Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/581274af-7cd0-40af-a321-676898d58db8/0/3230322e34372e3136322e302f32342d3234203d3e20313532303337.roa
File:                     3230322e34372e3136322e302f32342d3234203d3e20313532303337.roa (raw, json)
Hash identifier:          8svYl0PSwXQA1Wds9/vDZkzwkfX8sX1XjqIKznjwc2w=
Subject key identifier:   68:BA:2E:12:18:9C:74:81:D5:4E:96:16:89:E9:6C:6F:32:D7:C8:0A
Certificate issuer:       /CN=842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF
Certificate serial:       4C3E84CE6D9B942ECAB0D47CF4323E15A7D4B1FA
Authority key identifier: 84:22:33:D6:E7:56:BC:93:C0:DB:9A:45:DD:2F:7B:CD:97:CB:29:AF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/581274af-7cd0-40af-a321-676898d58db8/0/3230322e34372e3136322e302f32342d3234203d3e20313532303337.roa
Signing time:             Tue 23 Sep 2025 14:00:00 +0000
ROA not before:           Tue 23 Sep 2025 13:55:00 +0000
ROA not after:            Tue 22 Sep 2026 14:00:00 +0000
asID:                     152037
IP address blocks:        202.47.162.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/581274af-7cd0-40af-a321-676898d58db8/0/842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF.crl
                          rsync://repo-rpki.idnic.net/repo/581274af-7cd0-40af-a321-676898d58db8/0/842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 22 Oct 2025 16:27:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:3e:84:ce:6d:9b:94:2e:ca:b0:d4:7c:f4:32:3e:15:a7:d4:b1:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF
        Validity
            Not Before: Sep 23 13:55:00 2025 GMT
            Not After : Sep 22 14:00:00 2026 GMT
        Subject: CN=68BA2E12189C7481D54E961689E96C6F32D7C80A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:40:ce:4d:2c:d0:b1:3e:4e:51:9c:3a:48:e1:
                    8e:16:dd:b8:cc:50:b9:b6:89:16:88:ae:d8:c6:0f:
                    fe:07:6a:d7:6a:17:cc:fb:d5:0f:59:04:4f:fc:ad:
                    49:3a:15:2b:33:d6:99:88:5b:fd:c7:14:89:5e:f2:
                    8f:68:61:3c:1e:6f:dd:e2:d2:14:27:3f:a0:a0:31:
                    c2:2e:6d:59:e6:22:9e:d8:8a:2d:a1:c1:e3:15:21:
                    f4:38:9a:a4:4e:76:86:43:ae:5d:bb:e1:48:4d:e6:
                    30:8d:f6:1d:48:e9:63:4b:b6:9d:3c:cf:2d:60:8d:
                    b5:18:b2:68:72:dd:ad:f3:74:ea:b5:64:fe:38:d9:
                    3a:48:b4:2d:d2:a3:68:cf:13:04:e2:a9:27:a0:16:
                    81:d7:97:9d:2b:51:70:7b:ea:7b:7b:ed:05:9d:31:
                    fc:69:a7:4e:7c:55:b7:93:5b:fb:50:45:70:fe:bc:
                    88:d6:c1:7b:ee:03:af:36:af:2c:31:49:ee:37:c4:
                    0c:78:e5:e1:e2:18:c6:e1:8c:ab:1c:66:7c:6a:6b:
                    9c:57:90:f4:ae:71:9a:e2:78:7e:1c:5a:8f:34:22:
                    b3:04:71:af:5c:8d:ae:8b:2a:96:24:2b:83:59:69:
                    ec:c3:d6:b9:d6:b5:8d:a7:3f:22:07:e7:99:62:77:
                    23:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:BA:2E:12:18:9C:74:81:D5:4E:96:16:89:E9:6C:6F:32:D7:C8:0A
            X509v3 Authority Key Identifier:
                keyid:84:22:33:D6:E7:56:BC:93:C0:DB:9A:45:DD:2F:7B:CD:97:CB:29:AF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/581274af-7cd0-40af-a321-676898d58db8/0/842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/581274af-7cd0-40af-a321-676898d58db8/0/3230322e34372e3136322e302f32342d3234203d3e20313532303337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.47.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:b6:4e:16:25:2d:75:90:be:b6:50:68:d7:ae:3f:ee:7a:19:
         f9:6a:8b:a6:73:d4:6c:29:b0:ff:c8:5a:a3:8b:16:31:88:80:
         bd:1c:67:e2:ac:a4:08:3f:3d:ab:be:29:d4:ea:2f:9c:11:14:
         94:c8:66:85:37:36:9d:78:11:ce:1e:4a:b0:6b:52:f6:1f:7b:
         8c:38:ef:b8:09:c7:47:a8:53:c4:7a:02:df:7e:23:d1:09:c2:
         30:98:04:b9:87:f5:a9:2f:db:3e:7e:e8:d1:93:b0:37:35:07:
         e1:43:1d:4e:0d:bc:a6:38:7d:82:21:e8:d2:51:5f:89:54:1f:
         ba:12:10:b6:8e:ec:36:92:1c:10:77:71:70:24:ad:a4:0a:44:
         5e:12:8c:ae:96:44:31:26:00:dd:0f:3b:77:2a:58:4d:2e:17:
         e4:ef:ba:e3:dc:58:d8:a4:06:eb:88:7e:f5:c4:aa:df:d7:dd:
         7f:7c:4b:eb:ee:4c:35:cd:94:08:2c:97:f6:c6:7d:79:72:74:
         6f:77:8d:f9:a9:78:6c:c7:73:80:2c:ec:3c:7d:69:61:a6:46:
         54:95:30:86:cf:f0:11:d2:e4:a0:20:33:93:be:ed:42:a3:5f:
         2c:3a:7c:c7:42:99:07:57:57:b9:05:a5:0d:a6:42:58:a5:17:
         dc:85:f0:1e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUTD6Ezm2blC7KsNR89DI+FafUsfowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQyMjMzRDZFNzU2QkM5M0MwREI5QTQ1REQyRjdCQ0Q5
N0NCMjlBRjAeFw0yNTA5MjMxMzU1MDBaFw0yNjA5MjIxNDAwMDBaMDMxMTAvBgNV
BAMTKDY4QkEyRTEyMTg5Qzc0ODFENTRFOTYxNjg5RTk2QzZGMzJEN0M4MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdQM5NLNCxPk5RnDpI4Y4W3bjM
ULm2iRaIrtjGD/4HatdqF8z71Q9ZBE/8rUk6FSsz1pmIW/3HFIle8o9oYTweb93i
0hQnP6CgMcIubVnmIp7Yii2hweMVIfQ4mqROdoZDrl274UhN5jCN9h1I6WNLtp08
zy1gjbUYsmhy3a3zdOq1ZP442TpItC3So2jPEwTiqSegFoHXl50rUXB76nt77QWd
Mfxpp058VbeTW/tQRXD+vIjWwXvuA682rywxSe43xAx45eHiGMbhjKscZnxqa5xX
kPSucZrieH4cWo80IrMEca9cja6LKpYkK4NZaezD1rnWtY2nPyIH55lidyNzAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUaLouEhicdIHVTpYWielsbzLXyAowHwYDVR0j
BBgwFoAUhCIz1udWvJPA25pF3S97zZfLKa8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
ODEyNzRhZi03Y2QwLTQwYWYtYTMyMS02NzY4OThkNThkYjgvMC84NDIyMzNENkU3
NTZCQzkzQzBEQjlBNDVERDJGN0JDRDk3Q0IyOUFGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODQyMjMzRDZFNzU2QkM5M0MwREI5QTQ1REQyRjdCQ0Q5N0NC
MjlBRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU4MTI3NGFmLTdjZDAtNDBhZi1h
MzIxLTY3Njg5OGQ1OGRiOC8wLzMyMzAzMjJlMzQzNzJlMzEzNjMyMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzAzMzM3LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyi+iMA0GCSqG
SIb3DQEBCwUAA4IBAQCctk4WJS11kL62UGjXrj/uehn5aoumc9RsKbD/yFqjixYx
iIC9HGfirKQIPz2rvinU6i+cERSUyGaFNzadeBHOHkqwa1L2H3uMOO+4CcdHqFPE
egLffiPRCcIwmAS5h/WpL9s+fujRk7A3NQfhQx1ODbymOH2CIejSUV+JVB+6EhC2
juw2khwQd3FwJK2kCkReEoyulkQxJgDdDzt3KlhNLhfk77rj3FjYpAbriH71xKrf
191/fEvr7kw1zZQILJf2xn15cnRvd435qXhsx3OALOw8fWlhpkZUlTCGz/AR0uSg
IDOTvu1Co18sOnzHQpkHV1e5BaUNpkJYpRfchfAe
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:49:47 2025 by rpki-client