Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/323430373a366163303a31313a3a2f34382d3438203d3e20313431393638.roa
File:                     323430373a366163303a31313a3a2f34382d3438203d3e20313431393638.roa (raw, json)
Hash identifier:          KAJCu1iCPskRzFApZeKWkG+iUAJWkZs6zCJ/D+YJ9os=
Subject key identifier:   9A:00:F8:AC:54:DF:12:9C:F7:E4:C3:C6:03:E9:B4:BC:F2:12:61:A1
Certificate issuer:       /CN=F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387
Certificate serial:       3616DCA074562772963D52EA68D6BF031C24BC2D
Authority key identifier: F0:61:54:57:40:B6:B6:6A:9D:3C:1D:1F:E4:F3:FD:B5:A4:F6:93:87
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/323430373a366163303a31313a3a2f34382d3438203d3e20313431393638.roa
Signing time:             Mon 29 Sep 2025 05:02:58 +0000
ROA not before:           Mon 29 Sep 2025 04:57:58 +0000
ROA not after:            Mon 28 Sep 2026 05:02:58 +0000
asID:                     141968
IP address blocks:        2407:6ac0:11::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.crl
                          rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 22 Oct 2025 21:45:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:16:dc:a0:74:56:27:72:96:3d:52:ea:68:d6:bf:03:1c:24:bc:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387
        Validity
            Not Before: Sep 29 04:57:58 2025 GMT
            Not After : Sep 28 05:02:58 2026 GMT
        Subject: CN=9A00F8AC54DF129CF7E4C3C603E9B4BCF21261A1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a5:32:16:fc:8f:09:4c:9d:d4:e7:1e:fe:95:
                    54:5d:9b:a1:2c:35:7f:12:9f:f9:5f:3b:08:03:79:
                    33:f6:53:dd:58:69:67:e8:56:7e:4c:69:e9:8e:4c:
                    ab:fe:1a:67:63:2d:11:3b:80:c2:e8:91:13:42:4d:
                    92:7d:a0:40:68:85:cf:c8:8d:92:5d:87:98:a3:d5:
                    a5:02:02:cf:71:b9:6a:bb:7f:10:d2:e9:86:09:e1:
                    0f:21:8b:0f:9c:4a:93:4a:16:6b:54:21:0a:33:95:
                    c8:a3:28:b4:37:07:bd:da:30:6a:d3:c4:63:2a:9f:
                    e0:61:5f:ac:0e:af:8c:e7:b7:49:a5:f6:7f:05:fb:
                    9f:e6:0b:cf:27:1b:dd:e8:11:d8:f2:9c:64:2e:a4:
                    06:fe:d5:6c:d7:23:a0:38:54:82:1b:ff:d9:90:15:
                    b7:1e:40:66:5c:c2:16:96:76:bb:c1:de:2a:8b:e1:
                    f0:02:3e:5c:dd:7a:02:dd:05:5f:92:d0:d7:b3:e6:
                    5a:c2:05:e8:90:13:02:6b:f3:81:ff:6b:3d:c5:b2:
                    7e:d2:1d:b1:f2:d3:a2:61:ff:b3:9f:de:d7:7d:b5:
                    9b:44:4b:4d:d4:de:f8:34:69:31:ae:0a:c1:75:17:
                    cf:e3:ab:49:78:e8:52:c8:ef:26:ec:35:a3:02:50:
                    c3:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:00:F8:AC:54:DF:12:9C:F7:E4:C3:C6:03:E9:B4:BC:F2:12:61:A1
            X509v3 Authority Key Identifier:
