Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS142639.roa
File:                     AS142639.roa (raw, json)
Hash identifier:          2mm63s2q4KJ4BfBbu8hmIehCyucOWivQt5SUwvvV6bE=
Subject key identifier:   55:B3:8D:F9:79:9D:E5:5E:B5:7B:7C:80:53:E1:2B:24:5A:C1:6D:1D
Certificate issuer:       /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
Certificate serial:       2B1FE4175D731DBCC324A2CBF910B3E8C87E2750
Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS142639.roa
Signing time:             Sat 02 May 2026 21:23:03 +0000
ROA not before:           Sat 02 May 2026 21:18:03 +0000
ROA not after:            Sat 01 May 2027 21:23:03 +0000
asID:                     142639
IP address blocks:        198.15.16.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 13 May 2026 07:47:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:1f:e4:17:5d:73:1d:bc:c3:24:a2:cb:f9:10:b3:e8:c8:7e:27:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
        Validity
            Not Before: May  2 21:18:03 2026 GMT
            Not After : May  1 21:23:03 2027 GMT
        Subject: CN=55B38DF9799DE55EB57B7C8053E12B245AC16D1D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:de:06:d9:ef:7c:77:a8:4e:66:d5:a8:d7:a1:
                    a1:41:da:9f:bf:49:c9:80:95:a2:43:da:10:16:77:
                    0c:01:3f:4e:13:32:63:a4:7d:9f:cc:4a:70:5a:60:
                    cc:16:fb:fa:22:8c:be:8a:cf:c7:b8:86:30:fa:76:
                    62:e5:61:f7:ab:0b:07:df:d0:56:ad:a2:a3:45:ae:
                    cf:6e:07:16:13:3b:5a:a9:71:75:34:9d:90:61:41:
                    27:3b:30:fe:ff:7e:51:5f:1d:35:df:00:a9:e1:a3:
                    0c:0c:18:74:b2:8e:4c:12:24:25:8d:36:e3:52:17:
                    59:de:a6:ac:f1:02:ac:62:23:2a:69:e7:d3:40:71:
                    a1:78:38:bd:27:1e:54:60:b1:2b:b9:75:cb:b3:66:
                    73:92:e5:a4:3d:9f:31:72:2c:e1:50:ad:9f:e2:bb:
                    e6:19:14:1c:b6:4f:d7:6e:23:18:8c:96:79:02:96:
                    b7:a2:ee:03:2a:51:ff:1f:ee:8e:88:4b:2b:c3:6d:
                    f8:79:28:4f:57:ff:ee:f1:a4:d2:7f:bc:ca:7d:83:
                    9b:68:fa:61:cd:94:30:a3:f5:22:4a:d8:21:17:d9:
                    f9:25:8c:cb:10:75:f0:92:53:a5:25:c0:97:43:55:
                    b4:a7:e8:13:58:e9:8c:24:e0:2f:97:9e:75:88:e3:
                    37:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:B3:8D:F9:79:9D:E5:5E:B5:7B:7C:80:53:E1:2B:24:5A:C1:6D:1D
            X509v3 Authority Key Identifier:
                keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS142639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.15.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:a7:15:cf:f4:b4:29:f4:7e:37:7e:68:fe:ff:2c:74:1a:ad:
         aa:20:69:e8:cc:7d:3d:ea:aa:bb:a7:69:01:e6:b5:d2:02:32:
         67:d0:da:c5:8f:32:a4:fd:a2:dd:ba:43:f1:db:ea:f9:10:e4:
         a5:34:12:c9:9c:25:dc:74:01:af:5c:79:09:50:d9:2f:e9:27:
         41:b5:63:c7:01:fd:88:3e:a3:59:de:75:d0:e4:67:92:0d:9d:
         46:2c:b1:b0:4b:d1:20:f3:c2:d0:8a:2d:21:7d:b9:c2:19:68:
         32:f9:49:72:d5:41:2c:5b:f3:3b:af:0a:c3:8f:ef:a9:fb:70:
         76:dc:12:75:7f:cf:7d:9a:94:54:b0:1f:c4:aa:4a:ce:66:59:
         e9:13:0e:10:f3:33:7c:11:0a:92:1e:cf:53:c7:bf:be:4f:d2:
         35:9c:b3:56:05:83:24:f8:4c:96:0d:26:8a:bc:a6:3f:09:2c:
         f6:68:64:20:26:59:dd:d1:12:cb:fa:d4:14:c7:d6:d8:9e:3e:
         5b:3f:15:26:31:46:23:e0:85:e9:8b:92:80:b2:35:17:61:23:
         70:34:db:de:92:f3:b1:12:dc:d3:2b:8e:cc:5d:ca:cf:2f:95:
         3f:52:ba:37:eb:b2:66:79:d8:b5:4b:00:0b:e1:41:1d:95:59:
         a9:13:71:d1
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUKx/kF11zHbzDJKLL+RCz6Mh+J1AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0
NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjIxMTgwM1oX
DTI3MDUwMTIxMjMwM1owMzExMC8GA1UEAxMoNTVCMzhERjk3OTlERTU1RUI1N0I3
QzgwNTNFMTJCMjQ1QUMxNkQxRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/eBtnvfHeoTmbVqNehoUHan79JyYCVokPaEBZ3DAE/ThMyY6R9n8xKcFpg
zBb7+iKMvorPx7iGMPp2YuVh96sLB9/QVq2io0Wuz24HFhM7WqlxdTSdkGFBJzsw
/v9+UV8dNd8AqeGjDAwYdLKOTBIkJY0241IXWd6mrPECrGIjKmnn00BxoXg4vSce
VGCxK7l1y7Nmc5LlpD2fMXIs4VCtn+K75hkUHLZP124jGIyWeQKWt6LuAypR/x/u
johLK8Nt+HkoT1f/7vGk0n+8yn2Dm2j6Yc2UMKP1IkrYIRfZ+SWMyxB18JJTpSXA
l0NVtKfoE1jpjCTgL5eedYjjNx8CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBRVs435
eZ3lXrV7fIBT4SskWsFtHTAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT
YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB
NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG
MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz
Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTQyNjM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQAxg8QMA0GCSqGSIb3DQEBCwUAA4IBAQBqpxXP9LQp9H43fmj+/yx0Gq2q
IGnozH096qq7p2kB5rXSAjJn0NrFjzKk/aLdukPx2+r5EOSlNBLJnCXcdAGvXHkJ
UNkv6SdBtWPHAf2IPqNZ3nXQ5GeSDZ1GLLGwS9Eg88LQii0hfbnCGWgy+Uly1UEs
W/M7rwrDj++p+3B23BJ1f899mpRUsB/EqkrOZlnpEw4Q8zN8EQqSHs9Tx7++T9I1
nLNWBYMk+EyWDSaKvKY/CSz2aGQgJlnd0RLL+tQUx9bYnj5bPxUmMUYj4IXpi5KA
sjUXYSNwNNvekvOxEtzTK47MXcrPL5U/Uro367Jmedi1SwAL4UEdlVmpE3HR
-----END CERTIFICATE-----