Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133352e302f32342d3234203d3e2034333832.roa
File:                     3230322e39332e3133352e302f32342d3234203d3e2034333832.roa (raw, json)
Hash identifier:          ri1oMn8me80QpVGUqBtvPXHCGV+V3jM8xkbu4T3ytno=
Subject key identifier:   1B:32:8C:63:0F:31:9C:6C:89:29:C6:13:8D:05:FB:B7:07:50:7C:28
Certificate issuer:       /CN=012D2F59937FDBE65095B9EB4971D9D31EFDA93C
Certificate serial:       5BE66A1095E2C93DF3C522F780455FE6FA5FBD17
Authority key identifier: 01:2D:2F:59:93:7F:DB:E6:50:95:B9:EB:49:71:D9:D3:1E:FD:A9:3C
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133352e302f32342d3234203d3e2034333832.roa
Signing time:             Wed 23 Jul 2025 15:00:43 +0000
ROA not before:           Wed 23 Jul 2025 14:55:43 +0000
ROA not after:            Wed 22 Jul 2026 15:00:43 +0000
asID:                     4382
IP address blocks:        202.93.135.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.crl
                          rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 26 Jul 2025 20:53:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:e6:6a:10:95:e2:c9:3d:f3:c5:22:f7:80:45:5f:e6:fa:5f:bd:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=012D2F59937FDBE65095B9EB4971D9D31EFDA93C
        Validity
            Not Before: Jul 23 14:55:43 2025 GMT
            Not After : Jul 22 15:00:43 2026 GMT
        Subject: CN=1B328C630F319C6C8929C6138D05FBB707507C28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:81:f2:c4:f4:78:94:ce:7f:86:c5:02:16:9c:
                    7a:fd:83:60:f2:cd:30:21:d6:05:b6:eb:9c:70:86:
                    e7:41:34:f1:84:60:80:5e:65:9f:40:1d:7c:b2:66:
                    f2:bf:91:5f:00:a7:88:78:c7:1a:f6:fb:5b:7e:30:
                    dc:b9:a4:09:ad:03:0f:16:8e:e2:18:1f:92:37:96:
                    d8:c9:dd:a1:df:4b:69:71:d2:ca:10:d7:c4:f7:a1:
                    e0:29:84:0e:cb:57:d8:dd:45:6f:c0:bc:fc:f1:12:
                    11:f5:70:e7:30:14:f1:f3:0a:30:89:92:d8:66:00:
                    fb:fe:04:0e:4e:1d:c4:29:d4:55:f1:cb:ed:73:c6:
                    2a:14:fb:cc:0c:e7:37:ad:da:44:00:72:d6:fa:ba:
                    aa:57:f3:be:a7:ef:d9:2e:f1:62:18:f1:71:f1:c7:
                    c4:32:35:5a:8e:52:47:47:39:7e:1c:e6:f0:21:2a:
                    9e:eb:00:87:82:3e:68:59:00:5e:66:ae:49:20:cc:
                    c7:7d:09:12:7a:ff:64:05:3d:76:83:bc:19:b4:e0:
                    aa:46:dd:dd:dd:9c:69:da:aa:bc:ca:3c:ff:83:0c:
                    a8:fb:86:06:19:5d:1f:99:31:27:13:81:b7:41:e4:
                    f8:58:d2:28:f0:2c:8e:2b:af:9b:72:d5:49:f1:0b:
                    67:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:32:8C:63:0F:31:9C:6C:89:29:C6:13:8D:05:FB:B7:07:50:7C:28
            X509v3 Authority Key Identifier:
                keyid:01:2D:2F:59:93:7F:DB:E6:50:95:B9:EB:49:71:D9:D3:1E:FD:A9:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133352e302f32342d3234203d3e2034333832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.93.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:25:cd:ed:24:18:08:08:44:ff:d6:d8:3a:3a:a8:3d:3c:4a:
         75:1f:b6:ec:0e:c4:c1:ef:2b:e9:9a:c6:c7:0d:aa:9c:d4:c4:
         2a:dd:d1:ef:d9:ce:2b:50:fe:69:16:40:85:c7:7e:97:35:7c:
         70:b8:4d:27:4f:a6:20:34:b4:8b:9c:b8:f1:25:d2:d5:00:da:
         ca:ae:a8:17:38:11:08:fe:18:66:e1:95:10:4b:69:b7:8a:b4:
         71:20:92:b5:46:56:56:32:82:8f:82:35:5d:e9:2f:5a:ac:9f:
         fa:f8:dd:f6:58:ce:b0:7b:79:7e:d3:50:c5:d1:81:62:10:a4:
         d5:dd:e2:f3:59:c8:4f:f7:d2:2f:53:26:2f:c9:5c:86:2b:2f:
         56:36:8d:05:73:2a:11:07:ac:5b:11:55:af:42:05:9b:0a:c2:
         38:29:56:61:d8:3d:1b:f7:e4:0b:20:00:09:d7:b2:d5:61:6f:
         a2:48:ca:1f:55:96:a2:73:f2:f1:cf:b5:d2:c7:1f:28:4e:5d:
         db:dd:e6:54:25:35:5c:c3:a6:c2:2d:a8:1e:1a:9a:4a:57:ee:
         8b:03:65:99:92:75:83:21:be:8b:b1:25:1b:52:d1:48:8a:d6:
         ef:05:e6:8f:f0:ef:e8:ae:db:97:8b:85:c9:e6:eb:83:93:aa:
         c8:e2:15:9c
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUW+ZqEJXiyT3zxSL3gEVf5vpfvRcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDEyRDJGNTk5MzdGREJFNjUwOTVCOUVCNDk3MUQ5RDMx
RUZEQTkzQzAeFw0yNTA3MjMxNDU1NDNaFw0yNjA3MjIxNTAwNDNaMDMxMTAvBgNV
BAMTKDFCMzI4QzYzMEYzMTlDNkM4OTI5QzYxMzhEMDVGQkI3MDc1MDdDMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGgfLE9HiUzn+GxQIWnHr9g2Dy
zTAh1gW265xwhudBNPGEYIBeZZ9AHXyyZvK/kV8Ap4h4xxr2+1t+MNy5pAmtAw8W
juIYH5I3ltjJ3aHfS2lx0soQ18T3oeAphA7LV9jdRW/AvPzxEhH1cOcwFPHzCjCJ
kthmAPv+BA5OHcQp1FXxy+1zxioU+8wM5zet2kQActb6uqpX876n79ku8WIY8XHx
x8QyNVqOUkdHOX4c5vAhKp7rAIeCPmhZAF5mrkkgzMd9CRJ6/2QFPXaDvBm04KpG
3d3dnGnaqrzKPP+DDKj7hgYZXR+ZMScTgbdB5PhY0ijwLI4rr5ty1UnxC2d5AgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUGzKMYw8xnGyJKcYTjQX7twdQfCgwHwYDVR0j
BBgwFoAUAS0vWZN/2+ZQlbnrSXHZ0x79qTwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ODZiMzg4OS02OTY2LTQ1ZWYtOTA3My1hZDE0MDExYWMzYjIvMC8wMTJEMkY1OTkz
N0ZEQkU2NTA5NUI5RUI0OTcxRDlEMzFFRkRBOTNDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDEyRDJGNTk5MzdGREJFNjUwOTVCOUVCNDk3MUQ5RDMxRUZE
QTkzQy5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE4NmIzODg5LTY5NjYtNDVlZi05
MDczLWFkMTQwMTFhYzNiMi8wLzMyMzAzMjJlMzkzMzJlMzEzMzM1MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzQzMzM4MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKXYcwDQYJKoZIhvcN
AQELBQADggEBAHolze0kGAgIRP/W2Do6qD08SnUftuwOxMHvK+maxscNqpzUxCrd
0e/ZzitQ/mkWQIXHfpc1fHC4TSdPpiA0tIucuPEl0tUA2squqBc4EQj+GGbhlRBL
abeKtHEgkrVGVlYygo+CNV3pL1qsn/r43fZYzrB7eX7TUMXRgWIQpNXd4vNZyE/3
0i9TJi/JXIYrL1Y2jQVzKhEHrFsRVa9CBZsKwjgpVmHYPRv35AsgAAnXstVhb6JI
yh9VlqJz8vHPtdLHHyhOXdvd5lQlNVzDpsItqB4amkpX7osDZZmSdYMhvouxJRtS
0UiK1u8F5o/w7+iu25eLhcnm64OTqsjiFZw=
-----END CERTIFICATE-----
Generated at Fri Jul 25 19:56:35 2025 by rpki-client