Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/98853aab-8d6c-457f-9d57-484acacea9d8/0/3136302e3138372e3137342e302f32342d3234203d3e20313533313335.roa
File:                     3136302e3138372e3137342e302f32342d3234203d3e20313533313335.roa (raw, json)
Hash identifier:          XfY4we6jzKf244te76Sh5o4SXguYwnH8MGIYft8mlas=
Subject key identifier:   87:45:9A:8C:32:66:A9:4C:26:76:DD:DD:66:29:A2:3E:F9:58:FD:81
Certificate issuer:       /CN=2EC721F6FC616A1BE2D938F21EAF2E82E805981E
Certificate serial:       1600315DBA8B056A0663D3B421E1083C10C6D70A
Authority key identifier: 2E:C7:21:F6:FC:61:6A:1B:E2:D9:38:F2:1E:AF:2E:82:E8:05:98:1E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2EC721F6FC616A1BE2D938F21EAF2E82E805981E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/98853aab-8d6c-457f-9d57-484acacea9d8/0/3136302e3138372e3137342e302f32342d3234203d3e20313533313335.roa
Signing time:             Tue 07 Oct 2025 08:00:00 +0000
ROA not before:           Tue 07 Oct 2025 07:55:00 +0000
ROA not after:            Tue 06 Oct 2026 08:00:00 +0000
asID:                     153135
IP address blocks:        160.187.174.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/98853aab-8d6c-457f-9d57-484acacea9d8/0/2EC721F6FC616A1BE2D938F21EAF2E82E805981E.crl
                          rsync://repo-rpki.idnic.net/repo/98853aab-8d6c-457f-9d57-484acacea9d8/0/2EC721F6FC616A1BE2D938F21EAF2E82E805981E.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2EC721F6FC616A1BE2D938F21EAF2E82E805981E.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Oct 2025 03:04:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:00:31:5d:ba:8b:05:6a:06:63:d3:b4:21:e1:08:3c:10:c6:d7:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2EC721F6FC616A1BE2D938F21EAF2E82E805981E
        Validity
            Not Before: Oct  7 07:55:00 2025 GMT
            Not After : Oct  6 08:00:00 2026 GMT
        Subject: CN=87459A8C3266A94C2676DDDD6629A23EF958FD81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:8d:08:9f:b5:e4:e4:98:c8:fc:d0:4b:69:68:
                    14:e3:e7:52:29:f3:0a:5c:f9:04:ab:d4:56:57:05:
                    b3:a5:17:53:93:03:ac:73:c1:7c:c3:01:ad:4f:9a:
                    65:18:cb:63:97:27:41:2e:a3:e4:e7:34:84:f6:31:
                    ba:c5:90:c5:bf:75:6c:97:0c:a2:8b:df:da:9a:b2:
                    97:7c:18:db:3e:db:65:0d:74:48:45:79:cc:72:dd:
                    cf:2d:d0:e4:e1:20:ab:42:2d:44:1a:dc:e7:8c:b6:
                    84:5d:8c:b6:87:e5:81:24:36:95:1c:b4:6a:92:31:
                    d2:8b:69:67:9c:93:1f:ba:3e:b6:52:3c:67:cb:3b:
                    5f:8e:ca:0b:4e:6e:5d:92:88:ad:02:04:cc:08:1f:
                    aa:6f:53:12:ee:4b:17:46:e6:de:c6:b0:bd:b3:c6:
                    23:46:f8:cd:e9:1d:69:17:3b:35:b6:d2:24:47:a0:
                    aa:ef:de:7e:95:48:3e:63:e8:56:96:5b:c5:b3:49:
                    5a:28:c2:d9:48:27:76:12:5d:45:bd:24:72:90:77:
                    24:9c:31:07:e2:35:9a:e3:74:65:4b:11:79:98:66:
                    6f:3f:ae:38:76:ce:e2:28:58:67:65:97:9c:55:47:
                    9d:ac:23:ce:fe:d8:e7:67:fb:52:31:f6:c1:2e:98:
                    53:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:45:9A:8C:32:66:A9:4C:26:76:DD:DD:66:29:A2:3E:F9:58:FD:81
            X509v3 Authority Key Identifier:
