Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/323430373a366163303a353a3a2f34382d3438203d3e20313431393638.roa
File:                     323430373a366163303a353a3a2f34382d3438203d3e20313431393638.roa (raw, json)
Hash identifier:          y53KFZA/tHqzsXpGrb+bL9SpP44PyS+GN1rbt/HAxH8=
Subject key identifier:   19:16:45:34:02:31:0B:FA:98:19:F6:D5:0D:07:90:80:44:39:99:78
Certificate issuer:       /CN=F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387
Certificate serial:       642D43B1E2FF05C7A323966BC2121652E80A6D4B
Authority key identifier: F0:61:54:57:40:B6:B6:6A:9D:3C:1D:1F:E4:F3:FD:B5:A4:F6:93:87
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/323430373a366163303a353a3a2f34382d3438203d3e20313431393638.roa
Signing time:             Mon 29 Sep 2025 04:00:01 +0000
ROA not before:           Mon 29 Sep 2025 03:55:01 +0000
ROA not after:            Mon 28 Sep 2026 04:00:01 +0000
asID:                     141968
IP address blocks:        2407:6ac0:5::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.crl
                          rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 22 Oct 2025 21:45:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:2d:43:b1:e2:ff:05:c7:a3:23:96:6b:c2:12:16:52:e8:0a:6d:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387
        Validity
            Not Before: Sep 29 03:55:01 2025 GMT
            Not After : Sep 28 04:00:01 2026 GMT
        Subject: CN=1916453402310BFA9819F6D50D07908044399978
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:51:97:c1:ef:18:08:d2:d4:9a:5e:1d:da:6f:
                    e6:93:46:43:ba:8b:de:ba:cd:d7:ce:81:f0:33:01:
                    e5:b4:99:a9:9b:32:9b:88:d2:48:ee:ed:76:f9:78:
                    b4:cf:c7:f4:7c:bb:73:4e:61:34:9d:a8:ab:99:f9:
                    04:9e:e7:0f:6f:61:79:1d:d9:53:83:4e:40:f5:ed:
                    24:33:33:c5:8d:dd:f8:40:ed:72:93:62:6d:e6:7a:
                    8d:4d:1b:98:2a:c3:ff:96:67:b3:0e:8e:e3:8a:a4:
                    8d:5e:f0:86:24:c8:e6:a0:bd:d4:fa:72:b1:60:13:
                    d4:05:c3:98:37:e7:27:c8:70:3f:21:4e:8d:9f:65:
                    c9:f2:b9:11:1c:9a:e5:46:c7:64:de:65:0f:1f:72:
                    0e:69:f6:71:6d:57:51:92:dc:77:99:40:24:5f:29:
                    b1:ce:16:c2:6f:f4:a7:26:67:7c:ff:d4:f8:ab:ee:
                    78:bb:dc:0f:f0:b8:05:1f:83:bf:ed:52:cd:cd:1f:
                    af:89:c7:41:4d:78:d8:8f:fb:68:66:6f:37:10:e0:
                    82:fa:f4:ae:f0:b7:de:5c:12:7d:b2:bb:aa:1e:4a:
                    f4:e9:ad:91:ff:bc:0a:a1:6d:7b:4a:4e:86:cb:62:
                    3f:c2:0d:18:f7:60:8f:f5:9e:90:48:27:eb:97:4b:
                    c4:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:16:45:34:02:31:0B:FA:98:19:F6:D5:0D:07:90:80:44:39:99:78
            X509v3 Authority Key Identifier:
