Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3131302e3233322e37382e302f32342d3234203d3e203233363739.roa
File:                     3131302e3233322e37382e302f32342d3234203d3e203233363739.roa (raw, json)
Hash identifier:          nZ68hEfrEgSsW/g/Fw1ZJ/WS5ln3Fu1sa1bWh+8wijA=
Subject key identifier:   2D:EF:E5:AB:3D:FC:F3:D2:75:F3:01:1D:C9:F7:71:1D:30:9E:2C:B2
Certificate issuer:       /CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984
Certificate serial:       2BDE891C04A1F6D4B1574587B2043771C7D22A6D
Authority key identifier: 55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3131302e3233322e37382e302f32342d3234203d3e203233363739.roa
Signing time:             Fri 11 Jul 2025 11:02:23 +0000
ROA not before:           Fri 11 Jul 2025 10:57:23 +0000
ROA not after:            Fri 10 Jul 2026 11:02:23 +0000
asID:                     23679
IP address blocks:        110.232.78.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl
                          rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 24 Jul 2025 10:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:de:89:1c:04:a1:f6:d4:b1:57:45:87:b2:04:37:71:c7:d2:2a:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984
        Validity
            Not Before: Jul 11 10:57:23 2025 GMT
            Not After : Jul 10 11:02:23 2026 GMT
        Subject: CN=2DEFE5AB3DFCF3D275F3011DC9F7711D309E2CB2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:45:eb:b5:3c:59:7a:cb:27:3f:34:a4:be:fa:
                    b9:57:a5:25:18:eb:1f:33:78:d7:df:66:7b:19:e0:
                    01:5c:24:70:92:5b:82:0a:17:47:bb:7e:ed:3e:02:
                    4d:fd:50:38:4d:42:78:0e:b8:bf:63:68:5a:90:1b:
                    92:dc:02:4e:26:ff:5f:e7:20:13:f8:0e:28:01:f1:
                    37:55:04:3c:a0:f8:d0:af:35:34:a9:58:01:09:cd:
                    9f:3f:4d:a5:0e:8e:87:fb:75:95:9e:ff:93:1e:b0:
                    a3:b4:34:2c:0a:7d:6d:ec:14:ab:aa:f7:1b:9d:c0:
                    f7:45:c8:63:5d:53:d9:1c:86:b9:80:d9:17:69:f1:
                    35:d9:cf:5c:a8:82:7b:5d:21:54:c4:a3:3b:60:56:
                    74:b3:47:d1:08:17:1f:45:06:52:87:d8:9a:c7:a0:
                    40:45:d2:b8:32:98:9a:01:11:b9:45:01:a7:f9:bb:
                    13:a3:ce:02:c2:b9:b5:d7:c0:e4:5e:de:53:6b:31:
                    74:6a:1f:8a:56:ae:4d:fd:6e:91:de:5c:fb:9c:82:
                    3e:e6:1c:29:3a:da:6e:5b:35:51:cd:45:a0:b2:74:
                    af:f9:69:0e:a4:3b:2e:84:b7:fc:c6:24:db:cb:4c:
                    d3:d8:a5:3e:8c:b7:a5:4b:e5:b8:5f:3e:f5:dc:7a:
                    bb:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:EF:E5:AB:3D:FC:F3:D2:75:F3:01:1D:C9:F7:71:1D:30:9E:2C:B2
            X509v3 Authority Key Identifier:
