Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS141646.roa
File:                     AS141646.roa (raw, json)
Hash identifier:          g2SMnx7iYAK59CBMa1Trm0mHi2POxFUSf0SN367R1yY=
Subject key identifier:   DE:E6:4D:CF:71:0F:28:37:C7:7F:67:F3:3C:C2:14:57:17:7F:9D:DD
Certificate issuer:       /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial:       57347D77B6344DECD71989FD0A376AD0723341EC
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS141646.roa
Signing time:             Sat 02 May 2026 21:16:41 +0000
ROA not before:           Sat 02 May 2026 21:11:41 +0000
ROA not after:            Sat 01 May 2027 21:16:41 +0000
asID:                     141646
IP address blocks:        103.162.72.0/24 maxlen: 24
                          103.234.95.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 04 May 2026 01:58:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:34:7d:77:b6:34:4d:ec:d7:19:89:fd:0a:37:6a:d0:72:33:41:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
        Validity
            Not Before: May  2 21:11:41 2026 GMT
            Not After : May  1 21:16:41 2027 GMT
        Subject: CN=DEE64DCF710F2837C77F67F33CC21457177F9DDD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d9:25:30:76:d5:39:2f:63:fb:10:0e:32:98:
                    8d:44:e7:98:8a:c4:0c:d1:b1:af:0e:0b:bb:f7:e5:
                    a6:d6:a3:f1:6c:3f:81:14:fb:7f:84:b3:6e:58:dc:
                    4e:6b:6a:06:e9:27:15:e8:26:8b:a4:3c:97:b9:08:
                    9b:0b:5f:77:cd:6c:23:96:85:78:58:91:44:4d:a9:
                    3f:08:09:e7:5a:de:41:a8:e6:d1:c9:cd:a6:0f:ad:
                    59:92:0a:2b:d3:0d:52:35:b9:03:65:ae:81:3f:b9:
                    6c:13:a9:a4:01:0c:d8:a0:c7:fc:0d:d6:40:61:d8:
                    90:7d:ba:05:7a:e0:0b:d9:bd:23:91:62:b6:ba:5e:
                    28:a1:ec:2a:a6:75:49:79:cd:69:00:50:16:53:62:
                    e4:ed:76:b0:a2:2e:08:4b:3e:6b:37:85:2a:e4:e2:
                    ff:d0:b1:88:79:1f:db:f5:f6:b7:11:ce:d0:30:fe:
                    c8:a5:d8:06:d6:49:86:69:db:ae:3a:3c:26:f6:6c:
                    4d:e4:6a:a2:e8:6e:55:b8:6f:29:f1:da:94:08:80:
                    fa:cc:53:7d:67:6d:12:84:87:b9:32:44:a7:92:8c:
                    50:69:cc:f1:94:1a:2e:19:02:be:94:b2:29:ae:0c:
                    c7:23:bc:18:44:5c:d3:b9:51:6b:17:5a:70:31:cb:
                    44:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:E6:4D:CF:71:0F:28:37:C7:7F:67:F3:3C:C2:14:57:17:7F:9D:DD
            X509v3 Authority Key Identifier:
                keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS141646.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.162.72.0/24
                  103.234.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:e6:d1:30:eb:3b:14:16:19:0b:a3:aa:ba:7b:eb:48:27:de:
         b6:88:78:b2:c0:03:84:a6:b6:70:4f:5c:52:0a:90:12:7c:b8:
         e9:15:18:c0:c6:8b:f2:81:0b:88:c3:ed:c3:6e:5d:cf:43:61:
         95:e6:84:02:f9:43:a7:f6:57:ed:c9:1e:8c:0c:ac:40:04:db:
         ef:4d:c7:df:b4:7c:f2:f0:25:d4:37:8e:fd:36:97:e0:1c:d1:
         f8:95:92:ec:01:03:be:32:b4:74:00:08:5d:87:cf:f9:20:f7:
         25:e5:d0:11:e6:a1:39:48:4b:8e:43:f9:cf:1e:8a:ef:2b:0d:
         38:56:70:1c:a7:ed:a8:8b:80:4f:cb:69:25:df:7e:1e:3f:b8:
         ba:9b:8e:c9:1b:bc:45:63:a3:57:18:1b:07:7f:d7:4f:a7:a0:
         3a:3f:48:38:ea:77:b9:a9:38:4f:1e:19:f6:19:65:d4:45:78:
         c5:97:9c:8f:fd:ff:a2:3b:38:32:25:c7:a7:2b:3d:1f:3d:12:
         80:08:d4:ee:bc:bd:e7:12:52:eb:01:da:42:ce:32:a2:79:3d:
         3b:99:83:c9:ae:93:21:e3:e1:da:da:8e:c9:7d:b2:cc:53:d3:
         0b:15:b1:dd:88:a7:be:8c:61:93:c3:ae:ce:d9:4c:18:64:11:
         33:72:3f:c9
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgIUVzR9d7Y0TezXGYn9Cjdq0HIzQewwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMTE0MVoX
DTI3MDUwMTIxMTY0MVowMzExMC8GA1UEAxMoREVFNjREQ0Y3MTBGMjgzN0M3N0Y2
N0YzM0NDMjE0NTcxNzdGOURERDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALrZJTB21TkvY/sQDjKYjUTnmIrEDNGxrw4Lu/flptaj8Ww/gRT7f4Szbljc
TmtqBuknFegmi6Q8l7kImwtfd81sI5aFeFiRRE2pPwgJ51reQajm0cnNpg+tWZIK
K9MNUjW5A2WugT+5bBOppAEM2KDH/A3WQGHYkH26BXrgC9m9I5FitrpeKKHsKqZ1
SXnNaQBQFlNi5O12sKIuCEs+azeFKuTi/9CxiHkf2/X2txHO0DD+yKXYBtZJhmnb
rjo8JvZsTeRqouhuVbhvKfHalAiA+sxTfWdtEoSHuTJEp5KMUGnM8ZQaLhkCvpSy
Ka4MxyO8GERc07lRaxdacDHLRDMCAwEAAaOCAdIwggHOMB0GA1UdDgQWBBTe5k3P
cQ8oN8d/Z/M8whRXF3+d3TAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQxNjQ2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIA
ATAMAwQAZ6JIAwQAZ+pfMA0GCSqGSIb3DQEBCwUAA4IBAQCc5tEw6zsUFhkLo6q6
e+tIJ962iHiywAOEprZwT1xSCpASfLjpFRjAxovygQuIw+3Dbl3PQ2GV5oQC+UOn
9lftyR6MDKxABNvvTcfftHzy8CXUN479NpfgHNH4lZLsAQO+MrR0AAhdh8/5IPcl
5dAR5qE5SEuOQ/nPHorvKw04VnAcp+2oi4BPy2kl334eP7i6m47JG7xFY6NXGBsH
f9dPp6A6P0g46ne5qThPHhn2GWXURXjFl5yP/f+iOzgyJcenKz0fPRKACNTuvL3n
ElLrAdpCzjKieT07mYPJrpMh4+Ha2o7JfbLMU9MLFbHdiKe+jGGTw67O2UwYZBEz
cj/J
-----END CERTIFICATE-----