Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/0/3130332e3137302e3233322e302f32332d3234203d3e20313432363136.roa
File:                     3130332e3137302e3233322e302f32332d3234203d3e20313432363136.roa (raw, json)
Hash identifier:          VzgTFP3K3ygUqjqoPkC7s7tjeyqTHVnjgq3zWGYCRKg=
Subject key identifier:   0D:46:4B:8A:6A:8D:AB:80:5B:CA:9C:5E:9F:70:B0:D8:5B:5B:EC:C8
Certificate issuer:       /CN=A9121C330000/serialNumber=9CF05E7024D4A487E0B79E2F57525BF345DB53EC
Certificate serial:       465ECA489951ADCB9B81E888EF6FDBFEF056567B
Authority key identifier: 9C:F0:5E:70:24:D4:A4:87:E0:B7:9E:2F:57:52:5B:F3:45:DB:53:EC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nPBecCTUpIfgt54vV1Jb80XbU-w.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/0/3130332e3137302e3233322e302f32332d3234203d3e20313432363136.roa
Signing time:             Sun 05 Oct 2025 22:31:18 +0000
ROA not before:           Sun 05 Oct 2025 22:26:18 +0000
ROA not after:            Sun 04 Oct 2026 22:31:18 +0000
asID:                     142616
IP address blocks:        103.170.232.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/0/9CF05E7024D4A487E0B79E2F57525BF345DB53EC.crl
                          rsync://rsync.rp.ki/repo/misakaio/0/9CF05E7024D4A487E0B79E2F57525BF345DB53EC.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nPBecCTUpIfgt54vV1Jb80XbU-w.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 21 Oct 2025 19:05:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:5e:ca:48:99:51:ad:cb:9b:81:e8:88:ef:6f:db:fe:f0:56:56:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9121C330000, serialNumber=9CF05E7024D4A487E0B79E2F57525BF345DB53EC
        Validity
            Not Before: Oct  5 22:26:18 2025 GMT
            Not After : Oct  4 22:31:18 2026 GMT
        Subject: CN=0D464B8A6A8DAB805BCA9C5E9F70B0D85B5BECC8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:e3:c9:99:60:04:27:d0:eb:a5:4b:b4:87:1e:
                    49:36:4b:de:12:de:2b:a4:d8:20:14:4f:af:2d:07:
                    de:74:7f:30:31:18:6c:91:08:07:ab:4d:d1:3e:bb:
                    af:7f:89:66:64:21:23:52:ca:d6:66:36:c5:b1:05:
                    b3:d6:22:c5:2c:61:bb:3b:bc:46:60:93:c1:8d:0b:
                    c8:eb:12:59:3b:b5:e3:11:87:d7:33:71:5b:eb:4d:
                    d6:4d:22:39:05:08:88:c3:32:4b:d8:1f:ee:95:df:
                    aa:a8:ef:f0:4c:13:70:ba:3c:1d:c1:ef:89:2d:df:
                    77:a3:4e:d5:34:44:70:85:bf:59:8b:20:8d:c9:2e:
                    7f:6d:b7:a3:6b:92:ea:34:a6:3b:2a:8e:37:77:f0:
                    a2:f7:03:fd:8c:31:0f:fe:dd:f5:c4:c9:dd:68:8e:
                    cb:1b:27:1b:5e:33:bf:65:fd:5b:67:02:5c:ad:5a:
                    f5:ee:5a:c9:a4:ee:bb:20:0c:d9:4a:43:f1:e5:96:
                    cf:17:d6:b0:22:57:43:6b:8f:37:c0:7b:f9:e7:0d:
                    91:bd:98:b7:e3:20:a6:7a:53:98:24:c0:95:3d:56:
                    49:18:c9:21:54:d0:b3:ff:63:8a:f4:02:09:1a:6e:
                    3f:62:bb:ff:79:67:70:29:35:eb:e1:07:4e:6c:8b:
                    a5:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:46:4B:8A:6A:8D:AB:80:5B:CA:9C:5E:9F:70:B0:D8:5B:5B:EC:C8
            X509v3 Authority Key Identifier:
                keyid:9C:F0:5E:70:24:D4:A4:87:E0:B7:9E:2F:57:52:5B:F3:45:DB:53:EC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/0/9CF05E7024D4A487E0B79E2F57525BF345DB53EC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nPBecCTUpIfgt54vV1Jb80XbU-w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/0/3130332e3137302e3233322e302f32332d3234203d3e20313432363136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.170.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9c:4c:13:8d:b7:3e:b2:7b:ce:0c:f2:35:5a:8d:84:2c:ca:e7:
         0c:6f:91:c8:55:3e:c8:c2:23:71:7b:fc:6c:d5:6c:e1:1d:83:
         4f:b3:9b:d9:f9:6e:f8:b0:89:bc:b7:98:ed:41:29:99:66:e5:
         02:6f:d6:df:51:7d:6f:5d:df:46:15:ec:ec:72:32:0c:d3:93:
         ca:a2:7c:73:8e:32:d2:b4:59:01:a9:be:ff:b9:87:24:e3:86:
         17:72:a4:a1:30:5b:28:d2:aa:89:b3:97:92:6d:0f:ed:84:19:
         28:e5:c0:ff:1e:1b:b5:cd:73:f7:10:02:0a:81:57:93:9d:fd:
         cc:9e:cd:61:c9:db:4d:90:ca:db:f7:25:ad:16:4f:53:88:9a:
         be:80:e4:b5:41:57:ac:17:91:ea:fe:78:03:e5:e4:02:02:7f:
         ce:c1:c2:9a:8a:20:a5:2c:b5:72:07:a3:53:3e:73:c7:f0:c8:
         0f:8c:39:64:b8:52:9e:66:31:1a:22:1f:a2:d8:50:18:fe:89:
         c7:d0:f1:10:b3:c2:ed:79:16:63:bf:c6:cb:65:ff:43:55:84:
         61:a8:66:47:98:d5:1c:71:b2:db:01:0e:1d:ef:9f:cb:a8:9e:
         b9:67:27:f3:31:c9:2a:67:3f:d2:28:f0:21:77:d3:eb:8e:b0:
         c0:f6:5b:7d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIURl7KSJlRrcubgeiI72/b/vBWVnswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMjFDMzMwMDAwMTEwLwYDVQQFEyg5Q0YwNUU3MDI0
RDRBNDg3RTBCNzlFMkY1NzUyNUJGMzQ1REI1M0VDMB4XDTI1MTAwNTIyMjYxOFoX
DTI2MTAwNDIyMzExOFowMzExMC8GA1UEAxMoMEQ0NjRCOEE2QThEQUI4MDVCQ0E5
QzVFOUY3MEIwRDg1QjVCRUNDODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLjyZlgBCfQ66VLtIceSTZL3hLeK6TYIBRPry0H3nR/MDEYbJEIB6tN0T67
r3+JZmQhI1LK1mY2xbEFs9YixSxhuzu8RmCTwY0LyOsSWTu14xGH1zNxW+tN1k0i
OQUIiMMyS9gf7pXfqqjv8EwTcLo8HcHviS3fd6NO1TREcIW/WYsgjckuf223o2uS
6jSmOyqON3fwovcD/YwxD/7d9cTJ3WiOyxsnG14zv2X9W2cCXK1a9e5ayaTuuyAM
2UpD8eWWzxfWsCJXQ2uPN8B7+ecNkb2Yt+MgpnpTmCTAlT1WSRjJIVTQs/9jivQC
CRpuP2K7/3lncCk16+EHTmyLpeMCAwEAAaOCAfIwggHuMB0GA1UdDgQWBBQNRkuK
ao2rgFvKnF6fcLDYW1vsyDAfBgNVHSMEGDAWgBSc8F5wJNSkh+C3ni9XUlvzRdtT
7DAOBgNVHQ8BAf8EBAMCB4AwYQYDVR0fBFowWDBWoFSgUoZQcnN5bmM6Ly9yc3lu
Yy5ycC5raS9yZXBvL21pc2FrYWlvLzAvOUNGMDVFNzAyNEQ0QTQ4N0UwQjc5RTJG
NTc1MjVCRjM0NURCNTNFQy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAC
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2
MTFFMkJCNDY4RjdDNzJGRDFGRjIvblBCZWNDVFVwSWZndDU0dlYxSmI4MFhiVS13
LmNlcjB+BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnN5bmMu
cnAua2kvcmVwby9taXNha2Fpby8wLzMxMzAzMzJlMzEzNzMwMmUzMjMzMzIyZTMw
MmYzMjMzMmQzMjM0MjAzZDNlMjAzMTM0MzIzNjMxMzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnqugw
DQYJKoZIhvcNAQELBQADggEBAJxME423PrJ7zgzyNVqNhCzK5wxvkchVPsjCI3F7
/GzVbOEdg0+zm9n5bviwiby3mO1BKZlm5QJv1t9RfW9d30YV7OxyMgzTk8qifHOO
MtK0WQGpvv+5hyTjhhdypKEwWyjSqomzl5JtD+2EGSjlwP8eG7XNc/cQAgqBV5Od
/cyezWHJ202Qytv3Ja0WT1OImr6A5LVBV6wXker+eAPl5AICf87BwpqKIKUstXIH
o1M+c8fwyA+MOWS4Up5mMRoiH6LYUBj+icfQ8RCzwu15FmO/xstl/0NVhGGoZkeY
1RxxstsBDh3vn8uonrlnJ/MxySpnP9Io8CF30+uOsMD2W30=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:03:16 2025 by rpki-client