                keyid:55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3131302e3233322e37382e302f32342d3234203d3e203233363739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.232.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:fb:06:47:f7:b2:ce:33:92:15:b4:05:3e:30:7e:3a:1e:67:
         8c:5f:1f:e9:61:2e:3b:76:6e:04:c7:7f:ee:02:1d:1f:be:3c:
         79:27:71:03:c4:41:ec:0a:f7:ed:f5:e9:61:27:3a:35:de:cd:
         c4:ea:c8:ed:b7:5b:7b:e2:a0:5c:17:4a:6b:94:33:d6:3e:a8:
         4f:c4:90:d4:55:56:64:9a:89:7e:a6:41:b9:30:ef:19:3f:ac:
         6e:21:e6:93:be:09:14:b6:e3:54:c4:92:6f:fa:60:3e:ad:c0:
         45:32:4d:cf:9a:cb:bc:1a:64:e0:eb:1a:6e:68:3f:44:ee:f6:
         9a:8b:a9:f1:a7:73:35:78:3d:a8:64:ed:92:e9:45:af:99:3e:
         8a:51:40:e5:a0:92:ce:fb:bf:38:8a:72:61:cc:a0:43:6f:aa:
         da:0f:f2:d4:42:18:1a:2f:16:91:e7:a2:ca:89:ec:b9:0a:de:
         05:70:15:d3:77:6b:37:63:88:ed:bb:a3:b8:69:5a:3e:07:d0:
         d4:a1:68:3f:b8:e6:2e:62:2d:00:af:20:78:47:07:54:20:15:
         26:e0:a3:aa:b4:38:7f:07:aa:8a:0c:2c:c1:98:f8:a9:00:8f:
         14:8f:17:17:34:3e:ef:72:44:2a:8e:43:b6:8f:d6:bd:bb:02:
         be:1b:03:93
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUK96JHASh9tSxV0WHsgQ3ccfSKm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0
RkE2Njk4NDAeFw0yNTA3MTExMDU3MjNaFw0yNjA3MTAxMTAyMjNaMDMxMTAvBgNV
BAMTKDJERUZFNUFCM0RGQ0YzRDI3NUYzMDExREM5Rjc3MTFEMzA5RTJDQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+Reu1PFl6yyc/NKS++rlXpSUY
6x8zeNffZnsZ4AFcJHCSW4IKF0e7fu0+Ak39UDhNQngOuL9jaFqQG5LcAk4m/1/n
IBP4DigB8TdVBDyg+NCvNTSpWAEJzZ8/TaUOjof7dZWe/5MesKO0NCwKfW3sFKuq
9xudwPdFyGNdU9kchrmA2Rdp8TXZz1yogntdIVTEoztgVnSzR9EIFx9FBlKH2JrH
oEBF0rgymJoBEblFAaf5uxOjzgLCubXXwORe3lNrMXRqH4pWrk39bpHeXPucgj7m
HCk62m5bNVHNRaCydK/5aQ6kOy6Et/zGJNvLTNPYpT6Mt6VL5bhfPvXceruBAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQULe/lqz3889J18wEdyfdxHTCeLLIwHwYDVR0j
BBgwFoAUVSsxom6Sqd1qWFuSN1t/yk+maYQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
MDE0MzJjYy0zYmM5LTQ4NTgtYjUwNi0yMThhYWIwYjA4OWMvMC81NTJCMzFBMjZF
OTJBOURENkE1ODVCOTIzNzVCN0ZDQTRGQTY2OTg0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0RkE2
Njk4NC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i
NTA2LTIxOGFhYjBiMDg5Yy8wLzMxMzEzMDJlMzIzMzMyMmUzNzM4MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzIzMzM2MzczOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG7oTjANBgkqhkiG
9w0BAQsFAAOCAQEAPfsGR/eyzjOSFbQFPjB+Oh5njF8f6WEuO3ZuBMd/7gIdH748
eSdxA8RB7Ar37fXpYSc6Nd7NxOrI7bdbe+KgXBdKa5Qz1j6oT8SQ1FVWZJqJfqZB
uTDvGT+sbiHmk74JFLbjVMSSb/pgPq3ARTJNz5rLvBpk4Osabmg/RO72moup8adz
NXg9qGTtkulFr5k+ilFA5aCSzvu/OIpyYcygQ2+q2g/y1EIYGi8WkeeiyonsuQre
BXAV03drN2OI7bujuGlaPgfQ1KFoP7jmLmItAK8geEcHVCAVJuCjqrQ4fweqigws
wZj4qQCPFI8XFzQ+73JEKo5Dto/WvbsCvhsDkw==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:07:55 2025 by rpki-client