Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5f86b12e-e574-426b-aa6b-4939e3b030ba/0/3130332e3130322e31342e302f32342d3234203d3e20313336383635.roa
File:                     3130332e3130322e31342e302f32342d3234203d3e20313336383635.roa (raw, json)
Hash identifier:          xpIpnLctgV8IvR/95nZhbbNFRCrOenQ8KDE2o6OGJuo=
Subject key identifier:   06:C0:25:0D:0F:B3:5D:E6:2F:47:DE:C2:60:78:DB:3D:A9:F7:59:D0
Certificate issuer:       /CN=08773191FBFC21A3C8615A3E36A2ACB187F63C25
Certificate serial:       47873851CA64B380A4B613488A4B8BF47FDAD1E2
Authority key identifier: 08:77:31:91:FB:FC:21:A3:C8:61:5A:3E:36:A2:AC:B1:87:F6:3C:25
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/08773191FBFC21A3C8615A3E36A2ACB187F63C25.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5f86b12e-e574-426b-aa6b-4939e3b030ba/0/3130332e3130322e31342e302f32342d3234203d3e20313336383635.roa
Signing time:             Mon 06 Oct 2025 08:01:00 +0000
ROA not before:           Mon 06 Oct 2025 07:56:00 +0000
ROA not after:            Mon 05 Oct 2026 08:01:00 +0000
asID:                     136865
IP address blocks:        103.102.14.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/5f86b12e-e574-426b-aa6b-4939e3b030ba/0/08773191FBFC21A3C8615A3E36A2ACB187F63C25.crl
                          rsync://repo-rpki.idnic.net/repo/5f86b12e-e574-426b-aa6b-4939e3b030ba/0/08773191FBFC21A3C8615A3E36A2ACB187F63C25.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/08773191FBFC21A3C8615A3E36A2ACB187F63C25.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Oct 2025 11:09:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:87:38:51:ca:64:b3:80:a4:b6:13:48:8a:4b:8b:f4:7f:da:d1:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08773191FBFC21A3C8615A3E36A2ACB187F63C25
        Validity
            Not Before: Oct  6 07:56:00 2025 GMT
            Not After : Oct  5 08:01:00 2026 GMT
        Subject: CN=06C0250D0FB35DE62F47DEC26078DB3DA9F759D0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:de:54:2c:cb:aa:ec:93:b5:bb:b2:ac:d4:fd:
                    6d:44:17:34:3b:54:5e:19:a6:0c:14:c3:e4:b7:56:
                    b0:9c:1e:06:c0:75:16:7e:89:ce:68:6e:ac:42:64:
                    f2:b7:8f:b3:ca:6b:79:51:c7:ed:94:99:1d:47:14:
                    e9:44:56:70:60:78:5e:3c:50:d8:6e:db:1f:77:d9:
                    e1:c2:b0:b6:c3:ea:3e:d1:90:1d:f3:55:b2:d6:3f:
                    52:1a:fa:f8:32:64:4b:d0:6d:50:aa:d0:e4:69:b3:
                    68:dd:c0:6e:c9:75:53:d9:82:a4:da:7b:2c:0d:6d:
                    ba:c0:12:21:46:da:80:48:55:ce:84:42:97:11:7c:
                    a4:16:96:e1:fb:3a:39:6f:17:52:65:63:78:f7:23:
                    27:70:d8:01:90:25:c5:ac:9c:cf:2e:be:ee:51:63:
                    3f:4c:84:a4:9d:45:38:e6:ee:22:a8:e2:96:8f:1e:
                    21:83:35:ba:9b:ac:0c:d9:76:93:ba:6b:89:d8:7f:
                    e5:f3:97:08:a3:14:2b:0a:13:3b:7d:b6:6e:22:b4:
                    06:c4:5c:e6:84:c0:4e:8f:a5:dd:13:b1:72:06:5d:
                    51:97:c9:a5:14:23:d3:93:24:99:79:1e:d5:20:15:
                    e1:85:ef:c8:57:14:3d:38:f3:ae:ac:5b:5c:b1:1a:
                    31:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:C0:25:0D:0F:B3:5D:E6:2F:47:DE:C2:60:78:DB:3D:A9:F7:59:D0
            X509v3 Authority Key Identifier:
                keyid:08:77:31:91:FB:FC:21:A3:C8:61:5A:3E:36:A2:AC:B1:87:F6:3C:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5f86b12e-e574-426b-aa6b-4939e3b030ba/0/08773191FBFC21A3C8615A3E36A2ACB187F63C25.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/08773191FBFC21A3C8615A3E36A2ACB187F63C25.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5f86b12e-e574-426b-aa6b-4939e3b030ba/0/3130332e3130322e31342e302f32342d3234203d3e20313336383635.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.102.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:4d:ce:de:90:ce:ed:91:90:7f:2c:ab:dd:9f:a7:28:6b:1b:
         76:26:1e:01:be:dd:fe:06:c3:3c:ed:87:38:cc:de:fb:5b:9d:
         ec:5e:51:a6:65:44:bf:48:6c:f7:4b:a0:c1:3e:c8:71:89:91:
         27:b2:95:e9:5a:c5:11:b1:eb:80:bc:cd:76:06:f7:ef:84:c6:
         9d:e2:e5:ac:59:6f:70:64:26:3d:9b:63:ad:e6:29:26:9e:59:
         dc:02:0e:4d:d6:2e:f3:31:fb:54:04:6a:61:e0:0e:13:c5:75:
         a4:be:a0:c5:3e:fd:88:dc:18:0a:46:9d:56:ce:b0:aa:d4:9b:
         6d:e0:70:35:26:59:de:6b:fc:41:b4:14:3f:8b:3a:4f:58:84:
         f7:fe:74:e9:e5:9e:b8:2a:fe:38:7a:ed:82:7b:7b:6c:e6:3a:
         25:4d:0e:ef:f9:28:87:64:2d:9e:76:ab:91:e9:51:78:94:98:
         5a:2b:2a:1e:18:2f:aa:bf:2f:4e:f0:90:90:3e:68:08:fe:45:
         fb:57:95:90:d7:d6:e7:a8:08:bb:81:9b:be:3c:f7:43:01:0e:
         e7:40:33:4f:4a:b2:a6:16:7c:8a:d1:3c:33:ca:be:36:8c:7f:
         f8:72:f6:9c:0a:57:e3:fa:6d:95:3e:c6:1f:7d:44:10:fe:29:
         e5:2e:b4:af
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUR4c4Ucpks4CkthNIikuL9H/a0eIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg3NzMxOTFGQkZDMjFBM0M4NjE1QTNFMzZBMkFDQjE4
N0Y2M0MyNTAeFw0yNTEwMDYwNzU2MDBaFw0yNjEwMDUwODAxMDBaMDMxMTAvBgNV
BAMTKDA2QzAyNTBEMEZCMzVERTYyRjQ3REVDMjYwNzhEQjNEQTlGNzU5RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF3lQsy6rsk7W7sqzU/W1EFzQ7
VF4ZpgwUw+S3VrCcHgbAdRZ+ic5obqxCZPK3j7PKa3lRx+2UmR1HFOlEVnBgeF48
UNhu2x932eHCsLbD6j7RkB3zVbLWP1Ia+vgyZEvQbVCq0ORps2jdwG7JdVPZgqTa
eywNbbrAEiFG2oBIVc6EQpcRfKQWluH7OjlvF1JlY3j3Iydw2AGQJcWsnM8uvu5R
Yz9MhKSdRTjm7iKo4paPHiGDNbqbrAzZdpO6a4nYf+XzlwijFCsKEzt9tm4itAbE
XOaEwE6Ppd0TsXIGXVGXyaUUI9OTJJl5HtUgFeGF78hXFD04866sW1yxGjE/AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUBsAlDQ+zXeYvR97CYHjbPan3WdAwHwYDVR0j
BBgwFoAUCHcxkfv8IaPIYVo+NqKssYf2PCUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
Zjg2YjEyZS1lNTc0LTQyNmItYWE2Yi00OTM5ZTNiMDMwYmEvMC8wODc3MzE5MUZC
RkMyMUEzQzg2MTVBM0UzNkEyQUNCMTg3RjYzQzI1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDg3NzMxOTFGQkZDMjFBM0M4NjE1QTNFMzZBMkFDQjE4N0Y2
M0MyNS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVmODZiMTJlLWU1NzQtNDI2Yi1h
YTZiLTQ5MzllM2IwMzBiYS8wLzMxMzAzMzJlMzEzMDMyMmUzMTM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM2MzgzNjM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ2YOMA0GCSqG
SIb3DQEBCwUAA4IBAQC9Tc7ekM7tkZB/LKvdn6coaxt2Jh4Bvt3+BsM87Yc4zN77
W53sXlGmZUS/SGz3S6DBPshxiZEnspXpWsURseuAvM12BvfvhMad4uWsWW9wZCY9
m2Ot5ikmnlncAg5N1i7zMftUBGph4A4TxXWkvqDFPv2I3BgKRp1WzrCq1Jtt4HA1
Jlnea/xBtBQ/izpPWIT3/nTp5Z64Kv44eu2Ce3ts5jolTQ7v+SiHZC2edquR6VF4
lJhaKyoeGC+qvy9O8JCQPmgI/kX7V5WQ19bnqAi7gZu+PPdDAQ7nQDNPSrKmFnyK
0Twzyr42jH/4cvacClfj+m2VPsYffUQQ/inlLrSv
-----END CERTIFICATE-----
Generated at Tue Oct 21 06:25:32 2025 by rpki-client