Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/7d0f99c3-e567-41ae-aa00-26cb9781fbe9/0/34392e3233362e3232322e302f32342d3234203d3e203535363638.roa
File:                     34392e3233362e3232322e302f32342d3234203d3e203535363638.roa (raw, json)
Hash identifier:          kIaQGWL5YUwAplbYF3rxqdRNmuWMqoQK88/zSxpS0Qk=
Subject key identifier:   33:6E:07:A7:CB:48:61:BF:F5:E1:C1:26:FF:19:54:42:5D:57:2B:EF
Certificate issuer:       /CN=6DA2B28F4391C01434B7229FD4D68E661BF13061
Certificate serial:       0516C1DDB62AB4B13CECF220197E9B3069A5D4ED
Authority key identifier: 6D:A2:B2:8F:43:91:C0:14:34:B7:22:9F:D4:D6:8E:66:1B:F1:30:61
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6DA2B28F4391C01434B7229FD4D68E661BF13061.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/7d0f99c3-e567-41ae-aa00-26cb9781fbe9/0/34392e3233362e3232322e302f32342d3234203d3e203535363638.roa
Signing time:             Fri 10 Oct 2025 04:00:01 +0000
ROA not before:           Fri 10 Oct 2025 03:55:01 +0000
ROA not after:            Fri 09 Oct 2026 04:00:01 +0000
asID:                     55668
IP address blocks:        49.236.222.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/7d0f99c3-e567-41ae-aa00-26cb9781fbe9/0/6DA2B28F4391C01434B7229FD4D68E661BF13061.crl
                          rsync://repo-rpki.idnic.net/repo/7d0f99c3-e567-41ae-aa00-26cb9781fbe9/0/6DA2B28F4391C01434B7229FD4D68E661BF13061.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6DA2B28F4391C01434B7229FD4D68E661BF13061.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 22 Oct 2025 09:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:16:c1:dd:b6:2a:b4:b1:3c:ec:f2:20:19:7e:9b:30:69:a5:d4:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6DA2B28F4391C01434B7229FD4D68E661BF13061
        Validity
            Not Before: Oct 10 03:55:01 2025 GMT
            Not After : Oct  9 04:00:01 2026 GMT
        Subject: CN=336E07A7CB4861BFF5E1C126FF1954425D572BEF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:36:cb:da:b4:ce:7f:2b:3c:8d:27:6f:c0:f4:
                    37:8a:68:59:0a:25:ac:f2:1e:88:84:0a:8e:91:ea:
                    8f:a9:1d:fa:2f:c7:72:33:6e:c5:10:bc:24:a3:15:
                    96:5d:ab:a3:27:3d:77:00:02:d2:69:25:dc:af:65:
                    4a:4f:0d:58:16:ef:d5:dc:c6:39:23:e4:2c:ea:4c:
                    9d:d8:92:54:8f:c8:32:d0:7a:7b:b1:da:29:06:39:
                    8f:c8:c2:7a:53:2d:3d:ab:db:ad:eb:21:50:ca:c1:
                    77:53:ee:cc:89:7d:22:51:14:44:be:66:02:00:40:
                    ce:22:40:f6:70:77:ac:8d:e0:54:4b:52:61:74:e0:
                    ab:66:e7:fd:98:5d:da:37:b8:f8:4f:e2:b5:b5:4d:
                    7a:62:e4:73:c9:1c:a3:2f:4d:0f:04:e7:b1:62:29:
                    85:3c:85:c8:38:3d:9e:46:e6:eb:c3:a3:a8:a2:f4:
                    82:d7:f2:c0:11:b0:64:6b:57:11:19:36:79:02:9a:
                    ec:d1:4f:28:cd:30:e5:7b:24:22:48:f0:08:4e:e8:
                    33:83:f7:3a:9a:b4:24:bb:fd:0a:0c:15:d6:25:ea:
                    8c:59:97:0d:65:9e:b9:80:a3:d3:bf:05:e6:8b:59:
                    fd:65:be:ce:fa:c3:ea:5a:16:f6:8f:b2:c0:5e:cc:
                    9a:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:6E:07:A7:CB:48:61:BF:F5:E1:C1:26:FF:19:54:42:5D:57:2B:EF
            X509v3 Authority Key Identifier:
                keyid:6D:A2:B2:8F:43:91:C0:14:34:B7:22:9F:D4:D6:8E:66:1B:F1:30:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/7d0f99c3-e567-41ae-aa00-26cb9781fbe9/0/6DA2B28F4391C01434B7229FD4D68E661BF13061.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6DA2B28F4391C01434B7229FD4D68E661BF13061.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7d0f99c3-e567-41ae-aa00-26cb9781fbe9/0/34392e3233362e3232322e302f32342d3234203d3e203535363638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.236.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bf:c1:0d:a9:45:26:f7:e6:d1:ef:d7:74:fb:3f:fe:b3:90:24:
         bb:a8:93:be:62:93:6b:15:83:2b:1d:60:27:87:af:d6:6d:11:
         69:49:d6:6b:8f:fe:8b:c5:17:db:04:1b:17:48:42:a0:1f:47:
         75:5f:3a:f6:be:00:80:cd:c1:46:43:a4:41:a3:52:64:56:5f:
         36:99:dd:6a:f8:2b:a9:dd:f5:0e:31:6a:d0:af:af:ba:85:10:
         52:a2:9f:f3:34:4a:4a:e1:3a:b3:f6:61:43:6f:8b:f9:ee:fa:
         c0:41:f5:bc:18:54:cc:87:bc:2e:64:87:78:d7:8c:be:79:4a:
         4d:73:c2:e4:1b:69:01:33:ad:4a:9d:fd:d6:f7:4b:1a:89:ca:
         7f:38:99:01:62:82:f6:fc:cb:76:d8:0c:f7:5f:85:fd:63:eb:
         be:d2:de:b8:a8:03:58:75:7d:7c:b4:1a:d1:4c:7c:8c:0a:96:
         31:a0:7a:c0:8e:cd:56:2a:dd:b0:48:a2:3b:1f:f7:ad:37:c6:
         04:11:f9:ee:58:d8:af:1b:7d:93:42:55:fb:d0:e4:23:db:c0:
         69:c6:77:38:3d:6e:aa:3d:b9:9d:c7:ae:cf:84:c9:8e:4c:aa:
         50:76:68:6d:4b:95:3c:64:b0:2d:d7:6e:b7:7f:65:ba:b2:3d:
         3b:0f:60:6b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUBRbB3bYqtLE87PIgGX6bMGml1O0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkRBMkIyOEY0MzkxQzAxNDM0QjcyMjlGRDRENjhFNjYx
QkYxMzA2MTAeFw0yNTEwMTAwMzU1MDFaFw0yNjEwMDkwNDAwMDFaMDMxMTAvBgNV
BAMTKDMzNkUwN0E3Q0I0ODYxQkZGNUUxQzEyNkZGMTk1NDQyNUQ1NzJCRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjNsvatM5/KzyNJ2/A9DeKaFkK
JazyHoiECo6R6o+pHfovx3IzbsUQvCSjFZZdq6MnPXcAAtJpJdyvZUpPDVgW79Xc
xjkj5CzqTJ3YklSPyDLQenux2ikGOY/IwnpTLT2r263rIVDKwXdT7syJfSJRFES+
ZgIAQM4iQPZwd6yN4FRLUmF04Ktm5/2YXdo3uPhP4rW1TXpi5HPJHKMvTQ8E57Fi
KYU8hcg4PZ5G5uvDo6ii9ILX8sARsGRrVxEZNnkCmuzRTyjNMOV7JCJI8AhO6DOD
9zqatCS7/QoMFdYl6oxZlw1lnrmAo9O/BeaLWf1lvs76w+paFvaPssBezJplAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUM24Hp8tIYb/14cEm/xlUQl1XK+8wHwYDVR0j
BBgwFoAUbaKyj0ORwBQ0tyKf1NaOZhvxMGEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
ZDBmOTljMy1lNTY3LTQxYWUtYWEwMC0yNmNiOTc4MWZiZTkvMC82REEyQjI4RjQz
OTFDMDE0MzRCNzIyOUZENEQ2OEU2NjFCRjEzMDYxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNkRBMkIyOEY0MzkxQzAxNDM0QjcyMjlGRDRENjhFNjYxQkYx
MzA2MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdkMGY5OWMzLWU1NjctNDFhZS1h
YTAwLTI2Y2I5NzgxZmJlOS8wLzM0MzkyZTMyMzMzNjJlMzIzMjMyMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzNTM2MzYzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADHs3jANBgkqhkiG
9w0BAQsFAAOCAQEAv8ENqUUm9+bR79d0+z/+s5Aku6iTvmKTaxWDKx1gJ4ev1m0R
aUnWa4/+i8UX2wQbF0hCoB9HdV869r4AgM3BRkOkQaNSZFZfNpndavgrqd31DjFq
0K+vuoUQUqKf8zRKSuE6s/ZhQ2+L+e76wEH1vBhUzIe8LmSHeNeMvnlKTXPC5Btp
ATOtSp391vdLGonKfziZAWKC9vzLdtgM91+F/WPrvtLeuKgDWHV9fLQa0Ux8jAqW
MaB6wI7NVirdsEiiOx/3rTfGBBH57ljYrxt9k0JV+9DkI9vAacZ3OD1uqj25nceu
z4TJjkyqUHZobUuVPGSwLddut39lurI9Ow9gaw==
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:06:44 2025 by rpki-client