                keyid:F0:61:54:57:40:B6:B6:6A:9D:3C:1D:1F:E4:F3:FD:B5:A4:F6:93:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F061545740B6B66A9D3C1D1FE4F3FDB5A4F69387.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a36a2171-12a0-4e01-bcab-be3b6b836f5d/0/323430373a366163303a353a3a2f34382d3438203d3e20313431393638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2407:6ac0:5::/48

    Signature Algorithm: sha256WithRSAEncryption
         c5:d7:c4:5b:4d:43:09:84:1b:08:5e:63:13:44:61:47:b6:27:
         c6:fb:75:be:af:95:ec:2a:b2:f9:da:d7:26:de:fa:08:1b:32:
         13:69:0f:95:ae:cf:45:75:c3:f2:f1:5b:9a:f4:11:ab:99:57:
         45:b3:57:db:31:f6:9e:f3:a9:d6:42:60:f6:bf:9c:15:a2:4c:
         62:4a:06:82:75:59:e3:d2:9b:6f:11:19:f2:15:e1:7a:3e:da:
         74:55:45:39:d9:ab:f8:f9:de:cf:59:6b:40:35:f4:15:26:74:
         d2:84:35:32:4d:bc:75:6d:1f:6e:a6:a8:cd:98:69:bb:36:1e:
         1b:ff:b4:c8:79:17:27:bb:dd:cb:44:84:50:8c:4b:3f:d8:08:
         a6:9c:f6:59:bc:f2:71:db:b6:04:21:4a:ef:34:37:a9:b4:b6:
         10:9a:0a:17:05:f7:c3:c2:08:ab:02:31:4f:a7:1d:72:f6:55:
         4b:e1:96:53:ea:06:0d:dc:5d:95:32:18:35:5c:0d:50:07:2d:
         17:62:22:21:42:bf:f7:69:c6:86:d9:c2:af:a5:b1:c7:a7:8b:
         fa:0b:e0:1a:80:2b:b6:36:ab:6e:21:bd:11:07:16:1b:31:f9:
         a1:37:17:e1:cb:64:13:15:81:27:c3:f3:6c:c0:51:c9:42:11:
         26:32:f2:19
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUZC1DseL/BcejI5ZrwhIWUugKbUswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjA2MTU0NTc0MEI2QjY2QTlEM0MxRDFGRTRGM0ZEQjVB
NEY2OTM4NzAeFw0yNTA5MjkwMzU1MDFaFw0yNjA5MjgwNDAwMDFaMDMxMTAvBgNV
BAMTKDE5MTY0NTM0MDIzMTBCRkE5ODE5RjZENTBEMDc5MDgwNDQzOTk5NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfUZfB7xgI0tSaXh3ab+aTRkO6
i966zdfOgfAzAeW0mambMpuI0kju7Xb5eLTPx/R8u3NOYTSdqKuZ+QSe5w9vYXkd
2VODTkD17SQzM8WN3fhA7XKTYm3meo1NG5gqw/+WZ7MOjuOKpI1e8IYkyOagvdT6
crFgE9QFw5g35yfIcD8hTo2fZcnyuREcmuVGx2TeZQ8fcg5p9nFtV1GS3HeZQCRf
KbHOFsJv9KcmZ3z/1Pir7ni73A/wuAUfg7/tUs3NH6+Jx0FNeNiP+2hmbzcQ4IL6
9K7wt95cEn2yu6oeSvTprZH/vAqhbXtKTobLYj/CDRj3YI/1npBIJ+uXS8Q9AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUGRZFNAIxC/qYGfbVDQeQgEQ5mXgwHwYDVR0j
BBgwFoAU8GFUV0C2tmqdPB0f5PP9taT2k4cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
MzZhMjE3MS0xMmEwLTRlMDEtYmNhYi1iZTNiNmI4MzZmNWQvMC9GMDYxNTQ1NzQw
QjZCNjZBOUQzQzFEMUZFNEYzRkRCNUE0RjY5Mzg3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjA2MTU0NTc0MEI2QjY2QTlEM0MxRDFGRTRGM0ZEQjVBNEY2
OTM4Ny5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2EzNmEyMTcxLTEyYTAtNGUwMS1i
Y2FiLWJlM2I2YjgzNmY1ZC8wLzMyMzQzMDM3M2EzNjYxNjMzMDNhMzUzYTNhMmYz
NDM4MmQzNDM4MjAzZDNlMjAzMTM0MzEzOTM2Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkB2rAAAUw
DQYJKoZIhvcNAQELBQADggEBAMXXxFtNQwmEGwheYxNEYUe2J8b7db6vlewqsvna
1ybe+ggbMhNpD5Wuz0V1w/LxW5r0EauZV0WzV9sx9p7zqdZCYPa/nBWiTGJKBoJ1
WePSm28RGfIV4Xo+2nRVRTnZq/j53s9Za0A19BUmdNKENTJNvHVtH26mqM2Yabs2
Hhv/tMh5Fye73ctEhFCMSz/YCKac9lm88nHbtgQhSu80N6m0thCaChcF98PCCKsC
MU+nHXL2VUvhllPqBg3cXZUyGDVcDVAHLRdiIiFCv/dpxobZwq+lsceni/oL4BqA
K7Y2q24hvREHFhsx+aE3F+HLZBMVgSfD82zAUclCESYy8hk=
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:16:52 2025 by rpki-client