Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/0461d7a7-a11e-400b-9170-c797ed88d702/0/3130332e3130352e3133302e302f32342d3234203d3e203137373237.roa
File:                     3130332e3130352e3133302e302f32342d3234203d3e203137373237.roa (raw, json)
Hash identifier:          yMrj8AoB/ixjd6PVgwO256Xjq06xuds8sgMBoLkTbyM=
Subject key identifier:   F8:33:BB:52:E5:53:AD:9B:E9:CE:71:FC:32:D8:84:AA:D5:7B:96:72
Certificate issuer:       /CN=FED855DD505D24B6FE25BD8656297329F7EF4785
Certificate serial:       7391D948CEF32576DF3E2CFC64AFA06786FE01E8
Authority key identifier: FE:D8:55:DD:50:5D:24:B6:FE:25:BD:86:56:29:73:29:F7:EF:47:85
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FED855DD505D24B6FE25BD8656297329F7EF4785.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/0461d7a7-a11e-400b-9170-c797ed88d702/0/3130332e3130352e3133302e302f32342d3234203d3e203137373237.roa
Signing time:             Wed 10 Sep 2025 05:00:02 +0000
ROA not before:           Wed 10 Sep 2025 04:55:02 +0000
ROA not after:            Wed 09 Sep 2026 05:00:02 +0000
asID:                     17727
IP address blocks:        103.105.130.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/0461d7a7-a11e-400b-9170-c797ed88d702/0/FED855DD505D24B6FE25BD8656297329F7EF4785.crl
                          rsync://repo-rpki.idnic.net/repo/0461d7a7-a11e-400b-9170-c797ed88d702/0/FED855DD505D24B6FE25BD8656297329F7EF4785.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FED855DD505D24B6FE25BD8656297329F7EF4785.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Oct 2025 18:52:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:91:d9:48:ce:f3:25:76:df:3e:2c:fc:64:af:a0:67:86:fe:01:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FED855DD505D24B6FE25BD8656297329F7EF4785
        Validity
            Not Before: Sep 10 04:55:02 2025 GMT
            Not After : Sep  9 05:00:02 2026 GMT
        Subject: CN=F833BB52E553AD9BE9CE71FC32D884AAD57B9672
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:86:b3:a8:00:11:38:f6:98:c3:76:1c:3f:61:
                    13:4a:cd:3b:c3:51:24:46:ab:42:ef:c5:74:ee:55:
                    19:d6:6c:bb:11:a8:04:1c:96:1e:4d:e6:25:90:54:
                    49:f3:35:f9:c0:35:95:4f:fd:65:1e:23:3e:97:90:
                    ff:e2:53:7a:79:28:50:b4:5f:3c:b8:26:68:e5:7e:
                    49:b7:9c:2a:65:f0:f0:79:59:19:b9:e1:75:fb:ba:
                    a2:3b:75:cd:20:92:5e:5d:ac:bd:5a:94:4a:42:f8:
                    dc:7e:fa:19:cf:dd:a5:35:d8:9c:47:5f:93:ff:50:
                    b7:90:52:8c:ee:15:0e:f5:84:4e:92:82:93:40:65:
                    fc:aa:d0:b8:3c:ce:cf:ee:5a:df:93:c5:3b:1f:15:
                    9c:db:68:63:7a:98:ff:af:f5:1c:f1:53:d1:6b:74:
                    da:dc:d1:6d:15:e2:f7:06:2f:ad:bd:8f:aa:18:51:
                    c7:7e:b8:ef:87:3f:3a:c2:46:df:3a:29:d0:5a:58:
                    75:da:bd:5a:15:0d:f6:bc:9c:ad:51:a6:c5:1d:75:
                    ad:67:f6:49:0a:01:70:eb:2d:93:77:66:51:43:df:
                    d4:3f:26:02:b7:d4:e3:fb:0a:7f:7f:79:78:be:c0:
                    b2:2e:91:5b:4d:d0:2d:09:9f:5c:47:68:d1:49:05:
                    0d:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:33:BB:52:E5:53:AD:9B:E9:CE:71:FC:32:D8:84:AA:D5:7B:96:72
            X509v3 Authority Key Identifier:
