Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142639.roa
File:                     AS142639.roa (raw, json)
Hash identifier:          BtdGZ5SjpOlYzNNwL70mjPZw9oVcJRblmO3XHnSuB2U=
Subject key identifier:   B7:E6:B8:43:88:E3:68:F0:2E:83:6C:5D:74:66:F1:27:2B:AC:27:D7
Certificate issuer:       /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial:       6EE45B14E016DC688E73A9CE18A9B7EF6891AD2D
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142639.roa
Signing time:             Tue 10 Feb 2026 14:31:36 +0000
ROA not before:           Tue 10 Feb 2026 14:26:36 +0000
ROA not after:            Tue 09 Feb 2027 14:31:36 +0000
asID:                     142639
IP address blocks:        198.15.16.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 05 Mar 2026 02:45:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:e4:5b:14:e0:16:dc:68:8e:73:a9:ce:18:a9:b7:ef:68:91:ad:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
        Validity
            Not Before: Feb 10 14:26:36 2026 GMT
            Not After : Feb  9 14:31:36 2027 GMT
        Subject: CN=B7E6B84388E368F02E836C5D7466F1272BAC27D7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:fc:cf:31:7e:ef:14:51:5f:64:72:d8:93:a0:
                    0b:0e:94:a6:f9:bc:fd:02:29:29:81:41:ec:9c:94:
                    86:17:d5:cc:7e:48:74:e8:ba:90:d4:d9:48:75:01:
                    77:ef:74:6e:37:8b:b6:b8:1e:e4:11:b3:26:10:b6:
                    44:80:f7:59:9c:53:c2:37:a0:04:a8:77:15:2d:ad:
                    de:ac:c7:90:b5:22:d0:c8:b6:0a:b5:19:af:c2:b0:
                    a6:8f:72:b9:f7:e4:e5:b8:c2:a0:05:ad:3b:37:c1:
                    d3:69:bc:8e:c1:75:69:b5:94:8d:bc:f6:d3:3c:79:
                    25:79:d7:4d:51:d6:99:d2:2f:79:d6:52:f7:e4:38:
                    5c:18:a8:53:c3:ce:55:81:fe:2d:cd:a8:5d:24:3f:
                    a3:ab:a2:1f:ea:2f:dd:97:9a:89:1f:8d:8b:a5:ef:
                    d9:e9:9b:b2:75:3d:29:0f:3b:81:13:c3:bb:fc:45:
                    27:5e:86:d9:7b:af:2a:f4:d8:db:42:30:2d:86:4b:
                    19:11:75:23:b3:38:29:12:54:db:be:76:a0:e9:01:
                    c6:5a:68:00:48:5d:5c:17:92:db:ad:80:14:0a:35:
                    32:be:3d:f5:38:04:43:3a:2e:ec:6b:47:ce:1a:ca:
                    ae:55:58:0a:e8:c4:dd:b2:e1:2a:b4:d0:00:fd:f0:
                    7c:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:E6:B8:43:88:E3:68:F0:2E:83:6C:5D:74:66:F1:27:2B:AC:27:D7
            X509v3 Authority Key Identifier:
                keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.15.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:86:a1:c5:b3:bb:91:ae:4a:d1:97:53:51:84:7f:5b:8b:87:
         6b:46:3b:93:c3:d8:4b:25:7c:bd:80:3a:49:ef:a5:3d:3b:d5:
         18:31:11:a6:30:08:2e:47:c4:c0:f6:f0:eb:02:ba:ed:e4:d7:
         0c:d2:e3:d8:cd:f1:1d:5b:d2:58:20:4b:21:3b:05:0d:cf:b3:
         0f:df:86:6a:d1:ee:f2:2f:f3:8a:93:44:28:b2:35:95:1f:18:
         5f:7b:6c:65:fa:c3:5b:80:ce:9d:e9:30:d7:c4:ba:10:1c:bc:
         fe:0f:03:77:cf:9f:51:d8:f4:67:b9:14:42:c2:c4:7e:b1:52:
         f2:8a:6e:1d:f2:41:67:18:b8:42:29:d3:db:7c:d3:6f:76:56:
         94:14:23:8b:87:66:97:4f:70:5e:c1:43:83:ea:80:ca:10:c0:
         77:93:c4:78:47:ec:2b:32:13:31:5c:d5:35:c4:2c:a4:0c:33:
         44:0f:9f:20:67:3b:51:e2:b5:4a:d3:14:b7:b6:2b:98:3e:a4:
         dc:14:25:83:d1:6b:95:2a:8e:67:af:f7:14:14:de:d6:ee:0b:
         49:12:a2:9b:97:c0:e8:fc:60:d3:0f:5a:a3:b7:e3:45:be:e9:
         f0:e6:9d:17:37:75:c6:bb:b5:e1:f0:d9:da:0e:03:af:c6:b5:
         87:e2:c1:05
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUbuRbFOAW3GiOc6nOGKm372iRrS0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDIxMDE0MjYzNloX
DTI3MDIwOTE0MzEzNlowMzExMC8GA1UEAxMoQjdFNkI4NDM4OEUzNjhGMDJFODM2
QzVENzQ2NkYxMjcyQkFDMjdENzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANb8zzF+7xRRX2Ry2JOgCw6Upvm8/QIpKYFB7JyUhhfVzH5IdOi6kNTZSHUB
d+90bjeLtrge5BGzJhC2RID3WZxTwjegBKh3FS2t3qzHkLUi0Mi2CrUZr8Kwpo9y
uffk5bjCoAWtOzfB02m8jsF1abWUjbz20zx5JXnXTVHWmdIvedZS9+Q4XBioU8PO
VYH+Lc2oXSQ/o6uiH+ov3ZeaiR+Ni6Xv2embsnU9KQ87gRPDu/xFJ16G2XuvKvTY
20IwLYZLGRF1I7M4KRJU2752oOkBxlpoAEhdXBeS262AFAo1Mr499TgEQzou7GtH
zhrKrlVYCujE3bLhKrTQAP3wfDMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBS35rhD
iONo8C6DbF10ZvEnK6wn1zAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE0MjYzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAMYPEDANBgkqhkiG9w0BAQsFAAOCAQEAl4ahxbO7ka5K0ZdTUYR/
W4uHa0Y7k8PYSyV8vYA6Se+lPTvVGDERpjAILkfEwPbw6wK67eTXDNLj2M3xHVvS
WCBLITsFDc+zD9+GatHu8i/zipNEKLI1lR8YX3tsZfrDW4DOnekw18S6EBy8/g8D
d8+fUdj0Z7kUQsLEfrFS8opuHfJBZxi4QinT23zTb3ZWlBQji4dml09wXsFDg+qA
yhDAd5PEeEfsKzITMVzVNcQspAwzRA+fIGc7UeK1StMUt7YrmD6k3BQlg9FrlSqO
Z6/3FBTe1u4LSRKim5fA6Pxg0w9ao7fjRb7p8OadFzd1xru14fDZ2g4Dr8a1h+LB
BQ==
-----END CERTIFICATE-----