Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/3137352e3130362e31322e302f32322d3234203d3e203436303233.roa
File:                     3137352e3130362e31322e302f32322d3234203d3e203436303233.roa (raw, json)
Hash identifier:          0onTB3vpkwuNndpMrZVrud2+dK89zcDAYNzvDydUeyM=
Subject key identifier:   E1:96:44:12:81:FF:D1:D6:44:00:5D:93:29:E1:77:02:CF:27:AA:BB
Certificate issuer:       /CN=7DF6602C113DDEE922AA019C74EF4283764A4695
Certificate serial:       4656903CC4880E1105B10D3EE664BCC5F0FFACE9
Authority key identifier: 7D:F6:60:2C:11:3D:DE:E9:22:AA:01:9C:74:EF:42:83:76:4A:46:95
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7DF6602C113DDEE922AA019C74EF4283764A4695.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/3137352e3130362e31322e302f32322d3234203d3e203436303233.roa
Signing time:             Tue 14 Oct 2025 13:00:02 +0000
ROA not before:           Tue 14 Oct 2025 12:55:02 +0000
ROA not after:            Tue 13 Oct 2026 13:00:02 +0000
asID:                     46023
IP address blocks:        175.106.12.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/7DF6602C113DDEE922AA019C74EF4283764A4695.crl
                          rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/7DF6602C113DDEE922AA019C74EF4283764A4695.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7DF6602C113DDEE922AA019C74EF4283764A4695.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 22 Oct 2025 18:03:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:56:90:3c:c4:88:0e:11:05:b1:0d:3e:e6:64:bc:c5:f0:ff:ac:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7DF6602C113DDEE922AA019C74EF4283764A4695
        Validity
            Not Before: Oct 14 12:55:02 2025 GMT
            Not After : Oct 13 13:00:02 2026 GMT
        Subject: CN=E196441281FFD1D644005D9329E17702CF27AABB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ef:19:f2:84:97:48:ea:5f:54:30:a6:c0:4a:
                    33:55:00:50:90:cb:6c:6b:18:49:c2:7f:3b:76:46:
                    d3:92:95:f7:0d:d3:67:b2:95:27:65:cf:14:26:d1:
                    9f:03:c7:e2:92:36:ac:ee:e6:f3:69:ee:98:4a:70:
                    fd:67:3c:82:b7:83:ee:ad:12:b0:ad:ba:62:e7:74:
                    a8:d0:14:b6:c3:2b:0d:19:b6:ee:b2:b6:9c:cd:90:
                    4e:52:8b:e0:c4:7d:09:f0:6e:f6:12:81:a9:5b:18:
                    f6:7d:76:db:73:0a:b9:bf:e3:1d:b7:75:94:f8:47:
                    e7:7f:3c:11:4e:ec:68:0d:d9:5e:27:df:dc:c3:60:
                    c8:dd:3b:64:cb:f2:ef:98:65:aa:73:ba:c3:72:91:
                    4f:e7:da:f8:4d:5f:75:f4:78:cf:13:9a:a5:b4:1e:
                    44:e4:84:88:3e:d5:f9:bd:38:2c:1c:4e:67:3b:dc:
                    5f:c7:8a:eb:17:be:58:24:93:ba:69:4d:84:74:a4:
                    84:6c:63:ea:d1:59:e1:8a:4e:28:14:01:c0:47:67:
                    a2:e2:2a:14:6a:05:bc:c3:76:a9:16:08:21:52:ba:
                    50:49:68:0d:5c:0b:48:1b:ce:66:d1:4e:b5:07:b4:
                    94:c3:8d:c6:d6:70:d6:66:16:87:89:7b:93:cd:c1:
                    26:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:96:44:12:81:FF:D1:D6:44:00:5D:93:29:E1:77:02:CF:27:AA:BB
            X509v3 Authority Key Identifier:
                keyid:7D:F6:60:2C:11:3D:DE:E9:22:AA:01:9C:74:EF:42:83:76:4A:46:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/7DF6602C113DDEE922AA019C74EF4283764A4695.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7DF6602C113DDEE922AA019C74EF4283764A4695.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/3137352e3130362e31322e302f32322d3234203d3e203436303233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.106.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         48:c1:26:4e:90:c4:44:a5:3e:47:bb:d5:98:9f:b8:dc:96:ee:
         b9:5c:3c:f8:bd:d1:b0:9d:b5:90:7b:8a:b0:5a:7b:0e:0b:b3:
         cc:64:55:a0:98:27:9e:31:6e:07:9c:8c:79:ef:3f:21:9c:8f:
         93:16:87:d9:c1:96:18:cf:d7:52:f9:aa:04:e0:57:76:8a:20:
         5a:ce:1c:0a:15:e9:92:5f:0d:b7:ba:23:14:b4:9c:a2:7e:50:
         dd:35:5a:53:48:24:5b:1f:38:a9:3b:53:0d:fb:c4:e6:b2:ba:
         00:ac:c0:85:4c:d5:68:b6:d0:9f:7c:0a:58:e1:fb:a9:c4:7a:
         f3:4a:fc:12:2a:1d:ff:a4:60:79:6f:87:09:7c:2e:c5:2f:cf:
         77:36:89:27:8d:d0:76:c0:2a:ba:be:a0:d0:fc:2a:ad:d1:db:
         09:ed:2e:5a:42:77:44:0b:60:5f:9d:60:c0:77:4d:3d:16:21:
         b8:9c:55:22:dc:f1:64:5b:87:f8:c8:93:da:8f:1c:f9:e2:e9:
         41:5e:68:97:b4:da:38:08:9b:a6:c6:4f:56:b1:ee:d0:57:39:
         d7:14:04:d2:96:eb:da:c2:7a:0e:2f:0c:cd:98:fb:d2:5d:ff:
         7b:8a:19:3c:75:38:15:16:ac:93:07:f0:3f:d4:65:94:cb:61:
         cb:33:fa:58
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIURlaQPMSIDhEFsQ0+5mS8xfD/rOkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0RGNjYwMkMxMTNEREVFOTIyQUEwMTlDNzRFRjQyODM3
NjRBNDY5NTAeFw0yNTEwMTQxMjU1MDJaFw0yNjEwMTMxMzAwMDJaMDMxMTAvBgNV
BAMTKEUxOTY0NDEyODFGRkQxRDY0NDAwNUQ5MzI5RTE3NzAyQ0YyN0FBQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl7xnyhJdI6l9UMKbASjNVAFCQ
y2xrGEnCfzt2RtOSlfcN02eylSdlzxQm0Z8Dx+KSNqzu5vNp7phKcP1nPIK3g+6t
ErCtumLndKjQFLbDKw0Ztu6ytpzNkE5Si+DEfQnwbvYSgalbGPZ9dttzCrm/4x23
dZT4R+d/PBFO7GgN2V4n39zDYMjdO2TL8u+YZapzusNykU/n2vhNX3X0eM8TmqW0
HkTkhIg+1fm9OCwcTmc73F/HiusXvlgkk7ppTYR0pIRsY+rRWeGKTigUAcBHZ6Li
KhRqBbzDdqkWCCFSulBJaA1cC0gbzmbRTrUHtJTDjcbWcNZmFoeJe5PNwSbjAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU4ZZEEoH/0dZEAF2TKeF3As8nqrswHwYDVR0j
BBgwFoAUffZgLBE93ukiqgGcdO9Cg3ZKRpUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
MGE5ODViMC1lMTdhLTQyMWItOTY1NS0wMzI0NWEwMWFlZjgvMC83REY2NjAyQzEx
M0RERUU5MjJBQTAxOUM3NEVGNDI4Mzc2NEE0Njk1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvN0RGNjYwMkMxMTNEREVFOTIyQUEwMTlDNzRFRjQyODM3NjRB
NDY5NS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAwYTk4NWIwLWUxN2EtNDIxYi05
NjU1LTAzMjQ1YTAxYWVmOC8wLzMxMzczNTJlMzEzMDM2MmUzMTMyMmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzQzNjMwMzIzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAq9qDDANBgkqhkiG
9w0BAQsFAAOCAQEASMEmTpDERKU+R7vVmJ+43JbuuVw8+L3RsJ21kHuKsFp7Dguz
zGRVoJgnnjFuB5yMee8/IZyPkxaH2cGWGM/XUvmqBOBXdoogWs4cChXpkl8Nt7oj
FLScon5Q3TVaU0gkWx84qTtTDfvE5rK6AKzAhUzVaLbQn3wKWOH7qcR680r8Eiod
/6RgeW+HCXwuxS/PdzaJJ43QdsAqur6g0PwqrdHbCe0uWkJ3RAtgX51gwHdNPRYh
uJxVItzxZFuH+MiT2o8c+eLpQV5ol7TaOAibpsZPVrHu0Fc51xQE0pbr2sJ6Di8M
zZj70l3/e4oZPHU4FRaskwfwP9RllMthyzP6WA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:33:06 2025 by rpki-client