Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS135438.roa
File:                     AS135438.roa (raw, json)
Hash identifier:          5ohgnRsY18OCYKWay0XUGYyxw/DNkGhtdCQjfEaTt3k=
Subject key identifier:   F1:F6:0B:52:C7:FA:1C:36:93:82:99:2D:4C:80:FD:78:64:14:C6:14
Certificate issuer:       /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial:       19CCE8236BD9D2D8541CF4A8A406A313ADFA72CF
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS135438.roa
Signing time:             Tue 05 Aug 2025 08:49:06 +0000
ROA not before:           Tue 05 Aug 2025 08:44:06 +0000
ROA not after:            Tue 04 Aug 2026 08:49:06 +0000
asID:                     135438
IP address blocks:        165.101.200.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 08:19:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:cc:e8:23:6b:d9:d2:d8:54:1c:f4:a8:a4:06:a3:13:ad:fa:72:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
        Validity
            Not Before: Aug  5 08:44:06 2025 GMT
            Not After : Aug  4 08:49:06 2026 GMT
        Subject: CN=F1F60B52C7FA1C369382992D4C80FD786414C614
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:9d:a3:63:91:a9:52:d0:f0:0c:81:08:7b:96:
                    21:a0:be:35:22:da:cc:ef:75:9b:9c:fd:df:75:02:
                    9a:b6:f4:69:7b:80:ee:2e:ad:7a:7f:a5:18:3c:02:
                    73:25:a3:08:e3:23:ef:7d:23:d9:8a:db:bd:c1:0e:
                    04:e0:81:b0:cf:fe:cd:83:0d:bd:d9:d8:b0:9a:9f:
                    fc:3b:e8:0c:28:45:72:bc:48:ba:a7:7e:be:0a:76:
                    19:33:af:0a:7e:84:52:91:88:67:76:e5:51:0a:ea:
                    46:f1:c0:1b:e8:68:39:a3:2f:ee:d7:e4:a7:34:f0:
                    45:0f:9d:36:22:c9:09:c3:b8:5e:50:4e:1c:0b:ef:
                    70:35:2f:fe:a3:2f:86:18:15:47:63:00:1d:1f:f1:
                    84:60:90:cf:ba:c6:62:d0:29:03:51:47:30:c0:3a:
                    49:33:23:1f:5d:50:e1:5c:a9:56:6c:44:d5:d1:ac:
                    5d:59:c7:df:0d:7e:ec:22:16:35:1d:02:0f:e6:fc:
                    08:df:19:c1:bf:04:ed:72:01:68:79:f4:09:d9:3e:
                    1f:9f:0d:f2:ee:b8:eb:3b:fe:43:81:0c:8a:5c:fc:
                    86:e9:8c:52:cd:27:bb:6c:81:eb:01:27:63:b9:72:
                    66:88:80:60:4b:be:21:22:4e:c7:62:32:a4:92:07:
                    74:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:F6:0B:52:C7:FA:1C:36:93:82:99:2D:4C:80:FD:78:64:14:C6:14
            X509v3 Authority Key Identifier:
                keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS135438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.101.200.0/23

    Signature Algorithm: sha256WithRSAEncryption
         68:f3:dd:47:77:72:e2:a5:c6:e1:aa:17:38:84:b0:a3:b8:68:
         5e:b5:ea:20:1a:9b:99:11:5e:cd:02:05:e5:3c:8f:73:cb:7b:
         99:de:d6:61:78:20:14:26:24:e3:e3:f6:67:9c:9b:23:ac:41:
         76:95:87:e7:1e:0f:5f:fe:81:9a:18:4e:ac:91:0a:4b:9f:4d:
         77:68:a0:91:d7:a2:97:52:a3:c7:39:26:17:f7:74:b9:88:46:
         bd:41:d1:73:a9:f4:2f:80:60:e2:b2:4e:25:23:cf:32:6f:7b:
         6d:68:2f:31:65:19:ab:3e:f8:20:32:45:10:3d:f7:e3:26:d9:
         d6:43:ea:8c:14:6c:e4:0c:bf:a6:93:59:ea:07:f7:2d:68:f4:
         03:8a:04:2a:af:00:5f:ca:16:43:6f:9e:e6:93:90:f5:a9:c3:
         0b:f7:14:12:d2:be:18:16:2e:90:8c:6b:d4:22:1b:41:55:a2:
         f5:11:76:66:a2:90:2f:b3:69:a3:c9:2e:5c:a3:b7:32:2b:f6:
         d3:7f:25:e8:7c:d5:d5:6c:ff:bb:e5:35:17:a7:37:d2:50:1f:
         27:74:0c:ea:1f:23:02:31:1c:55:62:a3:71:4b:a8:7c:93:89:
         25:35:93:f6:84:f6:8f:93:de:cf:a0:a6:8a:23:20:54:2b:65:
         d6:85:ee:c6
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUGczoI2vZ0thUHPSopAajE636cs8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDgwNTA4NDQwNloX
DTI2MDgwNDA4NDkwNlowMzExMC8GA1UEAxMoRjFGNjBCNTJDN0ZBMUMzNjkzODI5
OTJENEM4MEZENzg2NDE0QzYxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANedo2ORqVLQ8AyBCHuWIaC+NSLazO91m5z933UCmrb0aXuA7i6ten+lGDwC
cyWjCOMj730j2YrbvcEOBOCBsM/+zYMNvdnYsJqf/DvoDChFcrxIuqd+vgp2GTOv
Cn6EUpGIZ3blUQrqRvHAG+hoOaMv7tfkpzTwRQ+dNiLJCcO4XlBOHAvvcDUv/qMv
hhgVR2MAHR/xhGCQz7rGYtApA1FHMMA6STMjH11Q4VypVmxE1dGsXVnH3w1+7CIW
NR0CD+b8CN8Zwb8E7XIBaHn0Cdk+H58N8u646zv+Q4EMilz8humMUs0nu2yB6wEn
Y7lyZoiAYEu+ISJOx2IypJIHdDsCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTx9gtS
x/ocNpOCmS1MgP14ZBTGFDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzNTQzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaVlyDANBgkqhkiG9w0BAQsFAAOCAQEAaPPdR3dy4qXG4aoXOISw
o7hoXrXqIBqbmRFezQIF5TyPc8t7md7WYXggFCYk4+P2Z5ybI6xBdpWH5x4PX/6B
mhhOrJEKS59Nd2igkdeil1KjxzkmF/d0uYhGvUHRc6n0L4Bg4rJOJSPPMm97bWgv
MWUZqz74IDJFED334ybZ1kPqjBRs5Ay/ppNZ6gf3LWj0A4oEKq8AX8oWQ2+e5pOQ
9anDC/cUEtK+GBYukIxr1CIbQVWi9RF2ZqKQL7Npo8kuXKO3Miv2038l6HzV1Wz/
u+U1F6c30lAfJ3QM6h8jAjEcVWKjcUuofJOJJTWT9oT2j5Pez6CmiiMgVCtl1oXu
xg==
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:16:59 2025 by rpki-client