Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS141602.roa
File:                     AS141602.roa (raw, json)
Hash identifier:          BV5LVrfC4/Zh7af9XviiO0NH9E8YykKK7+VnGHJZ0/8=
Subject key identifier:   9B:4D:F3:B9:2F:6D:DD:6E:3A:40:AD:A2:E2:18:76:BD:F1:D0:10:C2
Certificate issuer:       /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial:       0C0E56098BC9A90C9B51A966DCC788758F7B0A55
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS141602.roa
Signing time:             Sat 02 May 2026 21:32:09 +0000
ROA not before:           Sat 02 May 2026 21:27:09 +0000
ROA not after:            Sat 01 May 2027 21:32:09 +0000
asID:                     141602
IP address blocks:        2401:3a0::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 04 May 2026 01:02:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:0e:56:09:8b:c9:a9:0c:9b:51:a9:66:dc:c7:88:75:8f:7b:0a:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
        Validity
            Not Before: May  2 21:27:09 2026 GMT
            Not After : May  1 21:32:09 2027 GMT
        Subject: CN=9B4DF3B92F6DDD6E3A40ADA2E21876BDF1D010C2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:09:9a:b3:3e:04:46:7d:78:00:e0:50:04:03:
                    76:ad:48:1f:2e:54:c0:11:2e:d5:3b:b1:05:5f:23:
                    96:64:96:1c:4d:a1:4f:d5:50:8a:f1:b3:32:7e:1d:
                    bf:da:6a:99:29:ac:93:3b:6c:fd:46:f2:9e:fc:00:
                    09:57:3b:f8:44:b3:a4:95:4f:09:96:a1:b5:1b:c3:
                    da:b7:e0:88:11:2c:7e:43:94:3f:8b:bc:b6:e6:95:
                    90:d1:1f:ff:aa:24:cf:33:89:7a:62:97:35:84:b0:
                    ce:e1:a8:a1:09:49:28:0f:9b:16:78:a3:d9:ea:61:
                    0b:49:18:1b:30:c8:3e:15:a5:ea:f9:30:33:ca:c3:
                    a2:6b:9e:8d:d2:de:37:40:36:a4:1a:99:fa:03:b6:
                    49:94:5f:17:f3:35:4f:d1:23:c5:25:fc:13:70:e5:
                    8d:98:49:33:a3:a1:3c:9c:c3:66:2f:0a:e9:1a:33:
                    cc:50:97:e7:c6:2b:56:60:ee:64:a2:4a:9a:dc:10:
                    6f:58:7b:d7:42:40:40:77:60:4a:f7:20:a6:cd:21:
                    06:92:e6:d3:38:18:9d:77:d8:54:eb:c6:08:9d:31:
                    20:ba:28:55:3d:85:5b:f2:45:a4:fe:a1:73:42:64:
                    e1:ef:c8:d5:62:de:20:7f:3d:6e:1d:14:8b:e6:36:
                    64:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:4D:F3:B9:2F:6D:DD:6E:3A:40:AD:A2:E2:18:76:BD:F1:D0:10:C2
            X509v3 Authority Key Identifier:
                keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS141602.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:3a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         9f:43:39:3d:18:bb:47:99:41:20:29:67:ca:be:9e:dd:1b:0a:
         4f:71:e6:de:a7:82:5d:f7:43:3e:e5:ba:0e:3f:01:95:8a:cc:
         37:12:8a:3c:e7:4a:5b:73:71:66:7c:f8:3c:09:2f:41:a5:af:
         a3:51:c1:60:b9:f3:86:ad:66:55:45:96:12:8b:87:24:66:dd:
         48:a2:ea:2f:48:3c:e0:32:8c:4d:f7:db:e8:5c:52:75:b2:20:
         5b:14:4f:b3:e2:2d:0c:7a:c6:70:ce:a4:06:fe:eb:11:9d:8b:
         04:41:cc:2c:09:8f:6e:84:cf:ff:7f:07:d4:82:81:cf:fe:b4:
         f1:ca:5c:e0:9f:84:c1:8d:50:d5:2e:58:2b:03:03:ff:c6:d4:
         fc:9e:dc:74:b1:82:21:27:a4:cd:5d:b5:69:11:44:69:9a:cf:
         d3:d4:cb:ac:bf:2b:e8:6e:45:6f:bb:43:44:d5:24:ed:a0:33:
         a4:9e:98:eb:7c:cb:26:9a:6e:9d:c4:2c:6b:1b:ba:b2:67:99:
         f7:6c:96:6c:d7:d7:7b:98:5f:02:9e:54:25:0e:b6:3a:97:b7:
         08:72:6c:74:ce:f5:2f:ff:66:b3:07:07:fd:de:7b:3e:c7:3b:
         de:79:17:df:e9:6a:d7:6b:12:79:7a:b3:87:a1:bf:59:05:59:
         a3:be:15:03
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgIUDA5WCYvJqQybUalm3MeIdY97ClUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMjcwOVoX
DTI3MDUwMTIxMzIwOVowMzExMC8GA1UEAxMoOUI0REYzQjkyRjZEREQ2RTNBNDBB
REEyRTIxODc2QkRGMUQwMTBDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgJmrM+BEZ9eADgUAQDdq1IHy5UwBEu1TuxBV8jlmSWHE2hT9VQivGzMn4d
v9pqmSmskzts/UbynvwACVc7+ESzpJVPCZahtRvD2rfgiBEsfkOUP4u8tuaVkNEf
/6okzzOJemKXNYSwzuGooQlJKA+bFnij2ephC0kYGzDIPhWl6vkwM8rDomuejdLe
N0A2pBqZ+gO2SZRfF/M1T9EjxSX8E3DljZhJM6OhPJzDZi8K6RozzFCX58YrVmDu
ZKJKmtwQb1h710JAQHdgSvcgps0hBpLm0zgYnXfYVOvGCJ0xILooVT2FW/JFpP6h
c0Jk4e/I1WLeIH89bh0Ui+Y2ZCECAwEAAaOCAc0wggHJMB0GA1UdDgQWBBSbTfO5
L23dbjpAraLiGHa98dAQwjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQxNjAyLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIA
AjAHAwUAJAEDoDANBgkqhkiG9w0BAQsFAAOCAQEAn0M5PRi7R5lBIClnyr6e3RsK
T3Hm3qeCXfdDPuW6Dj8BlYrMNxKKPOdKW3NxZnz4PAkvQaWvo1HBYLnzhq1mVUWW
EouHJGbdSKLqL0g84DKMTffb6FxSdbIgWxRPs+ItDHrGcM6kBv7rEZ2LBEHMLAmP
boTP/38H1IKBz/608cpc4J+EwY1Q1S5YKwMD/8bU/J7cdLGCISekzV21aRFEaZrP
09TLrL8r6G5Fb7tDRNUk7aAzpJ6Y63zLJppuncQsaxu6smeZ92yWbNfXe5hfAp5U
JQ62Ope3CHJsdM71L/9mswcH/d57Psc73nkX3+lq12sSeXqzh6G/WQVZo74VAw==
-----END CERTIFICATE-----