Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/0fcf7c9e-f8c3-4015-881b-a2c21819d6b9/0/3130332e3135372e38312e302f32342d3234203d3e20313431313133.roa
File:                     3130332e3135372e38312e302f32342d3234203d3e20313431313133.roa (raw, json)
Hash identifier:          7E801eHzByrlpX824SF5Bv9nBKvFuISx0tzFKJn/f5I=
Subject key identifier:   C9:43:08:AB:58:4C:70:6B:62:49:CD:58:7B:1B:01:6C:0E:20:6F:E2
Certificate issuer:       /CN=A0098405BC0A535E6E4D613793C362C743319143
Certificate serial:       32722D9E2F41058FD1A41F6B501F6F1FEAFC98AE
Authority key identifier: A0:09:84:05:BC:0A:53:5E:6E:4D:61:37:93:C3:62:C7:43:31:91:43
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A0098405BC0A535E6E4D613793C362C743319143.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/0fcf7c9e-f8c3-4015-881b-a2c21819d6b9/0/3130332e3135372e38312e302f32342d3234203d3e20313431313133.roa
Signing time:             Wed 01 Oct 2025 08:02:52 +0000
ROA not before:           Wed 01 Oct 2025 07:57:52 +0000
ROA not after:            Wed 30 Sep 2026 08:02:52 +0000
asID:                     141113
IP address blocks:        103.157.81.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/0fcf7c9e-f8c3-4015-881b-a2c21819d6b9/0/A0098405BC0A535E6E4D613793C362C743319143.crl
                          rsync://repo-rpki.idnic.net/repo/0fcf7c9e-f8c3-4015-881b-a2c21819d6b9/0/A0098405BC0A535E6E4D613793C362C743319143.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A0098405BC0A535E6E4D613793C362C743319143.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 22 Oct 2025 18:53:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:72:2d:9e:2f:41:05:8f:d1:a4:1f:6b:50:1f:6f:1f:ea:fc:98:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0098405BC0A535E6E4D613793C362C743319143
        Validity
            Not Before: Oct  1 07:57:52 2025 GMT
            Not After : Sep 30 08:02:52 2026 GMT
        Subject: CN=C94308AB584C706B6249CD587B1B016C0E206FE2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:7d:64:b1:30:42:0c:43:c9:d7:5f:1c:c6:7e:
                    00:fd:c1:55:c9:b1:09:a8:75:f7:98:6a:20:be:1c:
                    f6:8e:f7:c7:12:39:2f:e3:ed:12:7a:40:88:72:67:
                    56:96:7d:ee:10:68:d1:62:e0:16:13:51:a5:d5:b2:
                    79:73:01:67:72:d9:f8:33:69:4c:35:5a:48:7e:3f:
                    21:9e:e6:79:39:20:0a:02:73:59:82:99:21:8e:63:
                    48:4d:0d:f5:08:86:bc:45:a9:85:0f:d9:d0:7d:97:
                    47:99:25:5f:80:97:5a:d9:00:0b:11:67:62:b7:0e:
                    0e:59:26:b5:f0:04:f3:05:22:0a:62:f7:7f:73:70:
                    97:e8:6f:a2:59:79:d6:4a:6d:a8:ad:4e:b3:f1:f0:
                    52:76:02:53:14:89:8d:88:19:38:eb:b2:c8:25:b6:
                    74:6e:fc:12:be:44:5e:fa:5b:de:ab:93:43:c6:17:
                    ef:79:5f:71:02:56:cd:e0:69:97:8f:64:fb:92:35:
                    ea:fe:99:c3:3b:a1:15:f4:4e:de:58:91:f3:70:ff:
                    f6:3d:17:a1:1f:a3:d4:95:75:8c:cc:0b:7e:fe:c9:
                    d3:57:a9:1b:7c:73:55:91:8c:62:39:5c:09:f2:cf:
                    d3:bc:b6:16:c7:79:ee:34:e5:e2:8f:7c:b6:30:76:
                    f8:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:43:08:AB:58:4C:70:6B:62:49:CD:58:7B:1B:01:6C:0E:20:6F:E2
            X509v3 Authority Key Identifier:
                keyid:A0:09:84:05:BC:0A:53:5E:6E:4D:61:37:93:C3:62:C7:43:31:91:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/0fcf7c9e-f8c3-4015-881b-a2c21819d6b9/0/A0098405BC0A535E6E4D613793C362C743319143.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A0098405BC0A535E6E4D613793C362C743319143.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0fcf7c9e-f8c3-4015-881b-a2c21819d6b9/0/3130332e3135372e38312e302f32342d3234203d3e20313431313133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.157.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:f0:fb:79:a7:bc:04:d7:3c:27:46:d1:19:0f:a4:96:28:27:
         c5:e2:28:ef:d0:08:65:79:04:7b:4e:40:0a:30:c6:f4:dd:79:
         8b:b9:c2:bb:2c:0a:d5:ee:3b:e7:67:a2:e5:45:64:6f:02:af:
         3c:5c:97:24:0b:4d:4c:a4:14:89:54:0c:33:d5:c6:3b:8c:5f:
         64:93:be:11:6b:41:fe:cb:7f:50:6c:7b:41:f8:63:2a:1b:7d:
         c0:82:ae:08:e6:59:ed:95:6e:9e:cc:f6:36:ff:2e:c6:50:ac:
         60:ce:6b:3b:c6:a2:03:83:40:6c:6f:99:bf:e2:d5:c3:6f:4a:
         2d:95:3b:e4:9f:8b:3c:e5:8d:37:35:61:12:3c:4f:a4:a7:d3:
         77:47:96:98:89:0b:f8:9c:70:6b:78:f6:0e:cc:94:3f:00:93:
         34:ba:71:6a:60:57:d2:3c:df:db:3f:4a:e4:56:56:cd:57:b4:
         a8:29:f6:3d:5c:1b:e8:5a:48:fe:40:f4:cb:2b:af:f9:68:02:
         5e:9c:6f:b7:81:85:5d:49:71:7a:6c:38:c9:b6:c4:d3:8c:3c:
         ea:49:57:12:62:99:85:d5:d3:1c:3c:66:e8:f1:70:00:f0:57:
         bd:be:6c:9e:ed:d5:d3:6b:2c:e3:0a:bb:f1:6a:4d:1b:92:fd:
         df:fa:07:f2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUMnItni9BBY/RpB9rUB9vH+r8mK4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTAwOTg0MDVCQzBBNTM1RTZFNEQ2MTM3OTNDMzYyQzc0
MzMxOTE0MzAeFw0yNTEwMDEwNzU3NTJaFw0yNjA5MzAwODAyNTJaMDMxMTAvBgNV
BAMTKEM5NDMwOEFCNTg0QzcwNkI2MjQ5Q0Q1ODdCMUIwMTZDMEUyMDZGRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjfWSxMEIMQ8nXXxzGfgD9wVXJ
sQmodfeYaiC+HPaO98cSOS/j7RJ6QIhyZ1aWfe4QaNFi4BYTUaXVsnlzAWdy2fgz
aUw1Wkh+PyGe5nk5IAoCc1mCmSGOY0hNDfUIhrxFqYUP2dB9l0eZJV+Al1rZAAsR
Z2K3Dg5ZJrXwBPMFIgpi939zcJfob6JZedZKbaitTrPx8FJ2AlMUiY2IGTjrssgl
tnRu/BK+RF76W96rk0PGF+95X3ECVs3gaZePZPuSNer+mcM7oRX0Tt5YkfNw//Y9
F6Efo9SVdYzMC37+ydNXqRt8c1WRjGI5XAnyz9O8thbHee405eKPfLYwdviHAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUyUMIq1hMcGtiSc1YexsBbA4gb+IwHwYDVR0j
BBgwFoAUoAmEBbwKU15uTWE3k8Nix0MxkUMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
ZmNmN2M5ZS1mOGMzLTQwMTUtODgxYi1hMmMyMTgxOWQ2YjkvMC9BMDA5ODQwNUJD
MEE1MzVFNkU0RDYxMzc5M0MzNjJDNzQzMzE5MTQzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQTAwOTg0MDVCQzBBNTM1RTZFNEQ2MTM3OTNDMzYyQzc0MzMx
OTE0My5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBmY2Y3YzllLWY4YzMtNDAxNS04
ODFiLWEyYzIxODE5ZDZiOS8wLzMxMzAzMzJlMzEzNTM3MmUzODMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDMxMzEzMTMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ51RMA0GCSqG
SIb3DQEBCwUAA4IBAQBx8Pt5p7wE1zwnRtEZD6SWKCfF4ijv0AhleQR7TkAKMMb0
3XmLucK7LArV7jvnZ6LlRWRvAq88XJckC01MpBSJVAwz1cY7jF9kk74Ra0H+y39Q
bHtB+GMqG33Agq4I5lntlW6ezPY2/y7GUKxgzms7xqIDg0Bsb5m/4tXDb0otlTvk
n4s85Y03NWESPE+kp9N3R5aYiQv4nHBrePYOzJQ/AJM0unFqYFfSPN/bP0rkVlbN
V7SoKfY9XBvoWkj+QPTLK6/5aAJenG+3gYVdSXF6bDjJtsTTjDzqSVcSYpmF1dMc
PGbo8XAA8Fe9vmye7dXTayzjCrvxak0bkv3f+gfy
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:34:37 2025 by rpki-client