Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/519a8538-da43-4158-abc2-8e63a8e40899/0/3130332e3130322e3137372e302f32342d3234203d3e20313335343634.roa
File:                     3130332e3130322e3137372e302f32342d3234203d3e20313335343634.roa (raw, json)
Hash identifier:          5B/tN2XTSVc7IkCa3bkZUZXee71PBWdrKh/L7WGgSKQ=
Subject key identifier:   95:74:3C:48:C4:41:94:27:FC:7B:4B:9E:3A:09:34:59:6C:75:D5:6C
Certificate issuer:       /CN=D7C7C6E533C41C36D923CDC59FFC1B0436C39FAF
Certificate serial:       7120DDF54D4DAEFDE53C716D17A5F1F170AA6A3B
Authority key identifier: D7:C7:C6:E5:33:C4:1C:36:D9:23:CD:C5:9F:FC:1B:04:36:C3:9F:AF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D7C7C6E533C41C36D923CDC59FFC1B0436C39FAF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/519a8538-da43-4158-abc2-8e63a8e40899/0/3130332e3130322e3137372e302f32342d3234203d3e20313335343634.roa
Signing time:             Sat 18 Oct 2025 09:00:00 +0000
ROA not before:           Sat 18 Oct 2025 08:55:00 +0000
ROA not after:            Sat 17 Oct 2026 09:00:00 +0000
asID:                     135464
IP address blocks:        103.102.177.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/519a8538-da43-4158-abc2-8e63a8e40899/0/D7C7C6E533C41C36D923CDC59FFC1B0436C39FAF.crl
                          rsync://repo-rpki.idnic.net/repo/519a8538-da43-4158-abc2-8e63a8e40899/0/D7C7C6E533C41C36D923CDC59FFC1B0436C39FAF.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D7C7C6E533C41C36D923CDC59FFC1B0436C39FAF.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Oct 2025 11:48:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:20:dd:f5:4d:4d:ae:fd:e5:3c:71:6d:17:a5:f1:f1:70:aa:6a:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D7C7C6E533C41C36D923CDC59FFC1B0436C39FAF
        Validity
            Not Before: Oct 18 08:55:00 2025 GMT
            Not After : Oct 17 09:00:00 2026 GMT
        Subject: CN=95743C48C4419427FC7B4B9E3A0934596C75D56C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:64:c3:d8:5c:ce:ff:45:04:51:c1:e7:a4:e9:
                    db:6a:5b:8d:d2:d7:55:88:5d:a4:64:97:d0:b8:64:
                    47:b4:b1:c1:4c:11:98:8e:79:e6:19:88:19:b1:a0:
                    ab:28:a5:f4:2e:00:b9:76:ed:57:18:8b:9c:4d:ce:
                    a0:d8:77:96:21:e7:b6:dc:21:87:b8:14:49:c8:6f:
                    a3:f5:fd:75:13:b3:e8:42:f4:b6:1f:b8:06:e6:f3:
                    fb:32:3a:c5:d0:e8:ea:af:3d:01:f1:08:47:8e:2e:
                    ea:f1:55:89:17:bb:81:de:1a:b7:94:cb:d7:0b:1f:
                    44:c4:67:96:93:db:f7:fc:6f:16:2c:33:8a:4d:19:
                    78:c3:30:59:20:8c:b9:e4:74:64:07:b7:71:30:e6:
                    93:63:ab:2e:1f:bf:a8:2e:c5:b8:13:76:c2:39:bc:
                    6d:de:fb:62:ee:23:c9:52:6a:33:92:0b:d0:be:dc:
                    e9:36:6c:eb:51:ee:fc:12:89:5f:fb:6c:cd:19:fa:
                    8d:2f:d2:07:12:5f:d1:2d:99:66:27:4e:71:28:de:
                    41:06:c6:d8:1a:8d:62:fd:13:fa:58:de:7d:d6:a7:
                    25:64:69:bf:27:37:eb:8f:1b:5c:73:5c:b3:50:79:
                    ea:1c:b7:ff:8a:d7:da:83:c7:b8:b1:b8:26:c9:ee:
                    ee:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:74:3C:48:C4:41:94:27:FC:7B:4B:9E:3A:09:34:59:6C:75:D5:6C
            X509v3 Authority Key Identifier:
