Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/41d51d41-b6cc-420a-b5a8-67c8bd6b02af/0/3130332e3138362e3139332e302f32342d3234203d3e20313439373133.roa
File:                     3130332e3138362e3139332e302f32342d3234203d3e20313439373133.roa (raw, json)
Hash identifier:          SB3ckXZSDU771FOl5Gldbi57h9F2gKPuRTUa3pdS/NU=
Subject key identifier:   D4:36:A3:FF:9E:8B:11:8D:35:A7:6C:3D:48:91:89:7D:B7:09:01:90
Certificate issuer:       /CN=208A5AF3739BFD7985D7793CC27C9B5FB5744815
Certificate serial:       57B03F4B645C2447DFDA200CC9AAEAD85456A2BD
Authority key identifier: 20:8A:5A:F3:73:9B:FD:79:85:D7:79:3C:C2:7C:9B:5F:B5:74:48:15
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/208A5AF3739BFD7985D7793CC27C9B5FB5744815.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/41d51d41-b6cc-420a-b5a8-67c8bd6b02af/0/3130332e3138362e3139332e302f32342d3234203d3e20313439373133.roa
Signing time:             Fri 11 Jul 2025 05:02:25 +0000
ROA not before:           Fri 11 Jul 2025 04:57:25 +0000
ROA not after:            Fri 10 Jul 2026 05:02:25 +0000
asID:                     149713
IP address blocks:        103.186.193.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/41d51d41-b6cc-420a-b5a8-67c8bd6b02af/0/208A5AF3739BFD7985D7793CC27C9B5FB5744815.crl
                          rsync://repo-rpki.idnic.net/repo/41d51d41-b6cc-420a-b5a8-67c8bd6b02af/0/208A5AF3739BFD7985D7793CC27C9B5FB5744815.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/208A5AF3739BFD7985D7793CC27C9B5FB5744815.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 24 Jul 2025 01:16:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:b0:3f:4b:64:5c:24:47:df:da:20:0c:c9:aa:ea:d8:54:56:a2:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=208A5AF3739BFD7985D7793CC27C9B5FB5744815
        Validity
            Not Before: Jul 11 04:57:25 2025 GMT
            Not After : Jul 10 05:02:25 2026 GMT
        Subject: CN=D436A3FF9E8B118D35A76C3D4891897DB7090190
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ef:28:93:4f:1c:c3:5a:8e:90:d9:b6:c4:0d:
                    f7:58:13:57:ba:69:02:14:9d:3c:33:2d:2f:07:dc:
                    1e:c8:e6:f1:1d:a6:bd:4f:04:6b:f8:bb:df:41:6b:
                    e2:8d:b4:23:63:60:bc:b5:ad:a2:4b:a3:0b:2b:fd:
                    9d:5e:b6:51:59:54:9e:2a:51:0d:be:ac:06:60:d2:
                    1c:4d:7b:45:51:1a:3d:c3:d2:58:18:7b:bf:25:8c:
                    9f:de:d5:e8:5f:cb:a3:91:53:bd:af:61:58:54:5f:
                    19:d1:a9:3d:2d:ca:d0:6d:e4:67:ea:51:b0:f7:37:
                    e9:6e:5a:bc:49:aa:72:5a:18:0e:08:9b:0f:69:96:
                    f6:f3:6c:e9:ed:e1:b0:6d:fc:55:2e:57:36:4c:2f:
                    2f:12:73:38:5b:fe:38:c2:7d:1a:6c:68:64:45:7a:
                    2b:4a:28:eb:1f:93:28:99:37:60:3f:f7:45:ba:45:
                    92:23:1c:ac:9e:6d:33:c1:82:0c:28:b9:ef:83:fd:
                    0f:6e:b7:80:b6:09:39:6b:79:79:a3:bb:1e:36:1b:
                    75:d1:b1:3b:fa:bf:13:dd:7b:2d:fb:60:10:75:04:
                    4d:60:2d:dc:44:30:ac:81:8a:b0:e2:d3:a4:a5:8a:
                    9b:79:9f:42:19:f3:5b:c6:70:6c:73:dc:78:47:2f:
                    b8:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:36:A3:FF:9E:8B:11:8D:35:A7:6C:3D:48:91:89:7D:B7:09:01:90
            X509v3 Authority Key Identifier:
                keyid:20:8A:5A:F3:73:9B:FD:79:85:D7:79:3C:C2:7C:9B:5F:B5:74:48:15

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/41d51d41-b6cc-420a-b5a8-67c8bd6b02af/0/208A5AF3739BFD7985D7793CC27C9B5FB5744815.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/208A5AF3739BFD7985D7793CC27C9B5FB5744815.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/41d51d41-b6cc-420a-b5a8-67c8bd6b02af/0/3130332e3138362e3139332e302f32342d3234203d3e20313439373133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.186.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:33:e6:91:be:b8:3a:be:57:9c:cd:e3:3b:25:7b:2d:6f:ca:
         55:c1:7c:39:08:dc:11:d1:2c:aa:0c:ea:ea:1f:0a:c4:ce:d0:
         58:df:eb:72:99:8b:9b:09:83:6e:36:c9:e5:0a:45:75:9c:a1:
         78:1a:d3:48:13:2f:2a:cb:2b:b9:b8:d5:ac:4e:49:eb:75:e2:
         35:15:4c:44:40:c5:aa:7a:55:79:68:56:23:46:c4:db:bd:2f:
         9a:4a:eb:f6:84:c0:1a:d4:ed:4d:f1:95:6c:f0:f8:b5:f9:29:
         4f:51:32:42:c8:30:d6:41:2c:63:a0:1d:44:a9:18:c1:e6:3b:
         81:19:be:f6:cd:d6:57:77:9a:e5:d8:ab:5d:7c:36:f4:db:11:
         f5:32:2e:0d:f9:c6:73:c2:15:a3:c5:05:49:08:af:23:65:d2:
         35:af:16:dc:88:2d:4b:4f:13:c3:23:9e:43:62:24:f3:5f:fe:
         d6:ae:f1:f9:b7:f8:90:b7:74:26:af:2f:46:e0:ca:f4:52:15:
         68:cf:2c:26:ea:95:37:0f:10:2e:61:86:73:c2:9f:1e:21:9b:
         bc:cf:c0:5e:b3:48:ca:89:1f:d4:ce:b3:e0:de:99:b5:ca:79:
         c0:ef:86:d4:8f:ee:18:a1:3f:11:9b:1e:ec:9b:da:53:cc:28:
         0d:4f:69:f6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUV7A/S2RcJEff2iAMyarq2FRWor0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjA4QTVBRjM3MzlCRkQ3OTg1RDc3OTNDQzI3QzlCNUZC
NTc0NDgxNTAeFw0yNTA3MTEwNDU3MjVaFw0yNjA3MTAwNTAyMjVaMDMxMTAvBgNV
BAMTKEQ0MzZBM0ZGOUU4QjExOEQzNUE3NkMzRDQ4OTE4OTdEQjcwOTAxOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC87yiTTxzDWo6Q2bbEDfdYE1e6
aQIUnTwzLS8H3B7I5vEdpr1PBGv4u99Ba+KNtCNjYLy1raJLowsr/Z1etlFZVJ4q
UQ2+rAZg0hxNe0VRGj3D0lgYe78ljJ/e1ehfy6ORU72vYVhUXxnRqT0tytBt5Gfq
UbD3N+luWrxJqnJaGA4Imw9plvbzbOnt4bBt/FUuVzZMLy8Sczhb/jjCfRpsaGRF
eitKKOsfkyiZN2A/90W6RZIjHKyebTPBggwoue+D/Q9ut4C2CTlreXmjux42G3XR
sTv6vxPdey37YBB1BE1gLdxEMKyBirDi06Slipt5n0IZ81vGcGxz3HhHL7jvAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQU1Daj/56LEY01p2w9SJGJfbcJAZAwHwYDVR0j
BBgwFoAUIIpa83Ob/XmF13k8wnybX7V0SBUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
MWQ1MWQ0MS1iNmNjLTQyMGEtYjVhOC02N2M4YmQ2YjAyYWYvMC8yMDhBNUFGMzcz
OUJGRDc5ODVENzc5M0NDMjdDOUI1RkI1NzQ0ODE1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjA4QTVBRjM3MzlCRkQ3OTg1RDc3OTNDQzI3QzlCNUZCNTc0
NDgxNS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQxZDUxZDQxLWI2Y2MtNDIwYS1i
NWE4LTY3YzhiZDZiMDJhZi8wLzMxMzAzMzJlMzEzODM2MmUzMTM5MzMyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzkzNzMxMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnusEwDQYJ
KoZIhvcNAQELBQADggEBAJwz5pG+uDq+V5zN4zsley1vylXBfDkI3BHRLKoM6uof
CsTO0Fjf63KZi5sJg242yeUKRXWcoXga00gTLyrLK7m41axOSet14jUVTERAxap6
VXloViNGxNu9L5pK6/aEwBrU7U3xlWzw+LX5KU9RMkLIMNZBLGOgHUSpGMHmO4EZ
vvbN1ld3muXYq118NvTbEfUyLg35xnPCFaPFBUkIryNl0jWvFtyILUtPE8MjnkNi
JPNf/tau8fm3+JC3dCavL0bgyvRSFWjPLCbqlTcPEC5hhnPCnx4hm7zPwF6zSMqJ
H9TOs+DembXKecDvhtSP7hihPxGbHuyb2lPMKA1PafY=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:06:43 2025 by rpki-client