Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/e1c48756-b662-468a-906d-6cd461cb6e42/0/3130332e3231392e3131322e302f32342d3234203d3e20313337333432.roa
File:                     3130332e3231392e3131322e302f32342d3234203d3e20313337333432.roa (raw, json)
Hash identifier:          bSd7lFuLXvK7t89PrxW8ofWlYEOIMss9c7qTJsvJO80=
Subject key identifier:   79:0C:8B:9E:34:E7:B8:67:F0:68:D7:2C:D1:6F:D4:53:C0:89:1A:FB
Certificate issuer:       /CN=EFD20919B96F4E34FA9E4A0CCC2347A4BCD9EA26
Certificate serial:       07FDC474902A3BC8C3A56C4668A7D750B435A5E5
Authority key identifier: EF:D2:09:19:B9:6F:4E:34:FA:9E:4A:0C:CC:23:47:A4:BC:D9:EA:26
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EFD20919B96F4E34FA9E4A0CCC2347A4BCD9EA26.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/e1c48756-b662-468a-906d-6cd461cb6e42/0/3130332e3231392e3131322e302f32342d3234203d3e20313337333432.roa
Signing time:             Sat 27 Sep 2025 08:00:02 +0000
ROA not before:           Sat 27 Sep 2025 07:55:02 +0000
ROA not after:            Sat 26 Sep 2026 08:00:02 +0000
asID:                     137342
IP address blocks:        103.219.112.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/e1c48756-b662-468a-906d-6cd461cb6e42/0/EFD20919B96F4E34FA9E4A0CCC2347A4BCD9EA26.crl
                          rsync://repo-rpki.idnic.net/repo/e1c48756-b662-468a-906d-6cd461cb6e42/0/EFD20919B96F4E34FA9E4A0CCC2347A4BCD9EA26.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EFD20919B96F4E34FA9E4A0CCC2347A4BCD9EA26.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Oct 2025 10:34:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:fd:c4:74:90:2a:3b:c8:c3:a5:6c:46:68:a7:d7:50:b4:35:a5:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EFD20919B96F4E34FA9E4A0CCC2347A4BCD9EA26
        Validity
            Not Before: Sep 27 07:55:02 2025 GMT
            Not After : Sep 26 08:00:02 2026 GMT
        Subject: CN=790C8B9E34E7B867F068D72CD16FD453C0891AFB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:26:16:16:35:92:31:c5:f5:1e:bb:07:9f:1d:
                    3e:32:72:6a:ba:5f:5f:10:f2:d7:7b:8e:4b:9a:6e:
                    7c:96:5a:59:61:b2:bd:88:0b:b7:1a:ab:23:06:5b:
                    68:4f:b7:e6:b5:23:4c:31:39:80:ea:ee:90:e3:73:
                    ac:20:a2:86:a6:21:0c:5b:80:2b:cc:f9:95:de:e3:
                    e5:30:8c:f0:75:14:e4:f0:2c:5c:a6:f0:7a:e8:88:
                    16:e3:1c:44:1d:55:3b:28:86:a1:b0:93:92:e1:6f:
                    50:b9:25:5d:3d:f4:60:d7:99:2a:b2:dd:43:87:e0:
                    3b:40:42:4e:5f:70:bc:a6:1f:64:e8:e5:d6:8a:68:
                    72:a1:99:79:44:06:af:31:4b:7d:ed:09:51:fc:1c:
                    5c:84:85:59:ea:ee:c5:6a:8b:19:2e:96:5c:f4:05:
                    4b:8f:99:f3:c2:2c:96:ae:33:c6:72:08:0d:29:02:
                    c9:56:ec:d5:45:18:f3:ff:24:6e:b7:d0:1d:e6:0a:
                    72:a0:42:ae:28:1c:0a:47:ef:4e:7c:44:99:75:91:
                    cc:32:1e:7c:a1:3a:1c:f9:9f:07:c5:43:dc:29:6a:
                    84:18:ba:d6:e6:7e:a4:d3:25:57:7b:20:01:de:9c:
                    7e:c2:e6:ac:0f:6f:e1:42:94:8b:0a:c5:53:07:17:
                    90:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:0C:8B:9E:34:E7:B8:67:F0:68:D7:2C:D1:6F:D4:53:C0:89:1A:FB
            X509v3 Authority Key Identifier:
                keyid:EF:D2:09:19:B9:6F:4E:34:FA:9E:4A:0C:CC:23:47:A4:BC:D9:EA:26

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/e1c48756-b662-468a-906d-6cd461cb6e42/0/EFD20919B96F4E34FA9E4A0CCC2347A4BCD9EA26.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EFD20919B96F4E34FA9E4A0CCC2347A4BCD9EA26.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e1c48756-b662-468a-906d-6cd461cb6e42/0/3130332e3231392e3131322e302f32342d3234203d3e20313337333432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.219.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:bf:da:9b:7d:4e:e7:f4:af:a8:71:b5:49:75:86:c9:96:f2:
         55:5b:f2:d8:53:6c:df:80:29:ca:05:dc:5e:32:f4:39:98:ce:
         0c:67:9f:cf:1d:20:b3:3f:da:26:6c:d0:f1:4b:37:73:ca:21:
         db:01:b6:d2:14:08:e3:3e:3f:9c:85:02:06:fd:aa:4c:4a:7e:
         29:32:ec:92:ef:ba:11:f9:c9:d4:21:96:20:73:08:f1:1b:cc:
         51:7d:03:5c:2e:76:e4:db:ab:f8:47:dd:b0:76:ce:6b:78:0e:
         b2:43:0a:3c:b7:ad:d8:db:b1:9d:89:59:ac:5d:f8:00:3b:64:
         ab:57:1d:0b:97:ea:8b:92:5f:c2:2f:57:56:4d:bf:2f:c2:b0:
         2a:10:b1:9d:ea:49:61:75:7d:af:d1:e3:22:52:73:4b:bd:1c:
         93:a2:0b:a5:f3:01:9c:8e:c4:10:a9:80:98:49:55:db:7b:64:
         7e:be:c7:8b:6a:d8:1f:6f:41:7f:ab:62:33:24:53:63:1a:07:
         4d:5b:be:82:bf:fd:63:ac:bf:a2:8c:6b:67:60:e4:82:be:34:
         0e:f8:f4:94:f4:43:a0:59:e0:a9:fb:2a:7d:46:66:63:ef:f7:
         dc:97:21:fe:62:19:fe:00:aa:f7:30:c5:05:b5:0b:0b:50:7d:
         f5:1a:99:5a
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUB/3EdJAqO8jDpWxGaKfXULQ1peUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUZEMjA5MTlCOTZGNEUzNEZBOUU0QTBDQ0MyMzQ3QTRC
Q0Q5RUEyNjAeFw0yNTA5MjcwNzU1MDJaFw0yNjA5MjYwODAwMDJaMDMxMTAvBgNV
BAMTKDc5MEM4QjlFMzRFN0I4NjdGMDY4RDcyQ0QxNkZENDUzQzA4OTFBRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzJhYWNZIxxfUeuwefHT4ycmq6
X18Q8td7jkuabnyWWllhsr2IC7caqyMGW2hPt+a1I0wxOYDq7pDjc6wgooamIQxb
gCvM+ZXe4+UwjPB1FOTwLFym8HroiBbjHEQdVTsohqGwk5Lhb1C5JV099GDXmSqy
3UOH4DtAQk5fcLymH2To5daKaHKhmXlEBq8xS33tCVH8HFyEhVnq7sVqixkullz0
BUuPmfPCLJauM8ZyCA0pAslW7NVFGPP/JG630B3mCnKgQq4oHApH7058RJl1kcwy
HnyhOhz5nwfFQ9wpaoQYutbmfqTTJVd7IAHenH7C5qwPb+FClIsKxVMHF5DrAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUeQyLnjTnuGfwaNcs0W/UU8CJGvswHwYDVR0j
BBgwFoAU79IJGblvTjT6nkoMzCNHpLzZ6iYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
MWM0ODc1Ni1iNjYyLTQ2OGEtOTA2ZC02Y2Q0NjFjYjZlNDIvMC9FRkQyMDkxOUI5
NkY0RTM0RkE5RTRBMENDQzIzNDdBNEJDRDlFQTI2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRUZEMjA5MTlCOTZGNEUzNEZBOUU0QTBDQ0MyMzQ3QTRCQ0Q5
RUEyNi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2UxYzQ4NzU2LWI2NjItNDY4YS05
MDZkLTZjZDQ2MWNiNmU0Mi8wLzMxMzAzMzJlMzIzMTM5MmUzMTMxMzIyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzczMzM0MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn23AwDQYJ
KoZIhvcNAQELBQADggEBAGe/2pt9Tuf0r6hxtUl1hsmW8lVb8thTbN+AKcoF3F4y
9DmYzgxnn88dILM/2iZs0PFLN3PKIdsBttIUCOM+P5yFAgb9qkxKfiky7JLvuhH5
ydQhliBzCPEbzFF9A1wuduTbq/hH3bB2zmt4DrJDCjy3rdjbsZ2JWaxd+AA7ZKtX
HQuX6ouSX8IvV1ZNvy/CsCoQsZ3qSWF1fa/R4yJSc0u9HJOiC6XzAZyOxBCpgJhJ
Vdt7ZH6+x4tq2B9vQX+rYjMkU2MaB01bvoK//WOsv6KMa2dg5IK+NA749JT0Q6BZ
4Kn7Kn1GZmPv99yXIf5iGf4AqvcwxQW1CwtQffUamVo=
-----END CERTIFICATE-----
Generated at Tue Oct 21 15:21:31 2025 by rpki-client