Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/72c00f79-49eb-4525-9026-a238ff448070/0/3130332e3132302e3233322e302f32342d3234203d3e20313337333834.roa
File:                     3130332e3132302e3233322e302f32342d3234203d3e20313337333834.roa (raw, json)
Hash identifier:          rgW49bD9jOG05sHGGVXJ7K4U0Fs52fl5W3GSqo/JMxg=
Subject key identifier:   37:0F:78:26:8C:F2:1E:B5:56:E2:D9:19:52:00:7D:F4:9C:BD:97:74
Certificate issuer:       /CN=407919FF69A512DDAE7CCD48BE288F17073A5512
Certificate serial:       45B3F88615FA730A2215BDD13EAB330AA1BE84F3
Authority key identifier: 40:79:19:FF:69:A5:12:DD:AE:7C:CD:48:BE:28:8F:17:07:3A:55:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/407919FF69A512DDAE7CCD48BE288F17073A5512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/72c00f79-49eb-4525-9026-a238ff448070/0/3130332e3132302e3233322e302f32342d3234203d3e20313337333834.roa
Signing time:             Wed 16 Jul 2025 06:00:00 +0000
ROA not before:           Wed 16 Jul 2025 05:55:00 +0000
ROA not after:            Wed 15 Jul 2026 06:00:00 +0000
asID:                     137384
IP address blocks:        103.120.232.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/72c00f79-49eb-4525-9026-a238ff448070/0/407919FF69A512DDAE7CCD48BE288F17073A5512.crl
                          rsync://repo-rpki.idnic.net/repo/72c00f79-49eb-4525-9026-a238ff448070/0/407919FF69A512DDAE7CCD48BE288F17073A5512.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/407919FF69A512DDAE7CCD48BE288F17073A5512.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 24 Jul 2025 07:49:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:b3:f8:86:15:fa:73:0a:22:15:bd:d1:3e:ab:33:0a:a1:be:84:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407919FF69A512DDAE7CCD48BE288F17073A5512
        Validity
            Not Before: Jul 16 05:55:00 2025 GMT
            Not After : Jul 15 06:00:00 2026 GMT
        Subject: CN=370F78268CF21EB556E2D91952007DF49CBD9774
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:27:7b:33:0a:9f:d3:60:e2:44:dc:c2:fb:c5:
                    09:7f:8d:3d:09:cb:14:79:13:07:6e:1a:0e:9c:4a:
                    85:a9:e2:44:08:42:4d:54:36:6a:cc:c0:69:46:88:
                    ab:42:a8:7c:1f:17:32:3d:5b:06:1a:b4:ca:7b:17:
                    a0:af:9f:64:0b:72:a2:d1:98:2c:54:90:d2:e8:82:
                    bb:6e:18:c6:b4:55:f7:b5:c7:5b:34:e7:7f:c2:6d:
                    a0:e9:28:a2:2c:f3:43:63:da:26:9a:9d:7f:19:62:
                    39:a6:27:4d:65:da:34:97:a0:ca:ac:d7:17:6e:78:
                    1d:f2:34:d8:4e:b8:3c:87:6f:82:64:8b:52:a7:32:
                    dc:fd:b8:68:ef:96:74:ad:96:a7:d1:76:43:d2:d2:
                    0e:0f:6d:ea:50:45:c5:98:d7:3c:70:55:b9:5c:c9:
                    fc:f4:ec:21:95:86:3e:6f:c6:6a:72:e5:9f:b3:49:
                    c4:0d:76:b4:d7:a2:98:96:7b:be:c2:7a:52:17:03:
                    bd:c3:ad:27:64:fb:42:a9:3e:5e:d5:26:81:93:da:
                    0f:b7:34:d6:59:d5:a5:4d:d4:5a:1e:24:d1:b1:95:
                    a9:d4:7b:ef:e4:05:eb:1e:99:98:2b:f3:a1:c9:55:
                    d2:a8:84:21:3d:32:12:3f:0f:d0:c6:18:87:bc:12:
                    37:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:0F:78:26:8C:F2:1E:B5:56:E2:D9:19:52:00:7D:F4:9C:BD:97:74
            X509v3 Authority Key Identifier:
