Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/323430303a383030303a383030313a3a2f34382d3438203d3e2034383030.roa
File:                     323430303a383030303a383030313a3a2f34382d3438203d3e2034383030.roa (raw, json)
Hash identifier:          zd/2GFbnzt3ALu9Q2uE0fFTUBJEu2iCl0nYdR2piUWY=
Subject key identifier:   76:7E:22:5F:8D:CF:1F:7D:FF:B6:61:D3:BF:99:A5:D9:D1:D0:B2:70
Certificate issuer:       /CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
Certificate serial:       677A400C79D26F99D5954638CFB3D61A1BB47594
Authority key identifier: 44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/323430303a383030303a383030313a3a2f34382d3438203d3e2034383030.roa
Signing time:             Fri 11 Jul 2025 10:00:01 +0000
ROA not before:           Fri 11 Jul 2025 09:55:01 +0000
ROA not after:            Fri 10 Jul 2026 10:00:01 +0000
asID:                     4800
IP address blocks:        2400:8000:8001::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl
                          rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 11:49:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:7a:40:0c:79:d2:6f:99:d5:95:46:38:cf:b3:d6:1a:1b:b4:75:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
        Validity
            Not Before: Jul 11 09:55:01 2025 GMT
            Not After : Jul 10 10:00:01 2026 GMT
        Subject: CN=767E225F8DCF1F7DFFB661D3BF99A5D9D1D0B270
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:ea:59:a1:60:dc:3c:4a:07:77:36:b1:a2:9d:
                    a4:7b:bd:d7:f2:73:83:e5:7a:d2:48:ec:0c:e9:d7:
                    f0:be:40:c6:f5:57:c3:f9:c1:47:e6:cd:03:6f:d4:
                    69:18:17:86:43:7f:a3:7d:c3:a0:c9:65:35:9a:73:
                    ea:51:b1:96:b6:f6:e1:81:3a:0d:04:46:78:d6:ba:
                    a6:cb:f8:c1:80:a5:c0:d8:25:8f:31:c4:14:f7:33:
                    12:6b:86:bb:20:87:b5:9f:2a:fb:24:8d:05:30:6a:
                    0d:44:ec:ad:1f:8f:5e:db:6e:a0:3b:bc:23:61:2b:
                    c1:1b:68:16:e3:a0:75:5f:9d:ca:73:a2:f7:70:ea:
                    42:97:46:19:ee:1c:a9:f9:94:bf:32:55:2a:f3:2f:
                    a5:5e:55:92:fc:81:df:ed:c4:66:24:0f:f7:9a:b1:
                    62:a1:4c:b4:46:d4:f0:52:0c:ae:2e:98:76:fe:94:
                    d2:2b:69:c8:44:e6:26:7b:0d:bf:bd:ee:ad:bc:d3:
                    dc:7b:e1:30:cd:f9:61:c0:fc:78:c1:b1:af:19:28:
                    26:7d:65:12:22:44:77:03:ab:12:be:f0:2f:68:63:
                    22:3e:e9:71:8c:06:5d:14:61:af:13:35:b0:53:d5:
                    20:4e:c1:cd:0d:13:64:db:9d:d6:0a:7a:af:53:41:
                    41:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:7E:22:5F:8D:CF:1F:7D:FF:B6:61:D3:BF:99:A5:D9:D1:D0:B2:70
            X509v3 Authority Key Identifier:
                keyid:44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/323430303a383030303a383030313a3a2f34382d3438203d3e2034383030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:8000:8001::/48

    Signature Algorithm: sha256WithRSAEncryption
         5d:bd:25:f3:a1:06:b3:e0:69:08:22:ae:2c:a4:1c:91:e0:9a:
         c1:24:77:fc:ba:1c:4c:15:26:3f:4b:44:97:cc:2f:88:52:27:
         94:48:a7:3a:62:b9:dc:d0:df:62:8f:40:1b:5f:e9:6e:98:1c:
         94:77:eb:ff:d4:fe:fb:94:14:fa:3d:b6:59:10:ce:3b:5f:ed:
         41:df:a9:2e:84:28:3f:33:62:68:89:fe:a6:b5:09:29:34:22:
         b9:14:a5:8a:e5:18:99:c8:20:4d:bc:55:3e:03:a3:46:43:62:
         10:03:50:9b:b3:61:68:e6:6b:c8:92:f5:91:c2:a7:85:50:58:
         fc:d2:f3:2e:0f:4a:d9:dd:3b:f0:bc:9e:29:92:0c:64:70:ef:
         7b:3a:75:20:6a:60:a0:b8:33:0c:cc:f6:19:6a:d3:9c:75:a8:
         54:b7:09:6e:87:bf:f2:5f:f7:48:f9:4f:af:5f:28:2b:82:1b:
         37:e5:c4:f8:6e:4d:70:cb:7d:06:cb:6e:eb:34:e0:fe:db:ba:
         08:d1:4a:fb:3e:82:a1:0e:15:66:75:06:a3:88:47:ee:0d:6e:
         3d:5b:51:84:83:83:6f:c0:1d:ec:7d:3d:4c:da:82:8c:86:62:
         44:d1:8f:6c:3f:f7:1e:6c:91:0f:e3:03:98:bf:06:a5:2d:b9:
         c4:96:d9:e3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZ3pADHnSb5nVlUY4z7PWGhu0dZQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VD
RjY2NzUyQjAeFw0yNTA3MTEwOTU1MDFaFw0yNjA3MTAxMDAwMDFaMDMxMTAvBgNV
BAMTKDc2N0UyMjVGOERDRjFGN0RGRkI2NjFEM0JGOTlBNUQ5RDFEMEIyNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe6lmhYNw8Sgd3NrGinaR7vdfy
c4PletJI7Azp1/C+QMb1V8P5wUfmzQNv1GkYF4ZDf6N9w6DJZTWac+pRsZa29uGB
Og0ERnjWuqbL+MGApcDYJY8xxBT3MxJrhrsgh7WfKvskjQUwag1E7K0fj17bbqA7
vCNhK8EbaBbjoHVfncpzovdw6kKXRhnuHKn5lL8yVSrzL6VeVZL8gd/txGYkD/ea
sWKhTLRG1PBSDK4umHb+lNIrachE5iZ7Db+97q2809x74TDN+WHA/HjBsa8ZKCZ9
ZRIiRHcDqxK+8C9oYyI+6XGMBl0UYa8TNbBT1SBOwc0NE2TbndYKeq9TQUGlAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUdn4iX43PH33/tmHTv5ml2dHQsnAwHwYDVR0j
BBgwFoAURL9mgra0kwSMbxhkoN6kfs9mdSswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
NWNlMzZkZS1mOTIxLTQyNzQtODQ5Ny0yOTg3ZDkwOTU0M2UvMC80NEJGNjY4MkI2
QjQ5MzA0OEM2RjE4NjRBMERFQTQ3RUNGNjY3NTJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VDRjY2
NzUyQi5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU1Y2UzNmRlLWY5MjEtNDI3NC04
NDk3LTI5ODdkOTA5NTQzZS8wLzMyMzQzMDMwM2EzODMwMzAzMDNhMzgzMDMwMzEz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNDM4MzAzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQAgACA
ATANBgkqhkiG9w0BAQsFAAOCAQEAXb0l86EGs+BpCCKuLKQckeCawSR3/LocTBUm
P0tEl8wviFInlEinOmK53NDfYo9AG1/pbpgclHfr/9T++5QU+j22WRDOO1/tQd+p
LoQoPzNiaIn+prUJKTQiuRSliuUYmcggTbxVPgOjRkNiEANQm7NhaOZryJL1kcKn
hVBY/NLzLg9K2d078LyeKZIMZHDvezp1IGpgoLgzDMz2GWrTnHWoVLcJboe/8l/3
SPlPr18oK4IbN+XE+G5NcMt9Bstu6zTg/tu6CNFK+z6CoQ4VZnUGo4hH7g1uPVtR
hIODb8Ad7H09TNqCjIZiRNGPbD/3HmyRD+MDmL8GpS25xJbZ4w==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:17:43 2025 by rpki-client