Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/af6d185e-d4f4-4820-b4b6-798c307ad7e5/0/3130332e3133302e3139382e302f32332d3234203d3e20313338303737.roa
File:                     3130332e3133302e3139382e302f32332d3234203d3e20313338303737.roa (raw, json)
Hash identifier:          GBdm9qQ0p29KR8e28QB9UjrYbB7/EDKaMJEitqFkR/M=
Subject key identifier:   1E:BD:61:9A:7B:7E:2D:00:56:DB:B0:3D:D8:06:F1:F9:A2:00:22:3E
Certificate issuer:       /CN=B877CD1C542C3DE2CBB8EF151F179B857E9376E4
Certificate serial:       79DC9190A6D59A8CB3783A62E35B86EE4DF56672
Authority key identifier: B8:77:CD:1C:54:2C:3D:E2:CB:B8:EF:15:1F:17:9B:85:7E:93:76:E4
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B877CD1C542C3DE2CBB8EF151F179B857E9376E4.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/af6d185e-d4f4-4820-b4b6-798c307ad7e5/0/3130332e3133302e3139382e302f32332d3234203d3e20313338303737.roa
Signing time:             Sat 18 Oct 2025 04:00:01 +0000
ROA not before:           Sat 18 Oct 2025 03:55:01 +0000
ROA not after:            Sat 17 Oct 2026 04:00:01 +0000
asID:                     138077
IP address blocks:        103.130.198.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/af6d185e-d4f4-4820-b4b6-798c307ad7e5/0/B877CD1C542C3DE2CBB8EF151F179B857E9376E4.crl
                          rsync://repo-rpki.idnic.net/repo/af6d185e-d4f4-4820-b4b6-798c307ad7e5/0/B877CD1C542C3DE2CBB8EF151F179B857E9376E4.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B877CD1C542C3DE2CBB8EF151F179B857E9376E4.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 21 Oct 2025 15:25:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:dc:91:90:a6:d5:9a:8c:b3:78:3a:62:e3:5b:86:ee:4d:f5:66:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B877CD1C542C3DE2CBB8EF151F179B857E9376E4
        Validity
            Not Before: Oct 18 03:55:01 2025 GMT
            Not After : Oct 17 04:00:01 2026 GMT
        Subject: CN=1EBD619A7B7E2D0056DBB03DD806F1F9A200223E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:a0:5f:0a:0e:a5:7d:1c:72:58:7b:ed:10:a9:
                    11:8e:0b:03:ab:49:f7:b1:94:f4:37:c3:81:d7:0b:
                    11:11:4c:17:b5:16:e3:4c:5f:68:0c:32:cd:77:a3:
                    7f:89:68:9e:35:18:18:17:dd:8d:bc:69:c8:fe:96:
                    5a:6a:e1:44:e9:1c:18:c8:ce:00:62:78:6d:e9:1c:
                    f5:fd:8d:8b:6e:bb:5b:f3:a0:25:55:03:37:b1:5a:
                    46:79:99:85:5f:97:ca:5f:f9:c1:7c:3b:ed:9f:9d:
                    7f:ce:36:8a:bd:6b:d9:5e:b1:02:30:4c:79:c0:e8:
                    10:0c:76:b5:2f:c0:18:c4:c1:d6:90:ae:0f:97:ea:
                    dd:ae:4c:22:5f:cc:1a:b3:15:39:56:1e:05:a6:17:
                    0c:72:a7:f1:78:37:70:7c:19:5a:0e:76:bc:60:e4:
                    a1:e3:6d:ff:37:5e:94:02:0e:ce:75:45:a5:31:99:
                    0e:d5:8a:53:b5:2e:98:5a:d1:c8:47:f1:16:4a:f6:
                    3a:c7:04:c2:93:c1:8a:28:e5:71:90:a9:38:d5:85:
                    0c:a5:83:de:f4:62:dd:d1:6e:0f:9b:f0:6d:16:29:
                    c5:61:95:7c:56:23:56:41:dd:b1:68:3d:ec:a7:c8:
                    d2:63:6a:29:11:fc:c2:65:7c:2d:e1:bc:62:a6:92:
                    cd:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:BD:61:9A:7B:7E:2D:00:56:DB:B0:3D:D8:06:F1:F9:A2:00:22:3E
            X509v3 Authority Key Identifier:
                keyid:B8:77:CD:1C:54:2C:3D:E2:CB:B8:EF:15:1F:17:9B:85:7E:93:76:E4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/af6d185e-d4f4-4820-b4b6-798c307ad7e5/0/B877CD1C542C3DE2CBB8EF151F179B857E9376E4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B877CD1C542C3DE2CBB8EF151F179B857E9376E4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/af6d185e-d4f4-4820-b4b6-798c307ad7e5/0/3130332e3133302e3139382e302f32332d3234203d3e20313338303737.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.130.198.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a7:9a:82:4d:79:65:f8:89:61:a2:17:f3:8d:68:cb:9f:24:e2:
         66:ab:d0:99:a3:a3:9d:60:f0:27:f2:6f:8b:58:7b:82:06:f4:
         6c:1f:5e:b4:47:76:f7:07:cc:11:b2:23:ad:d3:07:c6:31:78:
         19:f6:69:13:37:47:a6:4a:6a:b4:f7:02:9a:44:af:d0:f0:0a:
         da:1d:73:e8:90:6e:c2:cf:80:ac:fa:ab:a4:36:68:95:51:60:
         1e:2a:35:48:4f:36:50:f9:db:37:84:c3:95:96:5f:03:8a:99:
         e0:67:fb:e7:b4:a8:ec:c6:15:1a:06:8b:23:cb:b2:33:aa:79:
         7b:0a:80:1f:13:6b:23:ef:43:fc:f9:3e:49:80:6a:22:a0:2c:
         80:27:20:d5:0e:ad:23:2c:18:c7:31:f6:b0:6b:e8:64:47:15:
         2d:90:ea:79:60:f8:e3:37:d1:19:2e:ba:45:0f:a7:be:1f:9d:
         f0:24:58:41:af:d8:72:53:94:b3:13:15:f8:34:18:9e:52:25:
         bf:4f:b1:6c:c8:5e:4b:8a:3b:95:bd:db:d5:df:63:c7:63:0d:
         b9:2f:df:bf:6c:a3:e7:35:ce:7e:6e:ca:92:05:3e:36:cc:22:
         ce:b7:58:56:ff:89:03:29:d0:76:8f:9e:4a:1e:9b:0e:57:09:
         75:bd:f0:81
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUedyRkKbVmoyzeDpi41uG7k31ZnIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjg3N0NEMUM1NDJDM0RFMkNCQjhFRjE1MUYxNzlCODU3
RTkzNzZFNDAeFw0yNTEwMTgwMzU1MDFaFw0yNjEwMTcwNDAwMDFaMDMxMTAvBgNV
BAMTKDFFQkQ2MTlBN0I3RTJEMDA1NkRCQjAzREQ4MDZGMUY5QTIwMDIyM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqoF8KDqV9HHJYe+0QqRGOCwOr
SfexlPQ3w4HXCxERTBe1FuNMX2gMMs13o3+JaJ41GBgX3Y28acj+llpq4UTpHBjI
zgBieG3pHPX9jYtuu1vzoCVVAzexWkZ5mYVfl8pf+cF8O+2fnX/ONoq9a9lesQIw
THnA6BAMdrUvwBjEwdaQrg+X6t2uTCJfzBqzFTlWHgWmFwxyp/F4N3B8GVoOdrxg
5KHjbf83XpQCDs51RaUxmQ7VilO1Lpha0chH8RZK9jrHBMKTwYoo5XGQqTjVhQyl
g970Yt3Rbg+b8G0WKcVhlXxWI1ZB3bFoPeynyNJjaikR/MJlfC3hvGKmks2hAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUHr1hmnt+LQBW27A92Abx+aIAIj4wHwYDVR0j
BBgwFoAUuHfNHFQsPeLLuO8VHxebhX6TduQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ZjZkMTg1ZS1kNGY0LTQ4MjAtYjRiNi03OThjMzA3YWQ3ZTUvMC9CODc3Q0QxQzU0
MkMzREUyQ0JCOEVGMTUxRjE3OUI4NTdFOTM3NkU0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjg3N0NEMUM1NDJDM0RFMkNCQjhFRjE1MUYxNzlCODU3RTkz
NzZFNC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2FmNmQxODVlLWQ0ZjQtNDgyMC1i
NGI2LTc5OGMzMDdhZDdlNS8wLzMxMzAzMzJlMzEzMzMwMmUzMTM5MzgyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTMzMzgzMDM3Mzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFngsYwDQYJ
KoZIhvcNAQELBQADggEBAKeagk15ZfiJYaIX841oy58k4mar0Jmjo51g8Cfyb4tY
e4IG9GwfXrRHdvcHzBGyI63TB8YxeBn2aRM3R6ZKarT3AppEr9DwCtodc+iQbsLP
gKz6q6Q2aJVRYB4qNUhPNlD52zeEw5WWXwOKmeBn++e0qOzGFRoGiyPLsjOqeXsK
gB8TayPvQ/z5PkmAaiKgLIAnINUOrSMsGMcx9rBr6GRHFS2Q6nlg+OM30RkuukUP
p74fnfAkWEGv2HJTlLMTFfg0GJ5SJb9PsWzIXkuKO5W929XfY8djDbkv379so+c1
zn5uypIFPjbMIs63WFb/iQMp0HaPnkoemw5XCXW98IE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:23:07 2025 by rpki-client