Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/3131362e3139372e3132382e302f32312d3231203d3e203538333639.roa
File:                     3131362e3139372e3132382e302f32312d3231203d3e203538333639.roa (raw, json)
Hash identifier:          DXrnyku39HOJd6nOXNj93SLefUxkE0MMViMtgCO5Lgc=
Subject key identifier:   3E:3A:58:BC:1E:F2:9F:95:43:AC:78:DC:75:44:3F:DB:81:B1:E1:05
Certificate issuer:       /CN=A095A9A71806956C905D5CF7CB797843D22D04B8
Certificate serial:       57C2F6A8061C21DC221580958489ABFFD7B4CA73
Authority key identifier: A0:95:A9:A7:18:06:95:6C:90:5D:5C:F7:CB:79:78:43:D2:2D:04:B8
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A095A9A71806956C905D5CF7CB797843D22D04B8.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/3131362e3139372e3132382e302f32312d3231203d3e203538333639.roa
Signing time:             Mon 31 Jul 2023 00:07:33 +0000
ROA not before:           Mon 31 Jul 2023 00:02:33 +0000
ROA not after:            Mon 29 Jul 2024 00:07:33 +0000
asID:                     58369
IP address blocks:        116.197.128.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/A095A9A71806956C905D5CF7CB797843D22D04B8.crl
                          rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/A095A9A71806956C905D5CF7CB797843D22D04B8.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A095A9A71806956C905D5CF7CB797843D22D04B8.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:c2:f6:a8:06:1c:21:dc:22:15:80:95:84:89:ab:ff:d7:b4:ca:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A095A9A71806956C905D5CF7CB797843D22D04B8
        Validity
            Not Before: Jul 31 00:02:33 2023 GMT
            Not After : Jul 29 00:07:33 2024 GMT
        Subject: CN=3E3A58BC1EF29F9543AC78DC75443FDB81B1E105
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:d1:10:a1:e1:cc:47:8f:a9:77:77:7d:dd:fa:
                    02:e3:f3:b7:31:99:20:b1:95:2b:f3:38:6d:f0:0d:
                    1b:bc:6c:11:c3:97:23:74:32:8f:50:da:2d:0c:d2:
                    54:23:3c:83:86:5f:e2:34:da:b5:12:69:66:9a:97:
                    1f:93:a4:44:61:8d:64:09:b2:f2:81:99:62:28:b3:
                    0b:01:50:9f:a2:e3:3d:bb:d1:8c:8a:88:44:a6:8d:
                    e5:95:eb:87:99:ce:21:b3:23:24:cb:1e:12:48:e6:
                    01:b2:0b:e9:20:da:1b:1c:d4:63:4c:e3:81:db:d7:
                    b4:8e:35:67:27:a9:23:80:58:31:ff:6f:dd:a0:21:
                    bb:1c:8b:e4:50:ea:5c:a6:64:0c:1a:9a:a5:20:23:
                    22:e2:67:ec:11:05:6e:c9:3a:1b:f3:cb:7c:b3:ce:
                    6f:3e:8d:6a:09:2e:3a:8c:9c:77:12:a0:ea:96:65:
                    f7:41:65:6e:fb:b8:24:73:1b:eb:64:e4:96:14:a5:
                    e1:03:b4:6e:d2:6c:57:5d:d2:c0:8f:b8:8d:27:fa:
                    e5:05:12:a5:63:ae:5f:0c:2d:79:4c:ac:34:94:51:
                    76:44:5e:92:27:6e:58:39:6e:8d:1d:1e:43:6f:58:
                    b6:d6:b1:62:8f:d8:02:44:59:7b:91:72:c9:ec:06:
                    4f:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:3A:58:BC:1E:F2:9F:95:43:AC:78:DC:75:44:3F:DB:81:B1:E1:05
            X509v3 Authority Key Identifier:
                keyid:A0:95:A9:A7:18:06:95:6C:90:5D:5C:F7:CB:79:78:43:D2:2D:04:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/A095A9A71806956C905D5CF7CB797843D22D04B8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A095A9A71806956C905D5CF7CB797843D22D04B8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/3131362e3139372e3132382e302f32312d3231203d3e203538333639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  116.197.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         38:bf:a9:e9:06:28:34:01:10:6a:6a:6b:5a:22:fe:7a:80:67:
         51:e3:fd:55:01:6f:0c:33:9d:d5:0e:a0:d0:a2:c7:5f:88:3d:
         0e:92:83:a4:e5:d0:b5:21:fe:28:7f:85:b8:08:ff:18:10:08:
         e7:cc:36:0b:6e:02:f1:11:41:56:75:be:be:14:ca:51:b1:6c:
         98:97:10:65:21:df:bd:a4:23:5f:81:c7:bf:dd:4c:68:f1:34:
         92:f9:c1:f7:a7:31:cb:8a:6d:a5:db:5f:4a:bc:7a:08:20:70:
         d2:4f:3b:4b:82:80:36:91:c0:34:ab:9a:ce:c4:cc:2c:93:b2:
         4f:a4:eb:be:2d:c6:80:db:7f:4c:7d:82:17:cd:a1:d8:2a:a1:
         e1:6b:af:8a:a9:04:dd:d8:14:b3:0f:b5:df:27:1d:02:56:a3:
         42:97:a7:be:b9:89:39:40:ac:ac:25:83:b2:fa:a9:2e:b2:ec:
         bd:c3:77:94:1b:db:f9:f6:a0:f3:6b:15:e6:76:0b:31:b0:8a:
         f8:93:8f:11:ff:68:45:25:17:db:01:53:b9:73:fc:5f:ab:8d:
         ac:01:73:b3:20:a1:94:3d:5f:d7:39:74:3a:c4:37:23:f7:92:
         3c:43:02:d5:34:42:1c:85:0f:5c:c9:bd:17:1a:47:ac:87:6c:
         2f:1c:75:59
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUV8L2qAYcIdwiFYCVhImr/9e0ynMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTA5NUE5QTcxODA2OTU2QzkwNUQ1Q0Y3Q0I3OTc4NDNE
MjJEMDRCODAeFw0yMzA3MzEwMDAyMzNaFw0yNDA3MjkwMDA3MzNaMDMxMTAvBgNV
BAMTKDNFM0E1OEJDMUVGMjlGOTU0M0FDNzhEQzc1NDQzRkRCODFCMUUxMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC00RCh4cxHj6l3d33d+gLj87cx
mSCxlSvzOG3wDRu8bBHDlyN0Mo9Q2i0M0lQjPIOGX+I02rUSaWaalx+TpERhjWQJ
svKBmWIoswsBUJ+i4z270YyKiESmjeWV64eZziGzIyTLHhJI5gGyC+kg2hsc1GNM
44Hb17SONWcnqSOAWDH/b92gIbsci+RQ6lymZAwamqUgIyLiZ+wRBW7JOhvzy3yz
zm8+jWoJLjqMnHcSoOqWZfdBZW77uCRzG+tk5JYUpeEDtG7SbFdd0sCPuI0n+uUF
EqVjrl8MLXlMrDSUUXZEXpInblg5bo0dHkNvWLbWsWKP2AJEWXuRcsnsBk8hAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUPjpYvB7yn5VDrHjcdUQ/24Gx4QUwHwYDVR0j
BBgwFoAUoJWppxgGlWyQXVz3y3l4Q9ItBLgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
NmE4MTE4Mi03Y2ViLTQ2NWMtYTViNS1hMTRlYzczOWJmOTkvMC9BMDk1QTlBNzE4
MDY5NTZDOTA1RDVDRjdDQjc5Nzg0M0QyMkQwNEI4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQTA5NUE5QTcxODA2OTU2QzkwNUQ1Q0Y3Q0I3OTc4NDNEMjJE
MDRCOC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE2YTgxMTgyLTdjZWItNDY1Yy1h
NWI1LWExNGVjNzM5YmY5OS8wLzMxMzEzNjJlMzEzOTM3MmUzMTMyMzgyZTMwMmYz
MjMxMmQzMjMxMjAzZDNlMjAzNTM4MzMzNjM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDdMWAMA0GCSqG
SIb3DQEBCwUAA4IBAQA4v6npBig0ARBqamtaIv56gGdR4/1VAW8MM53VDqDQosdf
iD0OkoOk5dC1If4of4W4CP8YEAjnzDYLbgLxEUFWdb6+FMpRsWyYlxBlId+9pCNf
gce/3Uxo8TSS+cH3pzHLim2l219KvHoIIHDSTztLgoA2kcA0q5rOxMwsk7JPpOu+
LcaA239MfYIXzaHYKqHha6+KqQTd2BSzD7XfJx0CVqNCl6e+uYk5QKysJYOy+qku
suy9w3eUG9v59qDzaxXmdgsxsIr4k48R/2hFJRfbAVO5c/xfq42sAXOzIKGUPV/X
OXQ6xDcj95I8QwLVNEIchQ9cyb0XGkesh2wvHHVZ
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:12:51 2024 by rpki-client on console-ams.rpki-client.org