Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/95df512f-0d1a-4b09-b9a4-a9c525ec2817/0/3130332e3136332e31332e302f32342d3234203d3e20313431383839.roa
File:                     3130332e3136332e31332e302f32342d3234203d3e20313431383839.roa (raw, json)
Hash identifier:          c6uY286NAKl6e1+QUCIAnDozTBVcXw8V9RD5Jtc/nw8=
Subject key identifier:   51:66:CB:B0:8F:69:7A:76:F8:45:FD:01:F3:85:04:2E:F6:6F:9C:0F
Certificate issuer:       /CN=1CC4D0E2E2BC8B0060718A857657AA82D20E5974
Certificate serial:       3772E9D39128E957DEF68BA75043599A9AE5A7F8
Authority key identifier: 1C:C4:D0:E2:E2:BC:8B:00:60:71:8A:85:76:57:AA:82:D2:0E:59:74
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1CC4D0E2E2BC8B0060718A857657AA82D20E5974.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/95df512f-0d1a-4b09-b9a4-a9c525ec2817/0/3130332e3136332e31332e302f32342d3234203d3e20313431383839.roa
Signing time:             Wed 17 Sep 2025 08:00:00 +0000
ROA not before:           Wed 17 Sep 2025 07:55:00 +0000
ROA not after:            Wed 16 Sep 2026 08:00:00 +0000
asID:                     141889
IP address blocks:        103.163.13.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/95df512f-0d1a-4b09-b9a4-a9c525ec2817/0/1CC4D0E2E2BC8B0060718A857657AA82D20E5974.crl
                          rsync://repo-rpki.idnic.net/repo/95df512f-0d1a-4b09-b9a4-a9c525ec2817/0/1CC4D0E2E2BC8B0060718A857657AA82D20E5974.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1CC4D0E2E2BC8B0060718A857657AA82D20E5974.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Oct 2025 10:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:72:e9:d3:91:28:e9:57:de:f6:8b:a7:50:43:59:9a:9a:e5:a7:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1CC4D0E2E2BC8B0060718A857657AA82D20E5974
        Validity
            Not Before: Sep 17 07:55:00 2025 GMT
            Not After : Sep 16 08:00:00 2026 GMT
        Subject: CN=5166CBB08F697A76F845FD01F385042EF66F9C0F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:01:f4:28:92:50:04:f9:b2:80:ad:8e:e8:ad:
                    2e:ec:5e:1f:b6:c4:8e:16:d0:86:c1:11:4b:82:fb:
                    03:d5:a2:0b:b4:db:a3:6b:b4:2f:82:78:a6:61:06:
                    5b:32:b2:8d:d0:14:04:5c:1d:1b:88:7a:5c:05:95:
                    a0:f3:b5:08:7e:db:88:64:8e:e6:15:03:26:81:fb:
                    9a:d5:c7:36:fe:cb:08:8b:05:20:a2:83:4b:e1:ce:
                    5b:67:b1:b3:da:dd:e2:eb:8a:6e:ac:10:77:7a:1d:
                    44:42:51:f0:7a:55:7e:bf:7a:e2:79:b9:a1:a2:f6:
                    c8:f1:3e:be:c2:0e:4c:85:ad:30:9b:60:08:3c:33:
                    4d:8b:71:75:14:6a:09:0b:df:b4:7a:cd:52:ba:74:
                    d0:5d:bb:00:dd:12:62:78:41:eb:7b:10:86:96:9a:
                    74:d7:6f:09:ea:e9:14:54:f4:2f:e9:0e:8c:f6:54:
                    12:96:d3:bd:cd:f2:42:32:af:ec:a8:69:f2:7a:e1:
                    16:5b:02:83:8b:72:8a:c8:4a:c6:54:24:85:53:0d:
                    88:9d:0f:cb:5f:66:c8:57:93:74:48:1e:45:aa:49:
                    d1:2e:e3:84:f0:d8:eb:b8:c2:1f:28:39:8a:11:aa:
                    fb:d9:eb:18:05:37:43:31:4c:f8:49:f0:54:c0:d2:
                    f9:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:66:CB:B0:8F:69:7A:76:F8:45:FD:01:F3:85:04:2E:F6:6F:9C:0F
            X509v3 Authority Key Identifier:
                keyid:1C:C4:D0:E2:E2:BC:8B:00:60:71:8A:85:76:57:AA:82:D2:0E:59:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/95df512f-0d1a-4b09-b9a4-a9c525ec2817/0/1CC4D0E2E2BC8B0060718A857657AA82D20E5974.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1CC4D0E2E2BC8B0060718A857657AA82D20E5974.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/95df512f-0d1a-4b09-b9a4-a9c525ec2817/0/3130332e3136332e31332e302f32342d3234203d3e20313431383839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.163.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:af:6b:fc:ff:11:d3:7b:89:2d:c2:3e:e0:de:ed:cc:a7:7e:
         34:a0:f3:5b:e8:90:51:68:90:7c:39:92:3d:99:7d:af:f7:d2:
         ff:b0:52:bc:ac:11:51:1b:16:83:a7:87:7b:47:d2:65:7a:03:
         de:e1:99:bc:6c:09:8a:bc:09:83:da:22:6a:17:70:32:de:a6:
         c0:62:51:0f:ea:43:81:79:e1:41:dc:29:86:89:34:48:e3:fc:
         de:fc:77:09:31:1c:00:f3:b3:06:8f:65:d0:ae:74:56:60:7b:
         92:d1:04:d4:7b:6e:7c:1a:29:de:dc:57:9e:ed:d6:bb:f4:99:
         21:23:95:d1:51:c2:4b:df:02:a4:9b:32:ac:ca:df:4d:d7:1d:
         42:95:51:b3:8b:f0:a2:9c:b0:f8:63:4e:b1:68:87:15:c4:c1:
         c4:98:74:f6:70:2f:1d:9b:c8:ba:97:46:9f:cb:66:9c:47:0d:
         57:76:ec:94:ad:db:42:44:69:65:5b:8e:c0:d0:53:17:15:56:
         06:ba:e1:95:a1:4d:82:51:e0:12:d3:37:f7:b9:47:fc:fd:dc:
         34:48:7c:c8:5f:6d:9b:23:a6:87:6d:cb:d1:9c:7c:1b:16:41:
         ae:95:a3:6d:3d:2a:75:bb:e1:71:ad:1a:83:cf:58:b6:53:2c:
         7f:08:00:ac
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUN3Lp05Eo6Vfe9ounUENZmprlp/gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUNDNEQwRTJFMkJDOEIwMDYwNzE4QTg1NzY1N0FBODJE
MjBFNTk3NDAeFw0yNTA5MTcwNzU1MDBaFw0yNjA5MTYwODAwMDBaMDMxMTAvBgNV
BAMTKDUxNjZDQkIwOEY2OTdBNzZGODQ1RkQwMUYzODUwNDJFRjY2RjlDMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0AfQoklAE+bKArY7orS7sXh+2
xI4W0IbBEUuC+wPVogu026NrtC+CeKZhBlsyso3QFARcHRuIelwFlaDztQh+24hk
juYVAyaB+5rVxzb+ywiLBSCig0vhzltnsbPa3eLrim6sEHd6HURCUfB6VX6/euJ5
uaGi9sjxPr7CDkyFrTCbYAg8M02LcXUUagkL37R6zVK6dNBduwDdEmJ4Qet7EIaW
mnTXbwnq6RRU9C/pDoz2VBKW073N8kIyr+yoafJ64RZbAoOLcorISsZUJIVTDYid
D8tfZshXk3RIHkWqSdEu44Tw2Ou4wh8oOYoRqvvZ6xgFN0MxTPhJ8FTA0vkXAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUUWbLsI9penb4Rf0B84UELvZvnA8wHwYDVR0j
BBgwFoAUHMTQ4uK8iwBgcYqFdleqgtIOWXQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
NWRmNTEyZi0wZDFhLTRiMDktYjlhNC1hOWM1MjVlYzI4MTcvMC8xQ0M0RDBFMkUy
QkM4QjAwNjA3MThBODU3NjU3QUE4MkQyMEU1OTc0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMUNDNEQwRTJFMkJDOEIwMDYwNzE4QTg1NzY1N0FBODJEMjBF
NTk3NC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk1ZGY1MTJmLTBkMWEtNGIwOS1i
OWE0LWE5YzUyNWVjMjgxNy8wLzMxMzAzMzJlMzEzNjMzMmUzMTMzMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDMxMzgzODM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ6MNMA0GCSqG
SIb3DQEBCwUAA4IBAQAyr2v8/xHTe4ktwj7g3u3Mp340oPNb6JBRaJB8OZI9mX2v
99L/sFK8rBFRGxaDp4d7R9JlegPe4Zm8bAmKvAmD2iJqF3Ay3qbAYlEP6kOBeeFB
3CmGiTRI4/ze/HcJMRwA87MGj2XQrnRWYHuS0QTUe258Gine3Fee7da79JkhI5XR
UcJL3wKkmzKsyt9N1x1ClVGzi/CinLD4Y06xaIcVxMHEmHT2cC8dm8i6l0afy2ac
Rw1XduyUrdtCRGllW47A0FMXFVYGuuGVoU2CUeAS0zf3uUf8/dw0SHzIX22bI6aH
bcvRnHwbFkGulaNtPSp1u+FxrRqDz1i2Uyx/CACs
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:31:43 2025 by rpki-client