Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/df2e7fd6-eb5e-480a-8e97-c55f68e0589a/0/3132322e3234382e33372e302f32342d3234203d3e20313431313432.roa
File:                     3132322e3234382e33372e302f32342d3234203d3e20313431313432.roa (raw, json)
Hash identifier:          q+4LJqnEtPR8u/O7vXDxEMWbUC+3pBdRVabjnpWaIW8=
Subject key identifier:   D3:7D:C8:E7:FA:69:F0:80:1A:55:3E:EB:24:66:B2:82:3D:C6:65:64
Certificate issuer:       /CN=C16E46D556A47D2429EC847E95E7C429D38AC26D
Certificate serial:       055A9028C70B5AEDD46CBB2EF652007E6EE414A5
Authority key identifier: C1:6E:46:D5:56:A4:7D:24:29:EC:84:7E:95:E7:C4:29:D3:8A:C2:6D
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C16E46D556A47D2429EC847E95E7C429D38AC26D.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/df2e7fd6-eb5e-480a-8e97-c55f68e0589a/0/3132322e3234382e33372e302f32342d3234203d3e20313431313432.roa
Signing time:             Mon 20 Oct 2025 10:00:02 +0000
ROA not before:           Mon 20 Oct 2025 09:55:02 +0000
ROA not after:            Mon 19 Oct 2026 10:00:02 +0000
asID:                     141142
IP address blocks:        122.248.37.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/df2e7fd6-eb5e-480a-8e97-c55f68e0589a/0/C16E46D556A47D2429EC847E95E7C429D38AC26D.crl
                          rsync://repo-rpki.idnic.net/repo/df2e7fd6-eb5e-480a-8e97-c55f68e0589a/0/C16E46D556A47D2429EC847E95E7C429D38AC26D.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C16E46D556A47D2429EC847E95E7C429D38AC26D.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Oct 2025 11:48:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:5a:90:28:c7:0b:5a:ed:d4:6c:bb:2e:f6:52:00:7e:6e:e4:14:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C16E46D556A47D2429EC847E95E7C429D38AC26D
        Validity
            Not Before: Oct 20 09:55:02 2025 GMT
            Not After : Oct 19 10:00:02 2026 GMT
        Subject: CN=D37DC8E7FA69F0801A553EEB2466B2823DC66564
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:6f:27:62:d9:72:c7:8e:2f:d9:de:90:3f:b2:
                    68:d5:7b:a4:0b:e7:78:1d:73:c9:20:3d:88:ae:ca:
                    f5:73:b0:84:3a:0b:dd:72:30:df:be:b1:0a:95:1b:
                    6f:23:a4:df:71:32:d3:45:bf:d2:34:0a:12:93:dc:
                    00:e0:48:4a:1d:dd:78:7d:2f:98:ea:d6:94:c8:b2:
                    f0:03:82:b9:24:fc:13:79:86:a3:34:8d:5b:a4:a5:
                    11:8b:85:61:46:90:5d:11:00:29:13:7c:fb:2b:c2:
                    da:b7:51:19:26:b6:89:9e:11:06:94:7c:aa:54:50:
                    e2:10:18:94:16:8e:2d:e5:2b:11:7a:ae:d2:10:5f:
                    fe:2b:b7:8f:b0:db:67:7d:c5:ea:68:b8:a3:9b:4e:
                    12:bd:51:07:28:17:01:02:8f:98:02:5e:3d:5e:f9:
                    77:4e:8d:1e:bc:cd:50:90:46:be:cf:04:8a:41:3a:
                    19:43:11:95:ae:d7:67:7f:f4:59:e9:95:c4:21:3c:
                    8e:04:56:d1:00:13:91:6e:b1:f0:b6:96:87:af:fc:
                    4b:4f:d3:fb:50:96:b5:55:0b:e6:8c:04:06:87:48:
                    01:03:c2:aa:dc:67:5c:bb:e9:89:01:f5:43:41:d5:
                    da:d4:a5:95:ff:e3:56:f0:89:28:1e:a8:b0:f6:21:
                    f6:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:7D:C8:E7:FA:69:F0:80:1A:55:3E:EB:24:66:B2:82:3D:C6:65:64
            X509v3 Authority Key Identifier:
                keyid:C1:6E:46:D5:56:A4:7D:24:29:EC:84:7E:95:E7:C4:29:D3:8A:C2:6D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/df2e7fd6-eb5e-480a-8e97-c55f68e0589a/0/C16E46D556A47D2429EC847E95E7C429D38AC26D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C16E46D556A47D2429EC847E95E7C429D38AC26D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/df2e7fd6-eb5e-480a-8e97-c55f68e0589a/0/3132322e3234382e33372e302f32342d3234203d3e20313431313432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.248.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:9b:93:1a:e8:b0:21:79:44:c1:6b:03:ea:ae:3d:23:29:73:
         c9:26:06:80:73:86:36:2b:52:18:43:90:1d:67:07:98:b8:1e:
         98:5f:2a:b2:00:44:de:fa:d7:db:a3:b5:74:35:46:74:e0:4e:
         87:aa:39:74:f6:15:b6:4b:73:90:8f:d6:8d:e0:3c:82:69:d6:
         64:3b:53:b3:6b:69:d1:00:e3:bc:59:95:c9:13:77:10:89:48:
         66:6d:e9:98:70:39:e4:9f:7a:c0:9c:45:a3:04:fb:62:57:d1:
         c0:1c:54:39:1f:0a:4c:dd:91:07:8b:86:d8:8c:f8:0e:1a:5b:
         25:25:47:67:30:d8:cb:38:34:34:fd:67:4e:fd:3e:ab:59:56:
         b2:e2:84:d4:2b:71:85:8f:8a:70:dc:63:7e:f5:92:22:12:45:
         63:72:94:cf:87:75:85:f4:5b:15:3d:81:c5:e7:fa:96:da:67:
         56:29:82:e7:27:7f:8b:bf:e1:ac:84:c7:1b:1e:af:72:13:06:
         5d:7a:af:9b:7a:df:63:d3:a1:3f:7a:dd:9b:d0:d0:6e:63:e7:
         10:a2:02:f2:f6:d5:58:09:68:09:11:ff:1b:17:f7:8f:e9:78:
         f6:13:a5:d5:c6:90:fe:d7:52:ab:3f:e0:b3:21:b3:cf:5b:64:
         21:35:4b:6c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUBVqQKMcLWu3UbLsu9lIAfm7kFKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzE2RTQ2RDU1NkE0N0QyNDI5RUM4NDdFOTVFN0M0MjlE
MzhBQzI2RDAeFw0yNTEwMjAwOTU1MDJaFw0yNjEwMTkxMDAwMDJaMDMxMTAvBgNV
BAMTKEQzN0RDOEU3RkE2OUYwODAxQTU1M0VFQjI0NjZCMjgyM0RDNjY1NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmbydi2XLHji/Z3pA/smjVe6QL
53gdc8kgPYiuyvVzsIQ6C91yMN++sQqVG28jpN9xMtNFv9I0ChKT3ADgSEod3Xh9
L5jq1pTIsvADgrkk/BN5hqM0jVukpRGLhWFGkF0RACkTfPsrwtq3URkmtomeEQaU
fKpUUOIQGJQWji3lKxF6rtIQX/4rt4+w22d9xepouKObThK9UQcoFwECj5gCXj1e
+XdOjR68zVCQRr7PBIpBOhlDEZWu12d/9FnplcQhPI4EVtEAE5FusfC2loev/EtP
0/tQlrVVC+aMBAaHSAEDwqrcZ1y76YkB9UNB1drUpZX/41bwiSgeqLD2IfYXAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU033I5/pp8IAaVT7rJGaygj3GZWQwHwYDVR0j
BBgwFoAUwW5G1VakfSQp7IR+lefEKdOKwm0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
ZjJlN2ZkNi1lYjVlLTQ4MGEtOGU5Ny1jNTVmNjhlMDU4OWEvMC9DMTZFNDZENTU2
QTQ3RDI0MjlFQzg0N0U5NUU3QzQyOUQzOEFDMjZELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzE2RTQ2RDU1NkE0N0QyNDI5RUM4NDdFOTVFN0M0MjlEMzhB
QzI2RC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2RmMmU3ZmQ2LWViNWUtNDgwYS04
ZTk3LWM1NWY2OGUwNTg5YS8wLzMxMzIzMjJlMzIzNDM4MmUzMzM3MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDMxMzEzNDMyLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAevglMA0GCSqG
SIb3DQEBCwUAA4IBAQAom5Ma6LAheUTBawPqrj0jKXPJJgaAc4Y2K1IYQ5AdZweY
uB6YXyqyAETe+tfbo7V0NUZ04E6Hqjl09hW2S3OQj9aN4DyCadZkO1Oza2nRAOO8
WZXJE3cQiUhmbemYcDnkn3rAnEWjBPtiV9HAHFQ5HwpM3ZEHi4bYjPgOGlslJUdn
MNjLODQ0/WdO/T6rWVay4oTUK3GFj4pw3GN+9ZIiEkVjcpTPh3WF9FsVPYHF5/qW
2mdWKYLnJ3+Lv+GshMcbHq9yEwZdeq+bet9j06E/et2b0NBuY+cQogLy9tVYCWgJ
Ef8bF/eP6Xj2E6XVxpD+11KrP+CzIbPPW2QhNUts
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:21:30 2025 by rpki-client