                keyid:D7:C7:C6:E5:33:C4:1C:36:D9:23:CD:C5:9F:FC:1B:04:36:C3:9F:AF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/519a8538-da43-4158-abc2-8e63a8e40899/0/D7C7C6E533C41C36D923CDC59FFC1B0436C39FAF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D7C7C6E533C41C36D923CDC59FFC1B0436C39FAF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/519a8538-da43-4158-abc2-8e63a8e40899/0/3130332e3130322e3137372e302f32342d3234203d3e20313335343634.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.102.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:a3:c2:00:59:21:18:41:76:f6:09:50:23:dd:c9:cc:df:4b:
         b9:58:f9:c3:bc:60:0e:27:ac:fe:30:0f:46:54:ac:cf:f3:3f:
         97:44:ed:e6:b5:7e:06:9b:a4:11:4f:c1:75:b8:2a:58:fe:fd:
         3e:ab:b2:fe:44:86:8c:61:b5:39:7d:c2:b9:28:9c:bd:68:7e:
         4a:73:ce:f1:51:ea:c7:c5:d0:d1:ea:31:22:ad:8c:b8:0b:cb:
         d0:cc:d9:2c:06:a6:96:e8:38:72:fd:9b:e1:15:f6:20:87:6c:
         f2:86:35:14:b5:68:9b:5d:1b:02:32:37:80:1c:33:29:b2:05:
         30:7d:9d:2d:a2:51:7c:3c:b5:12:36:e6:cc:f5:2a:9c:29:42:
         f5:32:96:c2:15:21:52:d0:59:19:58:52:7b:5c:9f:eb:36:71:
         31:2a:4d:17:bb:81:13:1c:0f:02:1d:44:86:3b:9b:93:ac:e0:
         61:de:fd:9e:03:47:5a:53:d2:f9:6b:a5:92:be:f5:cc:d1:84:
         5d:c7:2c:c4:54:f1:25:32:2e:9c:f0:7a:5b:35:8a:10:b4:fe:
         56:71:bf:3b:bb:65:62:6e:fa:20:16:54:cb:20:89:ee:7b:12:
         28:11:80:a4:b8:55:c6:5a:a2:89:65:4f:3f:01:7a:c3:78:b7:
         16:a8:50:41
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUcSDd9U1Nrv3lPHFtF6Xx8XCqajswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDdDN0M2RTUzM0M0MUMzNkQ5MjNDREM1OUZGQzFCMDQz
NkMzOUZBRjAeFw0yNTEwMTgwODU1MDBaFw0yNjEwMTcwOTAwMDBaMDMxMTAvBgNV
BAMTKDk1NzQzQzQ4QzQ0MTk0MjdGQzdCNEI5RTNBMDkzNDU5NkM3NUQ1NkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOZMPYXM7/RQRRweek6dtqW43S
11WIXaRkl9C4ZEe0scFMEZiOeeYZiBmxoKsopfQuALl27VcYi5xNzqDYd5Yh57bc
IYe4FEnIb6P1/XUTs+hC9LYfuAbm8/syOsXQ6OqvPQHxCEeOLurxVYkXu4HeGreU
y9cLH0TEZ5aT2/f8bxYsM4pNGXjDMFkgjLnkdGQHt3Ew5pNjqy4fv6guxbgTdsI5
vG3e+2LuI8lSajOSC9C+3Ok2bOtR7vwSiV/7bM0Z+o0v0gcSX9EtmWYnTnEo3kEG
xtgajWL9E/pY3n3WpyVkab8nN+uPG1xzXLNQeeoct/+K19qDx7ixuCbJ7u63AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUlXQ8SMRBlCf8e0ueOgk0WWx11WwwHwYDVR0j
BBgwFoAU18fG5TPEHDbZI83Fn/wbBDbDn68wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
MTlhODUzOC1kYTQzLTQxNTgtYWJjMi04ZTYzYThlNDA4OTkvMC9EN0M3QzZFNTMz
QzQxQzM2RDkyM0NEQzU5RkZDMUIwNDM2QzM5RkFGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDdDN0M2RTUzM0M0MUMzNkQ5MjNDREM1OUZGQzFCMDQzNkMz
OUZBRi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzUxOWE4NTM4LWRhNDMtNDE1OC1h
YmMyLThlNjNhOGU0MDg5OS8wLzMxMzAzMzJlMzEzMDMyMmUzMTM3MzcyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzUzNDM2MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnZrEwDQYJ
KoZIhvcNAQELBQADggEBAB+jwgBZIRhBdvYJUCPdyczfS7lY+cO8YA4nrP4wD0ZU
rM/zP5dE7ea1fgabpBFPwXW4Klj+/T6rsv5EhoxhtTl9wrkonL1ofkpzzvFR6sfF
0NHqMSKtjLgLy9DM2SwGppboOHL9m+EV9iCHbPKGNRS1aJtdGwIyN4AcMymyBTB9
nS2iUXw8tRI25sz1KpwpQvUylsIVIVLQWRlYUntcn+s2cTEqTRe7gRMcDwIdRIY7
m5Os4GHe/Z4DR1pT0vlrpZK+9czRhF3HLMRU8SUyLpzwels1ihC0/lZxvzu7ZWJu
+iAWVMsgie57EigRgKS4VcZaoollTz8BesN4txaoUEE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:09:49 2025 by rpki-client