Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/79abd869-935d-439d-8f83-dc765281cc9c/0/3130332e3136352e3135312e302f32342d3234203d3e20313431393232.roa
File:                     3130332e3136352e3135312e302f32342d3234203d3e20313431393232.roa (raw, json)
Hash identifier:          P54230MRe8jXsR9/tDE0mXAjQzfMJ7+VOpxd/HYoK8g=
Subject key identifier:   28:B9:7C:03:EC:79:82:DB:ED:82:C0:65:1C:6F:3E:53:44:17:3E:AA
Certificate issuer:       /CN=31936DA02E6F1DB9C413C2CE31AF697BCB8A8F52
Certificate serial:       05B7AD761E80D3BFF9F35CC870BF547284B8C260
Authority key identifier: 31:93:6D:A0:2E:6F:1D:B9:C4:13:C2:CE:31:AF:69:7B:CB:8A:8F:52
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/31936DA02E6F1DB9C413C2CE31AF697BCB8A8F52.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/79abd869-935d-439d-8f83-dc765281cc9c/0/3130332e3136352e3135312e302f32342d3234203d3e20313431393232.roa
Signing time:             Sat 18 Oct 2025 10:00:03 +0000
ROA not before:           Sat 18 Oct 2025 09:55:03 +0000
ROA not after:            Sat 17 Oct 2026 10:00:03 +0000
asID:                     141922
IP address blocks:        103.165.151.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/79abd869-935d-439d-8f83-dc765281cc9c/0/31936DA02E6F1DB9C413C2CE31AF697BCB8A8F52.crl
                          rsync://repo-rpki.idnic.net/repo/79abd869-935d-439d-8f83-dc765281cc9c/0/31936DA02E6F1DB9C413C2CE31AF697BCB8A8F52.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/31936DA02E6F1DB9C413C2CE31AF697BCB8A8F52.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Oct 2025 11:48:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:b7:ad:76:1e:80:d3:bf:f9:f3:5c:c8:70:bf:54:72:84:b8:c2:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31936DA02E6F1DB9C413C2CE31AF697BCB8A8F52
        Validity
            Not Before: Oct 18 09:55:03 2025 GMT
            Not After : Oct 17 10:00:03 2026 GMT
        Subject: CN=28B97C03EC7982DBED82C0651C6F3E5344173EAA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:19:eb:6f:fd:35:63:9f:d8:d5:ac:33:e1:a9:
                    d4:1b:52:fc:c2:1b:d9:40:f6:8d:78:34:fe:61:25:
                    0e:69:87:af:d3:ea:ce:c3:58:82:8e:ea:5d:b1:cf:
                    e5:4e:24:d0:4b:b9:77:50:80:90:61:27:78:70:15:
                    1c:1e:ad:ab:ae:83:7e:de:e9:90:2c:e5:3f:f7:19:
                    94:68:ce:ef:8b:fd:61:3c:d2:18:53:ed:26:6b:cd:
                    ef:e4:7f:45:c1:71:cf:87:f3:7c:14:bc:2c:41:8f:
                    79:04:3d:68:5f:bd:0c:be:95:d2:7b:9b:a4:68:39:
                    1f:d9:be:64:34:f9:55:13:40:1d:c8:ea:1c:e8:ce:
                    19:89:be:23:93:8e:08:8f:3a:27:7a:04:7b:f1:b8:
                    3d:40:13:d7:d3:38:57:09:60:a6:f3:e7:e7:6c:2d:
                    5d:90:ac:b6:5a:89:bd:6c:7d:ef:3b:d3:87:88:ed:
                    32:60:f1:98:73:05:70:e7:f1:df:ad:44:3d:7f:18:
                    65:6a:23:ce:e2:7f:6d:b1:9f:ef:4f:f9:d8:ca:7d:
                    5a:18:3e:75:71:24:9d:26:fb:3d:ef:d9:bc:ed:e9:
                    98:83:4e:e7:19:cd:0f:fa:7b:65:5d:70:85:dc:f5:
                    e4:50:8c:c3:ec:50:57:2c:d7:48:9e:02:9e:ee:a2:
                    e1:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:B9:7C:03:EC:79:82:DB:ED:82:C0:65:1C:6F:3E:53:44:17:3E:AA
            X509v3 Authority Key Identifier:
                keyid:31:93:6D:A0:2E:6F:1D:B9:C4:13:C2:CE:31:AF:69:7B:CB:8A:8F:52

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/79abd869-935d-439d-8f83-dc765281cc9c/0/31936DA02E6F1DB9C413C2CE31AF697BCB8A8F52.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/31936DA02E6F1DB9C413C2CE31AF697BCB8A8F52.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/79abd869-935d-439d-8f83-dc765281cc9c/0/3130332e3136352e3135312e302f32342d3234203d3e20313431393232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.165.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:f6:4a:bf:18:d0:16:d7:ad:54:ec:07:1c:10:14:36:2e:9d:
         24:e1:ad:88:df:5f:3c:82:b1:1f:0c:0c:5e:1d:a2:e7:15:23:
         d8:89:f6:4c:ac:12:ba:d4:43:47:b5:b5:97:ea:31:5b:40:d2:
         79:8d:72:c9:7e:1b:91:93:6a:cf:cf:dc:48:32:d3:a5:a5:ef:
         c1:b0:17:51:54:06:73:75:d5:37:e6:8a:67:8b:ad:31:a3:fa:
         6e:11:bb:78:e5:84:f5:37:4a:37:a1:5b:c8:09:59:02:0e:49:
         61:87:fc:b0:71:f9:98:4d:da:e8:55:33:6d:b6:0d:f2:70:74:
         fd:2b:f0:ce:d6:d7:fa:f6:0a:79:47:6c:72:d4:2c:40:c7:07:
         98:49:4f:cd:dc:0f:4e:fc:fb:3f:30:b6:18:d5:a8:54:8d:58:
         e4:40:79:15:34:c9:16:f7:67:68:b7:7f:45:16:da:a3:ee:0e:
         ef:5b:11:44:8d:95:47:89:cc:7d:4f:b9:a5:06:07:ad:d4:9a:
         25:38:19:93:34:4d:41:5d:02:c7:26:b7:2c:4f:dd:17:d9:15:
         8d:5f:1b:10:44:42:2c:83:4b:cf:1c:81:62:32:fc:3e:84:55:
         c8:91:ca:a3:0b:d0:d1:16:a3:51:03:1b:6a:27:24:fb:af:e1:
         9b:04:e5:98
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUBbetdh6A07/581zIcL9UcoS4wmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzE5MzZEQTAyRTZGMURCOUM0MTNDMkNFMzFBRjY5N0JD
QjhBOEY1MjAeFw0yNTEwMTgwOTU1MDNaFw0yNjEwMTcxMDAwMDNaMDMxMTAvBgNV
BAMTKDI4Qjk3QzAzRUM3OTgyREJFRDgyQzA2NTFDNkYzRTUzNDQxNzNFQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUGetv/TVjn9jVrDPhqdQbUvzC
G9lA9o14NP5hJQ5ph6/T6s7DWIKO6l2xz+VOJNBLuXdQgJBhJ3hwFRwerauug37e
6ZAs5T/3GZRozu+L/WE80hhT7SZrze/kf0XBcc+H83wUvCxBj3kEPWhfvQy+ldJ7
m6RoOR/ZvmQ0+VUTQB3I6hzozhmJviOTjgiPOid6BHvxuD1AE9fTOFcJYKbz5+ds
LV2QrLZaib1sfe8704eI7TJg8ZhzBXDn8d+tRD1/GGVqI87if22xn+9P+djKfVoY
PnVxJJ0m+z3v2bzt6ZiDTucZzQ/6e2VdcIXc9eRQjMPsUFcs10ieAp7uouFlAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUKLl8A+x5gtvtgsBlHG8+U0QXPqowHwYDVR0j
BBgwFoAUMZNtoC5vHbnEE8LOMa9pe8uKj1IwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
OWFiZDg2OS05MzVkLTQzOWQtOGY4My1kYzc2NTI4MWNjOWMvMC8zMTkzNkRBMDJF
NkYxREI5QzQxM0MyQ0UzMUFGNjk3QkNCOEE4RjUyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMzE5MzZEQTAyRTZGMURCOUM0MTNDMkNFMzFBRjY5N0JDQjhB
OEY1Mi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzc5YWJkODY5LTkzNWQtNDM5ZC04
ZjgzLWRjNzY1MjgxY2M5Yy8wLzMxMzAzMzJlMzEzNjM1MmUzMTM1MzEyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzEzOTMyMzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnpZcwDQYJ
KoZIhvcNAQELBQADggEBAFz2Sr8Y0BbXrVTsBxwQFDYunSThrYjfXzyCsR8MDF4d
oucVI9iJ9kysErrUQ0e1tZfqMVtA0nmNcsl+G5GTas/P3Egy06Wl78GwF1FUBnN1
1TfmimeLrTGj+m4Ru3jlhPU3SjehW8gJWQIOSWGH/LBx+ZhN2uhVM222DfJwdP0r
8M7W1/r2CnlHbHLULEDHB5hJT83cD078+z8wthjVqFSNWORAeRU0yRb3Z2i3f0UW
2qPuDu9bEUSNlUeJzH1PuaUGB63UmiU4GZM0TUFdAscmtyxP3RfZFY1fGxBEQiyD
S88cgWIy/D6EVciRyqML0NEWo1EDG2onJPuv4ZsE5Zg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:42:01 2025 by rpki-client