Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/1/323030313a6466343a353863303a3a2f34382d3438203d3e20313533313237.roa
File:                     323030313a6466343a353863303a3a2f34382d3438203d3e20313533313237.roa (raw, json)
Hash identifier:          vwgSPrWbk7InW3RVvW95kOhCGfi4C/hudM8AnWKgHzQ=
Subject key identifier:   B2:92:55:BA:73:C8:63:55:5D:FD:34:AC:24:C2:43:8F:BF:22:49:AB
Certificate issuer:       /CN=1F515919CCC0A900FF9717E1B7EF11F5A5183DF3
Certificate serial:       56315C94E1F741A597366FF2D4175FEC4BF1AFCE
Authority key identifier: 1F:51:59:19:CC:C0:A9:00:FF:97:17:E1:B7:EF:11:F5:A5:18:3D:F3
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1F515919CCC0A900FF9717E1B7EF11F5A5183DF3.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/1/323030313a6466343a353863303a3a2f34382d3438203d3e20313533313237.roa
Signing time:             Wed 17 Sep 2025 07:02:56 +0000
ROA not before:           Wed 17 Sep 2025 06:57:56 +0000
ROA not after:            Wed 16 Sep 2026 07:02:56 +0000
asID:                     153127
IP address blocks:        2001:df4:58c0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/1/1F515919CCC0A900FF9717E1B7EF11F5A5183DF3.crl
                          rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/1/1F515919CCC0A900FF9717E1B7EF11F5A5183DF3.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1F515919CCC0A900FF9717E1B7EF11F5A5183DF3.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 22 Oct 2025 10:45:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:31:5c:94:e1:f7:41:a5:97:36:6f:f2:d4:17:5f:ec:4b:f1:af:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1F515919CCC0A900FF9717E1B7EF11F5A5183DF3
        Validity
            Not Before: Sep 17 06:57:56 2025 GMT
            Not After : Sep 16 07:02:56 2026 GMT
        Subject: CN=B29255BA73C863555DFD34AC24C2438FBF2249AB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:4b:ee:c9:c2:fc:4e:6e:5d:c3:8e:d1:9e:90:
                    bc:8b:9a:42:d4:1c:d5:b5:c4:64:d4:0c:2b:fc:b7:
                    01:68:7d:be:61:cb:b9:73:2c:32:b3:f1:17:b3:3a:
                    52:be:82:f7:e5:e0:9f:24:46:b1:2b:6d:67:b9:5f:
                    f8:47:26:c7:1a:03:55:d4:d5:35:4f:d1:ca:cb:06:
                    95:2b:a0:96:8b:cb:59:b9:4d:ec:db:94:83:27:b6:
                    f0:85:38:6b:26:84:a4:cf:17:3d:40:e7:6a:ea:22:
                    f8:2b:b2:3b:e6:b2:f4:eb:82:65:37:92:50:3c:19:
                    64:aa:bf:04:1c:3b:0e:70:54:b5:2b:2e:38:d9:86:
                    6e:4e:78:fd:28:17:fb:74:19:4d:6b:7b:1b:c1:3e:
                    a5:bb:73:fe:1d:1b:95:29:4f:a5:f0:58:55:58:22:
                    13:b3:d6:db:54:c1:4a:44:79:96:a2:97:5c:99:52:
                    42:b5:72:31:95:78:ab:ce:05:bf:64:9d:51:ce:29:
                    00:7f:75:1d:dd:f4:d1:ae:73:ae:78:67:dc:70:dc:
                    d2:be:d4:47:c8:99:c7:21:c5:48:61:60:2a:5d:5d:
                    32:7e:de:27:4b:a6:1f:3d:29:68:a7:56:a7:fc:3b:
                    03:e6:ba:bb:6b:ae:1f:f0:49:8f:05:3f:13:97:92:
                    c8:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:92:55:BA:73:C8:63:55:5D:FD:34:AC:24:C2:43:8F:BF:22:49:AB
            X509v3 Authority Key Identifier:
                keyid:1F:51:59:19:CC:C0:A9:00:FF:97:17:E1:B7:EF:11:F5:A5:18:3D:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/1/1F515919CCC0A900FF9717E1B7EF11F5A5183DF3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1F515919CCC0A900FF9717E1B7EF11F5A5183DF3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/1/323030313a6466343a353863303a3a2f34382d3438203d3e20313533313237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df4:58c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:d5:d0:8b:64:79:57:52:fd:03:07:2d:9c:58:e8:13:10:f8:
         7b:8f:cc:90:ba:4b:ff:bf:81:bd:1c:43:fb:8c:bb:08:00:eb:
         df:d1:ac:b3:78:0a:b3:7f:43:af:6a:51:b0:d9:3e:bb:10:39:
         66:86:a6:12:4e:b2:b7:27:51:92:5e:4f:3d:46:89:53:3c:ce:
         42:97:ab:cf:af:10:c2:be:c7:a1:56:7b:ec:b9:b3:a4:4b:ec:
         5d:82:ac:3e:b0:0c:68:d5:b0:6c:ee:b3:3e:c1:18:38:46:9f:
         35:63:b7:1e:ad:df:4a:ff:dd:f3:03:aa:45:51:0f:51:40:dc:
         99:39:eb:b6:b8:11:d6:b7:20:4a:41:25:92:ec:0b:6a:50:7c:
         d8:56:ea:c9:b0:1a:38:73:3b:4a:94:7b:8e:a5:1f:64:71:17:
         bd:35:31:f6:3f:7d:06:f1:e0:9a:c1:d2:9f:88:28:a4:30:ae:
         d4:8d:6f:64:26:dc:36:df:ae:db:36:f7:b1:3d:15:e2:c2:0d:
         cc:61:b5:ea:e9:a6:fe:bc:df:c1:d3:b4:2d:fa:5e:2e:a5:19:
         89:f7:7c:16:05:32:00:2a:d1:d2:a0:ec:bb:f3:5e:00:bd:3e:
         8f:2c:87:f7:76:70:e5:de:5e:bb:ac:f7:42:93:af:2e:f9:97:
         f4:5c:1e:19
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVjFclOH3QaWXNm/y1Bdf7Evxr84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUY1MTU5MTlDQ0MwQTkwMEZGOTcxN0UxQjdFRjExRjVB
NTE4M0RGMzAeFw0yNTA5MTcwNjU3NTZaFw0yNjA5MTYwNzAyNTZaMDMxMTAvBgNV
BAMTKEIyOTI1NUJBNzNDODYzNTU1REZEMzRBQzI0QzI0MzhGQkYyMjQ5QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdS+7JwvxObl3DjtGekLyLmkLU
HNW1xGTUDCv8twFofb5hy7lzLDKz8RezOlK+gvfl4J8kRrErbWe5X/hHJscaA1XU
1TVP0crLBpUroJaLy1m5TezblIMntvCFOGsmhKTPFz1A52rqIvgrsjvmsvTrgmU3
klA8GWSqvwQcOw5wVLUrLjjZhm5OeP0oF/t0GU1rexvBPqW7c/4dG5UpT6XwWFVY
IhOz1ttUwUpEeZail1yZUkK1cjGVeKvOBb9knVHOKQB/dR3d9NGuc654Z9xw3NK+
1EfImcchxUhhYCpdXTJ+3idLph89KWinVqf8OwPmurtrrh/wSY8FPxOXkshtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUspJVunPIY1Vd/TSsJMJDj78iSaswHwYDVR0j
BBgwFoAUH1FZGczAqQD/lxfht+8R9aUYPfMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
MWQ5N2I0MC1jMDMxLTRlNWItOWI0Mi1kMmFlMWM5Y2Y5ODcvMS8xRjUxNTkxOUND
QzBBOTAwRkY5NzE3RTFCN0VGMTFGNUE1MTgzREYzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMUY1MTU5MTlDQ0MwQTkwMEZGOTcxN0UxQjdFRjExRjVBNTE4
M0RGMy5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIxZDk3YjQwLWMwMzEtNGU1Yi05
YjQyLWQyYWUxYzljZjk4Ny8xLzMyMzAzMDMxM2E2NDY2MzQzYTM1Mzg2MzMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNTMzMzEzMjM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
9FjAMA0GCSqGSIb3DQEBCwUAA4IBAQCR1dCLZHlXUv0DBy2cWOgTEPh7j8yQukv/
v4G9HEP7jLsIAOvf0ayzeAqzf0OvalGw2T67EDlmhqYSTrK3J1GSXk89RolTPM5C
l6vPrxDCvsehVnvsubOkS+xdgqw+sAxo1bBs7rM+wRg4Rp81Y7cerd9K/93zA6pF
UQ9RQNyZOeu2uBHWtyBKQSWS7AtqUHzYVurJsBo4cztKlHuOpR9kcRe9NTH2P30G
8eCawdKfiCikMK7UjW9kJtw2367bNvexPRXiwg3MYbXq6ab+vN/B07Qt+l4upRmJ
93wWBTIAKtHSoOy7814AvT6PLIf3dnDl3l67rPdCk68u+Zf0XB4Z
-----END CERTIFICATE-----
Generated at Tue Oct 21 00:39:03 2025 by rpki-client