                keyid:2E:C7:21:F6:FC:61:6A:1B:E2:D9:38:F2:1E:AF:2E:82:E8:05:98:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/98853aab-8d6c-457f-9d57-484acacea9d8/0/2EC721F6FC616A1BE2D938F21EAF2E82E805981E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2EC721F6FC616A1BE2D938F21EAF2E82E805981E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/98853aab-8d6c-457f-9d57-484acacea9d8/0/3136302e3138372e3137342e302f32342d3234203d3e20313533313335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.187.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:55:10:ae:20:81:00:98:65:54:1e:89:7b:9d:ea:51:cc:a7:
         2c:13:8f:07:b6:02:38:a7:bd:39:f6:82:6e:49:2f:25:15:b8:
         97:03:02:58:c9:08:c5:a7:48:20:8e:94:9e:14:c5:3b:91:6e:
         62:9e:05:4c:f1:6a:c5:60:57:f4:99:46:9f:04:39:2c:e7:fa:
         88:16:e4:75:07:b0:8a:ef:fe:b9:2a:47:0d:c0:fc:3e:8a:30:
         c9:d0:e9:20:92:40:4f:7a:f6:7e:4f:40:1b:f5:7f:98:f5:7d:
         32:2c:20:c7:44:12:e0:53:52:96:fb:78:5f:f3:02:bf:2f:0a:
         57:01:19:27:4d:f0:3d:60:d2:aa:55:d1:3a:a0:d8:62:c9:c4:
         e5:fd:1e:5d:e6:a8:e7:9d:fc:a6:82:41:34:a0:5b:ee:ca:b4:
         2f:0f:27:6b:5e:7f:65:ac:c4:b9:65:e3:d9:7b:19:c7:72:92:
         00:f0:19:24:3f:aa:90:dd:1d:0f:5b:16:cf:ec:30:8a:67:44:
         07:97:67:6c:52:dc:03:15:65:ed:cf:e3:1d:42:e9:4d:ce:b8:
         39:c1:b8:1c:80:6e:fa:28:5b:77:2b:7e:a9:16:31:85:11:b0:
         f2:28:14:f2:12:b6:15:70:91:38:87:aa:08:a5:78:28:b1:28:
         d7:32:7e:f4
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUFgAxXbqLBWoGY9O0IeEIPBDG1wowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkVDNzIxRjZGQzYxNkExQkUyRDkzOEYyMUVBRjJFODJF
ODA1OTgxRTAeFw0yNTEwMDcwNzU1MDBaFw0yNjEwMDYwODAwMDBaMDMxMTAvBgNV
BAMTKDg3NDU5QThDMzI2NkE5NEMyNjc2RERERDY2MjlBMjNFRjk1OEZEODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDajQifteTkmMj80EtpaBTj51Ip
8wpc+QSr1FZXBbOlF1OTA6xzwXzDAa1PmmUYy2OXJ0Euo+TnNIT2MbrFkMW/dWyX
DKKL39qaspd8GNs+22UNdEhFecxy3c8t0OThIKtCLUQa3OeMtoRdjLaH5YEkNpUc
tGqSMdKLaWeckx+6PrZSPGfLO1+OygtObl2SiK0CBMwIH6pvUxLuSxdG5t7GsL2z
xiNG+M3pHWkXOzW20iRHoKrv3n6VSD5j6FaWW8WzSVoowtlIJ3YSXUW9JHKQdySc
MQfiNZrjdGVLEXmYZm8/rjh2zuIoWGdll5xVR52sI87+2Odn+1Ix9sEumFPTAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUh0WajDJmqUwmdt3dZimiPvlY/YEwHwYDVR0j
BBgwFoAULsch9vxhahvi2TjyHq8ugugFmB4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
ODg1M2FhYi04ZDZjLTQ1N2YtOWQ1Ny00ODRhY2FjZWE5ZDgvMC8yRUM3MjFGNkZD
NjE2QTFCRTJEOTM4RjIxRUFGMkU4MkU4MDU5ODFFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvMkVDNzIxRjZGQzYxNkExQkUyRDkzOEYyMUVBRjJFODJFODA1
OTgxRS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk4ODUzYWFiLThkNmMtNDU3Zi05
ZDU3LTQ4NGFjYWNlYTlkOC8wLzMxMzYzMDJlMzEzODM3MmUzMTM3MzQyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM1MzMzMTMzMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACgu64wDQYJ
KoZIhvcNAQELBQADggEBAJlVEK4ggQCYZVQeiXud6lHMpywTjwe2AjinvTn2gm5J
LyUVuJcDAljJCMWnSCCOlJ4UxTuRbmKeBUzxasVgV/SZRp8EOSzn+ogW5HUHsIrv
/rkqRw3A/D6KMMnQ6SCSQE969n5PQBv1f5j1fTIsIMdEEuBTUpb7eF/zAr8vClcB
GSdN8D1g0qpV0Tqg2GLJxOX9Hl3mqOed/KaCQTSgW+7KtC8PJ2tef2WsxLll49l7
GcdykgDwGSQ/qpDdHQ9bFs/sMIpnRAeXZ2xS3AMVZe3P4x1C6U3OuDnBuByAbvoo
W3crfqkWMYURsPIoFPISthVwkTiHqgileCixKNcyfvQ=
-----END CERTIFICATE-----
Generated at Tue Oct 21 20:09:42 2025 by rpki-client