Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/323430353a326363303a323a3a2f34382d3438203d3e20313336303739.roa
File:                     323430353a326363303a323a3a2f34382d3438203d3e20313336303739.roa (raw, json)
Hash identifier:          1A57a+WSkaUEe/nNKsaDACTzujL/BWvYX5TZ+R8VoL8=
Subject key identifier:   71:DD:60:F8:EF:68:C1:5B:C2:54:B1:55:F4:26:BC:97:9E:AA:D2:11
Certificate issuer:       /CN=F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837
Certificate serial:       652BB88F29873086BC6024FFCD234C2080E435FA
Authority key identifier: F3:AB:A8:F3:C2:DD:89:25:DD:47:BF:7E:A2:13:73:02:A7:2B:58:37
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/323430353a326363303a323a3a2f34382d3438203d3e20313336303739.roa
Signing time:             Tue 15 Jul 2025 02:00:01 +0000
ROA not before:           Tue 15 Jul 2025 01:55:01 +0000
ROA not after:            Tue 14 Jul 2026 02:00:01 +0000
asID:                     136079
IP address blocks:        2405:2cc0:2::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.crl
                          rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 00:55:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:2b:b8:8f:29:87:30:86:bc:60:24:ff:cd:23:4c:20:80:e4:35:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837
        Validity
            Not Before: Jul 15 01:55:01 2025 GMT
            Not After : Jul 14 02:00:01 2026 GMT
        Subject: CN=71DD60F8EF68C15BC254B155F426BC979EAAD211
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:d8:95:80:cf:c7:ad:80:f1:a5:3c:a0:07:c5:
                    4b:6f:d0:25:9d:c6:7d:4d:23:a8:21:57:d9:83:40:
                    81:f8:d5:03:90:b2:f1:d7:30:dd:95:b8:c8:35:90:
                    10:2d:1d:3e:11:16:96:59:1a:45:00:e0:c2:df:c0:
                    0c:1d:72:33:64:94:4b:53:6d:ef:5c:5c:dd:58:ac:
                    32:27:fc:10:a4:75:c9:5a:10:1a:37:fa:4e:2f:b2:
                    c5:d7:5b:05:f0:96:12:7e:96:b4:f8:fb:37:d5:c4:
                    7d:59:dd:87:69:39:f3:fd:93:c4:20:2f:c1:77:41:
                    62:e0:97:29:96:60:e0:95:22:7b:10:c5:12:eb:22:
                    b2:53:10:af:e0:90:88:5b:84:56:6a:b3:f5:6d:05:
                    8e:de:02:37:bf:35:52:c0:45:82:32:78:2a:4a:98:
                    13:33:6b:41:fa:12:70:fc:ab:88:42:9e:12:c2:a2:
                    c6:4f:b3:5b:dc:6e:88:25:3d:9c:34:7f:d2:3d:97:
                    50:8a:7b:dd:82:2c:a3:f3:2a:be:23:1a:ff:ca:61:
                    52:09:4f:ad:7f:5d:9e:ca:2a:de:2e:63:c1:bb:2b:
                    f5:22:00:7e:67:9e:58:d9:11:1d:82:25:42:f2:1c:
                    8c:cf:37:d1:7f:00:03:86:61:59:d4:4c:6c:e1:35:
                    2a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:DD:60:F8:EF:68:C1:5B:C2:54:B1:55:F4:26:BC:97:9E:AA:D2:11
            X509v3 Authority Key Identifier:
                keyid:F3:AB:A8:F3:C2:DD:89:25:DD:47:BF:7E:A2:13:73:02:A7:2B:58:37

