Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/e9f575db-c738-4b8e-b36a-6b020c66849d/0/3130332e3134342e3132382e302f32342d3234203d3e20313339343333.roa
File:                     3130332e3134342e3132382e302f32342d3234203d3e20313339343333.roa (raw, json)
Hash identifier:          qJyum2At3OQ0/Mui5d66zUzvrRUlMyLgYJNLgluGsro=
Subject key identifier:   03:BB:3D:C3:E0:5C:58:5F:46:A9:52:E6:5C:7B:F3:7E:89:A0:54:DD
Certificate issuer:       /CN=C7F3F7AC648C6073C7FE736271A1A8E7277962B7
Certificate serial:       253A4031AB702421943CAC114ED4ADD7D7170207
Authority key identifier: C7:F3:F7:AC:64:8C:60:73:C7:FE:73:62:71:A1:A8:E7:27:79:62:B7
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C7F3F7AC648C6073C7FE736271A1A8E7277962B7.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/e9f575db-c738-4b8e-b36a-6b020c66849d/0/3130332e3134342e3132382e302f32342d3234203d3e20313339343333.roa
Signing time:             Mon 15 Sep 2025 09:00:01 +0000
ROA not before:           Mon 15 Sep 2025 08:55:01 +0000
ROA not after:            Mon 14 Sep 2026 09:00:01 +0000
asID:                     139433
IP address blocks:        103.144.128.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/e9f575db-c738-4b8e-b36a-6b020c66849d/0/C7F3F7AC648C6073C7FE736271A1A8E7277962B7.crl
                          rsync://repo-rpki.idnic.net/repo/e9f575db-c738-4b8e-b36a-6b020c66849d/0/C7F3F7AC648C6073C7FE736271A1A8E7277962B7.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C7F3F7AC648C6073C7FE736271A1A8E7277962B7.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 22 Oct 2025 05:46:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:3a:40:31:ab:70:24:21:94:3c:ac:11:4e:d4:ad:d7:d7:17:02:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C7F3F7AC648C6073C7FE736271A1A8E7277962B7
        Validity
            Not Before: Sep 15 08:55:01 2025 GMT
            Not After : Sep 14 09:00:01 2026 GMT
        Subject: CN=03BB3DC3E05C585F46A952E65C7BF37E89A054DD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:33:78:44:fe:7c:8a:7d:0f:84:f1:7d:9a:a5:
                    a7:b3:68:93:63:6d:57:bc:7c:40:b2:37:b9:96:cb:
                    a3:71:8f:c0:ee:20:31:bf:0c:0b:01:70:a3:9f:14:
                    ff:08:f8:af:a1:6b:8b:0b:ba:8e:0b:d4:6b:0c:9b:
                    cf:e7:33:f2:92:3e:b2:70:84:49:04:5d:a7:42:d0:
                    43:91:ef:6b:a6:f7:78:95:da:c5:c4:cc:dd:12:cc:
                    d0:1a:df:18:0d:a1:9f:d2:51:57:85:5c:57:9d:45:
                    b5:98:9f:ff:9a:db:4a:72:56:cb:6f:a7:d0:35:a8:
                    8e:e5:89:60:2d:86:0a:cc:39:9f:f2:ef:b6:cf:cb:
                    86:ef:9f:3c:c6:93:e9:d3:72:37:3a:12:3c:01:ba:
                    36:06:70:43:dd:e3:fd:2b:84:4e:54:e6:ce:70:ac:
                    05:6d:29:a0:3b:95:16:4f:c3:76:36:6c:7f:79:e2:
                    c6:9b:bd:c3:1c:5c:6d:7f:b0:e6:0c:e1:80:68:a4:
                    5f:a1:03:11:68:60:33:0a:3e:dc:e9:28:da:4f:6d:
                    75:ba:83:7e:bc:ab:64:d6:76:5a:4f:7a:ec:d6:38:
                    c3:db:14:ac:17:95:ac:47:23:16:69:27:62:1d:25:
                    ae:2b:28:0d:e4:1b:79:f7:bb:97:c8:c4:8c:f7:30:
                    37:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:BB:3D:C3:E0:5C:58:5F:46:A9:52:E6:5C:7B:F3:7E:89:A0:54:DD
            X509v3 Authority Key Identifier:
                keyid:C7:F3:F7:AC:64:8C:60:73:C7:FE:73:62:71:A1:A8:E7:27:79:62:B7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/e9f575db-c738-4b8e-b36a-6b020c66849d/0/C7F3F7AC648C6073C7FE736271A1A8E7277962B7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C7F3F7AC648C6073C7FE736271A1A8E7277962B7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e9f575db-c738-4b8e-b36a-6b020c66849d/0/3130332e3134342e3132382e302f32342d3234203d3e20313339343333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.144.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c3:84:d1:0e:41:7b:30:fb:51:b0:46:ae:c2:3e:a0:6a:69:fd:
         6d:cf:dd:3e:00:fc:b2:b4:a0:22:22:d9:37:58:55:70:39:46:
         6a:7c:9d:43:8f:d1:dc:79:05:3e:10:3a:06:44:98:37:b9:29:
         a1:c4:bc:cb:d7:3a:5d:45:a6:7c:7c:15:84:bd:ba:df:13:33:
         02:49:1d:f4:1b:43:8b:d4:0d:9d:2a:d1:b4:f8:e4:cd:ed:ab:
         f6:75:15:dd:a3:f5:65:52:a4:3f:64:e7:5f:a6:f3:1c:9b:f9:
         76:ff:65:a2:97:06:b0:42:6b:b4:07:34:8b:9e:9e:50:36:ef:
         56:f9:eb:29:01:8d:54:65:7a:4d:62:27:4f:6f:6c:3c:64:2b:
         84:94:93:76:03:f5:98:01:fb:ca:3d:09:3c:1d:08:6c:5e:8e:
         0e:b0:67:92:fd:6e:38:cf:de:87:34:44:4a:26:5c:c4:96:79:
         d4:b4:d9:0e:72:83:32:bc:1d:df:65:60:75:18:3d:b5:2c:4d:
         78:81:5c:f5:88:c0:51:a4:6c:85:1f:5c:b4:cf:27:0e:2b:3e:
         c1:8a:2e:b4:37:d3:6d:33:8e:46:b7:6e:4d:d7:a4:12:30:c0:
         a8:a2:5e:e5:ac:a9:44:99:14:f5:2b:fd:bd:60:5f:b3:f6:e4:
         33:b8:18:0d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUJTpAMatwJCGUPKwRTtSt19cXAgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzdGM0Y3QUM2NDhDNjA3M0M3RkU3MzYyNzFBMUE4RTcy
Nzc5NjJCNzAeFw0yNTA5MTUwODU1MDFaFw0yNjA5MTQwOTAwMDFaMDMxMTAvBgNV
BAMTKDAzQkIzREMzRTA1QzU4NUY0NkE5NTJFNjVDN0JGMzdFODlBMDU0REQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcM3hE/nyKfQ+E8X2apaezaJNj
bVe8fECyN7mWy6Nxj8DuIDG/DAsBcKOfFP8I+K+ha4sLuo4L1GsMm8/nM/KSPrJw
hEkEXadC0EOR72um93iV2sXEzN0SzNAa3xgNoZ/SUVeFXFedRbWYn/+a20pyVstv
p9A1qI7liWAthgrMOZ/y77bPy4bvnzzGk+nTcjc6EjwBujYGcEPd4/0rhE5U5s5w
rAVtKaA7lRZPw3Y2bH954sabvcMcXG1/sOYM4YBopF+hAxFoYDMKPtzpKNpPbXW6
g368q2TWdlpPeuzWOMPbFKwXlaxHIxZpJ2IdJa4rKA3kG3n3u5fIxIz3MDcnAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUA7s9w+BcWF9GqVLmXHvzfomgVN0wHwYDVR0j
BBgwFoAUx/P3rGSMYHPH/nNicaGo5yd5YrcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
OWY1NzVkYi1jNzM4LTRiOGUtYjM2YS02YjAyMGM2Njg0OWQvMC9DN0YzRjdBQzY0
OEM2MDczQzdGRTczNjI3MUExQThFNzI3Nzk2MkI3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzdGM0Y3QUM2NDhDNjA3M0M3RkU3MzYyNzFBMUE4RTcyNzc5
NjJCNy5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U5ZjU3NWRiLWM3MzgtNGI4ZS1i
MzZhLTZiMDIwYzY2ODQ5ZC8wLzMxMzAzMzJlMzEzNDM0MmUzMTMyMzgyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzkzNDMzMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnkIAwDQYJ
KoZIhvcNAQELBQADggEBAMOE0Q5BezD7UbBGrsI+oGpp/W3P3T4A/LK0oCIi2TdY
VXA5Rmp8nUOP0dx5BT4QOgZEmDe5KaHEvMvXOl1Fpnx8FYS9ut8TMwJJHfQbQ4vU
DZ0q0bT45M3tq/Z1Fd2j9WVSpD9k51+m8xyb+Xb/ZaKXBrBCa7QHNIuenlA271b5
6ykBjVRlek1iJ09vbDxkK4SUk3YD9ZgB+8o9CTwdCGxejg6wZ5L9bjjP3oc0REom
XMSWedS02Q5ygzK8Hd9lYHUYPbUsTXiBXPWIwFGkbIUfXLTPJw4rPsGKLrQ3020z
jka3bk3XpBIwwKiiXuWsqUSZFPUr/b1gX7P25DO4GA0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:00:12 2025 by rpki-client