Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133302e302f32342d3234203d3e2034333832.roa
File:                     3230322e39332e3133302e302f32342d3234203d3e2034333832.roa (raw, json)
Hash identifier:          mk2uuBuKIDHj7rkFbCdRe6jSuAPJ/hDxuUfm/exdaSw=
Subject key identifier:   5F:15:6F:CC:E9:19:26:1A:A6:71:03:7B:19:6A:9B:04:C1:AD:60:66
Certificate issuer:       /CN=012D2F59937FDBE65095B9EB4971D9D31EFDA93C
Certificate serial:       1B1BBB6EAA5F2F671E2E89D5A5998B624B922C25
Authority key identifier: 01:2D:2F:59:93:7F:DB:E6:50:95:B9:EB:49:71:D9:D3:1E:FD:A9:3C
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133302e302f32342d3234203d3e2034333832.roa
Signing time:             Wed 23 Jul 2025 15:00:42 +0000
ROA not before:           Wed 23 Jul 2025 14:55:42 +0000
ROA not after:            Wed 22 Jul 2026 15:00:42 +0000
asID:                     4382
IP address blocks:        202.93.130.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.crl
                          rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 26 Jul 2025 20:53:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:1b:bb:6e:aa:5f:2f:67:1e:2e:89:d5:a5:99:8b:62:4b:92:2c:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=012D2F59937FDBE65095B9EB4971D9D31EFDA93C
        Validity
            Not Before: Jul 23 14:55:42 2025 GMT
            Not After : Jul 22 15:00:42 2026 GMT
        Subject: CN=5F156FCCE919261AA671037B196A9B04C1AD6066
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:6b:18:3a:47:1f:d6:4c:c4:68:bc:2b:2c:c4:
                    b1:96:e6:07:23:be:5e:c8:eb:6c:67:97:59:84:74:
                    99:8e:cc:a2:1d:1b:40:b7:bc:8d:39:15:7e:a3:90:
                    18:84:77:8c:06:e3:3f:11:a7:a0:3f:92:6e:4c:66:
                    dd:d2:02:10:46:c8:4a:70:35:e4:89:a4:b3:98:90:
                    7a:cb:80:c8:b1:e4:0e:36:f9:d5:7e:b0:1c:5f:6e:
                    86:81:47:40:53:13:b5:02:28:3e:2b:e4:d3:9e:77:
                    e7:58:a2:91:68:66:b4:d9:28:33:b0:fb:1f:15:d7:
                    7a:3e:4d:70:8a:3b:81:77:8d:eb:f7:ca:c9:a2:5a:
                    9b:28:33:ac:31:b7:2e:76:af:ab:46:dc:76:67:2e:
                    e4:02:53:cf:99:e6:0e:02:9c:0d:97:7f:a7:77:94:
                    3c:a8:94:90:6b:75:bd:18:a1:d7:ac:55:d2:45:40:
                    0b:de:f3:f2:83:a8:1d:bc:78:8b:ab:c5:fd:07:7b:
                    da:c9:58:ee:69:58:28:29:87:55:12:7d:28:66:9a:
                    59:78:4a:1d:08:58:77:c8:41:f1:04:1b:f5:a0:87:
                    08:33:73:93:b1:37:52:be:0e:32:54:c3:7b:35:bc:
                    ae:04:50:ad:cf:9e:9e:c4:3e:a7:63:ff:f6:3b:1e:
                    78:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:15:6F:CC:E9:19:26:1A:A6:71:03:7B:19:6A:9B:04:C1:AD:60:66
            X509v3 Authority Key Identifier:
