Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/b606718f-f4c6-4775-8957-99d2bd666363/0/3131332e35392e3233322e302f32322d3234203d3e203435323936.roa
File:                     3131332e35392e3233322e302f32322d3234203d3e203435323936.roa (raw, json)
Hash identifier:          kqGfNPGo8vr6qEuioNQey/aEeNu4t6Mg5faJoQyQKYs=
Subject key identifier:   80:32:A3:DD:8B:EA:38:9F:6C:99:12:35:11:10:B8:99:B3:CD:EC:29
Certificate issuer:       /CN=9B2F00476D6AC1BAAB05C5A625DC00C2A59F99D7
Certificate serial:       496EE2DEF6CDAF950E579913751DA62CE509A97D
Authority key identifier: 9B:2F:00:47:6D:6A:C1:BA:AB:05:C5:A6:25:DC:00:C2:A5:9F:99:D7
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9B2F00476D6AC1BAAB05C5A625DC00C2A59F99D7.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/b606718f-f4c6-4775-8957-99d2bd666363/0/3131332e35392e3233322e302f32322d3234203d3e203435323936.roa
Signing time:             Tue 02 Sep 2025 09:00:00 +0000
ROA not before:           Tue 02 Sep 2025 08:55:00 +0000
ROA not after:            Tue 01 Sep 2026 09:00:00 +0000
asID:                     45296
IP address blocks:        113.59.232.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/b606718f-f4c6-4775-8957-99d2bd666363/0/9B2F00476D6AC1BAAB05C5A625DC00C2A59F99D7.crl
                          rsync://repo-rpki.idnic.net/repo/b606718f-f4c6-4775-8957-99d2bd666363/0/9B2F00476D6AC1BAAB05C5A625DC00C2A59F99D7.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9B2F00476D6AC1BAAB05C5A625DC00C2A59F99D7.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 21 Oct 2025 14:47:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:6e:e2:de:f6:cd:af:95:0e:57:99:13:75:1d:a6:2c:e5:09:a9:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9B2F00476D6AC1BAAB05C5A625DC00C2A59F99D7
        Validity
            Not Before: Sep  2 08:55:00 2025 GMT
            Not After : Sep  1 09:00:00 2026 GMT
        Subject: CN=8032A3DD8BEA389F6C9912351110B899B3CDEC29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:6e:0f:78:c1:36:02:e5:31:a4:55:97:74:c8:
                    b4:39:76:cd:61:4c:d4:c5:cf:b5:3a:88:d1:68:01:
                    54:4f:95:80:03:c0:8b:4f:d9:a7:b6:77:7f:e7:3f:
                    ae:81:69:e5:e6:61:2d:cb:57:e3:88:7f:3b:d7:29:
                    5d:3b:72:59:66:63:3e:4b:13:81:22:86:b8:24:a0:
                    d9:50:4a:2c:72:be:48:91:df:06:7d:ac:4a:a3:14:
                    20:a5:29:55:b9:5a:74:6a:7b:c5:eb:38:30:28:4e:
                    dd:55:89:ff:de:df:e1:be:6a:1d:79:3f:00:ce:71:
                    d3:7c:e5:75:41:28:3e:a5:61:9b:80:79:fe:4a:c9:
                    9b:e4:d1:cf:b7:b3:c2:cd:59:06:a6:0b:a3:a9:2d:
                    bf:70:26:95:22:e7:dc:fb:f8:6a:e4:28:ef:81:29:
                    73:15:41:2b:1e:fa:29:16:6d:af:13:56:b4:bc:5a:
                    b9:a2:e4:1d:fb:54:f5:27:7a:a3:29:31:e8:c0:1b:
                    32:90:d8:e1:f8:db:d1:96:f0:fb:d2:07:02:94:81:
                    a2:c8:d1:d3:37:04:ed:09:2c:fc:08:02:e2:be:f5:
                    bb:21:91:a8:dc:59:4b:f8:1c:3c:66:35:ab:13:b7:
                    85:e2:94:85:42:33:a1:fc:cb:5a:3b:51:a1:c1:3b:
                    01:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:32:A3:DD:8B:EA:38:9F:6C:99:12:35:11:10:B8:99:B3:CD:EC:29
            X509v3 Authority Key Identifier:
                keyid:9B:2F:00:47:6D:6A:C1:BA:AB:05:C5:A6:25:DC:00:C2:A5:9F:99:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/b606718f-f4c6-4775-8957-99d2bd666363/0/9B2F00476D6AC1BAAB05C5A625DC00C2A59F99D7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9B2F00476D6AC1BAAB05C5A625DC00C2A59F99D7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b606718f-f4c6-4775-8957-99d2bd666363/0/3131332e35392e3233322e302f32322d3234203d3e203435323936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.59.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         97:54:dc:c3:35:18:8c:0a:75:5e:0f:c0:69:96:2b:56:8e:5b:
         5f:b9:1e:56:86:bb:96:d6:bd:69:23:26:8b:c5:e2:83:86:dd:
         72:33:9c:1b:59:a7:3f:ad:15:f5:b2:e9:1c:18:1d:f0:b7:39:
         71:05:c3:e0:d1:1b:dd:b1:e6:e0:3a:15:e9:1c:f2:66:f9:a4:
         c4:42:20:9a:bd:00:4d:1f:55:53:3b:ba:6f:3b:d9:85:29:97:
         08:20:02:f4:88:61:6e:2b:a0:c7:dd:cf:1d:95:a9:4e:54:7b:
         b1:65:2f:97:3a:85:ce:14:9e:dd:e8:f5:2f:32:e8:0e:de:05:
         ba:ba:1e:e4:7c:19:0d:bb:8a:f2:47:2c:d2:07:66:74:a9:49:
         02:c2:ec:41:5e:08:54:5c:80:02:26:50:a7:ea:6b:56:32:b3:
         c8:28:8f:bc:44:96:96:29:42:45:a3:1c:c1:6e:09:58:34:0e:
         3a:6f:b2:2b:eb:42:63:4e:db:e9:b1:40:9f:64:7b:65:5d:63:
         09:df:09:6b:e3:db:0c:fe:23:41:22:c0:a0:0b:53:0e:59:5b:
         5d:86:ba:25:ea:d9:7e:fe:f1:50:22:7d:39:3b:af:2c:16:d7:
         55:e8:75:82:a1:9c:aa:a3:46:30:6b:7f:42:a6:90:04:2f:c6:
         c2:68:f0:38
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUSW7i3vbNr5UOV5kTdR2mLOUJqX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUIyRjAwNDc2RDZBQzFCQUFCMDVDNUE2MjVEQzAwQzJB
NTlGOTlENzAeFw0yNTA5MDIwODU1MDBaFw0yNjA5MDEwOTAwMDBaMDMxMTAvBgNV
BAMTKDgwMzJBM0REOEJFQTM4OUY2Qzk5MTIzNTExMTBCODk5QjNDREVDMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6bg94wTYC5TGkVZd0yLQ5ds1h
TNTFz7U6iNFoAVRPlYADwItP2ae2d3/nP66BaeXmYS3LV+OIfzvXKV07cllmYz5L
E4EihrgkoNlQSixyvkiR3wZ9rEqjFCClKVW5WnRqe8XrODAoTt1Vif/e3+G+ah15
PwDOcdN85XVBKD6lYZuAef5KyZvk0c+3s8LNWQamC6OpLb9wJpUi59z7+GrkKO+B
KXMVQSse+ikWba8TVrS8Wrmi5B37VPUneqMpMejAGzKQ2OH429GW8PvSBwKUgaLI
0dM3BO0JLPwIAuK+9bshkajcWUv4HDxmNasTt4XilIVCM6H8y1o7UaHBOwHVAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUgDKj3YvqOJ9smRI1ERC4mbPN7CkwHwYDVR0j
BBgwFoAUmy8AR21qwbqrBcWmJdwAwqWfmdcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
NjA2NzE4Zi1mNGM2LTQ3NzUtODk1Ny05OWQyYmQ2NjYzNjMvMC85QjJGMDA0NzZE
NkFDMUJBQUIwNUM1QTYyNURDMDBDMkE1OUY5OUQ3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOUIyRjAwNDc2RDZBQzFCQUFCMDVDNUE2MjVEQzAwQzJBNTlG
OTlENy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2I2MDY3MThmLWY0YzYtNDc3NS04
OTU3LTk5ZDJiZDY2NjM2My8wLzMxMzEzMzJlMzUzOTJlMzIzMzMyMmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzQzNTMyMzkzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAnE76DANBgkqhkiG
9w0BAQsFAAOCAQEAl1TcwzUYjAp1Xg/AaZYrVo5bX7keVoa7lta9aSMmi8Xig4bd
cjOcG1mnP60V9bLpHBgd8Lc5cQXD4NEb3bHm4DoV6RzyZvmkxEIgmr0ATR9VUzu6
bzvZhSmXCCAC9Ihhbiugx93PHZWpTlR7sWUvlzqFzhSe3ej1LzLoDt4Furoe5HwZ
DbuK8kcs0gdmdKlJAsLsQV4IVFyAAiZQp+prVjKzyCiPvESWlilCRaMcwW4JWDQO
Om+yK+tCY07b6bFAn2R7ZV1jCd8Ja+PbDP4jQSLAoAtTDllbXYa6JerZfv7xUCJ9
OTuvLBbXVeh1gqGcqqNGMGt/QqaQBC/GwmjwOA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:22:37 2025 by rpki-client