Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/70c2a13b-1f40-4c03-bc35-f6961516d4d9/0/323030313a6466323a653838303a3a2f34382d3438203d3e2034373837.roa
File:                     323030313a6466323a653838303a3a2f34382d3438203d3e2034373837.roa (raw, json)
Hash identifier:          TdOcBSulqT/k1J+bS2r7sCrDeanQk+UTRzf1JaxNxiY=
Subject key identifier:   EA:61:E6:9D:17:9D:3C:8A:9C:E2:68:60:C4:C0:37:0F:AA:5B:74:E7
Certificate issuer:       /CN=08D07F010DA28112A94E8800C317B8DF7F1ABF43
Certificate serial:       741595E3C5B8F782BB2DB3B59F9F982A5565F226
Authority key identifier: 08:D0:7F:01:0D:A2:81:12:A9:4E:88:00:C3:17:B8:DF:7F:1A:BF:43
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/08D07F010DA28112A94E8800C317B8DF7F1ABF43.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/70c2a13b-1f40-4c03-bc35-f6961516d4d9/0/323030313a6466323a653838303a3a2f34382d3438203d3e2034373837.roa
Signing time:             Mon 13 Oct 2025 03:03:55 +0000
ROA not before:           Mon 13 Oct 2025 02:58:55 +0000
ROA not after:            Mon 12 Oct 2026 03:03:55 +0000
asID:                     4787
IP address blocks:        2001:df2:e880::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/70c2a13b-1f40-4c03-bc35-f6961516d4d9/0/08D07F010DA28112A94E8800C317B8DF7F1ABF43.crl
                          rsync://repo-rpki.idnic.net/repo/70c2a13b-1f40-4c03-bc35-f6961516d4d9/0/08D07F010DA28112A94E8800C317B8DF7F1ABF43.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/08D07F010DA28112A94E8800C317B8DF7F1ABF43.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Oct 2025 06:52:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:15:95:e3:c5:b8:f7:82:bb:2d:b3:b5:9f:9f:98:2a:55:65:f2:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08D07F010DA28112A94E8800C317B8DF7F1ABF43
        Validity
            Not Before: Oct 13 02:58:55 2025 GMT
            Not After : Oct 12 03:03:55 2026 GMT
        Subject: CN=EA61E69D179D3C8A9CE26860C4C0370FAA5B74E7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:88:47:36:d5:8c:11:fa:0b:b2:cb:c5:67:1f:
                    df:5b:6a:b1:99:bb:1f:52:0f:6e:2a:7d:64:9a:b9:
                    d1:af:79:84:49:f3:44:32:ae:da:2f:e1:7d:26:6a:
                    c4:5e:cb:07:80:89:57:82:14:94:54:33:aa:d3:c4:
                    e7:97:dc:61:2a:5b:17:c6:ea:67:d4:4a:5b:86:64:
                    0d:76:71:a8:b1:96:01:5b:7a:90:0b:38:5f:1b:7c:
                    04:71:6a:e9:3c:de:88:66:78:cd:0e:be:d5:f2:93:
                    93:e4:0f:96:a6:dd:d2:e6:04:10:48:92:8c:a2:fd:
                    cd:eb:31:2f:f0:18:63:73:09:0c:fb:6b:aa:ae:c2:
                    6e:0b:d7:a6:47:b5:43:4d:44:a0:62:ec:46:9b:71:
                    b5:5c:bf:48:2f:cc:cf:f6:e0:c5:d1:da:ac:90:3c:
                    c1:7f:3b:f9:41:d7:15:91:52:f6:9b:1c:54:e9:86:
                    96:14:cb:8c:78:af:c1:08:13:c1:be:ef:78:f4:c4:
                    e7:aa:12:d9:b4:fb:e7:29:68:29:d2:8c:29:e5:3d:
                    1d:c3:ac:21:19:04:b9:09:3c:68:a5:3a:68:c1:b9:
                    cd:9f:59:a6:d6:2c:d3:4f:34:52:df:3d:c7:7d:31:
                    9f:5a:d2:89:2c:57:3d:ad:24:c1:31:ae:57:37:52:
                    39:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:61:E6:9D:17:9D:3C:8A:9C:E2:68:60:C4:C0:37:0F:AA:5B:74:E7
            X509v3 Authority Key Identifier:
                keyid:08:D0:7F:01:0D:A2:81:12:A9:4E:88:00:C3:17:B8:DF:7F:1A:BF:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/70c2a13b-1f40-4c03-bc35-f6961516d4d9/0/08D07F010DA28112A94E8800C317B8DF7F1ABF43.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/08D07F010DA28112A94E8800C317B8DF7F1ABF43.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/70c2a13b-1f40-4c03-bc35-f6961516d4d9/0/323030313a6466323a653838303a3a2f34382d3438203d3e2034373837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df2:e880::/48

    Signature Algorithm: sha256WithRSAEncryption
         7d:e9:07:54:37:e2:45:df:67:bc:e7:5d:d8:c9:f7:f6:c2:4c:
         0d:1f:5e:67:1c:c3:38:2e:29:f1:2f:b1:06:f9:25:6d:2c:38:
         a1:b6:52:e4:36:8e:60:7d:4e:d2:ee:5e:63:07:bb:b3:c6:36:
         e3:81:7f:6d:ab:7c:4c:4c:29:39:73:ab:5e:e6:4e:3e:fe:40:
         9d:4b:b2:17:b6:54:fc:9c:f9:c1:34:e6:43:ff:43:c0:ac:cf:
         98:c5:3f:90:4d:9e:6f:53:6b:1c:ef:0e:31:4e:1b:75:1e:6a:
         5b:bd:1f:c0:61:10:53:82:b0:c8:c0:38:34:9b:10:00:22:f2:
         00:43:ab:fd:ec:57:ef:a3:34:f5:60:2d:7f:64:7f:78:c8:af:
         e5:be:f2:2e:b0:28:3b:20:c4:98:24:8c:86:dd:0e:b9:81:93:
         29:6e:4b:de:c4:c8:da:35:73:fc:b4:27:ad:32:8f:c3:3f:7d:
         60:44:d1:ac:85:20:8f:bb:36:4e:f3:a3:0a:00:1d:10:8e:71:
         ea:7f:df:88:e7:41:22:78:19:e0:fd:d9:cf:34:f5:af:83:11:
         4e:f9:05:40:54:2b:99:0b:0e:47:9e:ce:66:a3:d3:99:4b:87:
         ea:d7:2d:74:88:b5:fd:1e:ea:6c:27:99:45:11:01:7e:9f:13:
         60:83:1b:4e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUdBWV48W494K7LbO1n5+YKlVl8iYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhEMDdGMDEwREEyODExMkE5NEU4ODAwQzMxN0I4REY3
RjFBQkY0MzAeFw0yNTEwMTMwMjU4NTVaFw0yNjEwMTIwMzAzNTVaMDMxMTAvBgNV
BAMTKEVBNjFFNjlEMTc5RDNDOEE5Q0UyNjg2MEM0QzAzNzBGQUE1Qjc0RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQiEc21YwR+guyy8VnH99barGZ
ux9SD24qfWSaudGveYRJ80Qyrtov4X0masReyweAiVeCFJRUM6rTxOeX3GEqWxfG
6mfUSluGZA12caixlgFbepALOF8bfARxauk83ohmeM0OvtXyk5PkD5am3dLmBBBI
koyi/c3rMS/wGGNzCQz7a6quwm4L16ZHtUNNRKBi7EabcbVcv0gvzM/24MXR2qyQ
PMF/O/lB1xWRUvabHFTphpYUy4x4r8EIE8G+73j0xOeqEtm0++cpaCnSjCnlPR3D
rCEZBLkJPGilOmjBuc2fWabWLNNPNFLfPcd9MZ9a0oksVz2tJMExrlc3UjmxAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU6mHmnRedPIqc4mhgxMA3D6pbdOcwHwYDVR0j
BBgwFoAUCNB/AQ2igRKpTogAwxe4338av0MwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
MGMyYTEzYi0xZjQwLTRjMDMtYmMzNS1mNjk2MTUxNmQ0ZDkvMC8wOEQwN0YwMTBE
QTI4MTEyQTk0RTg4MDBDMzE3QjhERjdGMUFCRjQzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDhEMDdGMDEwREEyODExMkE5NEU4ODAwQzMxN0I4REY3RjFB
QkY0My5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzcwYzJhMTNiLTFmNDAtNGMwMy1i
YzM1LWY2OTYxNTE2ZDRkOS8wLzMyMzAzMDMxM2E2NDY2MzIzYTY1MzgzODMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzQzNzM4Mzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQ3y6IAw
DQYJKoZIhvcNAQELBQADggEBAH3pB1Q34kXfZ7znXdjJ9/bCTA0fXmccwzguKfEv
sQb5JW0sOKG2UuQ2jmB9TtLuXmMHu7PGNuOBf22rfExMKTlzq17mTj7+QJ1Lshe2
VPyc+cE05kP/Q8Csz5jFP5BNnm9TaxzvDjFOG3Uealu9H8BhEFOCsMjAODSbEAAi
8gBDq/3sV++jNPVgLX9kf3jIr+W+8i6wKDsgxJgkjIbdDrmBkyluS97EyNo1c/y0
J60yj8M/fWBE0ayFII+7Nk7zowoAHRCOcep/34jnQSJ4GeD92c809a+DEU75BUBU
K5kLDkeezmaj05lLh+rXLXSItf0e6mwnmUURAX6fE2CDG04=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:09:26 2025 by rpki-client