Route Origin Authorization

$ rpki-client -vvf rpki.roa.net/rrdp/xTom/56/3130332e3139332e3132382e302f32342d3234203d3e2036313334.roa
File:                     3130332e3139332e3132382e302f32342d3234203d3e2036313334.roa (raw, json)
Hash identifier:          4pYlh/OT4LG+Q0qsenBszj7xv0ft6rJjxBMe9B061DA=
Subject key identifier:   46:03:54:13:AB:1F:6B:98:F9:DD:32:6D:55:53:C6:9E:56:8D:71:E0
Certificate issuer:       /CN=A9181FC40000/serialNumber=E13D7744B2156E4150A1AF5D732E2A10994D8729
Certificate serial:       3FD283CBDE1BCD87BE0ECA01DC4FFDA87AC25C7F
Authority key identifier: E1:3D:77:44:B2:15:6E:41:50:A1:AF:5D:73:2E:2A:10:99:4D:87:29
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer
Subject info access:      rsync://rpki.roa.net/rrdp/xTom/56/3130332e3139332e3132382e302f32342d3234203d3e2036313334.roa
Signing time:             Wed 08 Oct 2025 18:50:56 +0000
ROA not before:           Wed 08 Oct 2025 18:45:56 +0000
ROA not after:            Wed 07 Oct 2026 18:50:56 +0000
asID:                     6134
IP address blocks:        103.193.128.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.crl
                          rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 21 Oct 2025 02:06:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:d2:83:cb:de:1b:cd:87:be:0e:ca:01:dc:4f:fd:a8:7a:c2:5c:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9181FC40000, serialNumber=E13D7744B2156E4150A1AF5D732E2A10994D8729
        Validity
            Not Before: Oct  8 18:45:56 2025 GMT
            Not After : Oct  7 18:50:56 2026 GMT
        Subject: CN=46035413AB1F6B98F9DD326D5553C69E568D71E0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:e8:00:ae:bd:c6:06:fb:b8:3b:5a:e7:56:f2:
                    c2:b0:b3:3b:fb:94:a9:68:ce:dd:af:5f:d3:e5:80:
                    91:b9:93:cf:3f:85:18:33:67:46:a8:0e:db:c1:e4:
                    d5:0b:d8:fb:dc:74:3f:fb:c3:1f:28:ae:4b:a2:e1:
                    52:b9:5f:ef:dd:df:c4:bc:9e:b4:16:f0:3f:80:1f:
                    27:a3:22:ef:9a:5f:aa:e6:a4:95:48:43:83:6e:34:
                    cd:1d:9b:7f:1e:2f:bd:88:25:af:cc:50:54:49:e8:
                    c5:04:9d:6a:6a:8a:76:f6:d6:af:0c:74:f8:bb:f5:
                    38:3d:ab:7b:4a:c9:cd:09:c7:1c:2e:d6:eb:24:64:
                    38:75:1e:49:8b:f7:25:27:1c:91:3b:af:6a:9d:e2:
                    e1:51:2b:ad:f7:20:26:33:ec:fa:8a:c4:9b:c3:92:
                    78:02:be:8c:0d:8f:fd:8c:87:57:18:11:8d:24:f8:
                    eb:04:8a:5d:b7:77:dc:15:d6:a0:cc:22:1d:43:27:
                    11:75:8d:10:d6:d0:03:76:3c:35:ce:72:af:3c:92:
                    ec:d4:6e:27:37:fd:00:cd:b9:f5:4e:5e:48:db:cf:
                    08:45:c8:0c:4b:58:a4:25:cf:39:6e:22:d6:1b:4c:
                    7d:86:66:e0:29:c8:18:15:ca:49:4c:7d:76:e6:76:
                    16:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:03:54:13:AB:1F:6B:98:F9:DD:32:6D:55:53:C6:9E:56:8D:71:E0
            X509v3 Authority Key Identifier:
                keyid:E1:3D:77:44:B2:15:6E:41:50:A1:AF:5D:73:2E:2A:10:99:4D:87:29

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/56/3130332e3139332e3132382e302f32342d3234203d3e2036313334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.193.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:6e:42:45:72:b0:f8:64:ca:21:92:91:49:25:10:e7:eb:d7:
         12:3c:80:3c:e1:05:cd:83:3d:3a:2b:7d:95:e0:d6:61:e6:09:
         98:df:1c:bf:a3:e7:e1:4b:fe:e3:02:78:26:cb:d9:14:37:ad:
         58:0d:57:b5:7a:1b:3b:f9:12:32:69:cd:d1:b0:b4:eb:31:71:
         de:2f:c7:af:da:5b:50:37:25:5d:a9:ba:0f:1b:23:6e:fb:09:
         71:80:a9:2d:4f:61:18:2b:86:d4:af:ec:63:09:dd:88:a9:1f:
         c6:17:d0:20:39:03:6c:a5:75:f3:0f:59:d5:ef:d1:59:8c:16:
         1e:14:4b:4a:e1:ef:8b:84:75:ca:33:e4:ca:56:43:f8:37:e1:
         f4:46:2c:fc:7b:75:91:e3:57:6d:09:a9:37:6a:27:b8:70:90:
         73:e5:54:b7:dc:d4:53:6c:e2:71:10:35:9e:97:03:76:88:5a:
         ad:fa:2a:f0:43:3e:66:ba:83:a6:7a:91:32:59:97:1c:dd:79:
         4d:a4:96:95:54:e4:06:55:4d:7c:cc:39:4c:7b:f7:de:24:04:
         df:fa:04:9e:a2:32:1f:fa:8d:12:d4:68:14:de:c6:d9:0a:03:
         db:d9:93:43:5a:8f:15:91:24:87:f7:c1:54:c7:4f:a6:2a:0a:
         7b:18:c4:5c
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIUP9KDy94bzYe+DsoB3E/9qHrCXH8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODFGQzQwMDAwMTEwLwYDVQQFEyhFMTNENzc0NEIy
MTU2RTQxNTBBMUFGNUQ3MzJFMkExMDk5NEQ4NzI5MB4XDTI1MTAwODE4NDU1NloX
DTI2MTAwNzE4NTA1NlowMzExMC8GA1UEAxMoNDYwMzU0MTNBQjFGNkI5OEY5REQz
MjZENTU1M0M2OUU1NjhENzFFMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7oAK69xgb7uDta51bywrCzO/uUqWjO3a9f0+WAkbmTzz+FGDNnRqgO28Hk
1QvY+9x0P/vDHyiuS6LhUrlf793fxLyetBbwP4AfJ6Mi75pfquaklUhDg240zR2b
fx4vvYglr8xQVEnoxQSdamqKdvbWrwx0+Lv1OD2re0rJzQnHHC7W6yRkOHUeSYv3
JScckTuvap3i4VErrfcgJjPs+orEm8OSeAK+jA2P/YyHVxgRjST46wSKXbd33BXW
oMwiHUMnEXWNENbQA3Y8Nc5yrzyS7NRuJzf9AM259U5eSNvPCEXIDEtYpCXPOW4i
1htMfYZm4CnIGBXKSUx9duZ2FgcCAwEAAaOCAeowggHmMB0GA1UdDgQWBBRGA1QT
qx9rmPndMm1VU8aeVo1x4DAfBgNVHSMEGDAWgBThPXdEshVuQVChr11zLioQmU2H
KTAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp
LnJvYS5uZXQvcnJkcC94VG9tLzU2L0UxM0Q3NzQ0QjIxNTZFNDE1MEExQUY1RDcz
MkUyQTEwOTk0RDg3MjkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi
cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx
RTJCQjQ2OEY3QzcyRkQxRkYyLzRUMTNSTElWYmtGUW9hOWRjeTRxRUpsTmh5ay5j
ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNTYvMzEzMDMzMmUzMTM5MzMyZTMxMzIzODJlMzAyZjMy
MzQyZDMyMzQyMDNkM2UyMDM2MzEzMzM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ8GAMA0GCSqGSIb3
DQEBCwUAA4IBAQCEbkJFcrD4ZMohkpFJJRDn69cSPIA84QXNgz06K32V4NZh5gmY
3xy/o+fhS/7jAngmy9kUN61YDVe1ehs7+RIyac3RsLTrMXHeL8ev2ltQNyVdqboP
GyNu+wlxgKktT2EYK4bUr+xjCd2IqR/GF9AgOQNspXXzD1nV79FZjBYeFEtK4e+L
hHXKM+TKVkP4N+H0Riz8e3WR41dtCak3aie4cJBz5VS33NRTbOJxEDWelwN2iFqt
+irwQz5muoOmepEyWZcc3XlNpJaVVOQGVU18zDlMe/feJATf+gSeojIf+o0S1GgU
3sbZCgPb2ZNDWo8VkSSH98FUx0+mKgp7GMRc
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:59:26 2025 by rpki-client