Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/3230322e3132372e3130302e302f32342d3234203d3e203137393130.roa
File:                     3230322e3132372e3130302e302f32342d3234203d3e203137393130.roa (raw, json)
Hash identifier:          vN2suRuDQ8/GCQHEEEyC7GJFF4AF2Ux2vUSPEF0UgN4=
Subject key identifier:   ED:D3:5E:69:BC:D6:8D:A6:6F:9A:5C:78:E2:CA:E6:CA:20:88:C0:87
Certificate issuer:       /CN=1635F5E419798341BDC615D4E1C6AE340C34BEED
Certificate serial:       2446B9C46245371634D942F2E17222C6212B0E80
Authority key identifier: 16:35:F5:E4:19:79:83:41:BD:C6:15:D4:E1:C6:AE:34:0C:34:BE:ED
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1635F5E419798341BDC615D4E1C6AE340C34BEED.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/3230322e3132372e3130302e302f32342d3234203d3e203137393130.roa
Signing time:             Thu 25 Sep 2025 01:02:24 +0000
ROA not before:           Thu 25 Sep 2025 00:57:24 +0000
ROA not after:            Thu 24 Sep 2026 01:02:24 +0000
asID:                     17910
IP address blocks:        202.127.100.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/1635F5E419798341BDC615D4E1C6AE340C34BEED.crl
                          rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/1635F5E419798341BDC615D4E1C6AE340C34BEED.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1635F5E419798341BDC615D4E1C6AE340C34BEED.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 22 Oct 2025 11:57:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:46:b9:c4:62:45:37:16:34:d9:42:f2:e1:72:22:c6:21:2b:0e:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1635F5E419798341BDC615D4E1C6AE340C34BEED
        Validity
            Not Before: Sep 25 00:57:24 2025 GMT
            Not After : Sep 24 01:02:24 2026 GMT
        Subject: CN=EDD35E69BCD68DA66F9A5C78E2CAE6CA2088C087
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:98:98:d0:b4:79:59:b9:30:b8:38:22:fb:0a:
                    e4:1d:cc:2d:c6:b8:3a:19:54:b3:d8:2b:1c:c0:c9:
                    1e:8f:7a:a8:e7:68:e5:c4:b5:80:82:1f:c2:05:57:
                    65:d7:3b:04:89:b6:a4:0d:87:2b:0f:e6:4f:66:d0:
                    ba:7f:96:fe:f8:07:dd:a1:35:69:18:03:9c:36:ab:
                    68:4d:9f:14:7e:03:1c:da:37:1d:04:06:95:d4:cf:
                    86:3d:f3:66:3d:61:4f:98:bc:f7:e0:b7:28:4a:76:
                    fb:88:5c:4f:7b:43:33:16:5f:ce:c2:2a:41:3e:16:
                    8b:d7:41:88:90:f7:c0:b4:d1:30:f4:d0:ef:47:b0:
                    06:f7:b1:de:c0:a0:88:ba:c4:7b:80:bc:53:89:0d:
                    2a:bb:c1:81:d4:d2:d8:5a:69:77:fa:6d:8c:1d:ff:
                    98:d6:2b:07:73:b6:ec:5c:a4:30:2c:97:35:ec:09:
                    b5:f4:6e:56:bd:2d:c2:2d:6c:36:60:82:cb:87:b1:
                    39:c0:81:81:63:b1:91:49:40:d1:0b:d0:8f:e8:60:
                    c1:9f:7a:05:00:44:96:8d:20:94:a9:6c:0c:92:95:
                    5e:c4:85:39:d7:a0:f6:d6:18:ed:07:43:17:23:12:
                    a0:e8:03:29:b5:5f:91:7b:dc:a8:4c:46:81:60:94:
                    85:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:D3:5E:69:BC:D6:8D:A6:6F:9A:5C:78:E2:CA:E6:CA:20:88:C0:87
            X509v3 Authority Key Identifier:
                keyid:16:35:F5:E4:19:79:83:41:BD:C6:15:D4:E1:C6:AE:34:0C:34:BE:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/1635F5E419798341BDC615D4E1C6AE340C34BEED.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1635F5E419798341BDC615D4E1C6AE340C34BEED.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/3230322e3132372e3130302e302f32342d3234203d3e203137393130.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.127.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:b6:fc:3c:81:97:9f:0e:12:78:fd:d7:1c:85:3f:07:9c:63:
         06:f3:3c:f7:73:44:50:75:06:af:fc:d2:ae:d5:06:65:f0:d6:
         b0:88:5a:78:a8:3f:a1:56:6e:dd:2c:5c:9f:33:f3:2e:ae:d6:
         fd:27:c6:94:88:e9:d3:9e:6a:6b:54:09:42:22:1f:77:4c:91:
         48:4f:53:c2:c3:46:55:c6:52:55:81:0e:0b:c9:2e:5f:62:3f:
         3e:0e:5f:91:07:ac:c0:5b:61:b4:56:20:2d:59:8c:d8:17:42:
         74:2e:9c:4b:c0:bf:cd:bf:97:30:80:83:c0:70:b0:de:4f:9f:
         ca:1d:82:fa:48:42:e3:88:18:28:eb:10:b9:db:78:5d:48:c5:
         fb:4a:c0:1d:9c:22:34:6c:fd:20:c0:7b:c3:cd:3e:9e:8c:b3:
         37:01:da:bd:af:61:14:68:4b:fc:1c:45:0f:bb:eb:9c:32:c8:
         f2:7b:00:64:70:4c:6c:f1:51:ab:8e:ce:71:5b:98:33:27:b7:
         2b:60:80:32:67:c2:7e:af:27:8b:33:6b:70:b3:19:2c:5d:4a:
         c8:23:56:93:88:65:77:c1:fb:ca:22:16:60:d4:f6:75:2d:a8:
         d4:91:f3:4a:1b:0f:eb:21:75:b3:ce:3a:45:01:ec:ba:5d:2a:
         f1:4a:44:e9
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUJEa5xGJFNxY02ULy4XIixiErDoAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTYzNUY1RTQxOTc5ODM0MUJEQzYxNUQ0RTFDNkFFMzQw
QzM0QkVFRDAeFw0yNTA5MjUwMDU3MjRaFw0yNjA5MjQwMTAyMjRaMDMxMTAvBgNV
BAMTKEVERDM1RTY5QkNENjhEQTY2RjlBNUM3OEUyQ0FFNkNBMjA4OEMwODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrmJjQtHlZuTC4OCL7CuQdzC3G
uDoZVLPYKxzAyR6PeqjnaOXEtYCCH8IFV2XXOwSJtqQNhysP5k9m0Lp/lv74B92h
NWkYA5w2q2hNnxR+AxzaNx0EBpXUz4Y982Y9YU+YvPfgtyhKdvuIXE97QzMWX87C
KkE+FovXQYiQ98C00TD00O9HsAb3sd7AoIi6xHuAvFOJDSq7wYHU0thaaXf6bYwd
/5jWKwdztuxcpDAslzXsCbX0bla9LcItbDZggsuHsTnAgYFjsZFJQNEL0I/oYMGf
egUARJaNIJSpbAySlV7EhTnXoPbWGO0HQxcjEqDoAym1X5F73KhMRoFglIU1AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU7dNeabzWjaZvmlx44srmyiCIwIcwHwYDVR0j
BBgwFoAUFjX15Bl5g0G9xhXU4cauNAw0vu0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
NjQ1MDAzMi01NDkyLTRhNWEtOTQzZi1iZGI0NzMzNDEyMzMvMC8xNjM1RjVFNDE5
Nzk4MzQxQkRDNjE1RDRFMUM2QUUzNDBDMzRCRUVELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTYzNUY1RTQxOTc5ODM0MUJEQzYxNUQ0RTFDNkFFMzQwQzM0
QkVFRC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg2NDUwMDMyLTU0OTItNGE1YS05
NDNmLWJkYjQ3MzM0MTIzMy8wLzMyMzAzMjJlMzEzMjM3MmUzMTMwMzAyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM3MzkzMTMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyn9kMA0GCSqG
SIb3DQEBCwUAA4IBAQB8tvw8gZefDhJ4/dcchT8HnGMG8zz3c0RQdQav/NKu1QZl
8NawiFp4qD+hVm7dLFyfM/Murtb9J8aUiOnTnmprVAlCIh93TJFIT1PCw0ZVxlJV
gQ4LyS5fYj8+Dl+RB6zAW2G0ViAtWYzYF0J0LpxLwL/Nv5cwgIPAcLDeT5/KHYL6
SELjiBgo6xC523hdSMX7SsAdnCI0bP0gwHvDzT6ejLM3Adq9r2EUaEv8HEUPu+uc
MsjyewBkcExs8VGrjs5xW5gzJ7crYIAyZ8J+ryeLM2twsxksXUrII1aTiGV3wfvK
IhZg1PZ1LajUkfNKGw/rIXWzzjpFAey6XSrxSkTp
-----END CERTIFICATE-----
Generated at Tue Oct 21 07:51:16 2025 by rpki-client