Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/57984e3a-48f9-4cda-be6c-4006c08f8fd2/0/3230322e3138302e35332e302f32342d3234203d3e203338313435.roa
File:                     3230322e3138302e35332e302f32342d3234203d3e203338313435.roa (raw, json)
Hash identifier:          uJAPQ0voXCtnWGxjfbutuCKwtM6QUA3WnVapuXURnzU=
Subject key identifier:   17:4C:D1:84:BB:BC:2B:87:87:43:BC:BB:69:AC:11:5C:D2:19:32:8F
Certificate issuer:       /CN=365454AF0090F9E623861AF2120855412F7447D1
Certificate serial:       2C7184E14CEAEF776EDEAD0D9E6E323DF2B77312
Authority key identifier: 36:54:54:AF:00:90:F9:E6:23:86:1A:F2:12:08:55:41:2F:74:47:D1
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/365454AF0090F9E623861AF2120855412F7447D1.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/57984e3a-48f9-4cda-be6c-4006c08f8fd2/0/3230322e3138302e35332e302f32342d3234203d3e203338313435.roa
Signing time:             Thu 14 Aug 2025 06:00:00 +0000
ROA not before:           Thu 14 Aug 2025 05:55:00 +0000
ROA not after:            Thu 13 Aug 2026 06:00:00 +0000
asID:                     38145
IP address blocks:        202.180.53.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/57984e3a-48f9-4cda-be6c-4006c08f8fd2/0/365454AF0090F9E623861AF2120855412F7447D1.crl
                          rsync://repo-rpki.idnic.net/repo/57984e3a-48f9-4cda-be6c-4006c08f8fd2/0/365454AF0090F9E623861AF2120855412F7447D1.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/365454AF0090F9E623861AF2120855412F7447D1.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 26 Aug 2025 03:35:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:71:84:e1:4c:ea:ef:77:6e:de:ad:0d:9e:6e:32:3d:f2:b7:73:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=365454AF0090F9E623861AF2120855412F7447D1
        Validity
            Not Before: Aug 14 05:55:00 2025 GMT
            Not After : Aug 13 06:00:00 2026 GMT
        Subject: CN=174CD184BBBC2B878743BCBB69AC115CD219328F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ce:86:91:17:97:a7:6b:f6:7c:05:bc:74:f5:
                    10:59:1b:c9:e6:81:96:6a:19:34:aa:0a:4d:e7:3f:
                    40:29:11:8c:80:08:d7:bf:17:90:bd:47:d2:10:be:
                    bc:cd:68:81:af:96:d7:bf:ee:7b:64:b4:0e:aa:5d:
                    30:ad:41:99:c9:6b:48:90:7d:f3:ce:8e:47:2e:b4:
                    76:d7:b3:f5:c8:00:5a:8d:4b:8d:3e:4f:ab:48:ff:
                    f1:d4:97:4d:1d:df:29:24:0a:99:fc:9f:38:69:f4:
                    8b:f7:4d:86:06:66:4c:0e:8e:6e:18:73:23:e9:c4:
                    92:ae:ed:ad:e7:1d:69:f8:cc:77:a0:75:64:75:47:
                    fa:c3:12:82:81:f1:0b:36:bd:d0:04:87:af:d9:03:
                    08:bf:82:94:ba:25:d9:8a:e5:03:df:e2:2e:0b:f1:
                    a4:8f:f0:2f:50:34:da:33:87:9c:54:fd:d1:58:2a:
                    90:24:24:06:dc:6d:07:44:aa:39:41:0e:d3:c1:dd:
                    e7:53:0f:c6:80:42:aa:6d:bb:b4:82:3f:1c:36:8e:
                    08:b5:72:3d:04:0d:93:0c:7c:1e:92:fd:15:40:8a:
                    57:da:47:70:f1:76:aa:39:fb:17:7e:7d:73:77:7f:
                    48:8b:9d:d1:64:5c:62:8e:64:5e:bf:95:2a:22:04:
                    7f:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:4C:D1:84:BB:BC:2B:87:87:43:BC:BB:69:AC:11:5C:D2:19:32:8F
            X509v3 Authority Key Identifier:
                keyid:36:54:54:AF:00:90:F9:E6:23:86:1A:F2:12:08:55:41:2F:74:47:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/57984e3a-48f9-4cda-be6c-4006c08f8fd2/0/365454AF0090F9E623861AF2120855412F7447D1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/365454AF0090F9E623861AF2120855412F7447D1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/57984e3a-48f9-4cda-be6c-4006c08f8fd2/0/3230322e3138302e35332e302f32342d3234203d3e203338313435.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.180.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:67:a7:10:70:d9:12:b3:44:3b:91:df:17:7f:04:d0:d6:3d:
         dc:47:e8:0c:4e:c7:a5:61:9f:fd:5f:e0:41:0b:de:8b:fb:db:
         cf:19:08:09:75:c7:c7:cb:07:f0:25:90:6a:f3:f3:90:86:19:
         ea:95:29:8e:64:e4:de:62:b3:0b:42:b4:7e:59:41:eb:03:37:
         ef:a5:34:14:fe:59:75:2d:84:49:5e:1f:d6:bb:0e:0f:c2:d5:
         2e:26:d5:6d:f3:3c:76:5c:aa:50:0a:cd:9c:b7:f8:ca:81:ad:
         29:92:d5:6e:2f:6e:99:24:25:9a:48:ac:f2:55:6f:b0:ef:3f:
         67:d2:ba:90:13:de:c3:02:47:ae:f0:0a:ef:85:96:5f:9c:17:
         74:6f:d7:65:9b:fe:6c:bf:4a:df:ae:32:6d:b9:0e:76:77:13:
         cc:16:0e:12:09:f7:ee:6b:1f:23:c6:49:c5:8c:0f:d0:90:fe:
         1d:0d:d6:1c:1a:bd:d8:c7:fb:47:86:e5:3e:61:9d:73:b0:2b:
         75:91:df:1b:81:c3:4f:90:95:bd:6c:f1:60:e3:e3:dc:0b:05:
         70:08:04:f3:34:73:64:6f:03:04:ec:89:d2:d5:70:dc:26:97:
         30:74:83:9c:3f:58:ce:40:ac:61:69:54:35:a1:44:f2:87:14:
         c9:e6:0e:2e
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIULHGE4Uzq73du3q0Nnm4yPfK3cxIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzY1NDU0QUYwMDkwRjlFNjIzODYxQUYyMTIwODU1NDEy
Rjc0NDdEMTAeFw0yNTA4MTQwNTU1MDBaFw0yNjA4MTMwNjAwMDBaMDMxMTAvBgNV
BAMTKDE3NENEMTg0QkJCQzJCODc4NzQzQkNCQjY5QUMxMTVDRDIxOTMyOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLzoaRF5ena/Z8Bbx09RBZG8nm
gZZqGTSqCk3nP0ApEYyACNe/F5C9R9IQvrzNaIGvlte/7ntktA6qXTCtQZnJa0iQ
ffPOjkcutHbXs/XIAFqNS40+T6tI//HUl00d3ykkCpn8nzhp9Iv3TYYGZkwOjm4Y
cyPpxJKu7a3nHWn4zHegdWR1R/rDEoKB8Qs2vdAEh6/ZAwi/gpS6JdmK5QPf4i4L
8aSP8C9QNNozh5xU/dFYKpAkJAbcbQdEqjlBDtPB3edTD8aAQqptu7SCPxw2jgi1
cj0EDZMMfB6S/RVAilfaR3Dxdqo5+xd+fXN3f0iLndFkXGKOZF6/lSoiBH+tAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUF0zRhLu8K4eHQ7y7aawRXNIZMo8wHwYDVR0j
BBgwFoAUNlRUrwCQ+eYjhhryEghVQS90R9EwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
Nzk4NGUzYS00OGY5LTRjZGEtYmU2Yy00MDA2YzA4ZjhmZDIvMC8zNjU0NTRBRjAw
OTBGOUU2MjM4NjFBRjIxMjA4NTU0MTJGNzQ0N0QxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMzY1NDU0QUYwMDkwRjlFNjIzODYxQUYyMTIwODU1NDEyRjc0
NDdEMS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU3OTg0ZTNhLTQ4ZjktNGNkYS1i
ZTZjLTQwMDZjMDhmOGZkMi8wLzMyMzAzMjJlMzEzODMwMmUzNTMzMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzMzODMxMzQzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMq0NTANBgkqhkiG
9w0BAQsFAAOCAQEAJGenEHDZErNEO5HfF38E0NY93EfoDE7HpWGf/V/gQQvei/vb
zxkICXXHx8sH8CWQavPzkIYZ6pUpjmTk3mKzC0K0fllB6wM376U0FP5ZdS2ESV4f
1rsOD8LVLibVbfM8dlyqUArNnLf4yoGtKZLVbi9umSQlmkis8lVvsO8/Z9K6kBPe
wwJHrvAK74WWX5wXdG/XZZv+bL9K364ybbkOdncTzBYOEgn37msfI8ZJxYwP0JD+
HQ3WHBq92Mf7R4blPmGdc7ArdZHfG4HDT5CVvWzxYOPj3AsFcAgE8zRzZG8DBOyJ
0tVw3CaXMHSDnD9YzkCsYWlUNaFE8ocUyeYOLg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:56:57 2025 by rpki-client