Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS134526.roa
File:                     AS134526.roa (raw, json)
Hash identifier:          RKcA796RrI7iIeCXV6UA9YTujFXsZV1yLGLLSDyYJMI=
Subject key identifier:   BC:C7:0A:F4:C3:81:03:AD:FA:5A:8A:F4:07:6E:2A:7D:AB:67:35:CE
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       7E25FC7DD41D3553C1210D203B1A18ABED86FD3A
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS134526.roa
Signing time:             Tue 24 Feb 2026 02:41:00 +0000
ROA not before:           Tue 24 Feb 2026 02:36:00 +0000
ROA not after:            Tue 23 Feb 2027 02:41:00 +0000
asID:                     134526
IP address blocks:        2001:df5:bf40::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 05 Mar 2026 06:31:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:25:fc:7d:d4:1d:35:53:c1:21:0d:20:3b:1a:18:ab:ed:86:fd:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Feb 24 02:36:00 2026 GMT
            Not After : Feb 23 02:41:00 2027 GMT
        Subject: CN=BCC70AF4C38103ADFA5A8AF4076E2A7DAB6735CE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:8d:a9:3f:1b:7f:ec:44:de:90:e1:b5:7b:73:
                    25:7f:8c:64:a5:8a:2f:40:21:8c:05:24:5c:03:a5:
                    3e:ed:2d:32:2a:56:10:02:2a:7c:5c:d6:74:17:ec:
                    09:f6:a2:d6:15:3f:60:84:fa:2c:0c:82:55:1e:d0:
                    64:c2:cb:41:a5:59:ff:d5:dc:ee:44:3d:b9:0b:2a:
                    be:c1:62:f3:10:e9:cb:50:72:37:c7:d0:99:28:82:
                    06:5d:18:8a:ae:7f:57:fb:f5:32:e1:86:94:0c:56:
                    71:94:a8:db:aa:f5:e8:6c:53:62:20:14:34:45:b7:
                    64:7e:6f:e1:0d:7c:9c:6e:42:49:80:7c:95:35:77:
                    fb:35:e6:e1:e3:c3:e3:7d:ff:4c:98:fe:5e:48:78:
                    f1:ac:f2:99:8e:00:7c:0d:0a:68:a0:76:cd:5c:cc:
                    73:50:43:20:88:35:ca:a1:1b:ad:33:a2:44:a9:b0:
                    d8:e4:82:da:c0:1b:f7:95:d4:7c:e6:d3:9a:84:d7:
                    a2:6d:c7:9f:aa:99:f9:93:4c:f0:a4:d4:6a:a3:f3:
                    b5:51:45:10:08:be:3f:74:5b:97:38:75:e6:37:a6:
                    9a:49:14:59:75:d8:a8:30:a7:ff:c5:57:ef:14:81:
                    e4:5f:ed:42:d7:e4:e7:b8:c3:f2:a0:6f:77:bb:db:
                    e3:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:C7:0A:F4:C3:81:03:AD:FA:5A:8A:F4:07:6E:2A:7D:AB:67:35:CE
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS134526.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df5:bf40::/48

    Signature Algorithm: sha256WithRSAEncryption
         30:ba:38:8d:fc:c4:4f:45:c8:22:c0:5e:a2:97:ee:ab:0b:83:
         cf:d7:4e:75:f4:65:99:b9:4e:13:69:46:d7:43:1b:16:1f:af:
         40:d2:ed:0c:4d:62:eb:db:b0:cd:2a:10:e5:6c:07:45:47:53:
         78:97:47:75:e2:e8:b2:b9:b5:e3:96:30:13:c5:f0:70:2c:29:
         10:ef:9a:b2:54:da:d0:21:00:25:63:05:e4:a6:4f:23:1e:c8:
         ca:85:fc:af:49:f1:15:42:08:7d:5d:97:65:ce:0f:85:b4:10:
         e6:43:e6:29:dc:01:50:3a:41:f9:7f:56:ff:b5:4c:90:4b:f1:
         a9:94:a5:04:6d:3c:01:e0:fa:c1:73:46:b6:c5:47:1b:4f:84:
         2d:30:64:a2:c3:4b:fa:87:30:36:31:46:3e:ce:43:21:d5:95:
         ec:b2:22:06:24:c0:78:c4:d4:92:88:10:36:96:6d:f5:1d:ff:
         64:69:df:bb:4c:67:d2:6b:25:22:6a:55:ac:b2:80:33:30:7f:
         8a:92:cd:18:ca:17:b8:80:86:85:09:e2:df:7d:97:8a:f6:a0:
         d1:07:15:ab:72:a0:2e:c5:ca:90:86:6e:f4:ac:dc:b5:c5:c1:
         d7:3a:97:45:c5:db:31:05:fa:d8:43:f0:6c:ce:92:64:e9:60:
         04:c2:ca:7a
-----BEGIN CERTIFICATE-----
MIIE4DCCA8igAwIBAgIUfiX8fdQdNVPBIQ0gOxoYq+2G/TowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDIyNDAyMzYwMFoX
DTI3MDIyMzAyNDEwMFowMzExMC8GA1UEAxMoQkNDNzBBRjRDMzgxMDNBREZBNUE4
QUY0MDc2RTJBN0RBQjY3MzVDRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPWNqT8bf+xE3pDhtXtzJX+MZKWKL0AhjAUkXAOlPu0tMipWEAIqfFzWdBfs
Cfai1hU/YIT6LAyCVR7QZMLLQaVZ/9Xc7kQ9uQsqvsFi8xDpy1ByN8fQmSiCBl0Y
iq5/V/v1MuGGlAxWcZSo26r16GxTYiAUNEW3ZH5v4Q18nG5CSYB8lTV3+zXm4ePD
433/TJj+Xkh48azymY4AfA0KaKB2zVzMc1BDIIg1yqEbrTOiRKmw2OSC2sAb95XU
fObTmoTXom3Hn6qZ+ZNM8KTUaqPztVFFEAi+P3Rblzh15jemmkkUWXXYqDCn/8VX
7xSB5F/tQtfk57jD8qBvd7vb48UCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBS8xwr0
w4EDrfpaivQHbip9q2c1zjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzNDUyNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACABDfW/QDANBgkqhkiG9w0BAQsFAAOCAQEAMLo4jfzET0XIIsBe
opfuqwuDz9dOdfRlmblOE2lG10MbFh+vQNLtDE1i69uwzSoQ5WwHRUdTeJdHdeLo
srm145YwE8XwcCwpEO+aslTa0CEAJWMF5KZPIx7IyoX8r0nxFUIIfV2XZc4PhbQQ
5kPmKdwBUDpB+X9W/7VMkEvxqZSlBG08AeD6wXNGtsVHG0+ELTBkosNL+ocwNjFG
Ps5DIdWV7LIiBiTAeMTUkogQNpZt9R3/ZGnfu0xn0mslImpVrLKAMzB/ipLNGMoX
uICGhQni332Xivag0QcVq3KgLsXKkIZu9KzctcXB1zqXRcXbMQX62EPwbM6SZOlg
BMLKeg==
-----END CERTIFICATE-----