Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/d53e4af5-aaf5-46ce-b119-d7e76dae20b8/0/3130332e3136392e362e302f32332d3234203d3e20313431313037.roa
File:                     3130332e3136392e362e302f32332d3234203d3e20313431313037.roa (raw, json)
Hash identifier:          wlhhz4T86+ShRU2p6Up+KvbeI0BWxilrsa27X54ni/4=
Subject key identifier:   A9:D4:FC:D2:02:90:1B:0B:2E:08:2D:DA:B7:DA:0F:C7:F3:9B:12:1C
Certificate issuer:       /CN=D76CF64B32F23D8C4EBFA02811D0B08A78C612D0
Certificate serial:       607EB27BAC04F276266C1D6E6363E326282562DA
Authority key identifier: D7:6C:F6:4B:32:F2:3D:8C:4E:BF:A0:28:11:D0:B0:8A:78:C6:12:D0
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D76CF64B32F23D8C4EBFA02811D0B08A78C612D0.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/d53e4af5-aaf5-46ce-b119-d7e76dae20b8/0/3130332e3136392e362e302f32332d3234203d3e20313431313037.roa
Signing time:             Wed 15 Oct 2025 05:00:00 +0000
ROA not before:           Wed 15 Oct 2025 04:55:00 +0000
ROA not after:            Wed 14 Oct 2026 05:00:00 +0000
asID:                     141107
IP address blocks:        103.169.6.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/d53e4af5-aaf5-46ce-b119-d7e76dae20b8/0/D76CF64B32F23D8C4EBFA02811D0B08A78C612D0.crl
                          rsync://repo-rpki.idnic.net/repo/d53e4af5-aaf5-46ce-b119-d7e76dae20b8/0/D76CF64B32F23D8C4EBFA02811D0B08A78C612D0.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D76CF64B32F23D8C4EBFA02811D0B08A78C612D0.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 22 Oct 2025 16:57:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:7e:b2:7b:ac:04:f2:76:26:6c:1d:6e:63:63:e3:26:28:25:62:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D76CF64B32F23D8C4EBFA02811D0B08A78C612D0
        Validity
            Not Before: Oct 15 04:55:00 2025 GMT
            Not After : Oct 14 05:00:00 2026 GMT
        Subject: CN=A9D4FCD202901B0B2E082DDAB7DA0FC7F39B121C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:94:0a:bb:08:8d:9e:bb:6a:7f:f6:90:5a:c4:
                    1f:85:37:7f:6d:8c:da:05:03:67:73:08:7e:fb:96:
                    a1:7c:9e:87:7c:4e:26:a1:b4:41:bb:69:67:bd:a2:
                    4d:8e:83:d5:ce:2b:f4:a1:64:22:25:bf:f0:d4:fe:
                    4e:16:06:e4:8d:d6:e2:7a:dc:f9:88:0a:97:39:41:
                    7c:7c:d9:cc:52:90:fd:25:1d:59:75:7b:2c:43:d7:
                    e1:f7:bb:3f:69:d6:a4:9d:57:08:73:ad:e0:2d:27:
                    10:08:e7:79:ad:38:69:ed:f8:28:43:99:b7:43:af:
                    87:d1:89:9e:c4:cd:6f:3b:0f:60:da:6c:dd:c7:df:
                    ed:d9:40:24:e9:cf:0c:4b:31:c6:03:51:4c:ce:4d:
                    6e:61:9f:61:8f:52:44:66:32:59:03:ed:ef:94:0f:
                    3d:f5:c0:f6:63:a1:b1:f9:66:d6:64:11:23:6c:f5:
                    62:3b:71:9b:73:1f:fe:01:dd:7b:d6:58:83:8c:3e:
                    68:18:5a:06:7b:ab:af:ba:f8:f2:e0:e2:6a:7d:1c:
                    97:ba:07:34:aa:33:92:9a:27:be:c0:7c:16:4c:af:
                    7e:c8:57:35:a6:6c:9c:2d:fd:22:a2:ad:44:f3:2d:
                    49:7b:89:df:a2:04:b8:34:c5:a0:3c:ae:85:fa:a8:
                    06:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:D4:FC:D2:02:90:1B:0B:2E:08:2D:DA:B7:DA:0F:C7:F3:9B:12:1C
            X509v3 Authority Key Identifier:
                keyid:D7:6C:F6:4B:32:F2:3D:8C:4E:BF:A0:28:11:D0:B0:8A:78:C6:12:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/d53e4af5-aaf5-46ce-b119-d7e76dae20b8/0/D76CF64B32F23D8C4EBFA02811D0B08A78C612D0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D76CF64B32F23D8C4EBFA02811D0B08A78C612D0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d53e4af5-aaf5-46ce-b119-d7e76dae20b8/0/3130332e3136392e362e302f32332d3234203d3e20313431313037.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.169.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5b:5d:85:b2:ce:d6:6b:6f:0f:1f:20:59:ec:02:25:77:c8:fb:
         ca:37:e4:05:e0:ce:18:78:d4:1c:2d:6f:88:d7:74:fb:c5:1e:
         45:3b:0c:9b:76:9e:3b:f5:c7:d0:c4:33:dd:57:b8:a3:b4:fb:
         60:9f:8b:59:c8:9f:a7:8f:e0:8a:e0:d1:e7:ba:22:82:ca:20:
         6a:9a:e3:bb:d9:19:44:f7:3b:00:0c:8b:60:e7:c9:a3:1d:3f:
         18:83:a5:37:09:5f:fc:1f:a1:ef:2e:7d:41:e5:60:b1:f8:bc:
         f4:19:a6:38:94:6c:75:5a:d9:6b:4f:13:dc:64:f1:6d:01:30:
         df:fa:8f:2d:98:23:35:42:76:56:42:04:2a:5f:4f:eb:66:14:
         71:c2:17:ca:e2:58:b5:da:13:2b:f9:02:cd:b5:64:2c:bb:49:
         62:73:2f:79:ba:02:ee:02:7a:a7:5f:5b:e8:8e:67:0e:2c:0a:
         c0:8e:3b:3e:45:98:ab:81:ce:04:18:06:13:f1:d1:f7:ab:21:
         6e:e0:3d:1f:38:a6:d8:cc:c8:d3:39:c1:84:91:0a:e7:7f:35:
         be:e1:ce:ff:e2:3b:6e:d2:33:03:f3:34:4d:5d:0d:93:52:e9:
         57:e5:46:ae:d1:cd:dd:53:26:88:6d:e7:75:96:1e:e2:b6:ba:
         40:ac:fd:cf
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUYH6ye6wE8nYmbB1uY2PjJiglYtowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDc2Q0Y2NEIzMkYyM0Q4QzRFQkZBMDI4MTFEMEIwOEE3
OEM2MTJEMDAeFw0yNTEwMTUwNDU1MDBaFw0yNjEwMTQwNTAwMDBaMDMxMTAvBgNV
BAMTKEE5RDRGQ0QyMDI5MDFCMEIyRTA4MkREQUI3REEwRkM3RjM5QjEyMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmlAq7CI2eu2p/9pBaxB+FN39t
jNoFA2dzCH77lqF8nod8TiahtEG7aWe9ok2Og9XOK/ShZCIlv/DU/k4WBuSN1uJ6
3PmICpc5QXx82cxSkP0lHVl1eyxD1+H3uz9p1qSdVwhzreAtJxAI53mtOGnt+ChD
mbdDr4fRiZ7EzW87D2DabN3H3+3ZQCTpzwxLMcYDUUzOTW5hn2GPUkRmMlkD7e+U
Dz31wPZjobH5ZtZkESNs9WI7cZtzH/4B3XvWWIOMPmgYWgZ7q6+6+PLg4mp9HJe6
BzSqM5KaJ77AfBZMr37IVzWmbJwt/SKirUTzLUl7id+iBLg0xaA8roX6qAbPAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUqdT80gKQGwsuCC3at9oPx/ObEhwwHwYDVR0j
BBgwFoAU12z2SzLyPYxOv6AoEdCwinjGEtAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
NTNlNGFmNS1hYWY1LTQ2Y2UtYjExOS1kN2U3NmRhZTIwYjgvMC9ENzZDRjY0QjMy
RjIzRDhDNEVCRkEwMjgxMUQwQjA4QTc4QzYxMkQwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDc2Q0Y2NEIzMkYyM0Q4QzRFQkZBMDI4MTFEMEIwOEE3OEM2
MTJEMC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Q1M2U0YWY1LWFhZjUtNDZjZS1i
MTE5LWQ3ZTc2ZGFlMjBiOC8wLzMxMzAzMzJlMzEzNjM5MmUzNjJlMzAyZjMyMzMy
ZDMyMzQyMDNkM2UyMDMxMzQzMTMxMzAzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWepBjANBgkqhkiG
9w0BAQsFAAOCAQEAW12Fss7Wa28PHyBZ7AIld8j7yjfkBeDOGHjUHC1viNd0+8Ue
RTsMm3aeO/XH0MQz3Ve4o7T7YJ+LWcifp4/giuDR57oigsogaprju9kZRPc7AAyL
YOfJox0/GIOlNwlf/B+h7y59QeVgsfi89BmmOJRsdVrZa08T3GTxbQEw3/qPLZgj
NUJ2VkIEKl9P62YUccIXyuJYtdoTK/kCzbVkLLtJYnMveboC7gJ6p19b6I5nDiwK
wI47PkWYq4HOBBgGE/HR96shbuA9Hzim2MzI0znBhJEK5381vuHO/+I7btIzA/M0
TV0Nk1LpV+VGrtHN3VMmiG3ndZYe4ra6QKz9zw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:32:41 2025 by rpki-client