Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/1e3159f2-0cf0-43c6-b282-c69fba13a14a/0/3230332e37372e3231302e302f32342d3234203d3e203138333933.roa
File:                     3230332e37372e3231302e302f32342d3234203d3e203138333933.roa (raw, json)
Hash identifier:          iWMhjvfQ90b0ccxxANfrIanrHwujuPgFaL6IJZ5mDY0=
Subject key identifier:   0D:86:90:57:39:C7:EF:A1:38:41:D7:5F:EB:EC:46:6D:4B:21:42:2C
Certificate issuer:       /CN=E6FEA7CE7F6FA5EAE05EBBDFD86FD53E84FA75A8
Certificate serial:       5878F720B6A32A71628D9621B454CB6677A8BCD1
Authority key identifier: E6:FE:A7:CE:7F:6F:A5:EA:E0:5E:BB:DF:D8:6F:D5:3E:84:FA:75:A8
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E6FEA7CE7F6FA5EAE05EBBDFD86FD53E84FA75A8.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1e3159f2-0cf0-43c6-b282-c69fba13a14a/0/3230332e37372e3231302e302f32342d3234203d3e203138333933.roa
Signing time:             Wed 15 Oct 2025 12:41:44 +0000
ROA not before:           Wed 15 Oct 2025 12:36:44 +0000
ROA not after:            Wed 14 Oct 2026 12:41:44 +0000
asID:                     18393
IP address blocks:        203.77.210.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/1e3159f2-0cf0-43c6-b282-c69fba13a14a/0/E6FEA7CE7F6FA5EAE05EBBDFD86FD53E84FA75A8.crl
                          rsync://repo-rpki.idnic.net/repo/1e3159f2-0cf0-43c6-b282-c69fba13a14a/0/E6FEA7CE7F6FA5EAE05EBBDFD86FD53E84FA75A8.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E6FEA7CE7F6FA5EAE05EBBDFD86FD53E84FA75A8.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Oct 2025 11:48:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:78:f7:20:b6:a3:2a:71:62:8d:96:21:b4:54:cb:66:77:a8:bc:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E6FEA7CE7F6FA5EAE05EBBDFD86FD53E84FA75A8
        Validity
            Not Before: Oct 15 12:36:44 2025 GMT
            Not After : Oct 14 12:41:44 2026 GMT
        Subject: CN=0D86905739C7EFA13841D75FEBEC466D4B21422C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:90:c3:6f:86:4f:d4:cc:b6:a4:90:c0:e9:30:
                    d2:c7:f3:6a:c1:56:de:b1:7f:6c:07:23:78:13:3a:
                    17:db:7f:22:d0:10:d2:95:a3:7d:86:c7:36:0c:d8:
                    0f:14:f9:4a:05:fd:e1:78:d9:ac:0b:eb:3e:58:8d:
                    6c:94:18:d2:27:d3:38:6a:31:d4:21:a9:13:fe:7a:
                    79:4c:79:bd:11:aa:ce:ea:ba:11:ef:db:19:69:18:
                    1f:13:6e:e2:5d:10:87:70:75:9c:b9:b9:4a:ba:3f:
                    3b:f0:8f:b9:ce:75:ac:7a:be:35:ac:e9:e4:7f:e8:
                    28:a7:00:10:e0:59:96:76:a1:81:74:af:18:79:03:
                    83:6d:20:11:b5:19:5a:da:c5:a4:2b:b9:71:da:0e:
                    bf:84:15:1d:66:03:8f:23:80:4a:8e:59:38:e7:67:
                    59:54:8d:65:ec:26:50:d1:c9:d5:78:55:3f:fd:37:
                    9a:9f:b9:b1:57:3d:ad:f0:04:92:4b:d6:63:aa:32:
                    15:15:eb:b6:43:a1:8e:d1:74:ca:3e:99:02:5c:df:
                    91:e8:c7:19:0c:80:02:d7:61:a0:ef:85:02:d6:7f:
                    9c:2c:e1:9d:e0:22:b9:a1:e1:06:1e:88:b0:07:bb:
                    bd:76:c2:56:7f:33:d1:82:92:13:10:90:19:10:d7:
                    32:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:86:90:57:39:C7:EF:A1:38:41:D7:5F:EB:EC:46:6D:4B:21:42:2C
            X509v3 Authority Key Identifier:
                keyid:E6:FE:A7:CE:7F:6F:A5:EA:E0:5E:BB:DF:D8:6F:D5:3E:84:FA:75:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1e3159f2-0cf0-43c6-b282-c69fba13a14a/0/E6FEA7CE7F6FA5EAE05EBBDFD86FD53E84FA75A8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E6FEA7CE7F6FA5EAE05EBBDFD86FD53E84FA75A8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1e3159f2-0cf0-43c6-b282-c69fba13a14a/0/3230332e37372e3231302e302f32342d3234203d3e203138333933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.77.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:2c:f8:3b:e6:5d:31:f5:55:58:c3:ef:6f:7b:5d:64:28:58:
         11:4f:77:bb:8a:f5:38:f5:fb:9a:0f:80:20:ed:97:d0:8f:19:
         fa:91:e3:d2:00:7b:06:94:e6:aa:b0:81:49:be:14:2e:a3:25:
         d9:27:12:b5:43:62:e4:44:3c:fd:a3:10:84:ec:37:45:ab:82:
         82:78:a2:a7:95:86:ee:7f:02:af:7a:8f:56:be:b0:5a:75:28:
         12:1f:5c:a5:6b:aa:b2:8f:51:b6:9c:9e:ee:3d:eb:15:3a:b0:
         4c:02:b7:fd:8b:0d:b6:7e:4c:67:7d:68:84:3e:2d:a1:eb:e2:
         b8:4e:5d:69:bd:b6:56:df:44:50:ae:f5:36:c4:27:b6:42:f4:
         fc:49:19:52:db:21:3a:00:f7:80:7e:ff:3c:4f:8f:f6:6f:5e:
         40:b9:7a:78:a3:e0:4c:c1:6c:fc:9a:9c:b8:bb:c4:74:56:ad:
         8a:14:34:f7:f8:5c:46:35:9e:84:05:69:9a:d5:e0:03:b7:7f:
         78:de:e7:22:82:1e:1d:de:5e:d4:ac:72:60:d8:fd:43:a7:5a:
         7c:e8:ad:b7:d4:03:57:60:e4:e9:76:bb:7a:41:59:0e:c2:04:
         b0:78:b1:6d:5f:94:d1:a6:a9:cc:a2:c8:88:c9:e5:e3:b7:ef:
         58:44:5d:e0
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUWHj3ILajKnFijZYhtFTLZneovNEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTZGRUE3Q0U3RjZGQTVFQUUwNUVCQkRGRDg2RkQ1M0U4
NEZBNzVBODAeFw0yNTEwMTUxMjM2NDRaFw0yNjEwMTQxMjQxNDRaMDMxMTAvBgNV
BAMTKDBEODY5MDU3MzlDN0VGQTEzODQxRDc1RkVCRUM0NjZENEIyMTQyMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMkMNvhk/UzLakkMDpMNLH82rB
Vt6xf2wHI3gTOhfbfyLQENKVo32GxzYM2A8U+UoF/eF42awL6z5YjWyUGNIn0zhq
MdQhqRP+enlMeb0Rqs7quhHv2xlpGB8TbuJdEIdwdZy5uUq6Pzvwj7nOdax6vjWs
6eR/6CinABDgWZZ2oYF0rxh5A4NtIBG1GVraxaQruXHaDr+EFR1mA48jgEqOWTjn
Z1lUjWXsJlDRydV4VT/9N5qfubFXPa3wBJJL1mOqMhUV67ZDoY7RdMo+mQJc35Ho
xxkMgALXYaDvhQLWf5ws4Z3gIrmh4QYeiLAHu712wlZ/M9GCkhMQkBkQ1zL7AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUDYaQVznH76E4Qddf6+xGbUshQiwwHwYDVR0j
BBgwFoAU5v6nzn9vpergXrvf2G/VPoT6dagwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ZTMxNTlmMi0wY2YwLTQzYzYtYjI4Mi1jNjlmYmExM2ExNGEvMC9FNkZFQTdDRTdG
NkZBNUVBRTA1RUJCREZEODZGRDUzRTg0RkE3NUE4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRTZGRUE3Q0U3RjZGQTVFQUUwNUVCQkRGRDg2RkQ1M0U4NEZB
NzVBOC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFlMzE1OWYyLTBjZjAtNDNjNi1i
MjgyLWM2OWZiYTEzYTE0YS8wLzMyMzAzMzJlMzczNzJlMzIzMTMwMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzODMzMzkzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMtN0jANBgkqhkiG
9w0BAQsFAAOCAQEArSz4O+ZdMfVVWMPvb3tdZChYEU93u4r1OPX7mg+AIO2X0I8Z
+pHj0gB7BpTmqrCBSb4ULqMl2ScStUNi5EQ8/aMQhOw3RauCgniip5WG7n8Cr3qP
Vr6wWnUoEh9cpWuqso9Rtpye7j3rFTqwTAK3/YsNtn5MZ31ohD4toeviuE5dab22
Vt9EUK71NsQntkL0/EkZUtshOgD3gH7/PE+P9m9eQLl6eKPgTMFs/JqcuLvEdFat
ihQ09/hcRjWehAVpmtXgA7d/eN7nIoIeHd5e1KxyYNj9Q6dafOitt9QDV2Dk6Xa7
ekFZDsIEsHixbV+U0aapzKLIiMnl47fvWERd4A==
-----END CERTIFICATE-----
Generated at Tue Oct 21 01:31:54 2025 by rpki-client