Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/3130332e39352e362e302f32342d3234203d3e20313333383237.roa
File:                     3130332e39352e362e302f32342d3234203d3e20313333383237.roa (raw, json)
Hash identifier:          vwui1qpHSvDVofVRy/Tt5fu+EupEaZj/9/a37EvMSjI=
Subject key identifier:   ED:F4:04:E9:D9:21:C1:F3:73:86:2F:48:75:8C:77:49:4C:3E:7B:61
Certificate issuer:       /CN=0CE6A79D53D829F2A55623676E8D2A9A569F836F
Certificate serial:       4DA89817DB8525D6CD6744C79748112DA486F71E
Authority key identifier: 0C:E6:A7:9D:53:D8:29:F2:A5:56:23:67:6E:8D:2A:9A:56:9F:83:6F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/3130332e39352e362e302f32342d3234203d3e20313333383237.roa
Signing time:             Thu 10 Jul 2025 04:02:22 +0000
ROA not before:           Thu 10 Jul 2025 03:57:22 +0000
ROA not after:            Thu 09 Jul 2026 04:02:22 +0000
asID:                     133827
IP address blocks:        103.95.6.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.crl
                          rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 03:59:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:a8:98:17:db:85:25:d6:cd:67:44:c7:97:48:11:2d:a4:86:f7:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0CE6A79D53D829F2A55623676E8D2A9A569F836F
        Validity
            Not Before: Jul 10 03:57:22 2025 GMT
            Not After : Jul  9 04:02:22 2026 GMT
        Subject: CN=EDF404E9D921C1F373862F48758C77494C3E7B61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:cc:33:62:ca:1d:83:2e:58:fd:dd:d4:f5:7c:
                    85:3c:ff:86:d6:4c:37:ac:e6:86:44:71:18:44:94:
                    d0:61:10:e4:f1:43:df:53:2b:0c:e2:59:99:56:01:
                    bd:c9:2b:70:20:7c:b0:e3:7a:6d:67:1a:45:d9:79:
                    d6:08:2b:48:6c:a7:af:16:15:fd:f6:c9:93:46:af:
                    4c:41:25:4c:ec:57:ea:03:da:0c:ca:92:49:40:c9:
                    66:97:90:26:6e:5e:3f:1d:ee:2b:fb:9a:a5:dc:76:
                    f8:35:a5:84:18:31:97:f6:a0:89:72:0a:cc:16:6e:
                    90:20:c1:7c:32:ec:7c:b7:ac:4c:3f:b2:ec:e3:f7:
                    66:84:c4:c3:8f:e2:5e:5f:c9:c2:62:c1:3b:1e:d3:
                    e5:c3:09:8b:00:39:dd:74:a3:ad:a9:28:9a:bb:0c:
                    f1:5e:45:db:56:39:81:df:7b:13:d7:19:46:c2:cf:
                    9f:f1:81:2b:36:c1:a3:9b:27:86:d9:80:7e:e2:53:
                    ab:5b:df:e7:17:f8:f0:d0:3d:84:4d:2f:29:b7:53:
                    51:02:e0:6e:e6:e8:bf:20:d6:52:cb:72:9d:a0:cd:
                    01:f7:f3:77:95:49:98:b8:84:39:e8:d5:67:bb:e0:
                    41:8a:88:f9:6b:78:13:51:dd:ed:c6:55:ff:68:3a:
                    a0:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:F4:04:E9:D9:21:C1:F3:73:86:2F:48:75:8C:77:49:4C:3E:7B:61
            X509v3 Authority Key Identifier:
                keyid:0C:E6:A7:9D:53:D8:29:F2:A5:56:23:67:6E:8D:2A:9A:56:9F:83:6F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/3130332e39352e362e302f32342d3234203d3e20313333383237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.95.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:f8:b3:22:b6:a9:d3:24:b6:27:cd:df:10:42:6e:2c:10:2b:
         be:1e:41:c8:49:30:17:82:af:93:41:b4:0f:ab:6f:18:63:48:
         f8:cb:93:1b:4a:bd:12:c2:49:73:f9:c8:cc:d4:92:50:55:e6:
         c2:2c:3d:7a:da:98:05:4a:cd:54:72:ce:bb:27:08:d5:f1:4d:
         44:97:9a:cf:bc:17:6c:2c:3c:c0:03:c7:9e:ee:ef:4f:5c:62:
         e3:42:ba:07:63:f7:86:b5:01:a1:22:64:6a:57:11:14:9d:5b:
         df:74:35:a1:6c:3a:f8:f5:08:b9:93:37:7d:8e:be:a3:eb:48:
         6e:12:bc:72:89:ef:48:c4:c7:5c:ef:e5:91:35:64:d9:b2:30:
         08:f0:e8:58:fd:47:e5:71:7f:88:c8:11:6b:10:4f:bf:3d:7a:
         f1:8c:8d:d6:cc:74:ea:c2:94:56:b1:e9:26:e0:b8:1f:2d:12:
         76:1c:77:4f:ef:f3:d0:a3:b9:a8:20:81:9b:35:29:e0:3d:29:
         5c:d2:77:01:8d:11:d9:b6:91:9b:c8:10:63:ac:bc:f7:9a:b8:
         29:20:cf:a5:8c:83:7f:b2:7d:38:45:3c:8f:bf:53:bd:16:d5:
         87:36:7a:08:ff:0c:23:f0:96:9c:73:89:a7:fc:d4:f6:37:f9:
         aa:08:a5:c2
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUTaiYF9uFJdbNZ0THl0gRLaSG9x4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMENFNkE3OUQ1M0Q4MjlGMkE1NTYyMzY3NkU4RDJBOUE1
NjlGODM2RjAeFw0yNTA3MTAwMzU3MjJaFw0yNjA3MDkwNDAyMjJaMDMxMTAvBgNV
BAMTKEVERjQwNEU5RDkyMUMxRjM3Mzg2MkY0ODc1OEM3NzQ5NEMzRTdCNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuzDNiyh2DLlj93dT1fIU8/4bW
TDes5oZEcRhElNBhEOTxQ99TKwziWZlWAb3JK3AgfLDjem1nGkXZedYIK0hsp68W
Ff32yZNGr0xBJUzsV+oD2gzKkklAyWaXkCZuXj8d7iv7mqXcdvg1pYQYMZf2oIly
CswWbpAgwXwy7Hy3rEw/suzj92aExMOP4l5fycJiwTse0+XDCYsAOd10o62pKJq7
DPFeRdtWOYHfexPXGUbCz5/xgSs2waObJ4bZgH7iU6tb3+cX+PDQPYRNLym3U1EC
4G7m6L8g1lLLcp2gzQH383eVSZi4hDno1We74EGKiPlreBNR3e3GVf9oOqBtAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU7fQE6dkhwfNzhi9IdYx3SUw+e2EwHwYDVR0j
BBgwFoAUDOannVPYKfKlViNnbo0qmlafg28wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
YTk5MDEyNS02MDlhLTQ4YzgtYWM4Ni0xYzNiYzMxNWJhZDYvMC8wQ0U2QTc5RDUz
RDgyOUYyQTU1NjIzNjc2RThEMkE5QTU2OUY4MzZGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMENFNkE3OUQ1M0Q4MjlGMkE1NTYyMzY3NkU4RDJBOUE1NjlG
ODM2Ri5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVhOTkwMTI1LTYwOWEtNDhjOC1h
Yzg2LTFjM2JjMzE1YmFkNi8wLzMxMzAzMzJlMzkzNTJlMzYyZTMwMmYzMjM0MmQz
MjM0MjAzZDNlMjAzMTMzMzMzODMyMzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnXwYwDQYJKoZIhvcN
AQELBQADggEBADb4syK2qdMktifN3xBCbiwQK74eQchJMBeCr5NBtA+rbxhjSPjL
kxtKvRLCSXP5yMzUklBV5sIsPXramAVKzVRyzrsnCNXxTUSXms+8F2wsPMADx57u
709cYuNCugdj94a1AaEiZGpXERSdW990NaFsOvj1CLmTN32OvqPrSG4SvHKJ70jE
x1zv5ZE1ZNmyMAjw6Fj9R+Vxf4jIEWsQT789evGMjdbMdOrClFax6SbguB8tEnYc
d0/v89CjuagggZs1KeA9KVzSdwGNEdm2kZvIEGOsvPeauCkgz6WMg3+yfThFPI+/
U70W1Yc2egj/DCPwlpxziaf81PY3+aoIpcI=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:24:37 2025 by rpki-client