Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/8cf2c733-d67f-4813-b8f7-058d95a09587/0/3130332e35352e3232342e302f32332d3234203d3e20313530343832.roa
File:                     3130332e35352e3232342e302f32332d3234203d3e20313530343832.roa (raw, json)
Hash identifier:          bYXObqHIEuwgYntbLAkXiZDYp6ozXDo0Cjhn/uYq1JU=
Subject key identifier:   39:4D:4B:C0:39:1D:A3:1B:22:45:66:CC:32:31:E6:00:D9:40:33:7A
Certificate issuer:       /CN=F137C794398E5F88909A244EC978EA476CCF76CC
Certificate serial:       1EBFB5E2AE2F7B96DE3FB089AF12B206B8AA2D62
Authority key identifier: F1:37:C7:94:39:8E:5F:88:90:9A:24:4E:C9:78:EA:47:6C:CF:76:CC
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F137C794398E5F88909A244EC978EA476CCF76CC.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/8cf2c733-d67f-4813-b8f7-058d95a09587/0/3130332e35352e3232342e302f32332d3234203d3e20313530343832.roa
Signing time:             Fri 26 Sep 2025 08:00:02 +0000
ROA not before:           Fri 26 Sep 2025 07:55:02 +0000
ROA not after:            Fri 25 Sep 2026 08:00:02 +0000
asID:                     150482
IP address blocks:        103.55.224.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/8cf2c733-d67f-4813-b8f7-058d95a09587/0/F137C794398E5F88909A244EC978EA476CCF76CC.crl
                          rsync://repo-rpki.idnic.net/repo/8cf2c733-d67f-4813-b8f7-058d95a09587/0/F137C794398E5F88909A244EC978EA476CCF76CC.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F137C794398E5F88909A244EC978EA476CCF76CC.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 22 Oct 2025 03:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:bf:b5:e2:ae:2f:7b:96:de:3f:b0:89:af:12:b2:06:b8:aa:2d:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F137C794398E5F88909A244EC978EA476CCF76CC
        Validity
            Not Before: Sep 26 07:55:02 2025 GMT
            Not After : Sep 25 08:00:02 2026 GMT
        Subject: CN=394D4BC0391DA31B224566CC3231E600D940337A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:42:a7:2e:d0:0f:26:c7:65:ed:00:8f:2f:fd:
                    49:3e:fc:17:46:b8:7c:7d:ab:7c:53:97:eb:78:06:
                    af:7f:cc:41:ec:35:5a:48:24:ba:75:68:1d:b1:a3:
                    72:b0:d5:de:79:e1:3f:b0:03:21:82:ec:cc:18:cf:
                    81:49:16:4d:d5:51:7f:8e:d6:2b:e5:1d:ae:db:82:
                    2b:0e:05:6e:0a:34:b3:9b:85:2d:b2:a0:20:a7:5d:
                    ab:ec:1d:51:8b:5e:3c:6a:4d:3d:45:3f:c6:1d:f8:
                    8a:d9:68:8f:d8:63:64:6d:ce:60:8b:b0:bf:5a:0a:
                    4a:f7:d4:51:bb:24:bd:aa:95:d0:df:7f:89:e6:a9:
                    98:fc:b6:96:62:0d:c6:94:31:33:08:98:47:2d:bc:
                    84:2d:85:f4:1c:20:31:5a:de:a9:8f:fc:e7:69:3f:
                    1e:22:53:a7:61:b0:f7:15:c6:5a:98:b3:57:b5:49:
                    41:38:c7:ff:ba:58:80:f6:cf:f3:88:49:a5:8a:e9:
                    8c:7d:c0:d8:c7:13:81:78:90:51:78:e4:10:b8:c6:
                    b5:39:ec:f0:b2:7d:33:5f:f6:a3:9b:8f:28:72:37:
                    fb:57:a1:80:69:cd:d3:02:86:7b:33:59:72:00:33:
                    ec:e9:b2:42:db:5c:e6:97:e4:d8:96:fa:b3:44:e5:
                    12:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:4D:4B:C0:39:1D:A3:1B:22:45:66:CC:32:31:E6:00:D9:40:33:7A
            X509v3 Authority Key Identifier:
