Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/4794ffd2-4572-4553-9a33-21d60ef2f0be/0/3130332e34312e3230302e302f32322d3234203d3e203633353132.roa
File:                     3130332e34312e3230302e302f32322d3234203d3e203633353132.roa (raw, json)
Hash identifier:          ETQdd76cYP93QUaMlJn8vH6AoLbhhgOLKNK/6Zul2Pw=
Subject key identifier:   FC:3B:FC:39:74:82:25:05:B5:5B:C0:4D:11:1C:B4:D6:59:74:E3:37
Certificate issuer:       /CN=4E02702CF90D4075367826B5C5EA64C61B170BFA
Certificate serial:       17EDEAEC21B489BB11EE33A63A2944CE2FA28844
Authority key identifier: 4E:02:70:2C:F9:0D:40:75:36:78:26:B5:C5:EA:64:C6:1B:17:0B:FA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4E02702CF90D4075367826B5C5EA64C61B170BFA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/4794ffd2-4572-4553-9a33-21d60ef2f0be/0/3130332e34312e3230302e302f32322d3234203d3e203633353132.roa
Signing time:             Wed 25 Jun 2025 08:52:35 +0000
ROA not before:           Wed 25 Jun 2025 08:47:35 +0000
ROA not after:            Wed 24 Jun 2026 08:52:35 +0000
asID:                     63512
IP address blocks:        103.41.200.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/4794ffd2-4572-4553-9a33-21d60ef2f0be/0/4E02702CF90D4075367826B5C5EA64C61B170BFA.crl
                          rsync://repo-rpki.idnic.net/repo/4794ffd2-4572-4553-9a33-21d60ef2f0be/0/4E02702CF90D4075367826B5C5EA64C61B170BFA.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4E02702CF90D4075367826B5C5EA64C61B170BFA.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 24 Jul 2025 22:32:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:ed:ea:ec:21:b4:89:bb:11:ee:33:a6:3a:29:44:ce:2f:a2:88:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4E02702CF90D4075367826B5C5EA64C61B170BFA
        Validity
            Not Before: Jun 25 08:47:35 2025 GMT
            Not After : Jun 24 08:52:35 2026 GMT
        Subject: CN=FC3BFC3974822505B55BC04D111CB4D65974E337
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:74:03:31:65:6c:28:31:9f:9c:3a:d0:00:31:
                    47:09:8f:55:52:13:c7:4c:bf:34:92:af:cc:31:1b:
                    f2:25:95:5d:78:e0:ce:fb:88:3b:c5:dd:7c:d5:d4:
                    1d:03:a9:87:87:ac:25:3b:cb:1a:37:15:7b:27:27:
                    75:28:2e:43:1e:47:b3:ca:80:b3:be:04:5b:83:7f:
                    13:a9:6b:41:15:7a:5c:68:ee:8a:9c:de:06:40:73:
                    90:1e:a0:dd:03:0f:2e:1b:b1:ba:e2:78:d0:6e:e8:
                    e0:e9:32:45:30:22:36:b4:ea:95:41:43:d3:95:70:
                    ab:e9:ff:9b:f4:b5:b7:e0:42:ad:f8:34:43:9e:b5:
                    89:6b:53:98:bb:76:55:24:3e:b2:64:04:19:ee:98:
                    7f:72:f5:04:8a:fb:00:7c:b0:6a:89:80:9b:e7:74:
                    dc:a5:d5:d6:8e:1a:f8:c8:f9:ed:c0:8f:3d:68:13:
                    bc:9b:b8:b6:96:54:62:d7:63:41:8f:35:2e:0e:69:
                    04:0e:4b:3f:1b:56:0f:a3:bb:d2:74:41:ed:ab:de:
                    79:a9:60:d5:c0:95:f6:46:9c:2a:8d:3d:b9:1b:aa:
                    ae:b7:30:9e:80:eb:f2:23:f1:d9:8c:3c:06:e7:7c:
                    9a:24:09:3b:ad:da:ff:c3:58:08:34:27:94:ec:cf:
                    a1:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:3B:FC:39:74:82:25:05:B5:5B:C0:4D:11:1C:B4:D6:59:74:E3:37
            X509v3 Authority Key Identifier:
                keyid:4E:02:70:2C:F9:0D:40:75:36:78:26:B5:C5:EA:64:C6:1B:17:0B:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/4794ffd2-4572-4553-9a33-21d60ef2f0be/0/4E02702CF90D4075367826B5C5EA64C61B170BFA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4E02702CF90D4075367826B5C5EA64C61B170BFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4794ffd2-4572-4553-9a33-21d60ef2f0be/0/3130332e34312e3230302e302f32322d3234203d3e203633353132.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.41.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1b:8d:07:9a:ea:17:ca:df:1c:da:cb:b4:45:40:ff:c5:c3:25:
         99:2c:2a:34:f7:6f:3a:be:36:d5:65:0b:c6:0c:2e:a5:71:cb:
         a4:4d:b0:b1:c6:d2:d3:24:ca:11:21:17:47:2f:e3:b9:f4:f7:
         ba:28:43:0a:cb:95:9e:27:1c:14:f5:50:4c:20:55:6d:f5:c9:
         c2:de:99:8e:fc:84:34:1c:49:e3:6a:d0:57:f2:fc:9a:7a:1b:
         3f:cb:5e:a6:b5:94:e3:8a:fa:04:5c:34:32:dd:31:d1:c2:7d:
         72:52:54:ba:24:d4:ba:2a:41:21:e0:2c:31:53:4e:23:58:6c:
         84:10:71:97:9d:a6:30:b8:8c:3b:f5:12:11:02:db:01:d8:b4:
         a0:14:25:41:a7:21:be:4a:ae:cd:0b:c1:f5:c1:10:d2:72:84:
         0b:4e:84:e1:6d:7d:ff:43:93:c7:e9:b3:cc:57:7a:6b:c4:74:
         16:9e:6d:dd:8f:8c:fc:0d:9b:f3:3d:5c:15:d1:81:69:68:bf:
         d9:1b:ff:75:a3:23:5e:57:b6:b4:2c:a3:f2:f0:7b:01:e6:9f:
         2e:e1:b5:65:e2:6d:63:4a:be:5f:9d:28:11:40:52:fb:5e:c5:
         39:94:00:29:df:77:65:c3:62:cc:a0:21:48:b1:d0:42:a9:37:
         3c:64:5a:af
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUF+3q7CG0ibsR7jOmOilEzi+iiEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNEUwMjcwMkNGOTBENDA3NTM2NzgyNkI1QzVFQTY0QzYx
QjE3MEJGQTAeFw0yNTA2MjUwODQ3MzVaFw0yNjA2MjQwODUyMzVaMDMxMTAvBgNV
BAMTKEZDM0JGQzM5NzQ4MjI1MDVCNTVCQzA0RDExMUNCNEQ2NTk3NEUzMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFdAMxZWwoMZ+cOtAAMUcJj1VS
E8dMvzSSr8wxG/IllV144M77iDvF3XzV1B0DqYeHrCU7yxo3FXsnJ3UoLkMeR7PK
gLO+BFuDfxOpa0EVelxo7oqc3gZAc5AeoN0DDy4bsbrieNBu6ODpMkUwIja06pVB
Q9OVcKvp/5v0tbfgQq34NEOetYlrU5i7dlUkPrJkBBnumH9y9QSK+wB8sGqJgJvn
dNyl1daOGvjI+e3Ajz1oE7ybuLaWVGLXY0GPNS4OaQQOSz8bVg+ju9J0Qe2r3nmp
YNXAlfZGnCqNPbkbqq63MJ6A6/Ij8dmMPAbnfJokCTut2v/DWAg0J5Tsz6EdAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU/Dv8OXSCJQW1W8BNERy01ll04zcwHwYDVR0j
BBgwFoAUTgJwLPkNQHU2eCa1xepkxhsXC/owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
Nzk0ZmZkMi00NTcyLTQ1NTMtOWEzMy0yMWQ2MGVmMmYwYmUvMC80RTAyNzAyQ0Y5
MEQ0MDc1MzY3ODI2QjVDNUVBNjRDNjFCMTcwQkZBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNEUwMjcwMkNGOTBENDA3NTM2NzgyNkI1QzVFQTY0QzYxQjE3
MEJGQS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ3OTRmZmQyLTQ1NzItNDU1My05
YTMzLTIxZDYwZWYyZjBiZS8wLzMxMzAzMzJlMzQzMTJlMzIzMDMwMmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzYzMzM1MzEzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmcpyDANBgkqhkiG
9w0BAQsFAAOCAQEAG40HmuoXyt8c2su0RUD/xcMlmSwqNPdvOr421WULxgwupXHL
pE2wscbS0yTKESEXRy/jufT3uihDCsuVniccFPVQTCBVbfXJwt6ZjvyENBxJ42rQ
V/L8mnobP8teprWU44r6BFw0Mt0x0cJ9clJUuiTUuipBIeAsMVNOI1hshBBxl52m
MLiMO/USEQLbAdi0oBQlQachvkquzQvB9cEQ0nKEC06E4W19/0OTx+mzzFd6a8R0
Fp5t3Y+M/A2b8z1cFdGBaWi/2Rv/daMjXle2tCyj8vB7AeafLuG1ZeJtY0q+X50o
EUBS+17FOZQAKd93ZcNizKAhSLHQQqk3PGRarw==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:12:48 2025 by rpki-client