Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/323430303a383030303a313030313a3a2f34382d3438203d3e2034383030.roa
File:                     323430303a383030303a313030313a3a2f34382d3438203d3e2034383030.roa (raw, json)
Hash identifier:          3dhundaz2RstqEAgl5eNkUzBOP+uDsyh8jvPL+nhmWk=
Subject key identifier:   83:0A:3E:AD:4E:05:6B:E2:88:6A:39:B5:C6:AC:54:CD:19:C0:F8:F5
Certificate issuer:       /CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
Certificate serial:       0E4511710137EEEF62A06BE459D7D928C7C66F9F
Authority key identifier: 44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/323430303a383030303a313030313a3a2f34382d3438203d3e2034383030.roa
Signing time:             Fri 11 Jul 2025 10:00:01 +0000
ROA not before:           Fri 11 Jul 2025 09:55:01 +0000
ROA not after:            Fri 10 Jul 2026 10:00:01 +0000
asID:                     4800
IP address blocks:        2400:8000:1001::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl
                          rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 11:49:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:45:11:71:01:37:ee:ef:62:a0:6b:e4:59:d7:d9:28:c7:c6:6f:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
        Validity
            Not Before: Jul 11 09:55:01 2025 GMT
            Not After : Jul 10 10:00:01 2026 GMT
        Subject: CN=830A3EAD4E056BE2886A39B5C6AC54CD19C0F8F5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:ed:13:56:b7:47:c0:db:8a:a5:65:d5:9e:a8:
                    7c:f4:6a:10:ff:d1:df:06:dc:0d:26:ca:e4:5b:a7:
                    61:51:de:27:49:02:46:98:81:67:70:9b:74:6e:c2:
                    a4:03:4e:ee:ab:60:82:90:43:fd:9d:5d:53:68:a3:
                    a6:7e:15:e3:7d:5a:02:35:b1:19:a4:1c:89:e9:1a:
                    46:b9:d6:3a:fd:84:ac:62:25:dd:0f:45:e8:d8:c3:
                    4b:72:2c:38:ca:a2:d9:46:c0:48:ed:99:7a:b8:fc:
                    46:94:9d:2b:b7:98:34:6d:75:34:5d:76:98:36:bd:
                    f4:14:6a:24:e4:27:a9:7a:a8:bd:8e:fd:ee:b3:34:
                    b5:2c:d4:87:4b:ab:c7:f4:03:77:08:fc:96:7e:c8:
                    9e:0a:38:a7:28:ae:a7:6e:9a:cd:86:c7:d3:82:6c:
                    70:e6:19:2f:be:e2:6e:1d:44:8a:5a:bd:fa:1b:60:
                    dd:13:06:89:6e:db:62:a8:fb:51:0b:85:0d:1b:a7:
                    13:23:1d:00:be:1e:eb:f7:70:fa:e2:85:22:a3:03:
                    a3:46:2d:0e:ff:7f:af:c7:91:88:90:b5:f5:63:8e:
                    1b:96:c4:44:ba:da:41:85:44:49:68:31:2a:d7:22:
                    b6:3f:6a:60:df:36:69:9e:30:41:d0:27:d9:10:23:
                    09:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:0A:3E:AD:4E:05:6B:E2:88:6A:39:B5:C6:AC:54:CD:19:C0:F8:F5
            X509v3 Authority Key Identifier:
                keyid:44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/323430303a383030303a313030313a3a2f34382d3438203d3e2034383030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:8000:1001::/48

    Signature Algorithm: sha256WithRSAEncryption
         5a:f7:7e:6a:a9:38:86:30:39:49:a5:fb:ee:c9:26:1c:9d:17:
         2b:a7:7b:72:5f:a7:35:07:25:9a:ca:ac:6d:51:b4:47:65:c1:
         0e:d9:8d:eb:04:3a:00:64:89:6e:29:3c:f6:29:ab:7d:3b:75:
         4e:56:8a:b3:d7:7f:15:66:8f:ea:d3:04:c7:4b:cc:af:7c:ee:
         28:c5:60:a4:9c:b6:47:64:cb:2f:3c:b4:49:55:05:a4:21:03:
         f8:ba:7c:ee:ea:92:f5:e5:63:6c:19:83:16:39:9d:8c:3e:05:
         b0:9d:3c:7c:47:bb:aa:85:b1:ec:24:41:6c:b0:8f:9d:5c:79:
         8e:4e:6d:af:1d:80:4b:6a:8a:b1:a6:8f:69:62:c4:8c:6d:9e:
         d4:3e:ef:1d:f5:ec:37:9c:1b:b6:5d:22:a6:53:4f:1a:fe:69:
         22:b5:7f:45:00:d6:cd:5b:62:49:3c:e2:1f:5a:5d:1e:f7:e9:
         f5:64:81:a2:45:b9:8c:f6:91:e3:ac:e7:45:31:3a:ed:37:97:
         27:38:b8:27:47:70:89:e2:4b:cf:93:93:fa:36:85:b1:1d:27:
         c7:06:fa:02:ad:67:ed:21:d0:43:2f:90:3a:23:b6:53:17:56:
         da:0f:05:1c:6f:b9:38:6e:7f:c4:ae:f6:e4:16:4b:66:6b:55:
         e1:5a:a7:d4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUDkURcQE37u9ioGvkWdfZKMfGb58wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VD
RjY2NzUyQjAeFw0yNTA3MTEwOTU1MDFaFw0yNjA3MTAxMDAwMDFaMDMxMTAvBgNV
BAMTKDgzMEEzRUFENEUwNTZCRTI4ODZBMzlCNUM2QUM1NENEMTlDMEY4RjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI7RNWt0fA24qlZdWeqHz0ahD/
0d8G3A0myuRbp2FR3idJAkaYgWdwm3RuwqQDTu6rYIKQQ/2dXVNoo6Z+FeN9WgI1
sRmkHInpGka51jr9hKxiJd0PRejYw0tyLDjKotlGwEjtmXq4/EaUnSu3mDRtdTRd
dpg2vfQUaiTkJ6l6qL2O/e6zNLUs1IdLq8f0A3cI/JZ+yJ4KOKcorqdums2Gx9OC
bHDmGS++4m4dRIpavfobYN0TBolu22Ko+1ELhQ0bpxMjHQC+Huv3cPrihSKjA6NG
LQ7/f6/HkYiQtfVjjhuWxES62kGFREloMSrXIrY/amDfNmmeMEHQJ9kQIwnlAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUgwo+rU4Fa+KIajm1xqxUzRnA+PUwHwYDVR0j
BBgwFoAURL9mgra0kwSMbxhkoN6kfs9mdSswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
NWNlMzZkZS1mOTIxLTQyNzQtODQ5Ny0yOTg3ZDkwOTU0M2UvMC80NEJGNjY4MkI2
QjQ5MzA0OEM2RjE4NjRBMERFQTQ3RUNGNjY3NTJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VDRjY2
NzUyQi5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU1Y2UzNmRlLWY5MjEtNDI3NC04
NDk3LTI5ODdkOTA5NTQzZS8wLzMyMzQzMDMwM2EzODMwMzAzMDNhMzEzMDMwMzEz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNDM4MzAzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQAgAAQ
ATANBgkqhkiG9w0BAQsFAAOCAQEAWvd+aqk4hjA5SaX77skmHJ0XK6d7cl+nNQcl
msqsbVG0R2XBDtmN6wQ6AGSJbik89imrfTt1TlaKs9d/FWaP6tMEx0vMr3zuKMVg
pJy2R2TLLzy0SVUFpCED+Lp87uqS9eVjbBmDFjmdjD4FsJ08fEe7qoWx7CRBbLCP
nVx5jk5trx2AS2qKsaaPaWLEjG2e1D7vHfXsN5wbtl0iplNPGv5pIrV/RQDWzVti
STziH1pdHvfp9WSBokW5jPaR46znRTE67TeXJzi4J0dwieJLz5OT+jaFsR0nxwb6
Aq1n7SHQQy+QOiO2UxdW2g8FHG+5OG5/xK725BZLZmtV4Vqn1A==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:13:33 2025 by rpki-client