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/323430353a326363303a323a3a2f34382d3438203d3e20313336303739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:2cc0:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         b7:36:f3:8b:98:2d:06:93:b7:7d:79:5b:f8:98:60:bf:0e:9e:
         18:44:7e:23:39:cf:c6:8d:33:a8:f2:5d:d2:19:5f:e6:da:ea:
         6d:34:8a:76:a7:fc:1e:19:11:a4:64:dd:86:54:bd:92:c0:57:
         4a:38:bc:c5:40:bb:15:59:68:a3:98:e7:cc:14:97:ab:8e:f7:
         44:1e:c5:79:82:cf:bb:c4:ca:b7:17:aa:c1:c5:82:f6:c7:a8:
         4e:a4:97:e1:eb:85:0a:b4:a0:e3:5d:4c:d6:2f:5b:c0:84:b9:
         e6:3f:59:37:fa:d5:e1:58:ee:a3:c2:6a:34:3b:89:ae:9d:eb:
         2c:1f:60:34:35:ea:fe:95:3f:69:3b:c5:e9:72:c3:73:b5:d4:
         ca:b6:96:3e:7e:df:9d:dc:73:b8:a4:36:59:9c:68:28:25:71:
         d1:fb:66:e4:be:ef:20:19:dd:07:84:57:dc:83:03:8d:89:81:
         1d:98:9b:24:78:36:40:ef:06:c9:a3:bf:aa:6f:81:13:21:79:
         3d:14:b2:60:43:05:06:ab:7f:a6:09:22:a8:44:3a:0b:f9:f1:
         e8:d2:e9:f7:7b:81:e9:b8:3f:6e:f4:a9:24:fd:29:a3:5c:2a:
         83:95:9b:44:e3:62:21:1c:fd:ef:19:1a:d4:f5:35:ae:43:ae:
         dc:91:da:5a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUZSu4jymHMIa8YCT/zSNMIIDkNfowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjNBQkE4RjNDMkREODkyNURENDdCRjdFQTIxMzczMDJB
NzJCNTgzNzAeFw0yNTA3MTUwMTU1MDFaFw0yNjA3MTQwMjAwMDFaMDMxMTAvBgNV
BAMTKDcxREQ2MEY4RUY2OEMxNUJDMjU0QjE1NUY0MjZCQzk3OUVBQUQyMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX2JWAz8etgPGlPKAHxUtv0CWd
xn1NI6ghV9mDQIH41QOQsvHXMN2VuMg1kBAtHT4RFpZZGkUA4MLfwAwdcjNklEtT
be9cXN1YrDIn/BCkdclaEBo3+k4vssXXWwXwlhJ+lrT4+zfVxH1Z3YdpOfP9k8Qg
L8F3QWLglymWYOCVInsQxRLrIrJTEK/gkIhbhFZqs/VtBY7eAje/NVLARYIyeCpK
mBMza0H6EnD8q4hCnhLCosZPs1vcboglPZw0f9I9l1CKe92CLKPzKr4jGv/KYVIJ
T61/XZ7KKt4uY8G7K/UiAH5nnljZER2CJULyHIzPN9F/AAOGYVnUTGzhNSpFAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUcd1g+O9owVvCVLFV9Ca8l56q0hEwHwYDVR0j
BBgwFoAU86uo88LdiSXdR79+ohNzAqcrWDcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
ZTY5M2I4OS00NTk3LTQwYjUtOTJiMC1iMjk5ZmE3NjlhZmEvMC9GM0FCQThGM0My
REQ4OTI1REQ0N0JGN0VBMjEzNzMwMkE3MkI1ODM3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjNBQkE4RjNDMkREODkyNURENDdCRjdFQTIxMzczMDJBNzJC
NTgzNy5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhlNjkzYjg5LTQ1OTctNDBiNS05
MmIwLWIyOTlmYTc2OWFmYS8wLzMyMzQzMDM1M2EzMjYzNjMzMDNhMzIzYTNhMmYz
NDM4MmQzNDM4MjAzZDNlMjAzMTMzMzYzMDM3Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkBSzAAAIw
DQYJKoZIhvcNAQELBQADggEBALc284uYLQaTt315W/iYYL8OnhhEfiM5z8aNM6jy
XdIZX+ba6m00inan/B4ZEaRk3YZUvZLAV0o4vMVAuxVZaKOY58wUl6uO90QexXmC
z7vEyrcXqsHFgvbHqE6kl+HrhQq0oONdTNYvW8CEueY/WTf61eFY7qPCajQ7ia6d
6ywfYDQ16v6VP2k7xelyw3O11Mq2lj5+353cc7ikNlmcaCglcdH7ZuS+7yAZ3QeE
V9yDA42JgR2YmyR4NkDvBsmjv6pvgRMheT0UsmBDBQarf6YJIqhEOgv58ejS6fd7
gem4P270qST9KaNcKoOVm0TjYiEc/e8ZGtT1Na5DrtyR2lo=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:10:25 2025 by rpki-client