Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8f285ef-3453-4179-a553-f19597de9ded/0/323030313a6466333a666434303a3a2f34382d3438203d3e20313532303535.roa
File:                     323030313a6466333a666434303a3a2f34382d3438203d3e20313532303535.roa (raw, json)
Hash identifier:          nQLud3Jn262khF6pI+ZrfSTaiFCpRTXR0OL4+TzR7ac=
Subject key identifier:   3E:BE:83:B4:B6:17:01:B8:83:A7:97:AC:E0:3A:01:E5:1F:81:EE:67
Certificate issuer:       /CN=E07F0E8DE2572DC7B8137EC0679F42645D695A54
Certificate serial:       1676BDD78B8A9ACC12AAA860BC947AD0CA23443C
Authority key identifier: E0:7F:0E:8D:E2:57:2D:C7:B8:13:7E:C0:67:9F:42:64:5D:69:5A:54
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E07F0E8DE2572DC7B8137EC0679F42645D695A54.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8f285ef-3453-4179-a553-f19597de9ded/0/323030313a6466333a666434303a3a2f34382d3438203d3e20313532303535.roa
Signing time:             Wed 11 Jun 2025 09:02:23 +0000
ROA not before:           Wed 11 Jun 2025 08:57:23 +0000
ROA not after:            Wed 10 Jun 2026 09:02:23 +0000
asID:                     152055
IP address blocks:        2001:df3:fd40::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/a8f285ef-3453-4179-a553-f19597de9ded/0/E07F0E8DE2572DC7B8137EC0679F42645D695A54.crl
                          rsync://repo-rpki.idnic.net/repo/a8f285ef-3453-4179-a553-f19597de9ded/0/E07F0E8DE2572DC7B8137EC0679F42645D695A54.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E07F0E8DE2572DC7B8137EC0679F42645D695A54.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 02 Jul 2025 19:39:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:76:bd:d7:8b:8a:9a:cc:12:aa:a8:60:bc:94:7a:d0:ca:23:44:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E07F0E8DE2572DC7B8137EC0679F42645D695A54
        Validity
            Not Before: Jun 11 08:57:23 2025 GMT
            Not After : Jun 10 09:02:23 2026 GMT
        Subject: CN=3EBE83B4B61701B883A797ACE03A01E51F81EE67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:be:95:27:1d:b0:96:f2:f8:0c:35:83:d1:0e:
                    93:00:67:88:ce:a7:43:82:8d:9e:66:df:00:02:27:
                    f8:6a:d6:82:a9:36:0a:f0:75:d1:95:2a:b5:00:ee:
                    3a:ad:15:43:19:81:9b:d8:b3:ae:90:da:0a:48:5c:
                    21:c8:e2:db:32:d3:4e:88:7b:e7:93:c5:64:1a:a6:
                    90:1d:97:bf:57:95:d7:52:88:bc:60:f9:c1:d6:98:
                    68:fa:8c:b9:7e:e0:99:ff:db:d2:87:3e:a1:2a:e8:
                    29:72:5f:6d:04:f3:7e:d3:70:ca:71:af:21:bb:5e:
                    6d:6d:5c:9a:36:d4:85:8d:c0:87:80:b3:02:31:f8:
                    a9:28:83:d5:3a:f6:90:9d:2e:c8:9c:e5:65:47:07:
                    75:10:e4:91:29:c3:f4:b5:28:8b:55:6b:c0:a4:bd:
                    34:97:4d:8e:40:a7:f3:f7:0d:59:fb:8f:3b:f7:b5:
                    56:7e:14:41:73:59:2f:6b:b0:b1:aa:e4:d9:87:21:
                    2e:ec:0d:7c:aa:1c:49:d4:8e:52:34:bc:d3:5f:91:
                    a3:27:44:20:18:25:7d:68:46:30:94:08:e3:41:79:
                    35:0d:59:44:70:2c:6d:dc:84:54:57:a2:d2:43:fe:
                    8b:42:db:1b:a4:58:9e:4d:fd:36:13:aa:e4:c7:d8:
                    d5:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:BE:83:B4:B6:17:01:B8:83:A7:97:AC:E0:3A:01:E5:1F:81:EE:67
            X509v3 Authority Key Identifier:
                keyid:E0:7F:0E:8D:E2:57:2D:C7:B8:13:7E:C0:67:9F:42:64:5D:69:5A:54

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8f285ef-3453-4179-a553-f19597de9ded/0/E07F0E8DE2572DC7B8137EC0679F42645D695A54.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E07F0E8DE2572DC7B8137EC0679F42645D695A54.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8f285ef-3453-4179-a553-f19597de9ded/0/323030313a6466333a666434303a3a2f34382d3438203d3e20313532303535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df3:fd40::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:3c:34:d6:49:14:53:41:bc:94:ea:a6:ab:ef:89:73:e7:c1:
         5f:42:8f:b1:f7:c4:d3:44:63:77:34:3e:80:d7:e0:a3:1d:d7:
         fb:6e:f0:42:45:bc:40:ea:a0:59:f9:42:87:17:25:73:c8:8b:
         7d:68:e5:10:49:29:f6:63:5c:6a:e9:c4:5b:ed:42:7b:d3:7f:
         ea:b2:0b:b1:ae:cd:99:a2:9a:fc:7e:54:c0:75:06:4a:ee:0c:
         d8:15:00:a6:50:be:f8:8e:e5:92:4f:2f:f6:9e:4c:be:e1:db:
         05:86:9d:42:2e:54:84:14:2f:39:f9:88:42:04:3c:af:72:d6:
         2a:26:6a:14:65:86:97:e2:52:41:9c:17:21:88:f1:c2:e4:4f:
         08:fd:1c:ce:1b:be:58:ca:4c:2a:03:e9:5c:89:3c:3e:dc:c1:
         41:f6:6f:e1:63:3e:9c:a3:74:74:d5:78:96:0a:81:3a:ce:03:
         dd:78:24:33:90:cd:ee:de:8a:34:f2:0b:97:e8:57:3d:ab:1a:
         2f:8d:ee:39:f8:b2:2a:a7:be:10:2a:70:66:15:14:a4:59:8f:
         01:ff:a0:82:50:ee:eb:85:01:22:17:60:5b:6c:f7:90:4f:ec:
         b5:ee:27:c5:96:37:e5:00:3d:20:3b:60:bf:b9:9d:d3:be:e8:
         ed:91:c9:dc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFna914uKmswSqqhgvJR60MojRDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTA3RjBFOERFMjU3MkRDN0I4MTM3RUMwNjc5RjQyNjQ1
RDY5NUE1NDAeFw0yNTA2MTEwODU3MjNaFw0yNjA2MTAwOTAyMjNaMDMxMTAvBgNV
BAMTKDNFQkU4M0I0QjYxNzAxQjg4M0E3OTdBQ0UwM0EwMUU1MUY4MUVFNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjvpUnHbCW8vgMNYPRDpMAZ4jO
p0OCjZ5m3wACJ/hq1oKpNgrwddGVKrUA7jqtFUMZgZvYs66Q2gpIXCHI4tsy006I
e+eTxWQappAdl79XlddSiLxg+cHWmGj6jLl+4Jn/29KHPqEq6ClyX20E837TcMpx
ryG7Xm1tXJo21IWNwIeAswIx+Kkog9U69pCdLsic5WVHB3UQ5JEpw/S1KItVa8Ck
vTSXTY5Ap/P3DVn7jzv3tVZ+FEFzWS9rsLGq5NmHIS7sDXyqHEnUjlI0vNNfkaMn
RCAYJX1oRjCUCONBeTUNWURwLG3chFRXotJD/otC2xukWJ5N/TYTquTH2NWfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPr6DtLYXAbiDp5es4DoB5R+B7mcwHwYDVR0j
BBgwFoAU4H8OjeJXLce4E37AZ59CZF1pWlQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
OGYyODVlZi0zNDUzLTQxNzktYTU1My1mMTk1OTdkZTlkZWQvMC9FMDdGMEU4REUy
NTcyREM3QjgxMzdFQzA2NzlGNDI2NDVENjk1QTU0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRTA3RjBFOERFMjU3MkRDN0I4MTM3RUMwNjc5RjQyNjQ1RDY5
NUE1NC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4ZjI4NWVmLTM0NTMtNDE3OS1h
NTUzLWYxOTU5N2RlOWRlZC8wLzMyMzAzMDMxM2E2NDY2MzMzYTY2NjQzNDMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNTMyMzAzNTM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
8/1AMA0GCSqGSIb3DQEBCwUAA4IBAQACPDTWSRRTQbyU6qar74lz58FfQo+x98TT
RGN3ND6A1+CjHdf7bvBCRbxA6qBZ+UKHFyVzyIt9aOUQSSn2Y1xq6cRb7UJ703/q
sguxrs2Zopr8flTAdQZK7gzYFQCmUL74juWSTy/2nky+4dsFhp1CLlSEFC85+YhC
BDyvctYqJmoUZYaX4lJBnBchiPHC5E8I/RzOG75YykwqA+lciTw+3MFB9m/hYz6c
o3R01XiWCoE6zgPdeCQzkM3u3oo08guX6Fc9qxovje45+LIqp74QKnBmFRSkWY8B
/6CCUO7rhQEiF2BbbPeQT+y17ifFljflAD0gO2C/uZ3Tvujtkcnc
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:53:32 2025 by rpki-client