                keyid:FE:D8:55:DD:50:5D:24:B6:FE:25:BD:86:56:29:73:29:F7:EF:47:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/0461d7a7-a11e-400b-9170-c797ed88d702/0/FED855DD505D24B6FE25BD8656297329F7EF4785.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FED855DD505D24B6FE25BD8656297329F7EF4785.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0461d7a7-a11e-400b-9170-c797ed88d702/0/3130332e3130352e3133302e302f32342d3234203d3e203137373237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.105.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:57:e2:d3:c0:94:3d:2e:96:98:fa:84:86:5b:01:57:f0:79:
         1c:c9:67:c1:c9:22:44:7c:f2:d0:e0:f0:d8:1f:88:38:4c:54:
         19:c2:5b:23:4c:31:cd:f5:9d:a0:7f:fa:e0:b5:cb:68:17:63:
         8b:7a:15:20:41:eb:43:d8:ab:69:24:3f:df:c7:88:20:8f:58:
         d2:37:87:46:cd:2c:1d:c5:bc:83:ec:80:41:5e:18:df:0c:6b:
         bb:47:66:88:0c:2c:0b:95:a1:a6:50:c9:65:1d:b8:38:12:3e:
         67:1c:ab:04:b2:d0:42:c3:2d:d9:99:93:58:94:36:d9:13:59:
         fa:ce:e4:55:ab:6c:86:f5:96:3d:b3:2f:cb:7f:ab:87:1b:1d:
         1e:17:52:42:bc:80:d1:a3:3d:41:4e:fe:f3:51:52:c5:85:c9:
         46:32:39:6c:ed:ca:9c:31:57:79:c2:0e:d2:b4:61:cb:07:d0:
         2e:86:df:0f:41:27:af:cd:b2:d8:be:c5:23:2a:aa:04:40:db:
         c8:a8:8b:97:63:19:c8:bc:36:a4:f2:d8:48:f0:58:9a:9c:91:
         26:45:0a:f8:29:32:d6:ae:2b:2f:80:72:1f:eb:a1:40:7e:7d:
         1b:82:96:8f:1c:2e:be:b8:c7:77:6f:a0:29:ef:b1:ae:14:23:
         86:6f:a4:f4
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUc5HZSM7zJXbfPiz8ZK+gZ4b+AegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkVEODU1REQ1MDVEMjRCNkZFMjVCRDg2NTYyOTczMjlG
N0VGNDc4NTAeFw0yNTA5MTAwNDU1MDJaFw0yNjA5MDkwNTAwMDJaMDMxMTAvBgNV
BAMTKEY4MzNCQjUyRTU1M0FEOUJFOUNFNzFGQzMyRDg4NEFBRDU3Qjk2NzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbhrOoABE49pjDdhw/YRNKzTvD
USRGq0LvxXTuVRnWbLsRqAQclh5N5iWQVEnzNfnANZVP/WUeIz6XkP/iU3p5KFC0
Xzy4Jmjlfkm3nCpl8PB5WRm54XX7uqI7dc0gkl5drL1alEpC+Nx++hnP3aU12JxH
X5P/ULeQUozuFQ71hE6SgpNAZfyq0Lg8zs/uWt+TxTsfFZzbaGN6mP+v9RzxU9Fr
dNrc0W0V4vcGL629j6oYUcd+uO+HPzrCRt86KdBaWHXavVoVDfa8nK1RpsUdda1n
9kkKAXDrLZN3ZlFD39Q/JgK31OP7Cn9/eXi+wLIukVtN0C0Jn1xHaNFJBQ2rAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU+DO7UuVTrZvpznH8MtiEqtV7lnIwHwYDVR0j
BBgwFoAU/thV3VBdJLb+Jb2GVilzKffvR4UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
NDYxZDdhNy1hMTFlLTQwMGItOTE3MC1jNzk3ZWQ4OGQ3MDIvMC9GRUQ4NTVERDUw
NUQyNEI2RkUyNUJEODY1NjI5NzMyOUY3RUY0Nzg1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRkVEODU1REQ1MDVEMjRCNkZFMjVCRDg2NTYyOTczMjlGN0VG
NDc4NS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA0NjFkN2E3LWExMWUtNDAwYi05
MTcwLWM3OTdlZDg4ZDcwMi8wLzMxMzAzMzJlMzEzMDM1MmUzMTMzMzAyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM3MzczMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ2mCMA0GCSqG
SIb3DQEBCwUAA4IBAQBbV+LTwJQ9LpaY+oSGWwFX8HkcyWfBySJEfPLQ4PDYH4g4
TFQZwlsjTDHN9Z2gf/rgtctoF2OLehUgQetD2KtpJD/fx4ggj1jSN4dGzSwdxbyD
7IBBXhjfDGu7R2aIDCwLlaGmUMllHbg4Ej5nHKsEstBCwy3ZmZNYlDbZE1n6zuRV
q2yG9ZY9sy/Lf6uHGx0eF1JCvIDRoz1BTv7zUVLFhclGMjls7cqcMVd5wg7StGHL
B9Auht8PQSevzbLYvsUjKqoEQNvIqIuXYxnIvDak8thI8FianJEmRQr4KTLWrisv
gHIf66FAfn0bgpaPHC6+uMd3b6Ap77GuFCOGb6T0
-----END CERTIFICATE-----
Generated at Tue Oct 21 06:28:06 2025 by rpki-client