                keyid:40:79:19:FF:69:A5:12:DD:AE:7C:CD:48:BE:28:8F:17:07:3A:55:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/72c00f79-49eb-4525-9026-a238ff448070/0/407919FF69A512DDAE7CCD48BE288F17073A5512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/407919FF69A512DDAE7CCD48BE288F17073A5512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/72c00f79-49eb-4525-9026-a238ff448070/0/3130332e3132302e3233322e302f32342d3234203d3e20313337333834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.120.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:fd:54:fb:e0:7f:49:86:c6:fb:b5:50:92:82:4d:bf:ab:6f:
         66:67:e8:11:93:6b:ea:89:0a:6b:ca:fb:30:44:d6:44:6a:5a:
         19:d3:00:b3:ed:27:c6:53:0d:59:66:95:bd:eb:3d:3f:ce:ff:
         82:42:7a:dc:e4:42:11:54:4c:11:af:63:c2:36:eb:ba:07:b8:
         be:25:ca:7e:22:45:0e:ca:c5:f3:6d:a4:68:38:5c:3f:6d:98:
         f7:4b:c9:4e:75:c5:9c:f3:1a:6e:fd:d8:b8:42:6d:1e:24:55:
         76:ae:e5:ea:65:b0:18:bd:98:58:1b:ac:33:11:9a:6b:89:03:
         09:1d:17:07:04:7c:6b:2d:fe:3e:5c:24:a2:0b:9c:84:ee:64:
         8f:9d:95:a0:96:02:83:48:ec:60:3b:f6:80:21:d7:ed:11:50:
         67:5f:1c:1d:0b:87:4b:30:9b:14:48:09:ff:9f:b2:7b:e7:fe:
         5b:c9:fc:c4:bb:9d:bd:f7:05:c9:6c:47:c0:cf:6d:71:9f:9e:
         63:45:db:18:bd:ff:bc:82:e3:47:f4:f3:eb:60:09:8d:b1:f1:
         52:db:1f:52:b0:0c:c4:08:41:d1:60:01:d6:2c:c9:95:d3:98:
         7a:73:67:82:2e:ee:9e:4b:a8:6f:f0:83:bc:16:49:89:3b:44:
         c1:b0:01:3b
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIURbP4hhX6cwoiFb3RPqszCqG+hPMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDA3OTE5RkY2OUE1MTJEREFFN0NDRDQ4QkUyODhGMTcw
NzNBNTUxMjAeFw0yNTA3MTYwNTU1MDBaFw0yNjA3MTUwNjAwMDBaMDMxMTAvBgNV
BAMTKDM3MEY3ODI2OENGMjFFQjU1NkUyRDkxOTUyMDA3REY0OUNCRDk3NzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfJ3szCp/TYOJE3ML7xQl/jT0J
yxR5EwduGg6cSoWp4kQIQk1UNmrMwGlGiKtCqHwfFzI9WwYatMp7F6Cvn2QLcqLR
mCxUkNLogrtuGMa0Vfe1x1s053/CbaDpKKIs80Nj2iaanX8ZYjmmJ01l2jSXoMqs
1xdueB3yNNhOuDyHb4Jki1KnMtz9uGjvlnStlqfRdkPS0g4PbepQRcWY1zxwVblc
yfz07CGVhj5vxmpy5Z+zScQNdrTXopiWe77CelIXA73DrSdk+0KpPl7VJoGT2g+3
NNZZ1aVN1FoeJNGxlanUe+/kBesemZgr86HJVdKohCE9MhI/D9DGGIe8EjfvAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUNw94JozyHrVW4tkZUgB99Jy9l3QwHwYDVR0j
BBgwFoAUQHkZ/2mlEt2ufM1IviiPFwc6VRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
MmMwMGY3OS00OWViLTQ1MjUtOTAyNi1hMjM4ZmY0NDgwNzAvMC80MDc5MTlGRjY5
QTUxMkREQUU3Q0NENDhCRTI4OEYxNzA3M0E1NTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDA3OTE5RkY2OUE1MTJEREFFN0NDRDQ4QkUyODhGMTcwNzNB
NTUxMi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzcyYzAwZjc5LTQ5ZWItNDUyNS05
MDI2LWEyMzhmZjQ0ODA3MC8wLzMxMzAzMzJlMzEzMjMwMmUzMjMzMzIyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzczMzM4MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABneOgwDQYJ
KoZIhvcNAQELBQADggEBADT9VPvgf0mGxvu1UJKCTb+rb2Zn6BGTa+qJCmvK+zBE
1kRqWhnTALPtJ8ZTDVlmlb3rPT/O/4JCetzkQhFUTBGvY8I267oHuL4lyn4iRQ7K
xfNtpGg4XD9tmPdLyU51xZzzGm792LhCbR4kVXau5eplsBi9mFgbrDMRmmuJAwkd
FwcEfGst/j5cJKILnITuZI+dlaCWAoNI7GA79oAh1+0RUGdfHB0Lh0swmxRICf+f
snvn/lvJ/MS7nb33BclsR8DPbXGfnmNF2xi9/7yC40f08+tgCY2x8VLbH1KwDMQI
QdFgAdYsyZXTmHpzZ4Iu7p5LqG/wg7wWSYk7RMGwATs=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:06:44 2025 by rpki-client