Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133322e302f32342d3234203d3e2034333832.roa
File:                     3230322e39332e3133322e302f32342d3234203d3e2034333832.roa (raw, json)
Hash identifier:          HZhJmMH/Ke4cPS3cjwshrQlxCqO5LSReCzOgD2oJQGE=
Subject key identifier:   DC:05:72:FB:55:23:5E:1B:83:2A:76:B3:EA:1C:73:6F:A8:71:0B:17
Certificate issuer:       /CN=012D2F59937FDBE65095B9EB4971D9D31EFDA93C
Certificate serial:       6318E68C83A32B6E7AFCCC62EDB70669B7E0F021
Authority key identifier: 01:2D:2F:59:93:7F:DB:E6:50:95:B9:EB:49:71:D9:D3:1E:FD:A9:3C
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133322e302f32342d3234203d3e2034333832.roa
Signing time:             Wed 23 Jul 2025 15:00:42 +0000
ROA not before:           Wed 23 Jul 2025 14:55:42 +0000
ROA not after:            Wed 22 Jul 2026 15:00:42 +0000
asID:                     4382
IP address blocks:        202.93.132.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.crl
                          rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 26 Jul 2025 20:53:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:18:e6:8c:83:a3:2b:6e:7a:fc:cc:62:ed:b7:06:69:b7:e0:f0:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=012D2F59937FDBE65095B9EB4971D9D31EFDA93C
        Validity
            Not Before: Jul 23 14:55:42 2025 GMT
            Not After : Jul 22 15:00:42 2026 GMT
        Subject: CN=DC0572FB55235E1B832A76B3EA1C736FA8710B17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:bf:23:e3:1f:79:d2:af:3b:6b:82:e7:50:de:
                    07:33:f0:0a:ee:73:62:98:c7:b5:04:2e:ec:84:22:
                    6f:a4:e6:00:d1:01:d8:02:c2:61:b4:b7:c0:35:20:
                    7e:ce:57:9b:ff:99:00:58:cd:84:64:f5:34:dd:35:
                    65:96:de:db:11:c0:85:30:fd:8d:4b:fa:67:cd:85:
                    d0:0a:c1:d5:b1:19:a3:bb:9e:8d:7f:77:31:04:61:
                    5b:a1:2f:89:5c:df:fd:6f:60:61:c1:a1:3d:ab:1d:
                    8a:a8:8f:c2:c4:fe:30:3d:16:bc:db:ab:d6:4a:21:
                    e8:74:d2:87:31:17:9f:97:29:1a:90:8a:90:66:7e:
                    f5:e1:e8:91:39:ce:9d:ef:44:f2:85:4e:6e:6e:09:
                    f0:c7:39:87:9b:07:90:4d:ee:c2:dc:bb:44:cc:db:
                    7a:b8:cd:f2:05:53:70:87:b1:61:2e:b2:ce:2f:fe:
                    9e:6d:46:49:ac:c8:4f:2b:86:29:7c:25:2b:e0:d9:
                    a7:ba:b9:de:5b:c9:61:8a:8d:99:0a:aa:46:a6:78:
                    db:29:08:b5:91:24:38:26:5c:40:3a:17:78:ae:79:
                    ef:c7:f4:3c:45:6b:32:d2:b3:da:ae:02:f7:c5:3c:
                    22:ab:f4:1b:9a:c2:80:15:e3:af:e2:f5:23:93:8c:
                    e0:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:05:72:FB:55:23:5E:1B:83:2A:76:B3:EA:1C:73:6F:A8:71:0B:17
            X509v3 Authority Key Identifier:
                keyid:01:2D:2F:59:93:7F:DB:E6:50:95:B9:EB:49:71:D9:D3:1E:FD:A9:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133322e302f32342d3234203d3e2034333832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.93.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:54:fa:6f:75:4a:c0:f8:08:61:9d:4c:e6:ab:8d:3b:64:ce:
         a4:e4:32:77:f1:28:d2:26:33:ca:57:0a:63:17:d4:7b:d2:23:
         2a:1c:39:3e:d7:9a:3a:89:6a:3a:65:5a:03:0b:00:95:44:07:
         be:0d:be:d4:00:1d:c1:51:43:e1:3a:e0:01:01:28:aa:16:4e:
         7b:22:7b:c9:7c:0b:3e:51:6b:c2:72:7b:2d:3c:8c:79:85:03:
         78:e4:23:aa:8d:d2:cc:89:55:63:4b:94:a4:ce:cb:8d:82:b5:
         94:c8:a4:d9:f8:81:b1:45:be:ce:ad:a1:58:16:f5:0b:e9:0d:
         1e:07:25:96:0b:0c:c7:88:99:5c:98:cd:53:aa:eb:db:e8:3a:
         9c:0d:f0:1e:e0:60:8c:1e:57:ce:d9:24:d8:be:30:bf:0a:34:
         8b:92:b1:e8:0c:39:ad:09:62:dd:a8:2e:44:8a:08:ad:9c:b7:
         b1:b4:b0:d1:f1:99:7a:f2:1c:e1:15:a1:aa:7c:84:62:06:ac:
         c9:dd:df:44:6e:35:74:67:4b:ae:4f:e9:28:fb:a8:b1:59:82:
         0c:09:29:8a:86:f1:62:75:47:4c:66:d4:21:67:91:0f:d8:cb:
         ca:4a:2a:31:06:da:9a:85:e2:9b:8d:44:fd:ac:e7:a9:85:de:
         15:2c:2a:97
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUYxjmjIOjK256/Mxi7bcGabfg8CEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDEyRDJGNTk5MzdGREJFNjUwOTVCOUVCNDk3MUQ5RDMx
RUZEQTkzQzAeFw0yNTA3MjMxNDU1NDJaFw0yNjA3MjIxNTAwNDJaMDMxMTAvBgNV
BAMTKERDMDU3MkZCNTUyMzVFMUI4MzJBNzZCM0VBMUM3MzZGQTg3MTBCMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYvyPjH3nSrztrgudQ3gcz8Aru
c2KYx7UELuyEIm+k5gDRAdgCwmG0t8A1IH7OV5v/mQBYzYRk9TTdNWWW3tsRwIUw
/Y1L+mfNhdAKwdWxGaO7no1/dzEEYVuhL4lc3/1vYGHBoT2rHYqoj8LE/jA9Frzb
q9ZKIeh00ocxF5+XKRqQipBmfvXh6JE5zp3vRPKFTm5uCfDHOYebB5BN7sLcu0TM
23q4zfIFU3CHsWEuss4v/p5tRkmsyE8rhil8JSvg2ae6ud5byWGKjZkKqkameNsp
CLWRJDgmXEA6F3iuee/H9DxFazLSs9quAvfFPCKr9BuawoAV46/i9SOTjOAvAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU3AVy+1UjXhuDKnaz6hxzb6hxCxcwHwYDVR0j
BBgwFoAUAS0vWZN/2+ZQlbnrSXHZ0x79qTwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ODZiMzg4OS02OTY2LTQ1ZWYtOTA3My1hZDE0MDExYWMzYjIvMC8wMTJEMkY1OTkz
N0ZEQkU2NTA5NUI5RUI0OTcxRDlEMzFFRkRBOTNDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDEyRDJGNTk5MzdGREJFNjUwOTVCOUVCNDk3MUQ5RDMxRUZE
QTkzQy5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE4NmIzODg5LTY5NjYtNDVlZi05
MDczLWFkMTQwMTFhYzNiMi8wLzMyMzAzMjJlMzkzMzJlMzEzMzMyMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzQzMzM4MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKXYQwDQYJKoZIhvcN
AQELBQADggEBABNU+m91SsD4CGGdTOarjTtkzqTkMnfxKNImM8pXCmMX1HvSIyoc
OT7XmjqJajplWgMLAJVEB74NvtQAHcFRQ+E64AEBKKoWTnsie8l8Cz5Ra8Jyey08
jHmFA3jkI6qN0syJVWNLlKTOy42CtZTIpNn4gbFFvs6toVgW9QvpDR4HJZYLDMeI
mVyYzVOq69voOpwN8B7gYIweV87ZJNi+ML8KNIuSsegMOa0JYt2oLkSKCK2ct7G0
sNHxmXryHOEVoap8hGIGrMnd30RuNXRnS65P6Sj7qLFZggwJKYqG8WJ1R0xm1CFn
kQ/Yy8pKKjEG2pqF4puNRP2s56mF3hUsKpc=
-----END CERTIFICATE-----
Generated at Fri Jul 25 19:57:32 2025 by rpki-client