                keyid:F1:37:C7:94:39:8E:5F:88:90:9A:24:4E:C9:78:EA:47:6C:CF:76:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/8cf2c733-d67f-4813-b8f7-058d95a09587/0/F137C794398E5F88909A244EC978EA476CCF76CC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F137C794398E5F88909A244EC978EA476CCF76CC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cf2c733-d67f-4813-b8f7-058d95a09587/0/3130332e35352e3232342e302f32332d3234203d3e20313530343832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.55.224.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2f:14:4d:8f:07:a6:bd:f3:14:8c:c5:94:8d:0f:33:c7:07:6c:
         3a:c5:b5:ec:d8:77:47:3f:66:a7:bb:b8:c6:ba:d4:9d:12:47:
         26:8e:e9:01:54:a1:cf:45:07:1e:2c:a4:49:e3:d7:c9:a7:d3:
         61:85:89:89:0c:e7:08:2f:fe:03:f5:f0:93:44:04:ed:ee:d6:
         1b:5e:88:95:fb:32:41:4f:8e:41:25:84:ec:8c:3a:56:99:01:
         e6:75:b7:9f:73:00:bd:4d:95:44:9a:47:cb:a1:5d:47:7e:57:
         90:fb:d0:64:0a:81:dc:ec:8c:25:9a:3f:05:78:a9:66:ff:38:
         10:92:03:d7:48:e5:40:1b:86:f5:70:ce:62:79:d6:50:e2:0b:
         76:fd:15:2b:c5:aa:95:d7:5c:5e:97:0f:af:6c:53:c9:35:16:
         99:6c:df:82:55:f0:67:53:16:e1:16:81:e5:b8:c5:0d:ad:e9:
         08:2a:3e:99:74:49:1d:b2:f1:1c:40:b1:b2:a6:f9:7b:02:b8:
         51:fa:e1:32:d3:54:00:e0:4e:68:6e:04:45:0a:cb:1b:15:80:
         c5:cd:62:b8:f8:a0:87:62:05:b4:51:50:70:c0:5d:df:14:90:
         59:0c:b6:b2:cb:cb:9a:b8:3a:65:ff:02:96:53:97:ba:1d:31:
         a7:b6:03:c6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUHr+14q4ve5beP7CJrxKyBriqLWIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjEzN0M3OTQzOThFNUY4ODkwOUEyNDRFQzk3OEVBNDc2
Q0NGNzZDQzAeFw0yNTA5MjYwNzU1MDJaFw0yNjA5MjUwODAwMDJaMDMxMTAvBgNV
BAMTKDM5NEQ0QkMwMzkxREEzMUIyMjQ1NjZDQzMyMzFFNjAwRDk0MDMzN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjQqcu0A8mx2XtAI8v/Uk+/BdG
uHx9q3xTl+t4Bq9/zEHsNVpIJLp1aB2xo3Kw1d554T+wAyGC7MwYz4FJFk3VUX+O
1ivlHa7bgisOBW4KNLObhS2yoCCnXavsHVGLXjxqTT1FP8Yd+IrZaI/YY2RtzmCL
sL9aCkr31FG7JL2qldDff4nmqZj8tpZiDcaUMTMImEctvIQthfQcIDFa3qmP/Odp
Px4iU6dhsPcVxlqYs1e1SUE4x/+6WID2z/OISaWK6Yx9wNjHE4F4kFF45BC4xrU5
7PCyfTNf9qObjyhyN/tXoYBpzdMChnszWXIAM+zpskLbXOaX5NiW+rNE5RLRAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUOU1LwDkdoxsiRWbMMjHmANlAM3owHwYDVR0j
BBgwFoAU8TfHlDmOX4iQmiROyXjqR2zPdswwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
Y2YyYzczMy1kNjdmLTQ4MTMtYjhmNy0wNThkOTVhMDk1ODcvMC9GMTM3Qzc5NDM5
OEU1Rjg4OTA5QTI0NEVDOTc4RUE0NzZDQ0Y3NkNDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjEzN0M3OTQzOThFNUY4ODkwOUEyNDRFQzk3OEVBNDc2Q0NG
NzZDQy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhjZjJjNzMzLWQ2N2YtNDgxMy1i
OGY3LTA1OGQ5NWEwOTU4Ny8wLzMxMzAzMzJlMzUzNTJlMzIzMjM0MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzNTMwMzQzODMyLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZzfgMA0GCSqG
SIb3DQEBCwUAA4IBAQAvFE2PB6a98xSMxZSNDzPHB2w6xbXs2HdHP2anu7jGutSd
EkcmjukBVKHPRQceLKRJ49fJp9NhhYmJDOcIL/4D9fCTRATt7tYbXoiV+zJBT45B
JYTsjDpWmQHmdbefcwC9TZVEmkfLoV1HfleQ+9BkCoHc7Iwlmj8FeKlm/zgQkgPX
SOVAG4b1cM5iedZQ4gt2/RUrxaqV11xelw+vbFPJNRaZbN+CVfBnUxbhFoHluMUN
rekIKj6ZdEkdsvEcQLGypvl7ArhR+uEy01QA4E5obgRFCssbFYDFzWK4+KCHYgW0
UVBwwF3fFJBZDLayy8uauDpl/wKWU5e6HTGntgPG
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:56:27 2025 by rpki-client