Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133312e302f32342d3234203d3e2034333832.roa
File:                     3230322e39332e3133312e302f32342d3234203d3e2034333832.roa (raw, json)
Hash identifier:          w9IXrLEpnOTvHIWW3gOa5yz7gU/R3agEoOz9SkOzTf8=
Subject key identifier:   59:62:B6:B6:7F:0A:E0:D0:95:C5:7C:8C:7F:0C:A2:0E:27:04:DB:D5
Certificate issuer:       /CN=012D2F59937FDBE65095B9EB4971D9D31EFDA93C
Certificate serial:       24065DE0C3FAD55F79122A796BB311740FFF8024
Authority key identifier: 01:2D:2F:59:93:7F:DB:E6:50:95:B9:EB:49:71:D9:D3:1E:FD:A9:3C
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133312e302f32342d3234203d3e2034333832.roa
Signing time:             Wed 23 Jul 2025 14:01:35 +0000
ROA not before:           Wed 23 Jul 2025 13:56:35 +0000
ROA not after:            Wed 22 Jul 2026 14:01:35 +0000
asID:                     4382
IP address blocks:        202.93.131.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.crl
                          rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 26 Jul 2025 20:53:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:06:5d:e0:c3:fa:d5:5f:79:12:2a:79:6b:b3:11:74:0f:ff:80:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=012D2F59937FDBE65095B9EB4971D9D31EFDA93C
        Validity
            Not Before: Jul 23 13:56:35 2025 GMT
            Not After : Jul 22 14:01:35 2026 GMT
        Subject: CN=5962B6B67F0AE0D095C57C8C7F0CA20E2704DBD5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:62:6f:cf:a5:08:79:12:e4:04:30:83:7b:66:
                    0e:33:8e:50:8e:5d:76:4a:ce:1c:7c:04:df:92:30:
                    48:7d:6c:7c:0b:34:16:bd:48:67:47:ad:4d:04:83:
                    81:35:b6:dd:7d:12:63:1d:b3:38:d4:ac:5a:39:a9:
                    31:d8:4b:de:a1:d3:0e:41:9c:c1:a2:e9:7c:0c:4e:
                    b9:8e:f7:46:1a:63:89:50:2e:0e:4e:dd:b6:00:09:
                    11:3f:25:c0:28:02:9e:7b:3a:76:8c:7a:20:3b:3f:
                    b0:b7:43:f4:1b:c3:eb:b5:32:c1:d0:ad:7c:97:6a:
                    37:a9:8d:f2:16:b0:88:67:a6:7a:5f:99:3a:18:6b:
                    06:22:e0:ef:d0:f6:f1:90:8b:50:8d:53:fa:58:83:
                    e8:0d:c6:ce:22:05:17:0c:38:b5:0f:7e:5a:6e:23:
                    8d:be:8e:b8:86:d9:9c:73:17:13:38:d3:0a:8a:b9:
                    f5:8e:65:32:13:d5:cf:88:45:11:5b:f3:0f:e6:b7:
                    19:a2:b4:04:05:c5:60:9f:e0:27:39:0f:e1:53:b7:
                    54:a5:11:0b:cd:39:68:ac:38:c6:6b:c5:51:10:98:
                    b0:af:95:6b:b2:28:48:2d:d4:7a:b2:29:b4:eb:1c:
                    0e:d2:91:23:02:f3:8d:ca:76:9b:af:b3:06:03:ce:
                    61:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:62:B6:B6:7F:0A:E0:D0:95:C5:7C:8C:7F:0C:A2:0E:27:04:DB:D5
            X509v3 Authority Key Identifier:
                keyid:01:2D:2F:59:93:7F:DB:E6:50:95:B9:EB:49:71:D9:D3:1E:FD:A9:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133312e302f32342d3234203d3e2034333832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.93.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:6b:03:ba:7f:21:aa:d4:fa:93:11:e3:e2:8d:ca:13:06:bb:
         38:79:55:96:40:d5:5d:1e:2b:80:0f:49:6a:4c:ed:fe:7e:30:
         24:b8:c7:04:6b:07:5d:8e:3d:f4:68:d7:41:89:d6:91:ac:78:
         9c:2a:2f:1d:16:73:ae:e7:1a:1c:be:23:b2:4f:cf:f8:64:da:
         02:06:24:d7:da:71:aa:5e:23:5d:fb:a5:72:16:6a:8d:66:42:
         cb:f4:41:5b:96:e6:b6:7a:f7:b0:92:da:04:30:22:70:71:fe:
         e1:35:f7:49:92:0e:41:65:42:da:d8:d5:c4:25:d5:8f:0f:f2:
         c4:87:9c:92:2d:de:8b:65:98:08:8b:ab:c9:c9:4e:dd:4c:71:
         b1:b8:09:a6:00:8e:9c:8d:df:3c:c6:f4:1a:51:73:c5:51:7e:
         da:b6:3b:8c:e6:a8:f5:2b:50:78:65:0a:c8:1e:c1:a7:f2:91:
         76:b4:b7:67:87:11:d3:2a:b2:11:a3:c2:22:20:16:ff:d5:8b:
         24:03:9a:a2:a0:70:ed:50:57:dd:0d:43:17:df:a7:76:c8:30:
         29:6c:71:5c:41:33:de:68:d0:62:86:95:99:6f:ec:82:4b:62:
         bd:fa:0f:97:7c:96:21:af:66:43:cb:89:d4:4c:b5:3b:e8:c9:
         e2:98:91:01
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUJAZd4MP61V95Eip5a7MRdA//gCQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDEyRDJGNTk5MzdGREJFNjUwOTVCOUVCNDk3MUQ5RDMx
RUZEQTkzQzAeFw0yNTA3MjMxMzU2MzVaFw0yNjA3MjIxNDAxMzVaMDMxMTAvBgNV
BAMTKDU5NjJCNkI2N0YwQUUwRDA5NUM1N0M4QzdGMENBMjBFMjcwNERCRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjYm/PpQh5EuQEMIN7Zg4zjlCO
XXZKzhx8BN+SMEh9bHwLNBa9SGdHrU0Eg4E1tt19EmMdszjUrFo5qTHYS96h0w5B
nMGi6XwMTrmO90YaY4lQLg5O3bYACRE/JcAoAp57OnaMeiA7P7C3Q/Qbw+u1MsHQ
rXyXajepjfIWsIhnpnpfmToYawYi4O/Q9vGQi1CNU/pYg+gNxs4iBRcMOLUPflpu
I42+jriG2ZxzFxM40wqKufWOZTIT1c+IRRFb8w/mtxmitAQFxWCf4Cc5D+FTt1Sl
EQvNOWisOMZrxVEQmLCvlWuyKEgt1HqyKbTrHA7SkSMC843KdpuvswYDzmHRAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUWWK2tn8K4NCVxXyMfwyiDicE29UwHwYDVR0j
BBgwFoAUAS0vWZN/2+ZQlbnrSXHZ0x79qTwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ODZiMzg4OS02OTY2LTQ1ZWYtOTA3My1hZDE0MDExYWMzYjIvMC8wMTJEMkY1OTkz
N0ZEQkU2NTA5NUI5RUI0OTcxRDlEMzFFRkRBOTNDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDEyRDJGNTk5MzdGREJFNjUwOTVCOUVCNDk3MUQ5RDMxRUZE
QTkzQy5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE4NmIzODg5LTY5NjYtNDVlZi05
MDczLWFkMTQwMTFhYzNiMi8wLzMyMzAzMjJlMzkzMzJlMzEzMzMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzQzMzM4MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKXYMwDQYJKoZIhvcN
AQELBQADggEBAIdrA7p/IarU+pMR4+KNyhMGuzh5VZZA1V0eK4APSWpM7f5+MCS4
xwRrB12OPfRo10GJ1pGseJwqLx0Wc67nGhy+I7JPz/hk2gIGJNfacapeI137pXIW
ao1mQsv0QVuW5rZ697CS2gQwInBx/uE190mSDkFlQtrY1cQl1Y8P8sSHnJIt3otl
mAiLq8nJTt1McbG4CaYAjpyN3zzG9BpRc8VRftq2O4zmqPUrUHhlCsgewafykXa0
t2eHEdMqshGjwiIgFv/ViyQDmqKgcO1QV90NQxffp3bIMClscVxBM95o0GKGlZlv
7IJLYr36D5d8liGvZkPLidRMtTvoyeKYkQE=
-----END CERTIFICATE-----
Generated at Fri Jul 25 19:54:47 2025 by rpki-client