Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/c2f28879-4844-42de-b2d9-a9666de282ea/0/3130332e39342e3231322e302f32342d3234203d3e20313336313131.roa
File:                     3130332e39342e3231322e302f32342d3234203d3e20313336313131.roa (raw, json)
Hash identifier:          u4aBEtuM2QHTp7BELhEUw3EMWzsVzmaE71DRbevw9IE=
Subject key identifier:   77:8E:E8:02:34:3F:9C:A8:31:54:DC:7C:52:1E:3A:7C:7D:ED:C8:FE
Certificate issuer:       /CN=399315B18BA7D0DD666DCA8C3DBBE013575AF7D1
Certificate serial:       7BF53FE2274E7654EAC94D2A28D1C2C18EB4053F
Authority key identifier: 39:93:15:B1:8B:A7:D0:DD:66:6D:CA:8C:3D:BB:E0:13:57:5A:F7:D1
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/399315B18BA7D0DD666DCA8C3DBBE013575AF7D1.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c2f28879-4844-42de-b2d9-a9666de282ea/0/3130332e39342e3231322e302f32342d3234203d3e20313336313131.roa
Signing time:             Fri 27 Jun 2025 08:03:41 +0000
ROA not before:           Fri 27 Jun 2025 07:58:41 +0000
ROA not after:            Fri 26 Jun 2026 08:03:41 +0000
asID:                     136111
IP address blocks:        103.94.212.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/c2f28879-4844-42de-b2d9-a9666de282ea/0/399315B18BA7D0DD666DCA8C3DBBE013575AF7D1.crl
                          rsync://repo-rpki.idnic.net/repo/c2f28879-4844-42de-b2d9-a9666de282ea/0/399315B18BA7D0DD666DCA8C3DBBE013575AF7D1.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/399315B18BA7D0DD666DCA8C3DBBE013575AF7D1.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 02 Jul 2025 23:11:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:f5:3f:e2:27:4e:76:54:ea:c9:4d:2a:28:d1:c2:c1:8e:b4:05:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=399315B18BA7D0DD666DCA8C3DBBE013575AF7D1
        Validity
            Not Before: Jun 27 07:58:41 2025 GMT
            Not After : Jun 26 08:03:41 2026 GMT
        Subject: CN=778EE802343F9CA83154DC7C521E3A7C7DEDC8FE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:06:a0:32:00:c5:d6:2f:93:09:1f:f4:88:97:
                    e2:20:d9:4c:f3:01:a3:9d:5f:6b:96:bf:38:5b:1a:
                    f1:ff:d9:ef:9d:c0:dd:90:19:e0:c1:d1:cd:28:49:
                    20:99:90:f8:43:b8:7a:86:97:b3:44:37:db:3a:61:
                    2a:fc:d3:01:16:a1:e5:c4:34:5e:5b:1c:d8:93:c3:
                    ad:a0:eb:39:db:bf:0a:29:b8:e5:48:22:cb:dc:14:
                    0e:38:48:1c:33:51:dc:08:27:9b:d2:03:73:39:30:
                    55:a5:1a:45:5b:30:b0:41:e5:6c:c1:bf:bb:7c:99:
                    2e:3b:8b:76:52:51:f1:9e:af:c6:3f:f3:09:07:10:
                    a4:d7:11:14:79:b7:40:a8:2a:ef:3a:91:f9:5e:db:
                    f7:74:c8:b3:2d:7a:19:ef:1c:39:95:81:9b:e1:f9:
                    8f:91:c9:54:0e:60:7b:b6:b4:03:ef:8d:e6:f3:ea:
                    0e:fd:71:9e:30:a8:30:75:a5:7b:22:30:ff:d7:96:
                    a4:38:9d:ba:9b:25:0f:69:b7:ca:0f:37:e3:04:4e:
                    d5:0f:8d:7f:47:0a:2a:99:cc:d7:39:25:40:ad:38:
                    1f:75:15:d6:a9:e8:58:ce:84:4a:2e:4e:b1:7d:c6:
                    48:f4:95:6e:7a:8a:aa:0c:1b:10:bb:95:d5:ec:b5:
                    86:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:8E:E8:02:34:3F:9C:A8:31:54:DC:7C:52:1E:3A:7C:7D:ED:C8:FE
            X509v3 Authority Key Identifier:
                keyid:39:93:15:B1:8B:A7:D0:DD:66:6D:CA:8C:3D:BB:E0:13:57:5A:F7:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c2f28879-4844-42de-b2d9-a9666de282ea/0/399315B18BA7D0DD666DCA8C3DBBE013575AF7D1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/399315B18BA7D0DD666DCA8C3DBBE013575AF7D1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c2f28879-4844-42de-b2d9-a9666de282ea/0/3130332e39342e3231322e302f32342d3234203d3e20313336313131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.94.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:a5:42:9c:b4:11:6f:69:7c:0c:69:f2:4d:ef:cb:6c:2b:2f:
         99:b7:67:c3:94:14:94:b1:de:5a:94:4d:80:1e:f1:4a:25:43:
         c8:2b:59:40:e4:d7:16:ed:8d:1c:ba:bb:4e:fa:32:6e:6e:64:
         b0:27:86:83:a3:10:67:fc:0f:e3:9d:d9:b7:1e:cf:65:18:21:
         e6:59:99:76:ad:5b:83:8d:1f:ed:9a:ef:0c:f7:49:d2:f4:9c:
         41:48:9b:a6:42:26:d4:a8:cc:ac:9b:3f:8d:29:bc:b3:ce:90:
         ec:c5:e7:8d:8d:25:e8:92:3e:ee:5a:68:da:01:bf:63:bc:97:
         f5:48:5d:e2:74:eb:ac:48:74:25:6a:b9:a0:7f:34:b9:7f:fb:
         4c:25:fa:73:91:05:6b:1a:30:72:0a:f7:c5:b1:73:42:64:32:
         51:f7:79:f0:53:0b:3a:04:b2:e2:d8:5d:96:6f:b7:ee:04:c0:
         e0:f5:d6:7d:1f:01:12:75:8f:96:01:f7:d5:bc:c3:3a:77:64:
         ac:3b:d1:3d:d9:69:a4:23:e1:61:e2:24:db:54:ea:5a:ba:55:
         93:d5:7a:a5:62:a6:a0:33:b5:37:96:39:20:3d:af:f3:a3:7b:
         a0:79:34:cb:19:f5:90:c6:15:fc:1b:63:55:37:d8:f3:64:06:
         2c:89:a0:a5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUe/U/4idOdlTqyU0qKNHCwY60BT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzk5MzE1QjE4QkE3RDBERDY2NkRDQThDM0RCQkUwMTM1
NzVBRjdEMTAeFw0yNTA2MjcwNzU4NDFaFw0yNjA2MjYwODAzNDFaMDMxMTAvBgNV
BAMTKDc3OEVFODAyMzQzRjlDQTgzMTU0REM3QzUyMUUzQTdDN0RFREM4RkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgBqAyAMXWL5MJH/SIl+Ig2Uzz
AaOdX2uWvzhbGvH/2e+dwN2QGeDB0c0oSSCZkPhDuHqGl7NEN9s6YSr80wEWoeXE
NF5bHNiTw62g6znbvwopuOVIIsvcFA44SBwzUdwIJ5vSA3M5MFWlGkVbMLBB5WzB
v7t8mS47i3ZSUfGer8Y/8wkHEKTXERR5t0CoKu86kfle2/d0yLMtehnvHDmVgZvh
+Y+RyVQOYHu2tAPvjebz6g79cZ4wqDB1pXsiMP/XlqQ4nbqbJQ9pt8oPN+METtUP
jX9HCiqZzNc5JUCtOB91Fdap6FjOhEouTrF9xkj0lW56iqoMGxC7ldXstYblAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUd47oAjQ/nKgxVNx8Uh46fH3tyP4wHwYDVR0j
BBgwFoAUOZMVsYun0N1mbcqMPbvgE1da99EwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
MmYyODg3OS00ODQ0LTQyZGUtYjJkOS1hOTY2NmRlMjgyZWEvMC8zOTkzMTVCMThC
QTdEMERENjY2RENBOEMzREJCRTAxMzU3NUFGN0QxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMzk5MzE1QjE4QkE3RDBERDY2NkRDQThDM0RCQkUwMTM1NzVB
RjdEMS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2MyZjI4ODc5LTQ4NDQtNDJkZS1i
MmQ5LWE5NjY2ZGUyODJlYS8wLzMxMzAzMzJlMzkzNDJlMzIzMTMyMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM2MzEzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ17UMA0GCSqG
SIb3DQEBCwUAA4IBAQA3pUKctBFvaXwMafJN78tsKy+Zt2fDlBSUsd5alE2AHvFK
JUPIK1lA5NcW7Y0curtO+jJubmSwJ4aDoxBn/A/jndm3Hs9lGCHmWZl2rVuDjR/t
mu8M90nS9JxBSJumQibUqMysmz+NKbyzzpDsxeeNjSXokj7uWmjaAb9jvJf1SF3i
dOusSHQlarmgfzS5f/tMJfpzkQVrGjByCvfFsXNCZDJR93nwUws6BLLi2F2Wb7fu
BMDg9dZ9HwESdY+WAffVvMM6d2SsO9E92WmkI+Fh4iTbVOpaulWT1XqlYqagM7U3
ljkgPa/zo3ugeTTLGfWQxhX8G2NVN9jzZAYsiaCl
-----END CERTIFICATE-----
Generated at Tue Jul 1 07:04:36 2025 by rpki-client