Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3134312e302f32342d3234203d3e2034333832.roa
File:                     3230322e39332e3134312e302f32342d3234203d3e2034333832.roa (raw, json)
Hash identifier:          bBONzBtnp5cZgKGGF/WSDLhv6iSsnxnb46nVEQMcaEk=
Subject key identifier:   39:C4:EE:97:C5:CC:E5:2A:3D:6B:7C:D2:17:AF:5F:51:AA:CF:4E:B1
Certificate issuer:       /CN=012D2F59937FDBE65095B9EB4971D9D31EFDA93C
Certificate serial:       137E1680F8B4579FFC783D0226574188F963EBEE
Authority key identifier: 01:2D:2F:59:93:7F:DB:E6:50:95:B9:EB:49:71:D9:D3:1E:FD:A9:3C
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3134312e302f32342d3234203d3e2034333832.roa
Signing time:             Wed 23 Jul 2025 15:00:43 +0000
ROA not before:           Wed 23 Jul 2025 14:55:43 +0000
ROA not after:            Wed 22 Jul 2026 15:00:43 +0000
asID:                     4382
IP address blocks:        202.93.141.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.crl
                          rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 26 Jul 2025 20:53:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:7e:16:80:f8:b4:57:9f:fc:78:3d:02:26:57:41:88:f9:63:eb:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=012D2F59937FDBE65095B9EB4971D9D31EFDA93C
        Validity
            Not Before: Jul 23 14:55:43 2025 GMT
            Not After : Jul 22 15:00:43 2026 GMT
        Subject: CN=39C4EE97C5CCE52A3D6B7CD217AF5F51AACF4EB1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:77:98:f6:f2:0d:86:48:1d:0b:c4:9a:e5:19:
                    71:e1:3e:9b:d6:85:75:0e:6f:ec:53:1c:0f:cc:5a:
                    76:30:04:46:1c:a5:46:ab:50:73:1c:4a:be:e6:1b:
                    a5:fa:1d:fa:9e:b1:60:bc:e2:49:87:64:41:1e:95:
                    7f:a2:fa:2c:9c:73:6d:89:f5:3e:db:04:d8:de:61:
                    96:8d:85:59:50:47:70:f0:b0:1d:18:fa:35:f5:36:
                    38:cb:62:e8:2f:2e:f5:70:c2:5b:e3:29:cc:ab:69:
                    8d:1f:2b:6d:e7:f7:c5:e0:0b:71:62:e6:1d:9a:da:
                    73:e9:a6:b4:6b:a0:92:98:9c:d8:cc:a8:9b:ee:15:
                    f4:65:6d:79:a1:67:34:58:df:55:6e:d0:11:aa:56:
                    45:7c:4e:0e:b4:37:a7:8b:ec:60:69:f4:6e:7b:06:
                    f8:2e:9f:7b:b2:ee:8b:28:b2:f1:d8:12:6a:7b:4f:
                    43:8b:cc:b1:98:bd:a6:08:4a:ae:fc:0b:17:b6:6b:
                    ac:06:d2:49:84:8c:47:74:99:81:e6:87:4f:03:d2:
                    3d:31:03:23:fd:de:12:b5:e9:ff:58:f6:6d:b2:15:
                    cf:76:88:16:6d:0d:ab:a1:29:bc:8e:05:3f:be:f2:
                    8f:57:c8:76:cd:a9:c3:0f:2e:99:0b:c3:0c:e4:ad:
                    81:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:C4:EE:97:C5:CC:E5:2A:3D:6B:7C:D2:17:AF:5F:51:AA:CF:4E:B1
            X509v3 Authority Key Identifier:
                keyid:01:2D:2F:59:93:7F:DB:E6:50:95:B9:EB:49:71:D9:D3:1E:FD:A9:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3134312e302f32342d3234203d3e2034333832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.93.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:0d:f6:1e:bb:82:4b:cd:74:5f:99:41:85:bc:84:45:bc:78:
         56:55:b4:21:76:86:13:66:88:c1:47:00:84:cc:1e:24:bc:64:
         3c:d4:96:47:9e:2d:5a:7e:a1:3b:a7:d0:93:07:95:cb:4d:76:
         8d:f7:1d:a8:5e:86:8c:a0:4e:d4:27:bb:8e:f8:aa:00:c1:9b:
         ef:6b:b1:68:69:ef:78:5b:36:74:76:66:e1:2f:b0:d2:af:bd:
         60:14:4e:09:45:aa:9f:34:87:0e:ee:a8:6b:a0:a6:22:44:b7:
         eb:f9:65:a3:e2:97:fe:d9:92:59:68:c1:69:be:f9:34:eb:93:
         69:81:02:56:6e:8e:4f:3f:a0:6e:9d:93:36:62:c9:49:2a:41:
         87:32:1b:70:11:34:b6:5a:51:16:28:00:ec:45:e5:f2:32:ca:
         dd:6c:34:d7:d6:92:81:0f:fe:70:e5:98:16:d5:d8:2a:d7:ef:
         d1:26:de:ef:fe:ba:c5:8e:91:20:6d:b1:72:dc:b5:dd:62:69:
         1a:b7:b6:6a:d8:99:d7:87:5d:0b:42:02:55:5a:04:ff:cc:92:
         39:07:ad:f8:8c:58:f4:68:2c:41:e5:26:d9:bb:6b:8b:e0:63:
         37:c2:c5:a2:5a:84:14:91:11:1e:b3:c6:fb:6c:81:cc:e1:31:
         d8:42:00:31
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUE34WgPi0V5/8eD0CJldBiPlj6+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDEyRDJGNTk5MzdGREJFNjUwOTVCOUVCNDk3MUQ5RDMx
RUZEQTkzQzAeFw0yNTA3MjMxNDU1NDNaFw0yNjA3MjIxNTAwNDNaMDMxMTAvBgNV
BAMTKDM5QzRFRTk3QzVDQ0U1MkEzRDZCN0NEMjE3QUY1RjUxQUFDRjRFQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZd5j28g2GSB0LxJrlGXHhPpvW
hXUOb+xTHA/MWnYwBEYcpUarUHMcSr7mG6X6HfqesWC84kmHZEEelX+i+iycc22J
9T7bBNjeYZaNhVlQR3DwsB0Y+jX1NjjLYugvLvVwwlvjKcyraY0fK23n98XgC3Fi
5h2a2nPpprRroJKYnNjMqJvuFfRlbXmhZzRY31Vu0BGqVkV8Tg60N6eL7GBp9G57
Bvgun3uy7ososvHYEmp7T0OLzLGYvaYISq78Cxe2a6wG0kmEjEd0mYHmh08D0j0x
AyP93hK16f9Y9m2yFc92iBZtDauhKbyOBT++8o9XyHbNqcMPLpkLwwzkrYHbAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUOcTul8XM5So9a3zSF69fUarPTrEwHwYDVR0j
BBgwFoAUAS0vWZN/2+ZQlbnrSXHZ0x79qTwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ODZiMzg4OS02OTY2LTQ1ZWYtOTA3My1hZDE0MDExYWMzYjIvMC8wMTJEMkY1OTkz
N0ZEQkU2NTA5NUI5RUI0OTcxRDlEMzFFRkRBOTNDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDEyRDJGNTk5MzdGREJFNjUwOTVCOUVCNDk3MUQ5RDMxRUZE
QTkzQy5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE4NmIzODg5LTY5NjYtNDVlZi05
MDczLWFkMTQwMTFhYzNiMi8wLzMyMzAzMjJlMzkzMzJlMzEzNDMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzQzMzM4MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKXY0wDQYJKoZIhvcN
AQELBQADggEBAGYN9h67gkvNdF+ZQYW8hEW8eFZVtCF2hhNmiMFHAITMHiS8ZDzU
lkeeLVp+oTun0JMHlctNdo33HahehoygTtQnu474qgDBm+9rsWhp73hbNnR2ZuEv
sNKvvWAUTglFqp80hw7uqGugpiJEt+v5ZaPil/7ZkllowWm++TTrk2mBAlZujk8/
oG6dkzZiyUkqQYcyG3ARNLZaURYoAOxF5fIyyt1sNNfWkoEP/nDlmBbV2CrX79Em
3u/+usWOkSBtsXLctd1iaRq3tmrYmdeHXQtCAlVaBP/MkjkHrfiMWPRoLEHlJtm7
a4vgYzfCxaJahBSRER6zxvtsgczhMdhCADE=
-----END CERTIFICATE-----
Generated at Fri Jul 25 19:56:35 2025 by rpki-client