Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS141613.roa
File:                     AS141613.roa (raw, json)
Hash identifier:          NDhGqr5RZB495Tf3G8xj/ffI6QEPWhRoQGbBRmDAquw=
Subject key identifier:   76:F9:D5:66:BB:6D:58:51:A1:7C:B0:6A:88:B2:1C:78:80:9D:D9:25
Certificate issuer:       /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial:       30B25085F44F863BCE671929E74CA59CCB9DD254
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS141613.roa
Signing time:             Sat 02 May 2026 21:25:31 +0000
ROA not before:           Sat 02 May 2026 21:20:31 +0000
ROA not after:            Sat 01 May 2027 21:25:31 +0000
asID:                     141613
IP address blocks:        2001:df1:9d40::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 04 May 2026 01:58:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:b2:50:85:f4:4f:86:3b:ce:67:19:29:e7:4c:a5:9c:cb:9d:d2:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
        Validity
            Not Before: May  2 21:20:31 2026 GMT
            Not After : May  1 21:25:31 2027 GMT
        Subject: CN=76F9D566BB6D5851A17CB06A88B21C78809DD925
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:80:4e:d6:29:57:84:38:5d:4b:c5:c6:72:2b:
                    93:5a:75:93:5b:49:79:32:32:c5:39:d4:64:8c:83:
                    f6:fe:dc:4a:52:6d:8f:28:b0:48:f0:15:c3:41:61:
                    04:7c:2b:65:65:7a:4f:ea:d3:4a:6a:f9:11:cd:4e:
                    f6:a5:f3:3e:da:92:73:59:be:6d:e7:4a:13:0b:f3:
                    be:c4:80:ce:40:42:52:44:2c:db:da:46:93:83:93:
                    b3:c0:02:83:80:71:1c:c0:c4:25:4b:cd:a2:9c:a6:
                    c5:23:a2:b9:3b:b8:04:e3:71:71:4a:2e:ab:0f:78:
                    16:73:8b:9c:df:24:87:cb:29:47:a4:78:94:34:b7:
                    00:3f:8b:ee:66:3b:4c:ea:7e:29:09:34:9e:03:9b:
                    81:e6:52:99:0c:73:2e:8b:b6:17:23:ad:fc:9e:38:
                    a3:a7:8f:7a:bb:6c:bf:b7:1a:02:ba:7a:32:65:d7:
                    d9:97:54:90:7a:e7:f8:38:ce:64:61:4d:6e:31:6c:
                    81:4f:43:90:41:21:ef:42:30:d2:f6:44:ba:a4:83:
                    12:3b:95:41:e4:fb:cb:2f:e3:6b:d4:01:c9:ed:a5:
                    f5:09:0e:4a:91:3c:65:fd:d5:36:66:73:5f:a9:ec:
                    64:35:18:d7:30:64:ba:8a:d3:15:dd:da:3b:80:c5:
                    72:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:F9:D5:66:BB:6D:58:51:A1:7C:B0:6A:88:B2:1C:78:80:9D:D9:25
            X509v3 Authority Key Identifier:
                keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS141613.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df1:9d40::/48

    Signature Algorithm: sha256WithRSAEncryption
         74:37:03:53:5e:fa:29:88:92:b6:8e:56:6c:a6:94:f0:66:05:
         13:a2:a6:8f:9f:ff:f0:4d:7d:c0:f5:74:ba:eb:c1:e1:dd:d8:
         1b:01:7f:8d:15:5a:78:b2:6d:72:3e:f4:f9:fa:a0:58:5c:ef:
         78:57:83:f9:f7:8b:e8:03:bb:a1:cd:75:2c:48:bb:d7:86:40:
         18:53:01:eb:40:28:3e:e0:0a:3a:39:24:1a:67:2c:13:f3:9c:
         11:ca:47:8a:1e:96:d2:89:6f:77:7f:63:6b:19:a2:11:02:e6:
         f8:06:f2:57:17:e3:c3:d3:74:54:5b:cc:76:3e:7c:cb:6b:8e:
         87:eb:8e:61:77:23:23:7a:48:8f:7d:99:e2:5a:71:c8:ac:c6:
         7d:0c:31:05:dd:d3:32:1e:80:fc:7b:f6:64:67:f3:81:51:bd:
         91:ca:00:7f:21:3d:75:1a:d9:81:5c:2a:a5:b5:54:00:13:7c:
         f5:4f:0d:98:57:f6:a9:58:db:e9:63:0d:5e:0f:c9:5d:1b:d6:
         12:fc:45:2a:d3:4a:83:ed:cc:ac:90:be:6f:5b:7e:06:4d:61:
         b8:15:8f:34:95:63:25:e8:cc:d6:a0:89:b4:43:32:07:dd:77:
         51:6b:7b:c1:27:ee:f8:d4:35:0d:17:b0:a8:d2:8f:1e:0b:ca:
         0f:dc:3e:63
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUMLJQhfRPhjvOZxkp50ylnMud0lQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMjAzMVoX
DTI3MDUwMTIxMjUzMVowMzExMC8GA1UEAxMoNzZGOUQ1NjZCQjZENTg1MUExN0NC
MDZBODhCMjFDNzg4MDlERDkyNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMiATtYpV4Q4XUvFxnIrk1p1k1tJeTIyxTnUZIyD9v7cSlJtjyiwSPAVw0Fh
BHwrZWV6T+rTSmr5Ec1O9qXzPtqSc1m+bedKEwvzvsSAzkBCUkQs29pGk4OTs8AC
g4BxHMDEJUvNopymxSOiuTu4BONxcUouqw94FnOLnN8kh8spR6R4lDS3AD+L7mY7
TOp+KQk0ngObgeZSmQxzLou2FyOt/J44o6ePertsv7caArp6MmXX2ZdUkHrn+DjO
ZGFNbjFsgU9DkEEh70Iw0vZEuqSDEjuVQeT7yy/ja9QBye2l9QkOSpE8Zf3VNmZz
X6nsZDUY1zBkuorTFd3aO4DFcvkCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBR2+dVm
u21YUaF8sGqIshx4gJ3ZJTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQxNjEzLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEN8Z1AMA0GCSqGSIb3DQEBCwUAA4IBAQB0NwNTXvopiJK2jlZsppTw
ZgUToqaPn//wTX3A9XS668Hh3dgbAX+NFVp4sm1yPvT5+qBYXO94V4P594voA7uh
zXUsSLvXhkAYUwHrQCg+4Ao6OSQaZywT85wRykeKHpbSiW93f2NrGaIRAub4BvJX
F+PD03RUW8x2PnzLa46H645hdyMjekiPfZniWnHIrMZ9DDEF3dMyHoD8e/ZkZ/OB
Ub2RygB/IT11GtmBXCqltVQAE3z1Tw2YV/apWNvpYw1eD8ldG9YS/EUq00qD7cys
kL5vW34GTWG4FY80lWMl6MzWoIm0QzIH3XdRa3vBJ+741DUNF7Co0o8eC8oP3D5j
-----END CERTIFICATE-----