                keyid:F0:61:54:57:40:B6:B6:6A:9D:3C:1D:1F:E4:F3:FD:B5:A4:F6:93:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/323430373a366163303a31313a3a2f34382d3438203d3e20313431393638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2407:6ac0:11::/48

    Signature Algorithm: sha256WithRSAEncryption
         bd:6e:c4:8b:3e:ed:37:21:cb:ea:22:61:93:e7:e8:49:5c:3a:
         eb:17:df:47:89:3e:c7:7a:c6:25:74:3c:ad:6a:9f:a1:ca:14:
         67:fa:90:c9:69:0d:4b:07:2f:e3:be:a7:0c:04:01:34:38:5e:
         22:ff:7b:b6:5e:ac:cb:e7:19:fc:39:63:81:39:ab:ae:7b:9d:
         54:90:25:ec:f4:4b:82:67:30:31:0b:f9:26:14:60:3a:7c:35:
         d7:6c:19:a8:bd:dc:11:24:b5:f4:b1:79:23:fd:ec:72:ef:f9:
         67:ef:82:e5:90:18:cb:bb:db:13:e9:eb:47:f8:61:df:c1:25:
         80:04:46:39:17:5c:e0:64:fe:0b:55:04:8b:91:1f:80:3b:cb:
         20:cf:99:07:3f:45:e6:e9:d2:ee:da:a4:0e:fe:89:c9:05:a3:
         6b:62:d6:5e:f0:fb:1d:6e:cb:35:e3:da:94:e3:4b:6d:32:27:
         d3:42:75:c0:38:fb:4b:71:d8:0c:7f:96:19:c5:09:a6:d2:c9:
         47:18:c9:c2:32:39:3a:50:a3:6f:3e:49:47:6c:af:2d:db:98:
         35:2b:e3:fa:bb:d9:f4:51:15:dc:90:ad:3d:48:f8:7d:24:d8:
         fe:f9:5c:bc:d5:8d:64:b4:5f:a8:fb:77:4a:02:0d:36:fa:e8:
         78:97:96:1b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUNhbcoHRWJ3KWPVLqaNa/AxwkvC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjA2MTU0NTc0MEI2QjY2QTlEM0MxRDFGRTRGM0ZEQjVB
NEY2OTM4NzAeFw0yNTA5MjkwNDU3NThaFw0yNjA5MjgwNTAyNThaMDMxMTAvBgNV
BAMTKDlBMDBGOEFDNTRERjEyOUNGN0U0QzNDNjAzRTlCNEJDRjIxMjYxQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLpTIW/I8JTJ3U5x7+lVRdm6Es
NX8Sn/lfOwgDeTP2U91YaWfoVn5MaemOTKv+GmdjLRE7gMLokRNCTZJ9oEBohc/I
jZJdh5ij1aUCAs9xuWq7fxDS6YYJ4Q8hiw+cSpNKFmtUIQozlcijKLQ3B73aMGrT
xGMqn+BhX6wOr4znt0ml9n8F+5/mC88nG93oEdjynGQupAb+1WzXI6A4VIIb/9mQ
FbceQGZcwhaWdrvB3iqL4fACPlzdegLdBV+S0Nez5lrCBeiQEwJr84H/az3Fsn7S
HbHy06Jh/7Of3td9tZtES03U3vg0aTGuCsF1F8/jq0l46FLI7ybsNaMCUMPPAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUmgD4rFTfEpz35MPGA+m0vPISYaEwHwYDVR0j
BBgwFoAU8GFUV0C2tmqdPB0f5PP9taT2k4cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
MzZhMjE3MS0xMmEwLTRlMDEtYmNhYi1iZTNiNmI4MzZmNWQvMC9GMDYxNTQ1NzQw
QjZCNjZBOUQzQzFEMUZFNEYzRkRCNUE0RjY5Mzg3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjA2MTU0NTc0MEI2QjY2QTlEM0MxRDFGRTRGM0ZEQjVBNEY2
OTM4Ny5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2EzNmEyMTcxLTEyYTAtNGUwMS1i
Y2FiLWJlM2I2YjgzNmY1ZC8wLzMyMzQzMDM3M2EzNjYxNjMzMDNhMzEzMTNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzMTM5MzYzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQHasAA
ETANBgkqhkiG9w0BAQsFAAOCAQEAvW7Eiz7tNyHL6iJhk+foSVw66xffR4k+x3rG
JXQ8rWqfocoUZ/qQyWkNSwcv476nDAQBNDheIv97tl6sy+cZ/DljgTmrrnudVJAl
7PRLgmcwMQv5JhRgOnw112wZqL3cESS19LF5I/3scu/5Z++C5ZAYy7vbE+nrR/hh
38ElgARGORdc4GT+C1UEi5EfgDvLIM+ZBz9F5unS7tqkDv6JyQWja2LWXvD7HW7L
NePalONLbTIn00J1wDj7S3HYDH+WGcUJptLJRxjJwjI5OlCjbz5JR2yvLduYNSvj
+rvZ9FEV3JCtPUj4fSTY/vlcvNWNZLRfqPt3SgINNvroeJeWGw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:20:55 2025 by rpki-client