                keyid:01:2D:2F:59:93:7F:DB:E6:50:95:B9:EB:49:71:D9:D3:1E:FD:A9:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133302e302f32342d3234203d3e2034333832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.93.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:fb:bd:10:65:0a:44:3f:63:de:88:92:e3:ee:98:0c:6e:99:
         2f:28:28:a7:d4:73:d7:d9:45:eb:67:49:4e:dc:3e:d5:32:ea:
         23:a3:61:fb:b2:bb:10:46:56:97:81:94:83:f6:dd:f9:ea:fa:
         0b:89:0a:77:40:03:a4:c4:b3:e9:00:48:20:d8:9d:77:79:4b:
         aa:fe:af:1e:8b:2d:36:1c:06:1b:99:af:24:9d:38:98:d5:f9:
         7c:4c:47:ea:98:f3:f9:7c:d4:49:32:8e:9a:fb:6f:5d:5f:f0:
         8f:9f:b2:43:49:75:8d:26:ad:1e:ab:5e:53:7b:aa:52:bc:07:
         f7:f3:e5:4f:69:c5:c3:2d:b3:16:9c:13:a9:47:0c:12:89:67:
         7a:ae:61:97:7a:a4:fb:e6:d3:02:48:ed:dd:a8:be:1e:df:d3:
         0f:6b:f2:24:a5:90:d6:a1:1e:79:11:00:a0:dd:32:c3:08:37:
         4f:34:77:ef:5f:97:95:12:53:31:b0:d8:26:42:07:4c:de:13:
         67:69:c0:1d:2a:f7:06:6b:7c:71:58:44:20:82:67:96:1f:aa:
         6d:48:70:2e:40:14:90:c0:64:e8:f1:cb:12:7c:5f:ab:e9:49:
         c9:a7:77:be:05:c6:65:65:ec:6e:4b:d7:99:57:1a:09:8a:f2:
         7a:86:db:1e
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUGxu7bqpfL2ceLonVpZmLYkuSLCUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDEyRDJGNTk5MzdGREJFNjUwOTVCOUVCNDk3MUQ5RDMx
RUZEQTkzQzAeFw0yNTA3MjMxNDU1NDJaFw0yNjA3MjIxNTAwNDJaMDMxMTAvBgNV
BAMTKDVGMTU2RkNDRTkxOTI2MUFBNjcxMDM3QjE5NkE5QjA0QzFBRDYwNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3axg6Rx/WTMRovCssxLGW5gcj
vl7I62xnl1mEdJmOzKIdG0C3vI05FX6jkBiEd4wG4z8Rp6A/km5MZt3SAhBGyEpw
NeSJpLOYkHrLgMix5A42+dV+sBxfboaBR0BTE7UCKD4r5NOed+dYopFoZrTZKDOw
+x8V13o+TXCKO4F3jev3ysmiWpsoM6wxty52r6tG3HZnLuQCU8+Z5g4CnA2Xf6d3
lDyolJBrdb0YodesVdJFQAve8/KDqB28eIurxf0He9rJWO5pWCgph1USfShmmll4
Sh0IWHfIQfEEG/Wghwgzc5OxN1K+DjJUw3s1vK4EUK3Pnp7EPqdj//Y7HnhZAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUXxVvzOkZJhqmcQN7GWqbBMGtYGYwHwYDVR0j
BBgwFoAUAS0vWZN/2+ZQlbnrSXHZ0x79qTwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ODZiMzg4OS02OTY2LTQ1ZWYtOTA3My1hZDE0MDExYWMzYjIvMC8wMTJEMkY1OTkz
N0ZEQkU2NTA5NUI5RUI0OTcxRDlEMzFFRkRBOTNDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDEyRDJGNTk5MzdGREJFNjUwOTVCOUVCNDk3MUQ5RDMxRUZE
QTkzQy5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE4NmIzODg5LTY5NjYtNDVlZi05
MDczLWFkMTQwMTFhYzNiMi8wLzMyMzAzMjJlMzkzMzJlMzEzMzMwMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzQzMzM4MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKXYIwDQYJKoZIhvcN
AQELBQADggEBAHH7vRBlCkQ/Y96IkuPumAxumS8oKKfUc9fZRetnSU7cPtUy6iOj
YfuyuxBGVpeBlIP23fnq+guJCndAA6TEs+kASCDYnXd5S6r+rx6LLTYcBhuZrySd
OJjV+XxMR+qY8/l81Ekyjpr7b11f8I+fskNJdY0mrR6rXlN7qlK8B/fz5U9pxcMt
sxacE6lHDBKJZ3quYZd6pPvm0wJI7d2ovh7f0w9r8iSlkNahHnkRAKDdMsMIN080
d+9fl5USUzGw2CZCB0zeE2dpwB0q9wZrfHFYRCCCZ5Yfqm1IcC5AFJDAZOjxyxJ8
X6vpScmnd74FxmVl7G5L15lXGgmK8nqG2x4=
-----END CERTIFICATE-----
Generated at Fri Jul 25 20:00:03 2025 by rpki-client