Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS154657.roa
File:                     AS154657.roa (raw, json)
Hash identifier:          WOkMWgw6bzRdQZR4rbyFmbNZwGjTfsTfR7z3/zPiDq8=
Subject key identifier:   FC:87:DD:48:1A:0B:F1:77:22:6E:45:A6:C3:02:50:94:83:73:ED:84
Certificate issuer:       /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
Certificate serial:       09D056940186673466D1CF904483BB64AFC34F05
Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS154657.roa
Signing time:             Wed 06 May 2026 09:11:26 +0000
ROA not before:           Wed 06 May 2026 09:06:26 +0000
ROA not after:            Wed 05 May 2027 09:11:26 +0000
asID:                     154657
IP address blocks:        162.4.78.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 13 May 2026 07:47:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:d0:56:94:01:86:67:34:66:d1:cf:90:44:83:bb:64:af:c3:4f:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362
        Validity
            Not Before: May  6 09:06:26 2026 GMT
            Not After : May  5 09:11:26 2027 GMT
        Subject: CN=FC87DD481A0BF177226E45A6C30250948373ED84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:1b:36:f0:54:04:59:b2:75:f4:7d:2e:04:34:
                    1a:7d:66:11:8a:93:78:d7:29:f1:f1:65:64:b9:ca:
                    03:b6:97:87:b0:67:8f:ae:b3:b4:07:5a:da:e0:8a:
                    ee:4d:73:47:4d:1e:6a:77:3e:bd:ec:65:22:44:bb:
                    ad:d7:f3:6a:a8:d2:aa:8a:95:2b:77:54:ac:bc:36:
                    68:99:9f:89:c8:f7:cd:56:26:ac:c8:16:7e:ae:e0:
                    eb:8f:c1:1d:2e:e1:0f:b0:80:bb:bf:ce:b8:2f:2f:
                    e3:e5:d1:15:77:74:e9:ae:27:ef:b1:0d:5c:5e:cc:
                    e9:2c:a3:70:46:78:fe:63:69:79:cd:54:0b:83:bc:
                    7b:ba:4a:01:ec:2d:56:34:eb:a8:99:fb:17:dd:53:
                    d3:85:14:46:7c:27:c0:52:fb:5c:00:85:d5:71:65:
                    4a:5d:82:79:e3:03:2b:9c:b2:99:7a:e5:39:f8:5a:
                    5e:8f:d9:1f:8a:83:21:ae:bc:b2:ab:17:44:33:58:
                    9b:a4:5f:43:f4:7c:5e:6b:8c:1a:a9:2b:cf:2f:63:
                    8a:31:3f:1e:88:0f:a1:29:e1:83:28:45:4e:5a:59:
                    0d:1f:b9:0c:a8:12:93:af:49:cd:5e:1c:dc:ef:56:
                    cb:22:6f:41:45:57:4f:78:14:83:0b:31:7e:18:af:
                    36:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:87:DD:48:1A:0B:F1:77:22:6E:45:A6:C3:02:50:94:83:73:ED:84
            X509v3 Authority Key Identifier:
                keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS154657.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.4.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:6f:ec:b8:ee:c8:3d:b6:2b:21:f9:ee:59:58:49:44:8d:b2:
         92:f8:b3:00:f4:3f:ca:56:c7:39:5e:bf:df:b6:6d:2d:6b:59:
         9d:bc:58:cf:6c:5b:cc:b4:a3:c6:3a:59:08:cf:88:f5:bf:f3:
         f1:8b:ce:3e:41:bc:ff:81:e7:30:d9:a6:25:ae:7b:24:8e:3f:
         3b:07:f6:ad:5e:71:37:0e:d8:ce:31:18:51:ee:a4:cc:ac:f4:
         5a:45:04:bf:a7:54:55:53:65:01:98:49:48:cb:96:6c:f5:05:
         ec:dd:ab:27:ab:cd:9f:86:f5:ef:e9:8b:db:72:55:7f:dd:59:
         33:dc:64:49:e7:c0:e6:70:c6:5f:d7:2f:e2:21:d5:9c:dd:31:
         47:83:f2:a7:a5:92:59:28:d5:1d:f7:62:7b:a6:e6:a9:a6:e3:
         3b:c2:c8:10:1f:75:fa:ed:6e:d0:6a:41:01:2e:8b:2f:96:0e:
         51:87:37:49:d2:a5:2b:be:35:de:b8:92:2b:30:bb:20:7e:07:
         54:c6:61:83:48:94:7a:00:0a:77:10:ee:74:61:5d:a2:07:bb:
         1c:d2:e5:df:ca:a8:a4:d1:13:a0:83:20:f4:de:72:60:55:cb:
         2f:e1:91:3c:be:ed:36:e8:c4:f3:74:87:87:72:d1:d1:a8:83:
         18:52:7d:2e
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUCdBWlAGGZzRm0c+QRIO7ZK/DTwUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0
NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwNjA5MDYyNloX
DTI3MDUwNTA5MTEyNlowMzExMC8GA1UEAxMoRkM4N0RENDgxQTBCRjE3NzIyNkU0
NUE2QzMwMjUwOTQ4MzczRUQ4NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPwbNvBUBFmydfR9LgQ0Gn1mEYqTeNcp8fFlZLnKA7aXh7Bnj66ztAda2uCK
7k1zR00eanc+vexlIkS7rdfzaqjSqoqVK3dUrLw2aJmficj3zVYmrMgWfq7g64/B
HS7hD7CAu7/OuC8v4+XRFXd06a4n77ENXF7M6SyjcEZ4/mNpec1UC4O8e7pKAewt
VjTrqJn7F91T04UURnwnwFL7XACF1XFlSl2CeeMDK5yymXrlOfhaXo/ZH4qDIa68
sqsXRDNYm6RfQ/R8XmuMGqkrzy9jijE/HogPoSnhgyhFTlpZDR+5DKgSk69JzV4c
3O9WyyJvQUVXT3gUgwsxfhivNhcCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBT8h91I
GgvxdyJuRabDAlCUg3PthDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT
YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB
NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG
MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz
Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTU0NjU3LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQAogROMA0GCSqGSIb3DQEBCwUAA4IBAQBYb+y47sg9tish+e5ZWElEjbKS
+LMA9D/KVsc5Xr/ftm0ta1mdvFjPbFvMtKPGOlkIz4j1v/Pxi84+Qbz/gecw2aYl
rnskjj87B/atXnE3DtjOMRhR7qTMrPRaRQS/p1RVU2UBmElIy5Zs9QXs3asnq82f
hvXv6YvbclV/3Vkz3GRJ58DmcMZf1y/iIdWc3TFHg/KnpZJZKNUd92J7puappuM7
wsgQH3X67W7QakEBLosvlg5RhzdJ0qUrvjXeuJIrMLsgfgdUxmGDSJR6AAp3EO50
YV2iB7sc0uXfyqik0ROggyD03nJgVcsv4ZE8vu026MTzdIeHctHRqIMYUn0u
-----END CERTIFICATE-----