Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142184.roa
File:                     AS142184.roa (raw, json)
Hash identifier:          4tDuRHU0ZvtAz4kRLA9fgZV7W2UWV6YHcLp13yn6pPA=
Subject key identifier:   75:0C:1A:C4:3C:C3:20:0C:02:C0:4A:C0:A8:24:F7:88:82:29:F8:92
Certificate issuer:       /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial:       350A020A56EB55699067F16648A10098B7ADC8E3
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142184.roa
Signing time:             Thu 05 Feb 2026 07:37:25 +0000
ROA not before:           Thu 05 Feb 2026 07:32:25 +0000
ROA not after:            Thu 04 Feb 2027 07:37:25 +0000
asID:                     142184
IP address blocks:        144.79.244.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 05 Mar 2026 02:45:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:0a:02:0a:56:eb:55:69:90:67:f1:66:48:a1:00:98:b7:ad:c8:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
        Validity
            Not Before: Feb  5 07:32:25 2026 GMT
            Not After : Feb  4 07:37:25 2027 GMT
        Subject: CN=750C1AC43CC3200C02C04AC0A824F7888229F892
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:2c:e1:61:41:bc:31:87:ec:b6:03:14:97:f4:
                    b0:46:4c:55:c3:e6:15:86:7c:f7:8d:53:a4:37:89:
                    ed:cd:98:e6:3e:77:19:e4:ff:75:7e:c8:5e:8a:7b:
                    d5:d6:16:76:f4:ef:f7:74:bd:04:a0:b4:70:07:09:
                    24:c6:91:40:82:0a:2f:4d:9d:9f:72:94:cf:c3:af:
                    cb:5e:0f:dd:e0:81:c7:6a:22:90:bd:f7:6c:60:65:
                    57:32:8f:cd:41:e7:66:ea:81:0a:8a:48:dc:15:37:
                    84:96:90:b7:0b:47:07:0a:ea:4a:e1:75:28:13:4f:
                    6d:b2:79:49:ea:b1:74:2b:fe:53:7b:15:af:e2:d9:
                    f0:7c:71:a9:5f:ca:51:24:ec:a6:bf:d3:c6:da:b8:
                    e3:09:78:fa:9a:73:09:c6:58:b9:30:42:f3:b1:72:
                    00:03:56:b9:cd:64:f6:70:0b:aa:b6:c2:09:f9:76:
                    1c:31:97:67:cf:d2:d6:34:49:49:26:8c:0e:77:db:
                    1a:1e:09:9d:88:95:52:b6:50:04:be:d4:a6:bc:2c:
                    4e:2d:d9:2b:55:ff:8a:41:9f:e1:d8:5e:9f:24:68:
                    32:7e:46:9e:93:d2:f9:49:96:e2:d2:00:f8:c3:ae:
                    86:08:45:25:5f:e1:41:cf:86:d8:d5:5b:66:03:9b:
                    72:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:0C:1A:C4:3C:C3:20:0C:02:C0:4A:C0:A8:24:F7:88:82:29:F8:92
            X509v3 Authority Key Identifier:
                keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142184.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.79.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:34:ed:0b:20:7d:7d:ed:00:84:38:4b:26:85:e6:45:bb:80:
         59:5b:56:f4:1a:11:b6:00:e9:9d:2b:e6:1b:cd:c8:7e:d5:b7:
         d8:d0:9a:f6:ee:ca:86:b1:2d:ec:cf:95:ae:ce:00:f2:bf:8c:
         24:64:ad:b1:a0:df:c2:c9:75:ac:2e:49:69:97:97:01:68:7a:
         50:da:4b:14:ae:41:d7:3a:d3:50:81:11:68:8b:21:3d:35:a0:
         3f:66:e8:31:41:18:ae:ef:e3:e1:9a:b9:58:79:a3:f9:fa:d1:
         ad:9e:5f:fa:f1:64:58:02:65:c0:91:f6:ab:c3:20:44:55:1a:
         d6:74:14:b2:f2:87:c6:3b:5c:51:06:bc:cc:21:f5:b0:37:c1:
         fa:00:5e:cc:c9:5d:32:db:8b:f6:be:03:4a:17:97:30:da:83:
         33:00:92:44:d2:c3:ac:9e:39:58:28:b0:18:cc:8c:3d:3f:6a:
         1e:24:31:97:39:b5:63:4c:62:4c:b5:8f:0b:f4:bd:34:46:2b:
         fd:6f:95:e9:51:aa:ac:1d:9b:1f:cd:77:6e:5b:51:16:4e:ab:
         7f:a3:54:43:32:47:c6:70:8b:1c:4d:3b:3f:16:16:19:44:7f:
         30:42:6b:5d:66:cd:0f:58:a5:3a:f7:71:a1:d3:83:e0:11:ad:
         b8:35:50:04
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUNQoCClbrVWmQZ/FmSKEAmLetyOMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDIwNTA3MzIyNVoX
DTI3MDIwNDA3MzcyNVowMzExMC8GA1UEAxMoNzUwQzFBQzQzQ0MzMjAwQzAyQzA0
QUMwQTgyNEY3ODg4MjI5Rjg5MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPQs4WFBvDGH7LYDFJf0sEZMVcPmFYZ8941TpDeJ7c2Y5j53GeT/dX7IXop7
1dYWdvTv93S9BKC0cAcJJMaRQIIKL02dn3KUz8Ovy14P3eCBx2oikL33bGBlVzKP
zUHnZuqBCopI3BU3hJaQtwtHBwrqSuF1KBNPbbJ5SeqxdCv+U3sVr+LZ8HxxqV/K
USTspr/Txtq44wl4+ppzCcZYuTBC87FyAANWuc1k9nALqrbCCfl2HDGXZ8/S1jRJ
SSaMDnfbGh4JnYiVUrZQBL7UprwsTi3ZK1X/ikGf4dhenyRoMn5GnpPS+UmW4tIA
+MOuhghFJV/hQc+G2NVbZgObcgUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBR1DBrE
PMMgDALASsCoJPeIgin4kjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE0MjE4NC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAJBP9DANBgkqhkiG9w0BAQsFAAOCAQEAQjTtCyB9fe0AhDhLJoXm
RbuAWVtW9BoRtgDpnSvmG83IftW32NCa9u7KhrEt7M+Vrs4A8r+MJGStsaDfwsl1
rC5JaZeXAWh6UNpLFK5B1zrTUIERaIshPTWgP2boMUEYru/j4Zq5WHmj+frRrZ5f
+vFkWAJlwJH2q8MgRFUa1nQUsvKHxjtcUQa8zCH1sDfB+gBezMldMtuL9r4DSheX
MNqDMwCSRNLDrJ45WCiwGMyMPT9qHiQxlzm1Y0xiTLWPC/S9NEYr/W+V6VGqrB2b
H813bltRFk6rf6NUQzJHxnCLHE07PxYWGUR/MEJrXWbND1ilOvdxodOD4BGtuDVQ
BA==
-----END CERTIFICATE-----