Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS142305.roa
File:                     AS142305.roa (raw, json)
Hash identifier:          BDYhSCZTBkEpGRhtnWikFxUbFhpPYwG5UTb2BgoU1xA=
Subject key identifier:   0F:39:CB:CD:E0:7E:9D:20:4D:1A:17:D6:AB:05:34:3B:5A:15:F2:2C
Certificate issuer:       /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial:       11564BF5B2EC17A4B31CA26DD1A4519214ACAC7D
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS142305.roa
Signing time:             Sat 02 May 2026 09:20:08 +0000
ROA not before:           Sat 02 May 2026 09:15:08 +0000
ROA not after:            Sat 01 May 2027 09:20:08 +0000
asID:                     142305
IP address blocks:        103.168.26.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 04 May 2026 01:58:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:56:4b:f5:b2:ec:17:a4:b3:1c:a2:6d:d1:a4:51:92:14:ac:ac:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
        Validity
            Not Before: May  2 09:15:08 2026 GMT
            Not After : May  1 09:20:08 2027 GMT
        Subject: CN=0F39CBCDE07E9D204D1A17D6AB05343B5A15F22C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:a4:87:96:57:e9:18:cf:9d:e0:d8:f6:c2:a2:
                    1e:65:c6:49:bb:67:cd:8b:f5:79:49:67:6b:df:e7:
                    7e:66:ea:14:e6:45:36:0d:a5:e5:fd:ef:48:3a:d3:
                    92:3b:21:d4:39:42:68:a9:ba:00:86:5e:e0:a1:d2:
                    51:83:7a:44:1d:a8:d5:b4:c9:4f:b3:18:b7:75:1a:
                    f7:be:bf:f6:ef:8d:2b:8b:59:6b:ef:7c:e3:a8:49:
                    57:3f:ce:21:d3:53:d0:29:9f:2e:22:0f:04:ec:82:
                    ae:2f:30:76:c9:81:7f:52:c6:88:97:aa:0c:a2:be:
                    18:2e:20:c2:46:9f:4a:42:ed:75:ed:95:bb:7b:64:
                    54:59:22:d2:b5:e1:38:ab:63:8e:16:00:f3:dc:22:
                    b2:c9:5b:ca:2b:1d:e7:d6:c6:8e:6b:03:61:c9:aa:
                    d8:9d:8b:a3:1b:d3:dc:8b:e6:bf:53:eb:42:bd:fb:
                    1e:97:ac:ec:90:1e:5b:47:ed:83:2c:a6:53:75:7f:
                    56:2a:4a:ad:23:71:93:8b:c2:9e:e1:05:ac:1b:c7:
                    21:fe:10:e7:c3:f7:21:37:83:a6:78:a5:af:f3:b7:
                    25:96:0d:33:2e:6a:69:15:c8:88:f5:c5:1e:20:1b:
                    59:6f:49:3f:b9:4f:3b:34:ae:ec:78:83:a6:e2:a9:
                    75:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:39:CB:CD:E0:7E:9D:20:4D:1A:17:D6:AB:05:34:3B:5A:15:F2:2C
            X509v3 Authority Key Identifier:
                keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS142305.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.168.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1e:1c:b4:e7:8f:a9:d8:e5:90:0b:fa:a1:d2:b8:a0:a9:94:c6:
         7b:e5:7f:03:4c:8b:a5:4b:3a:c1:ad:86:ce:ba:05:78:7d:4d:
         59:2f:16:0f:12:e5:2f:05:c5:33:e1:9b:42:8b:fc:0c:27:ec:
         4e:40:54:17:d5:7a:b1:fb:6d:af:3a:d3:bb:c4:90:bb:96:44:
         f7:bd:e3:8d:40:b4:aa:d4:40:ea:f2:9a:0f:18:96:c9:cc:bd:
         45:5f:a5:02:b3:2b:d1:c9:8f:78:0c:20:16:b9:ff:97:4b:a7:
         0d:de:28:5c:7e:19:4f:82:41:94:88:5f:e4:d9:7e:62:cc:bb:
         21:6b:80:24:82:db:bc:89:a2:9d:94:f9:e9:50:5a:a4:80:04:
         b8:53:d4:2c:42:ed:89:66:05:01:af:10:7e:e2:12:5a:93:70:
         7a:ab:a3:26:84:86:23:2a:25:9c:9f:95:4f:95:67:e3:c7:7d:
         8f:fe:67:7d:e9:75:0d:11:cf:87:dc:a7:e4:a0:cd:ce:27:aa:
         27:af:e8:8f:95:35:d2:a7:56:e5:09:e0:a9:fc:1c:42:4f:56:
         69:0f:4d:26:9b:49:14:5f:23:1d:5f:7f:64:42:c4:a2:0e:51:
         0d:a3:66:87:1c:1c:5a:c6:68:f4:3c:d6:f3:43:a6:fe:34:f3:
         73:af:1a:a8
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUEVZL9bLsF6SzHKJt0aRRkhSsrH0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTUwOFoX
DTI3MDUwMTA5MjAwOFowMzExMC8GA1UEAxMoMEYzOUNCQ0RFMDdFOUQyMDREMUEx
N0Q2QUIwNTM0M0I1QTE1RjIyQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANikh5ZX6RjPneDY9sKiHmXGSbtnzYv1eUlna9/nfmbqFOZFNg2l5f3vSDrT
kjsh1DlCaKm6AIZe4KHSUYN6RB2o1bTJT7MYt3Ua976/9u+NK4tZa+9846hJVz/O
IdNT0CmfLiIPBOyCri8wdsmBf1LGiJeqDKK+GC4gwkafSkLtde2Vu3tkVFki0rXh
OKtjjhYA89wisslbyisd59bGjmsDYcmq2J2LoxvT3Ivmv1PrQr37Hpes7JAeW0ft
gyymU3V/VipKrSNxk4vCnuEFrBvHIf4Q58P3ITeDpnilr/O3JZYNMy5qaRXIiPXF
HiAbWW9JP7lPOzSu7HiDpuKpdd8CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQPOcvN
4H6dIE0aF9arBTQ7WhXyLDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQyMzA1LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQBZ6gaMA0GCSqGSIb3DQEBCwUAA4IBAQAeHLTnj6nY5ZAL+qHSuKCplMZ7
5X8DTIulSzrBrYbOugV4fU1ZLxYPEuUvBcUz4ZtCi/wMJ+xOQFQX1Xqx+22vOtO7
xJC7lkT3veONQLSq1EDq8poPGJbJzL1FX6UCsyvRyY94DCAWuf+XS6cN3ihcfhlP
gkGUiF/k2X5izLsha4Akgtu8iaKdlPnpUFqkgAS4U9QsQu2JZgUBrxB+4hJak3B6
q6MmhIYjKiWcn5VPlWfjx32P/md96XUNEc+H3KfkoM3OJ6onr+iPlTXSp1blCeCp
/BxCT1ZpD00mm0kUXyMdX39kQsSiDlENo2aHHBxaxmj0PNbzQ6b+NPNzrxqo
-----END CERTIFICATE-----