Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS142342.roa
File:                     AS142342.roa (raw, json)
Hash identifier:          eYkO1tumg9WXfmoxW4XE/9+SPubHe0+paDpQfNbQxdU=
Subject key identifier:   F5:E4:2E:94:51:CF:E9:6A:6E:9C:0F:F9:DA:10:A0:D6:21:00:01:68
Certificate issuer:       /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial:       6E4C070812701AEC827F1493751F850DE0D7C4CE
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS142342.roa
Signing time:             Sat 02 May 2026 21:26:33 +0000
ROA not before:           Sat 02 May 2026 21:21:33 +0000
ROA not after:            Sat 01 May 2027 21:26:33 +0000
asID:                     142342
IP address blocks:        2001:df2:2c40::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 04 May 2026 01:58:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:4c:07:08:12:70:1a:ec:82:7f:14:93:75:1f:85:0d:e0:d7:c4:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
        Validity
            Not Before: May  2 21:21:33 2026 GMT
            Not After : May  1 21:26:33 2027 GMT
        Subject: CN=F5E42E9451CFE96A6E9C0FF9DA10A0D621000168
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:c9:f4:b4:1a:4d:13:58:be:08:9c:fe:70:51:
                    5d:8c:53:2f:f5:32:8d:af:5a:75:4e:7b:f4:4f:db:
                    27:f7:d5:2c:c8:70:6e:ce:fc:f2:bb:49:41:39:b4:
                    39:83:6e:27:45:80:99:10:83:69:35:09:b3:a2:11:
                    c4:8a:5d:fc:a8:57:3b:80:49:ca:2e:25:8c:a3:e7:
                    ef:ac:26:04:f8:19:4e:22:f5:21:3b:7a:42:f7:8f:
                    cf:e3:09:e9:f2:7f:24:e1:7b:76:5d:6b:3b:dd:1c:
                    8f:95:f2:c0:f0:f4:87:f7:6f:cf:ea:78:c0:8c:f8:
                    86:2e:29:93:9a:d6:0d:23:a2:70:c5:7a:9b:48:8d:
                    62:64:0b:67:50:99:c2:89:00:cf:43:96:96:e8:28:
                    89:35:c3:d7:8f:ae:e6:8b:9c:7e:8e:9e:37:3b:43:
                    12:d4:46:88:b2:e2:df:87:52:97:de:b4:40:c4:b6:
                    96:10:da:4f:16:41:de:df:b3:8b:01:4c:7c:3c:05:
                    32:ec:5e:d7:8d:ea:54:4c:5d:0d:58:2b:98:76:81:
                    56:37:a7:80:44:a0:b0:ce:90:6a:86:16:72:59:5e:
                    11:97:72:0c:af:cf:3f:62:57:9e:c5:ee:fc:1f:b6:
                    a5:20:20:f1:62:80:cf:ec:57:cc:55:5b:7c:76:ed:
                    14:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:E4:2E:94:51:CF:E9:6A:6E:9C:0F:F9:DA:10:A0:D6:21:00:01:68
            X509v3 Authority Key Identifier:
                keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS142342.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df2:2c40::/48

    Signature Algorithm: sha256WithRSAEncryption
         1c:e0:be:f0:18:5e:b1:d1:e0:9b:2c:1e:aa:7d:2d:3f:bc:7b:
         c9:d7:a4:c0:87:24:c8:3f:9e:da:4e:4d:f9:11:e6:36:c7:ce:
         7d:cf:cf:a9:cd:80:19:62:ae:7c:56:33:bc:1a:ff:34:12:8b:
         9a:84:af:12:53:97:2b:e2:0e:24:9f:8c:16:72:92:e7:8d:ad:
         67:e1:94:55:96:77:32:da:9b:17:99:6c:52:db:49:ea:a2:a0:
         9c:66:0b:91:b1:7e:2a:37:fa:55:0e:09:4b:3d:9a:4d:b8:0d:
         cf:01:77:87:b4:8e:7c:8e:d4:79:6b:d2:ad:86:53:ff:94:cf:
         51:9b:4b:c5:9e:b0:08:30:42:47:39:4f:18:a6:9d:80:7f:e9:
         8d:7e:ce:f8:da:c2:3a:67:7a:3a:32:70:63:73:8c:5b:a5:ea:
         95:08:ea:e9:b0:51:6e:e6:55:b2:c1:c1:24:99:96:42:ec:9d:
         14:f2:6f:45:92:de:24:d9:2d:9a:ef:49:52:d7:56:f1:83:c1:
         24:bd:87:ba:0a:b2:23:a5:92:60:80:51:5c:65:d4:31:4e:a4:
         36:47:a0:41:b2:be:17:9c:f9:bc:74:15:63:3f:80:ea:5f:e7:
         72:1d:dc:26:21:a3:f8:e0:bc:59:cb:b7:4b:f7:f0:1b:0e:2b:
         77:00:1c:bd
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUbkwHCBJwGuyCfxSTdR+FDeDXxM4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMjEzM1oX
DTI3MDUwMTIxMjYzM1owMzExMC8GA1UEAxMoRjVFNDJFOTQ1MUNGRTk2QTZFOUMw
RkY5REExMEEwRDYyMTAwMDE2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJPJ9LQaTRNYvgic/nBRXYxTL/Uyja9adU579E/bJ/fVLMhwbs788rtJQTm0
OYNuJ0WAmRCDaTUJs6IRxIpd/KhXO4BJyi4ljKPn76wmBPgZTiL1ITt6QvePz+MJ
6fJ/JOF7dl1rO90cj5XywPD0h/dvz+p4wIz4hi4pk5rWDSOicMV6m0iNYmQLZ1CZ
wokAz0OWlugoiTXD14+u5oucfo6eNztDEtRGiLLi34dSl960QMS2lhDaTxZB3t+z
iwFMfDwFMuxe143qVExdDVgrmHaBVjengESgsM6QaoYWclleEZdyDK/PP2JXnsXu
/B+2pSAg8WKAz+xXzFVbfHbtFMkCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBT15C6U
Uc/pam6cD/naEKDWIQABaDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQyMzQyLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEN8ixAMA0GCSqGSIb3DQEBCwUAA4IBAQAc4L7wGF6x0eCbLB6qfS0/
vHvJ16TAhyTIP57aTk35EeY2x859z8+pzYAZYq58VjO8Gv80EouahK8SU5cr4g4k
n4wWcpLnja1n4ZRVlncy2psXmWxS20nqoqCcZguRsX4qN/pVDglLPZpNuA3PAXeH
tI58jtR5a9KthlP/lM9Rm0vFnrAIMEJHOU8Ypp2Af+mNfs742sI6Z3o6MnBjc4xb
peqVCOrpsFFu5lWywcEkmZZC7J0U8m9Fkt4k2S2a70lS11bxg8EkvYe6CrIjpZJg
gFFcZdQxTqQ2R6BBsr4XnPm8dBVjP4DqX+dyHdwmIaP44LxZy7dL9/AbDit3ABy9
-----END CERTIFICATE-----