Route Origin Authorization

$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS142362.roa
File:                     AS142362.roa (raw, json)
Hash identifier:          AfWalyx3GEW/hkhfpjtnODrz5qY+Vs7HIZC8y52YmdU=
Subject key identifier:   AB:FB:D1:63:5B:74:00:BA:6A:18:F6:C3:61:BB:49:BA:A7:8C:20:1B
Certificate issuer:       /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
Certificate serial:       3AD205373F6A9467FB8DE72348F80E75763B7D60
Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS142362.roa
Signing time:             Mon 11 May 2026 03:29:09 +0000
ROA not before:           Mon 11 May 2026 03:24:09 +0000
ROA not after:            Mon 10 May 2027 03:29:09 +0000
asID:                     142362
IP address blocks:        103.169.232.0/23 maxlen: 24
                          103.169.232.0/24 maxlen: 24
                          103.169.233.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 13 May 2026 09:32:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:d2:05:37:3f:6a:94:67:fb:8d:e7:23:48:f8:0e:75:76:3b:7d:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E
        Validity
            Not Before: May 11 03:24:09 2026 GMT
            Not After : May 10 03:29:09 2027 GMT
        Subject: CN=ABFBD1635B7400BA6A18F6C361BB49BAA78C201B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ff:95:e8:8e:37:77:f1:b4:b9:6d:33:47:84:
                    03:57:5f:ce:95:df:94:dd:47:b5:aa:12:80:2a:b2:
                    07:e7:7c:94:bb:75:db:35:fa:6f:f0:5f:83:97:d3:
                    f4:64:f0:f7:d7:aa:b8:53:a3:0e:21:5e:d0:c6:51:
                    8a:fb:cf:89:53:e4:c3:78:40:4b:9b:c0:45:97:73:
                    20:83:e5:11:9e:78:26:99:19:56:63:da:71:0f:ce:
                    5c:07:d9:43:5a:da:61:9f:69:e3:42:04:02:87:be:
                    60:8a:55:82:36:e2:c5:33:30:6c:c5:1d:c7:1e:4c:
                    b2:dc:37:4d:44:9d:25:1c:35:85:6e:a9:40:45:09:
                    cd:4d:a2:10:57:bf:49:60:5b:56:2e:f6:c6:92:9c:
                    27:4b:c6:d0:99:53:20:33:fa:d1:ba:b3:af:4c:37:
                    ab:44:08:45:d8:7f:1a:63:c4:2c:12:66:37:14:9d:
                    1f:31:5c:50:40:c9:56:d9:f9:24:f5:a0:c2:40:59:
                    fc:7a:0a:4e:c0:54:ff:46:76:54:e5:91:49:83:9c:
                    45:65:97:c9:31:a5:1d:a7:bc:fd:fc:80:25:8c:c1:
                    fa:53:9e:c0:4b:27:26:f4:01:dd:80:00:03:27:16:
                    08:f6:bd:74:25:69:43:9f:f0:a2:54:0b:38:9c:d9:
                    97:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:FB:D1:63:5B:74:00:BA:6A:18:F6:C3:61:BB:49:BA:A7:8C:20:1B
            X509v3 Authority Key Identifier:
                keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS142362.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.169.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         12:aa:16:66:de:72:45:f5:46:05:4a:25:f6:69:f7:86:16:3a:
         f2:0c:f0:94:aa:cc:69:f0:26:20:75:6e:72:d2:d6:c6:e0:26:
         32:e5:48:8f:a2:93:42:b9:d7:a6:4c:3a:8f:e4:1e:71:2f:b6:
         d5:dc:db:01:41:b9:2f:7a:54:57:a0:08:e7:a5:2f:b0:bd:26:
         c6:f0:cc:88:79:07:4e:ea:7c:77:07:a6:05:69:33:78:17:32:
         02:4a:b0:74:13:b2:d3:48:ba:aa:8f:99:d6:bd:3f:97:01:8d:
         ac:ce:ec:aa:38:5e:d2:5e:e6:90:54:a0:44:70:1a:af:42:fc:
         bf:05:8a:22:60:2e:79:83:c3:5e:3e:3f:2a:f3:03:7a:72:e2:
         e2:62:e7:22:95:d8:0f:ff:ef:1e:b7:9b:88:46:ca:da:e4:fd:
         40:e2:07:7c:6f:91:45:49:0d:48:86:34:ef:e9:3f:99:75:86:
         de:c2:17:18:27:ab:2e:3a:f2:75:11:4a:f2:43:c9:0d:2e:49:
         50:59:71:5f:18:d3:02:ec:28:2c:34:2d:f7:ea:88:54:71:fd:
         b7:ee:0b:a5:c2:82:31:0f:7f:42:49:54:4f:e1:25:72:7e:01:
         09:f4:5e:23:2f:08:65:64:a3:ae:b0:ed:45:65:d7:57:ca:c3:
         2b:d2:94:db
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIUOtIFNz9qlGf7jecjSPgOdXY7fWAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4
QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUxMTAzMjQwOVoX
DTI3MDUxMDAzMjkwOVowMzExMC8GA1UEAxMoQUJGQkQxNjM1Qjc0MDBCQTZBMThG
NkMzNjFCQjQ5QkFBNzhDMjAxQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM//leiON3fxtLltM0eEA1dfzpXflN1HtaoSgCqyB+d8lLt12zX6b/Bfg5fT
9GTw99equFOjDiFe0MZRivvPiVPkw3hAS5vARZdzIIPlEZ54JpkZVmPacQ/OXAfZ
Q1raYZ9p40IEAoe+YIpVgjbixTMwbMUdxx5Mstw3TUSdJRw1hW6pQEUJzU2iEFe/
SWBbVi72xpKcJ0vG0JlTIDP60bqzr0w3q0QIRdh/GmPELBJmNxSdHzFcUEDJVtn5
JPWgwkBZ/HoKTsBU/0Z2VOWRSYOcRWWXyTGlHae8/fyAJYzB+lOewEsnJvQB3YAA
AycWCPa9dCVpQ5/wolQLOJzZl/sCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSr+9Fj
W3QAumoY9sNhu0m6p4wgGzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu
njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp
LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5
NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG
AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG
NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO
OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v
cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQyMzYyLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQBZ6noMA0GCSqGSIb3DQEBCwUAA4IBAQASqhZm3nJF9UYFSiX2afeGFjry
DPCUqsxp8CYgdW5y0tbG4CYy5UiPopNCudemTDqP5B5xL7bV3NsBQbkvelRXoAjn
pS+wvSbG8MyIeQdO6nx3B6YFaTN4FzICSrB0E7LTSLqqj5nWvT+XAY2szuyqOF7S
XuaQVKBEcBqvQvy/BYoiYC55g8NePj8q8wN6cuLiYucildgP/+8et5uIRsra5P1A
4gd8b5FFSQ1IhjTv6T+ZdYbewhcYJ6suOvJ1EUryQ8kNLklQWXFfGNMC7CgsNC33
6ohUcf237gulwoIxD39CSVRP4SVyfgEJ9F4jLwhlZKOusO1FZddXysMr0pTb
-----END CERTIFICATE-----