Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/6aa42742-89d2-49bb-8a3e-294c368971f5/0/3130332e31392e38302e302f32332d3234203d3e20313332363339.roa
File:                     3130332e31392e38302e302f32332d3234203d3e20313332363339.roa (raw, json)
Hash identifier:          z0HZjcHieRuZ5HHeSmTqSUrJvHMtgbLp6o8sJVRupVI=
Subject key identifier:   9A:BF:26:39:2E:4F:62:69:15:33:99:C5:28:15:FA:8D:28:73:AD:24
Certificate issuer:       /CN=523EE8D6F461B8FD4106F482C46C1029B1013145
Certificate serial:       53A3BF289EBA36B757392FF325B1BE42AA336DF8
Authority key identifier: 52:3E:E8:D6:F4:61:B8:FD:41:06:F4:82:C4:6C:10:29:B1:01:31:45
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE8D6F461B8FD4106F482C46C1029B1013145.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/6aa42742-89d2-49bb-8a3e-294c368971f5/0/3130332e31392e38302e302f32332d3234203d3e20313332363339.roa
Signing time:             Wed 25 Jun 2025 14:01:16 +0000
ROA not before:           Wed 25 Jun 2025 13:56:16 +0000
ROA not after:            Wed 24 Jun 2026 14:01:16 +0000
asID:                     132639
IP address blocks:        103.19.80.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/6aa42742-89d2-49bb-8a3e-294c368971f5/0/523EE8D6F461B8FD4106F482C46C1029B1013145.crl
                          rsync://repo-rpki.idnic.net/repo/6aa42742-89d2-49bb-8a3e-294c368971f5/0/523EE8D6F461B8FD4106F482C46C1029B1013145.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE8D6F461B8FD4106F482C46C1029B1013145.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 22:10:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:a3:bf:28:9e:ba:36:b7:57:39:2f:f3:25:b1:be:42:aa:33:6d:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=523EE8D6F461B8FD4106F482C46C1029B1013145
        Validity
            Not Before: Jun 25 13:56:16 2025 GMT
            Not After : Jun 24 14:01:16 2026 GMT
        Subject: CN=9ABF26392E4F6269153399C52815FA8D2873AD24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:74:bc:f6:92:4a:1a:c4:a6:5a:63:23:c4:62:
                    b9:c8:26:08:cf:84:81:ed:bc:36:6c:e9:0b:1a:be:
                    dc:3f:79:41:a4:16:fb:42:f2:fd:78:ad:e2:94:1a:
                    30:8e:d0:26:56:24:e1:8f:f9:7a:5e:00:2f:f9:52:
                    ba:35:c4:ff:a9:6f:b9:37:e2:57:fd:1c:10:6d:73:
                    bb:51:1f:a0:0c:79:e7:e6:8c:b0:7e:37:47:bb:1a:
                    df:84:1d:54:08:be:05:f7:72:68:eb:15:43:9c:89:
                    d9:e9:68:5b:7e:da:6e:be:01:35:38:94:dd:fa:03:
                    15:db:6c:c3:60:a6:23:28:f2:5c:85:03:1d:bd:b0:
                    16:2c:c4:cb:02:69:4c:b6:19:33:ae:cf:f3:4d:35:
                    92:12:b8:97:99:92:79:1a:80:a7:02:aa:f5:f1:dc:
                    dd:46:f3:dc:38:91:02:af:6d:b5:0f:3f:55:fd:06:
                    b1:42:4f:28:17:9f:12:86:af:07:0c:95:64:ea:cf:
                    8f:3c:73:25:ee:f8:f0:96:67:7f:46:76:76:22:fb:
                    cf:d9:b6:ff:ae:82:e5:2c:e7:c4:e3:7f:81:56:bf:
                    e5:b3:80:2d:73:df:39:bd:28:2a:69:71:fc:9c:3d:
                    9a:05:24:63:ab:fa:3d:24:3a:d5:94:6c:ac:4b:27:
                    8c:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:BF:26:39:2E:4F:62:69:15:33:99:C5:28:15:FA:8D:28:73:AD:24
            X509v3 Authority Key Identifier:
                keyid:52:3E:E8:D6:F4:61:B8:FD:41:06:F4:82:C4:6C:10:29:B1:01:31:45

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/6aa42742-89d2-49bb-8a3e-294c368971f5/0/523EE8D6F461B8FD4106F482C46C1029B1013145.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE8D6F461B8FD4106F482C46C1029B1013145.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6aa42742-89d2-49bb-8a3e-294c368971f5/0/3130332e31392e38302e302f32332d3234203d3e20313332363339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.19.80.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7c:b4:dd:b2:d2:4b:34:c7:1b:28:f7:4b:69:6e:48:f0:bf:6f:
         1c:fc:b0:0f:d8:d3:34:e5:db:6e:43:0a:ee:fd:09:29:b4:17:
         97:19:3a:27:06:56:66:86:93:49:4a:cd:f7:74:99:9a:a7:53:
         af:d4:91:45:ed:4c:7c:8a:0c:2d:cd:09:14:1e:b6:d7:9b:17:
         e5:22:68:5d:ff:aa:d3:27:18:40:3d:dc:5c:84:24:05:51:eb:
         9a:41:1f:27:1b:f5:9b:07:28:e1:f6:77:84:66:bb:99:68:83:
         58:06:17:48:de:6e:cd:12:4d:88:24:d2:55:15:15:12:a2:11:
         e4:35:31:28:a9:aa:6c:92:5e:49:74:59:ce:be:0e:3e:92:b9:
         7a:cc:36:85:9b:65:4b:43:5b:83:6f:58:19:8d:8f:69:1f:ac:
         19:1c:9e:08:3f:35:0c:eb:15:64:18:45:17:f3:09:78:6a:59:
         e4:fb:10:cb:c8:7b:34:1d:14:43:1f:15:04:73:24:36:94:42:
         5f:11:7c:55:6b:a5:01:04:91:38:d0:fd:69:88:10:2e:56:7c:
         57:12:ad:ef:f4:a1:67:c5:78:28:70:e6:90:67:5e:f1:95:8b:
         39:53:1e:b3:39:d6:f5:f2:b4:56:58:c0:78:59:22:17:42:dc:
         8a:20:6c:98
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUU6O/KJ66NrdXOS/zJbG+QqozbfgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTIzRUU4RDZGNDYxQjhGRDQxMDZGNDgyQzQ2QzEwMjlC
MTAxMzE0NTAeFw0yNTA2MjUxMzU2MTZaFw0yNjA2MjQxNDAxMTZaMDMxMTAvBgNV
BAMTKDlBQkYyNjM5MkU0RjYyNjkxNTMzOTlDNTI4MTVGQThEMjg3M0FEMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIdLz2kkoaxKZaYyPEYrnIJgjP
hIHtvDZs6Qsavtw/eUGkFvtC8v14reKUGjCO0CZWJOGP+XpeAC/5Uro1xP+pb7k3
4lf9HBBtc7tRH6AMeefmjLB+N0e7Gt+EHVQIvgX3cmjrFUOcidnpaFt+2m6+ATU4
lN36AxXbbMNgpiMo8lyFAx29sBYsxMsCaUy2GTOuz/NNNZISuJeZknkagKcCqvXx
3N1G89w4kQKvbbUPP1X9BrFCTygXnxKGrwcMlWTqz488cyXu+PCWZ39GdnYi+8/Z
tv+uguUs58Tjf4FWv+WzgC1z3zm9KCppcfycPZoFJGOr+j0kOtWUbKxLJ4wlAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUmr8mOS5PYmkVM5nFKBX6jShzrSQwHwYDVR0j
BBgwFoAUUj7o1vRhuP1BBvSCxGwQKbEBMUUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
YWE0Mjc0Mi04OWQyLTQ5YmItOGEzZS0yOTRjMzY4OTcxZjUvMC81MjNFRThENkY0
NjFCOEZENDEwNkY0ODJDNDZDMTAyOUIxMDEzMTQ1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNTIzRUU4RDZGNDYxQjhGRDQxMDZGNDgyQzQ2QzEwMjlCMTAx
MzE0NS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZhYTQyNzQyLTg5ZDItNDliYi04
YTNlLTI5NGMzNjg5NzFmNS8wLzMxMzAzMzJlMzEzOTJlMzgzMDJlMzAyZjMyMzMy
ZDMyMzQyMDNkM2UyMDMxMzMzMjM2MzMzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWcTUDANBgkqhkiG
9w0BAQsFAAOCAQEAfLTdstJLNMcbKPdLaW5I8L9vHPywD9jTNOXbbkMK7v0JKbQX
lxk6JwZWZoaTSUrN93SZmqdTr9SRRe1MfIoMLc0JFB6215sX5SJoXf+q0ycYQD3c
XIQkBVHrmkEfJxv1mwco4fZ3hGa7mWiDWAYXSN5uzRJNiCTSVRUVEqIR5DUxKKmq
bJJeSXRZzr4OPpK5esw2hZtlS0Nbg29YGY2PaR+sGRyeCD81DOsVZBhFF/MJeGpZ
5PsQy8h7NB0UQx8VBHMkNpRCXxF8VWulAQSROND9aYgQLlZ8VxKt7/ShZ8V4KHDm
kGde8ZWLOVMesznW9fK0VljAeFkiF0LciiBsmA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:11:13 2025 by rpki-client