNENBNjJGOTYzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBvZo1qVYSuuI9Fnya3lOjWZrI3w+qmoAXuFfyFRCPPreps7Y6LXeACSDdu
04GlX/uZHGFuDTpxjOCWe2B/XXeMY5MUIVYJE4mH+1vr5GsF3cqrQx2rHu1Ja75J
nSaDZdLe/ZNsiUqgzXOVqHGyYF00J0ztuYp+eUVrbQBmcKY/AQXrcLx2XCmx9cA9
AvS+cJWo8Hsp7ofVYgIR9713q2+A5xz4Y1tFVzTCz4J9GBrYr5LC7YsHjUtN05K0
BCG9IsqUVhCSYmfB9iVjXRiu41UbXDUkrSAMWqt/H/Z8H4rE5LIhrTypOgEJRFrT
CZa/L4EJaAbjvYv3qXpfbITFCU0CAwEAAaOCAdIwggHOMB0GA1UdDgQWBBRaypCI
BIMayWdIuxdj4q5Mpi+WOTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM2ODc2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIA
ATAMAwQAZ2m+AwQAZ6MmMA0GCSqGSIb3DQEBCwUAA4IBAQBmpsCnM3D8Z6FqJJU2
TsvNJ/ex123y5xSj9Kst+YYiWiWT79fvwrC49KTfnMFu1xO6TTLsQlSglwEd10Na
8ZMrShVlPt+MOwIQ8BwAVPT5TEMXT0qO+YwmePayU9WEqwqMRE1uYppmM2Ib7ZyB
aS10Vcai9utO+LpkbAX8jeSxRpbXe1smw2668CoZpSXqQiG41ghsec/UaqJXHn3X
3lpoo9Cf5k4HmqxpFOIj7sHWOGfTFR9nqXMZRUDYFhJEVvOpWxIyeYfcr8q9JRdc
2ozDkADMlzts1OUjCFWw81zawFKITaOo9Yb5YUMHfa9NHiZPACpINMg4m4klyrrd
Zt8d
-----END CERTIFICATE-----