Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS140026.roa
File:                     AS140026.roa (raw, json)
Hash identifier:          TtALHQYm/sGoMKd1+OGSkiLidRoZx0dHN7k2g0h1+ic=
Subject key identifier:   2B:1C:F4:BF:E7:DF:90:5E:8B:E7:D9:4C:B2:50:49:EE:6E:54:BD:45
Certificate issuer:       /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial:       25F2E155810A73F3443143A798A499E965EE4111
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS140026.roa
Signing time:             Sat 02 May 2026 21:08:49 +0000
ROA not before:           Sat 02 May 2026 21:03:49 +0000
ROA not after:            Sat 01 May 2027 21:08:49 +0000
asID:                     140026
IP address blocks:        103.149.178.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 04 May 2026 01:58:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:f2:e1:55:81:0a:73:f3:44:31:43:a7:98:a4:99:e9:65:ee:41:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
        Validity
            Not Before: May  2 21:03:49 2026 GMT
            Not After : May  1 21:08:49 2027 GMT
        Subject: CN=2B1CF4BFE7DF905E8BE7D94CB25049EE6E54BD45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:e1:88:3a:30:ea:b6:3f:80:1e:e2:1f:fb:c7:
                    3a:1f:a9:59:20:c2:7f:ac:50:1a:2d:b3:a4:3b:1e:
                    1d:9e:5b:3e:2a:bd:c6:22:df:c6:8b:61:ec:90:59:
                    4c:02:ab:3a:aa:7e:7c:7e:41:35:a4:b1:60:a4:e4:
                    df:50:e1:cd:da:e5:3f:86:fe:6b:68:f1:f3:84:55:
                    11:0e:e5:93:22:cf:88:6e:ea:bf:6f:e3:e9:f5:5a:
                    c3:fb:05:0b:59:45:82:60:c0:d9:05:5e:83:50:d2:
                    ea:f8:76:b8:82:38:73:a0:ff:bc:5b:4c:53:0b:c2:
                    32:cf:0e:47:fe:0d:b4:49:f7:06:2d:8b:6c:de:cd:
                    60:f1:b3:92:b6:48:8d:7c:cb:1d:a0:a5:36:57:32:
                    f2:57:17:0a:e1:8b:a2:cd:9c:a8:b3:3b:fe:92:9c:
                    d8:71:50:a5:2d:b0:db:1b:56:e1:1a:5c:d2:cf:86:
                    69:c9:e5:48:aa:a8:c3:64:6d:bc:03:2e:19:7d:89:
                    5b:72:ae:34:57:ee:96:58:ab:62:b1:05:4c:a5:37:
                    90:b9:00:fc:96:f3:5b:39:07:72:1f:b9:62:7f:b8:
                    8c:99:6f:93:f5:07:e8:69:f6:d5:10:e4:cc:7c:0b:
                    19:31:ca:1c:b4:87:97:c7:59:b8:20:36:02:aa:05:
                    c3:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:1C:F4:BF:E7:DF:90:5E:8B:E7:D9:4C:B2:50:49:EE:6E:54:BD:45
            X509v3 Authority Key Identifier:
                keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS140026.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.149.178.0/23

    Signature Algorithm: sha256WithRSAEncryption
         48:1c:85:d5:12:73:63:3e:bb:9e:6d:e7:2e:7c:a4:e9:10:bd:
         7c:e5:8e:82:53:3e:bc:4b:08:9e:56:e3:0d:cb:8c:c7:77:ed:
         fe:02:3b:42:d1:60:6b:a2:83:7e:64:a4:18:d1:3c:30:5b:8b:
         94:56:e2:21:b8:21:0d:37:4c:9a:8d:c4:0b:89:c2:a7:c1:c1:
         6a:64:e8:e4:12:2d:45:71:e0:f4:e0:df:fb:88:bf:35:71:13:
         f3:44:29:6f:d1:20:cd:90:51:a8:61:f5:ae:bf:43:38:7d:1d:
         f6:6d:13:e3:95:2a:58:45:e8:b9:67:69:14:55:94:26:5f:c0:
         20:ff:34:15:16:eb:de:ed:f2:01:b4:36:fa:cb:eb:7c:c7:8f:
         67:8a:76:11:c5:56:1e:7f:b3:71:d3:ef:20:ce:83:c9:3c:5f:
         9f:20:c4:1f:36:b1:d4:85:e3:2b:c7:52:43:73:20:4c:ed:1c:
         39:3f:38:04:ba:21:96:f4:fb:ec:6b:2f:d9:d0:c9:fa:a1:de:
         cf:8d:c7:99:f5:f6:56:84:82:9a:c9:0c:72:43:e3:58:22:b2:
         f3:ca:f0:b8:cb:5f:03:44:02:4f:a0:6e:26:b4:c7:56:11:48:
         7f:6b:a9:5b:b5:42:12:79:0c:36:d9:91:b4:2e:56:64:b9:ed:
         4e:ee:95:3a
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUJfLhVYEKc/NEMUOnmKSZ6WXuQREwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMDM0OVoX
DTI3MDUwMTIxMDg0OVowMzExMC8GA1UEAxMoMkIxQ0Y0QkZFN0RGOTA1RThCRTdE
OTRDQjI1MDQ5RUU2RTU0QkQ0NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7hiDow6rY/gB7iH/vHOh+pWSDCf6xQGi2zpDseHZ5bPiq9xiLfxoth7JBZ
TAKrOqp+fH5BNaSxYKTk31DhzdrlP4b+a2jx84RVEQ7lkyLPiG7qv2/j6fVaw/sF
C1lFgmDA2QVeg1DS6vh2uII4c6D/vFtMUwvCMs8OR/4NtEn3Bi2LbN7NYPGzkrZI
jXzLHaClNlcy8lcXCuGLos2cqLM7/pKc2HFQpS2w2xtW4Rpc0s+GacnlSKqow2Rt
vAMuGX2JW3KuNFfullirYrEFTKU3kLkA/JbzWzkHch+5Yn+4jJlvk/UH6Gn21RDk
zHwLGTHKHLSHl8dZuCA2AqoFwz0CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQrHPS/
59+QXovn2UyyUEnublS9RTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQwMDI2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQBZ5WyMA0GCSqGSIb3DQEBCwUAA4IBAQBIHIXVEnNjPruebecufKTpEL18
5Y6CUz68SwieVuMNy4zHd+3+AjtC0WBrooN+ZKQY0TwwW4uUVuIhuCENN0yajcQL
icKnwcFqZOjkEi1FceD04N/7iL81cRPzRClv0SDNkFGoYfWuv0M4fR32bRPjlSpY
Rei5Z2kUVZQmX8Ag/zQVFuve7fIBtDb6y+t8x49ninYRxVYef7Nx0+8gzoPJPF+f
IMQfNrHUheMrx1JDcyBM7Rw5PzgEuiGW9Pvsay/Z0Mn6od7PjceZ9fZWhIKayQxy
Q+NYIrLzyvC4y18DRAJPoG4mtMdWEUh/a6lbtUISeQw22ZG0LlZkue1O7pU6
-----END CERTIFICATE-----