Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/323430323a653130303a323030303a3a2f34382d3438203d3e203538343835.roa
File:                     323430323a653130303a323030303a3a2f34382d3438203d3e203538343835.roa (raw, json)
Hash identifier:          d1PRG5I24wLp0nZlSGZqsXMdn4LUKyh3+Rp9QJBPdWU=
Subject key identifier:   DA:0A:24:D6:08:34:F5:DF:A3:59:A1:6E:F3:A9:A0:93:9A:79:82:FC
Certificate issuer:       /CN=FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39
Certificate serial:       51852406CC3C8763AAAFEAC4B29D1768D855368C
Authority key identifier: FA:5B:CA:98:4E:EB:AF:FD:CE:D8:41:90:C7:07:56:DB:EB:3B:FF:39
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/323430323a653130303a323030303a3a2f34382d3438203d3e203538343835.roa
Signing time:             Thu 16 Oct 2025 18:00:01 +0000
ROA not before:           Thu 16 Oct 2025 17:55:01 +0000
ROA not after:            Thu 15 Oct 2026 18:00:01 +0000
asID:                     58485
IP address blocks:        2402:e100:2000::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.crl
                          rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 22 Oct 2025 01:50:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:85:24:06:cc:3c:87:63:aa:af:ea:c4:b2:9d:17:68:d8:55:36:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39
        Validity
            Not Before: Oct 16 17:55:01 2025 GMT
            Not After : Oct 15 18:00:01 2026 GMT
        Subject: CN=DA0A24D60834F5DFA359A16EF3A9A0939A7982FC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:5d:02:48:61:10:d1:51:da:97:d2:9a:56:cf:
                    d4:25:8c:b4:69:df:5e:45:78:72:1a:31:f7:c6:e8:
                    de:f8:2c:43:6e:1c:64:89:d1:fe:9c:aa:e2:61:ee:
                    2e:00:a5:dc:10:6f:65:f1:eb:0e:55:c2:1c:1f:95:
                    30:ad:cc:f1:6b:c7:53:f9:6f:1e:af:b3:18:81:93:
                    b9:a8:0c:c6:99:28:98:77:ad:da:08:ed:b5:75:72:
                    13:c4:e3:f8:d7:15:02:57:0b:e0:bd:bd:0a:e8:ff:
                    5a:f9:a1:8e:ed:4e:74:e1:d9:6b:17:ae:2d:59:3d:
                    d1:92:0d:ef:30:90:42:a8:54:8c:f4:14:78:dd:74:
                    d8:a5:14:ea:95:ab:80:00:2c:5b:11:01:68:db:96:
                    14:c0:b4:dd:67:7e:c4:7d:7a:43:3c:b2:7a:1a:d9:
                    55:28:cd:21:3a:6f:e3:3d:38:47:b6:44:1a:68:07:
                    11:c7:d7:1f:d1:a0:9e:0d:e6:44:a1:ac:a8:e7:ac:
                    43:d0:0a:60:ae:d2:61:5f:38:83:ef:8d:d5:7b:05:
                    d1:48:22:68:85:ad:13:c0:32:1a:76:79:4f:c3:58:
                    1a:9a:66:bc:b4:87:c9:27:ef:4f:78:b1:c9:be:fb:
                    51:9a:8b:29:4e:a7:a1:62:36:2f:4b:44:57:5e:c9:
                    7c:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:0A:24:D6:08:34:F5:DF:A3:59:A1:6E:F3:A9:A0:93:9A:79:82:FC
            X509v3 Authority Key Identifier:
                keyid:FA:5B:CA:98:4E:EB:AF:FD:CE:D8:41:90:C7:07:56:DB:EB:3B:FF:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/323430323a653130303a323030303a3a2f34382d3438203d3e203538343835.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2402:e100:2000::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:4a:d7:87:77:db:5e:a4:54:d1:3f:8c:2d:17:25:5d:17:b2:
         ec:de:27:33:fa:a0:c5:67:70:6e:e1:6e:f0:a0:fa:46:1f:77:
         d3:ed:29:b0:55:d7:91:23:75:dd:b9:07:6f:73:dc:8a:74:6b:
         72:a9:1c:e5:b3:cf:b9:ba:6c:94:2d:b9:70:67:45:df:76:66:
         18:64:1f:fe:50:54:be:62:16:e9:b5:ea:0c:23:d6:0f:5a:00:
         57:70:a0:89:02:75:4b:96:59:93:b0:0d:f0:2f:d7:66:15:d8:
         a6:e9:83:20:bd:44:b9:34:c2:3b:9e:6b:17:73:bb:40:9b:4b:
         33:40:b0:d6:0f:1e:6d:b4:c8:5d:89:af:67:ab:fb:ee:96:1c:
         0a:0f:59:4b:b9:36:80:cf:50:2a:9f:64:7a:a2:4f:ad:e6:fc:
         dc:b8:e0:a7:c4:93:8e:b1:15:d8:ce:1d:20:6e:65:28:9c:9b:
         00:10:28:c3:c3:cc:5e:b1:67:e1:d7:5d:bc:ef:de:15:3f:d0:
         69:39:cf:d3:57:4c:fc:2f:27:7e:85:95:a7:65:5c:c5:57:1f:
         25:e9:ed:e7:a8:b1:4e:ad:1b:af:49:10:ba:84:2c:06:0f:43:
         49:b8:a1:e2:e2:1d:d9:74:c6:58:20:9c:49:89:f7:de:22:b3:
         f3:d1:b9:bb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUYUkBsw8h2Oqr+rEsp0XaNhVNowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkE1QkNBOTg0RUVCQUZGRENFRDg0MTkwQzcwNzU2REJF
QjNCRkYzOTAeFw0yNTEwMTYxNzU1MDFaFw0yNjEwMTUxODAwMDFaMDMxMTAvBgNV
BAMTKERBMEEyNEQ2MDgzNEY1REZBMzU5QTE2RUYzQTlBMDkzOUE3OTgyRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMXQJIYRDRUdqX0ppWz9QljLRp
315FeHIaMffG6N74LENuHGSJ0f6cquJh7i4ApdwQb2Xx6w5VwhwflTCtzPFrx1P5
bx6vsxiBk7moDMaZKJh3rdoI7bV1chPE4/jXFQJXC+C9vQro/1r5oY7tTnTh2WsX
ri1ZPdGSDe8wkEKoVIz0FHjddNilFOqVq4AALFsRAWjblhTAtN1nfsR9ekM8snoa
2VUozSE6b+M9OEe2RBpoBxHH1x/RoJ4N5kShrKjnrEPQCmCu0mFfOIPvjdV7BdFI
ImiFrRPAMhp2eU/DWBqaZry0h8kn7094scm++1GaiylOp6FiNi9LRFdeyXznAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2gok1gg09d+jWaFu86mgk5p5gvwwHwYDVR0j
BBgwFoAU+lvKmE7rr/3O2EGQxwdW2+s7/zkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZWU0N2JiZi1iYTg0LTQ0OGYtOTYyYi0yYWFmNWM3ZGQ2OGQvMC9GQTVCQ0E5ODRF
RUJBRkZEQ0VEODQxOTBDNzA3NTZEQkVCM0JGRjM5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRkE1QkNBOTg0RUVCQUZGRENFRDg0MTkwQzcwNzU2REJFQjNC
RkYzOS5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJlZTQ3YmJmLWJhODQtNDQ4Zi05
NjJiLTJhYWY1YzdkZDY4ZC8wLzMyMzQzMDMyM2E2NTMxMzAzMDNhMzIzMDMwMzAz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNTM4MzQzODM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJALh
ACAAMA0GCSqGSIb3DQEBCwUAA4IBAQAzSteHd9tepFTRP4wtFyVdF7Ls3icz+qDF
Z3Bu4W7woPpGH3fT7SmwVdeRI3XduQdvc9yKdGtyqRzls8+5umyULblwZ0XfdmYY
ZB/+UFS+YhbpteoMI9YPWgBXcKCJAnVLllmTsA3wL9dmFdim6YMgvUS5NMI7nmsX
c7tAm0szQLDWDx5ttMhdia9nq/vulhwKD1lLuTaAz1Aqn2R6ok+t5vzcuOCnxJOO
sRXYzh0gbmUonJsAECjDw8xesWfh1128794VP9BpOc/TV0z8Lyd+hZWnZVzFVx8l
6e3nqLFOrRuvSRC6hCwGD0NJuKHi4h3ZdMZYIJxJiffeIrPz0bm7
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:24:52 2025 by rpki-client