Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS141058.roa
File:                     AS141058.roa (raw, json)
Hash identifier:          bwaHFFaQYEggTtf4fG2fDGssQNqnrXNzCa4ntLv+Iq0=
Subject key identifier:   F6:DC:C2:17:09:98:F3:63:81:9E:9A:DC:53:E4:51:D1:E3:D9:F1:1A
Certificate issuer:       /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial:       5A7A2C4E8692D500491A4B4C155ABFA4A7B4D387
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS141058.roa
Signing time:             Sat 02 May 2026 09:21:44 +0000
ROA not before:           Sat 02 May 2026 09:16:44 +0000
ROA not after:            Sat 01 May 2027 09:21:44 +0000
asID:                     141058
IP address blocks:        103.36.250.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 04 May 2026 01:02:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:7a:2c:4e:86:92:d5:00:49:1a:4b:4c:15:5a:bf:a4:a7:b4:d3:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
        Validity
            Not Before: May  2 09:16:44 2026 GMT
            Not After : May  1 09:21:44 2027 GMT
        Subject: CN=F6DCC2170998F363819E9ADC53E451D1E3D9F11A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:0e:a2:23:89:8a:71:60:1b:b8:c7:07:db:63:
                    28:58:1c:5e:57:2d:dc:11:26:5e:6f:f7:ca:59:05:
                    5b:1f:29:6c:38:38:9b:9c:de:eb:87:c8:7b:61:57:
                    62:b9:bc:34:f9:a0:c4:27:ea:4e:4c:c0:98:82:f8:
                    63:c5:8b:b5:3c:14:d5:2d:30:4e:2c:e4:6d:61:8b:
                    ab:84:da:38:91:a9:74:63:0e:09:17:59:d2:ae:c8:
                    3a:1d:62:ab:7f:d6:4f:38:a3:b7:ed:44:c9:f1:46:
                    8b:24:b6:83:38:ba:62:2e:f0:44:5b:3c:a4:a1:d2:
                    94:7f:90:be:2b:b9:18:96:be:c5:66:10:f4:a3:ff:
                    1e:67:fb:be:85:41:dd:cb:80:94:1c:5f:f5:54:30:
                    3b:1c:49:02:77:cc:79:f9:34:51:ae:04:a7:52:b5:
                    d6:02:b3:20:92:31:0c:9e:b3:84:e3:c0:e2:1d:17:
                    2c:ad:3e:d2:80:0c:e0:d7:8c:3c:9f:8e:38:2c:7c:
                    29:d3:7d:01:77:99:3a:b8:6d:98:cc:5d:5f:1d:d5:
                    bb:f4:b7:7f:3b:01:c1:3e:a9:ee:2d:d1:c8:f7:a4:
                    33:82:95:9a:6a:4b:4d:b8:26:fa:e7:a4:7f:9b:d1:
                    a0:ab:4b:db:a7:82:03:29:3a:8b:11:81:47:0e:c9:
                    7d:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:DC:C2:17:09:98:F3:63:81:9E:9A:DC:53:E4:51:D1:E3:D9:F1:1A
            X509v3 Authority Key Identifier:
                keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS141058.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.36.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:06:14:2f:62:0a:16:f3:4e:cb:6d:e3:63:23:a9:f2:65:26:
         ad:3f:f1:72:d4:14:f7:af:b2:b5:a2:61:07:0f:ea:85:89:b9:
         f0:d1:c1:2d:85:d8:b9:11:b2:7f:0d:c7:a2:ad:34:88:a9:51:
         6b:ed:1d:fd:2d:77:06:a2:86:67:f1:6f:b1:9b:cf:43:1b:4a:
         7d:28:c5:89:4c:ce:42:cd:35:e0:c5:ce:ad:39:fa:70:26:65:
         ca:e6:f2:7e:f5:22:50:4d:df:33:a4:2f:45:f9:e0:94:03:0b:
         08:bc:dd:12:60:ba:76:b5:7a:0c:8e:87:e3:e9:14:7d:4a:b0:
         23:41:dc:30:a4:2a:97:55:70:f7:a4:f5:52:0e:8f:3d:77:41:
         c7:da:dd:80:44:3d:3c:e2:8d:b5:35:a0:97:64:52:86:60:3a:
         cc:39:de:8d:43:2a:73:2c:a1:63:5d:5b:c9:42:b6:ae:44:86:
         8a:da:24:cd:6c:52:ea:4b:b4:37:68:df:1d:98:67:a5:2d:aa:
         15:5d:92:d8:98:73:4d:f2:19:43:04:31:55:dc:bd:b8:7d:b5:
         c5:30:f6:55:fc:51:8e:17:6b:6d:7f:13:4b:1f:7b:f2:38:97:
         b4:3c:8d:5d:38:bd:45:c6:e3:32:35:ec:57:de:e2:13:f1:44:
         31:d0:90:54
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUWnosToaS1QBJGktMFVq/pKe004cwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTY0NFoX
DTI3MDUwMTA5MjE0NFowMzExMC8GA1UEAxMoRjZEQ0MyMTcwOTk4RjM2MzgxOUU5
QURDNTNFNDUxRDFFM0Q5RjExQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOUOoiOJinFgG7jHB9tjKFgcXlct3BEmXm/3ylkFWx8pbDg4m5ze64fIe2FX
Yrm8NPmgxCfqTkzAmIL4Y8WLtTwU1S0wTizkbWGLq4TaOJGpdGMOCRdZ0q7IOh1i
q3/WTzijt+1EyfFGiyS2gzi6Yi7wRFs8pKHSlH+Qviu5GJa+xWYQ9KP/Hmf7voVB
3cuAlBxf9VQwOxxJAnfMefk0Ua4Ep1K11gKzIJIxDJ6zhOPA4h0XLK0+0oAM4NeM
PJ+OOCx8KdN9AXeZOrhtmMxdXx3Vu/S3fzsBwT6p7i3RyPekM4KVmmpLTbgm+uek
f5vRoKtL26eCAyk6ixGBRw7JfYMCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBT23MIX
CZjzY4GemtxT5FHR49nxGjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQxMDU4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQAZyT6MA0GCSqGSIb3DQEBCwUAA4IBAQAfBhQvYgoW807LbeNjI6nyZSat
P/Fy1BT3r7K1omEHD+qFibnw0cEthdi5EbJ/DceirTSIqVFr7R39LXcGooZn8W+x
m89DG0p9KMWJTM5CzTXgxc6tOfpwJmXK5vJ+9SJQTd8zpC9F+eCUAwsIvN0SYLp2
tXoMjofj6RR9SrAjQdwwpCqXVXD3pPVSDo89d0HH2t2ARD084o21NaCXZFKGYDrM
Od6NQypzLKFjXVvJQrauRIaK2iTNbFLqS7Q3aN8dmGelLaoVXZLYmHNN8hlDBDFV
3L24fbXFMPZV/FGOF2ttfxNLH3vyOJe0PI1dOL1FxuMyNexX3uIT8UQx0JBU
-----END CERTIFICATE-----