Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS154651.roa
File:                     AS154651.roa (raw, json)
Hash identifier:          jEs6qFw26d/fQPUPURud/EC2tun4ze6jK49sDd4kqRk=
Subject key identifier:   A2:24:4F:52:4D:45:20:DD:FF:92:A0:C7:3B:FF:E7:CE:31:0B:88:90
Certificate issuer:       /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
Certificate serial:       516E30F543759691672F7FC86C782E9383C76C91
Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS154651.roa
Signing time:             Thu 07 May 2026 03:55:51 +0000
ROA not before:           Thu 07 May 2026 03:50:51 +0000
ROA not after:            Thu 06 May 2027 03:55:51 +0000
asID:                     154651
IP address blocks:        162.4.45.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 13 May 2026 07:47:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:6e:30:f5:43:75:96:91:67:2f:7f:c8:6c:78:2e:93:83:c7:6c:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
        Validity
            Not Before: May  7 03:50:51 2026 GMT
            Not After : May  6 03:55:51 2027 GMT
        Subject: CN=A2244F524D4520DDFF92A0C73BFFE7CE310B8890
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:c1:27:e2:f5:b6:0e:5c:5e:e8:1f:65:b7:93:
                    76:19:63:27:1c:c0:1a:8d:05:41:d8:9b:68:03:79:
                    8e:bd:68:5a:c2:7a:84:bf:86:2c:b5:1b:46:55:39:
                    85:70:06:27:74:f4:6e:14:8c:87:0a:23:56:a1:c7:
                    3d:42:ef:8a:dc:73:b5:8d:98:af:1f:8b:7a:1f:81:
                    29:1b:0f:a7:83:82:9b:6e:8a:48:e3:6a:8f:6f:13:
                    5c:90:3b:63:fd:f3:af:15:35:e8:38:69:86:fc:78:
                    4f:0d:7a:06:4a:d5:66:81:3e:8d:5b:86:cd:b2:1d:
                    66:4b:d2:c0:08:9b:ea:cd:7c:6d:d2:7b:a4:ef:88:
                    96:c2:d7:26:4d:fd:6a:62:3f:50:a3:fb:89:b1:57:
                    58:bd:d7:36:4a:7e:88:de:72:07:d2:f7:c4:e9:2c:
                    27:30:f6:cb:e2:19:2a:dc:0f:4c:5d:61:ca:37:2c:
                    33:ff:b6:8c:22:ce:bf:48:cc:ec:36:83:b6:f1:6a:
                    2d:30:73:34:30:28:03:a3:c1:ff:20:34:97:f0:f5:
                    6e:f6:6e:ba:8c:9f:c1:4f:e7:48:2f:8a:f3:43:f0:
                    2e:f3:70:4d:21:e7:01:00:b2:74:20:cc:d7:b4:de:
                    7a:51:c2:4e:ab:18:23:0a:d9:9f:63:01:15:4e:9c:
                    d4:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:24:4F:52:4D:45:20:DD:FF:92:A0:C7:3B:FF:E7:CE:31:0B:88:90
            X509v3 Authority Key Identifier:
                keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS154651.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.4.45.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:5e:7c:92:cf:04:a7:c8:56:20:fe:72:58:a8:b0:f0:93:3d:
         ca:77:00:b5:71:0b:ba:98:0e:b0:ab:df:92:d6:2e:79:fa:56:
         e5:98:66:3f:4a:7f:16:ec:9f:5c:ee:94:a5:4a:0a:d2:19:3b:
         87:31:b2:44:e1:c2:85:fd:6e:0c:19:fd:db:c0:43:61:03:a7:
         d8:48:4c:bd:74:f5:f0:0e:d8:04:ed:7e:8d:43:a6:d1:e2:d7:
         3c:cd:0d:af:6a:16:e9:bd:f4:23:9b:dc:7b:95:b9:eb:fe:d9:
         25:e0:09:d6:7a:91:a3:30:86:75:b5:ef:4a:2b:13:51:c2:cf:
         d7:ed:31:fd:35:96:ad:10:b0:98:6a:1e:42:f6:49:18:80:97:
         20:1d:75:8d:57:62:41:a8:b5:48:f5:73:72:49:ed:c6:a8:40:
         20:ca:9d:93:34:49:1c:48:1f:f1:7d:a7:0f:60:5f:62:e6:80:
         ea:ba:0a:42:a9:57:cc:e2:6a:9e:38:d1:e0:8e:b3:18:c7:3b:
         8a:84:8c:1f:5c:03:46:a3:31:eb:11:b3:31:b6:b7:c7:6d:95:
         7e:88:71:b8:a6:12:b4:38:1c:e1:83:75:96:cb:7b:eb:6a:f7:
         a4:9f:d8:da:c0:2e:0b:f1:4f:09:d7:bd:4e:57:ad:2c:86:2d:
         37:fe:00:8c
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUUW4w9UN1lpFnL3/IbHguk4PHbJEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0
NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwNzAzNTA1MVoX
DTI3MDUwNjAzNTU1MVowMzExMC8GA1UEAxMoQTIyNDRGNTI0RDQ1MjBEREZGOTJB
MEM3M0JGRkU3Q0UzMTBCODg5MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvBJ+L1tg5cXugfZbeTdhljJxzAGo0FQdibaAN5jr1oWsJ6hL+GLLUbRlU5
hXAGJ3T0bhSMhwojVqHHPULvitxztY2Yrx+Leh+BKRsPp4OCm26KSONqj28TXJA7
Y/3zrxU16Dhphvx4Tw16BkrVZoE+jVuGzbIdZkvSwAib6s18bdJ7pO+IlsLXJk39
amI/UKP7ibFXWL3XNkp+iN5yB9L3xOksJzD2y+IZKtwPTF1hyjcsM/+2jCLOv0jM
7DaDtvFqLTBzNDAoA6PB/yA0l/D1bvZuuoyfwU/nSC+K80PwLvNwTSHnAQCydCDM
17TeelHCTqsYIwrZn2MBFU6c1AECAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSiJE9S
TUUg3f+SoMc7/+fOMQuIkDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT
YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB
NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG
MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz
Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTU0NjUxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQAogQtMA0GCSqGSIb3DQEBCwUAA4IBAQBGXnySzwSnyFYg/nJYqLDwkz3K
dwC1cQu6mA6wq9+S1i55+lblmGY/Sn8W7J9c7pSlSgrSGTuHMbJE4cKF/W4MGf3b
wENhA6fYSEy9dPXwDtgE7X6NQ6bR4tc8zQ2vahbpvfQjm9x7lbnr/tkl4AnWepGj
MIZ1te9KKxNRws/X7TH9NZatELCYah5C9kkYgJcgHXWNV2JBqLVI9XNySe3GqEAg
yp2TNEkcSB/xfacPYF9i5oDqugpCqVfM4mqeONHgjrMYxzuKhIwfXANGozHrEbMx
trfHbZV+iHG4phK0OBzhg3WWy3vravekn9jawC4L8U8J171OV60shi03/gCM
-----END CERTIFICATE-----