Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS141914.roa
File:                     AS141914.roa (raw, json)
Hash identifier:          qVJ2RSKWXgevHmxg+4iSO8LZZiMGJP+k/s1hzmKuYSk=
Subject key identifier:   A7:AD:F9:DC:22:C7:66:FB:E3:C2:8B:2D:77:50:7A:62:6C:07:D1:00
Certificate issuer:       /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial:       3B69FE07BB642C03389E957AEBD266E0C47F4425
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS141914.roa
Signing time:             Sat 02 May 2026 09:20:10 +0000
ROA not before:           Sat 02 May 2026 09:15:10 +0000
ROA not after:            Sat 01 May 2027 09:20:10 +0000
asID:                     141914
IP address blocks:        103.165.0.0/23 maxlen: 24
                          103.165.1.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 04 May 2026 01:02:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:69:fe:07:bb:64:2c:03:38:9e:95:7a:eb:d2:66:e0:c4:7f:44:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
        Validity
            Not Before: May  2 09:15:10 2026 GMT
            Not After : May  1 09:20:10 2027 GMT
        Subject: CN=A7ADF9DC22C766FBE3C28B2D77507A626C07D100
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:5b:f0:69:bb:dc:05:b3:78:0f:cf:eb:7c:57:
                    91:6c:b2:0f:c7:54:b4:ed:14:1f:7b:4e:3f:1c:74:
                    e7:ad:66:a3:4a:6b:08:6a:10:26:cc:55:b1:e7:75:
                    30:06:9c:2c:05:aa:9f:c4:94:da:a6:bd:c1:2c:ec:
                    71:6e:01:00:ce:df:98:75:1f:44:97:14:9e:38:90:
                    8b:8f:dd:91:89:f2:2d:f6:f9:35:21:7c:eb:3f:52:
                    65:bb:c8:4f:f6:9e:cb:8a:77:7e:ff:a2:cb:89:32:
                    e6:e6:b5:71:f6:a3:47:29:b4:89:8c:27:05:5d:82:
                    82:2d:5d:ae:94:89:69:9a:a2:97:1c:2d:c6:3b:15:
                    91:bb:f4:63:7f:c7:90:d8:5f:b8:a2:eb:4b:93:a3:
                    37:65:75:ca:59:a7:56:a0:32:e9:84:1e:38:f2:a3:
                    61:5c:e0:d0:b5:2c:8d:ae:ff:f3:1e:34:fa:dd:7c:
                    a9:61:be:f8:87:5a:1b:29:ff:2f:3c:89:23:38:d9:
                    95:89:ed:53:67:fb:3b:43:1b:c1:10:96:33:d2:6e:
                    e5:a0:4e:06:f6:43:7a:63:2f:62:4c:a0:af:93:e2:
                    dd:eb:40:30:ac:41:dc:36:e8:9c:ca:1e:f4:ea:fd:
                    c7:05:6b:5f:64:c1:02:13:90:26:32:68:76:71:72:
                    e3:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:AD:F9:DC:22:C7:66:FB:E3:C2:8B:2D:77:50:7A:62:6C:07:D1:00
            X509v3 Authority Key Identifier:
                keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS141914.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.165.0.0/23

    Signature Algorithm: sha256WithRSAEncryption
         84:de:66:93:b7:b7:8c:73:86:85:66:b7:03:3e:63:6a:91:fb:
         ad:92:af:53:ba:4c:8e:26:17:41:2f:71:30:90:bf:df:3b:a7:
         67:4f:1b:e9:db:8b:b1:78:48:cc:5c:58:0b:6b:08:87:33:1b:
         3e:27:a3:b2:09:97:a8:a9:20:7e:92:59:79:7a:a0:09:b9:12:
         df:5d:56:b7:f2:b2:db:c0:d3:99:25:4b:7a:eb:59:e3:bd:fd:
         49:9b:04:ad:d7:b5:35:85:61:2c:26:1a:8e:26:f8:cf:62:16:
         de:1a:e4:52:46:89:ed:8e:0f:04:ed:a4:2f:48:7c:94:77:71:
         a7:ea:ab:30:21:de:2c:a9:71:24:24:0a:8d:57:6a:f7:9a:f9:
         ea:eb:31:44:bd:6c:89:84:91:f8:2b:3d:a6:0b:25:13:4a:22:
         c2:ce:09:42:30:b6:05:e6:86:40:50:13:59:c8:04:98:73:22:
         25:a9:f8:66:7f:1f:05:3a:e7:b3:0b:1f:e3:75:af:e4:4a:0d:
         ed:b9:ab:45:30:1d:0d:b3:ae:c3:9b:10:48:0d:9b:4b:69:0a:
         34:05:16:0a:10:f5:0b:d6:c7:0e:15:2a:8c:6f:39:13:eb:9e:
         76:22:26:12:a8:78:4a:e2:02:3f:50:4b:1f:a5:ab:21:20:14:
         5e:0b:52:3c
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUO2n+B7tkLAM4npV669Jm4MR/RCUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTUxMFoX
DTI3MDUwMTA5MjAxMFowMzExMC8GA1UEAxMoQTdBREY5REMyMkM3NjZGQkUzQzI4
QjJENzc1MDdBNjI2QzA3RDEwMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhb8Gm73AWzeA/P63xXkWyyD8dUtO0UH3tOPxx0561mo0prCGoQJsxVsed1
MAacLAWqn8SU2qa9wSzscW4BAM7fmHUfRJcUnjiQi4/dkYnyLfb5NSF86z9SZbvI
T/aey4p3fv+iy4ky5ua1cfajRym0iYwnBV2Cgi1drpSJaZqilxwtxjsVkbv0Y3/H
kNhfuKLrS5OjN2V1ylmnVqAy6YQeOPKjYVzg0LUsja7/8x40+t18qWG++IdaGyn/
LzyJIzjZlYntU2f7O0MbwRCWM9Ju5aBOBvZDemMvYkygr5Pi3etAMKxB3DbonMoe
9Or9xwVrX2TBAhOQJjJodnFy40MCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSnrfnc
Isdm++PCiy13UHpibAfRADAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQxOTE0LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQBZ6UAMA0GCSqGSIb3DQEBCwUAA4IBAQCE3maTt7eMc4aFZrcDPmNqkfut
kq9TukyOJhdBL3EwkL/fO6dnTxvp24uxeEjMXFgLawiHMxs+J6OyCZeoqSB+kll5
eqAJuRLfXVa38rLbwNOZJUt661njvf1JmwSt17U1hWEsJhqOJvjPYhbeGuRSRont
jg8E7aQvSHyUd3Gn6qswId4sqXEkJAqNV2r3mvnq6zFEvWyJhJH4Kz2mCyUTSiLC
zglCMLYF5oZAUBNZyASYcyIlqfhmfx8FOuezCx/jda/kSg3tuatFMB0Ns67DmxBI
DZtLaQo0BRYKEPUL1scOFSqMbzkT6552IiYSqHhK4gI/UEsfpashIBReC1I8
-----END CERTIFICATE-----