Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/323430353a326363303a383a3a2f34382d3438203d3e20313336303739.roa
File:                     323430353a326363303a383a3a2f34382d3438203d3e20313336303739.roa (raw, json)
Hash identifier:          KpZING4byOb+kw62UnCHT9VpB7H105YwJJjgZg9mICg=
Subject key identifier:   56:69:6A:E5:9E:F9:3B:38:FD:00:30:21:F4:D0:0E:F5:98:F2:75:35
Certificate issuer:       /CN=F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837
Certificate serial:       3125D604C7FE4BB33BDA5E0F7E76D2AE63788AEC
Authority key identifier: F3:AB:A8:F3:C2:DD:89:25:DD:47:BF:7E:A2:13:73:02:A7:2B:58:37
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/323430353a326363303a383a3a2f34382d3438203d3e20313336303739.roa
Signing time:             Tue 15 Jul 2025 02:00:02 +0000
ROA not before:           Tue 15 Jul 2025 01:55:02 +0000
ROA not after:            Tue 14 Jul 2026 02:00:02 +0000
asID:                     136079
IP address blocks:        2405:2cc0:8::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.crl
                          rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 00:55:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:25:d6:04:c7:fe:4b:b3:3b:da:5e:0f:7e:76:d2:ae:63:78:8a:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837
        Validity
            Not Before: Jul 15 01:55:02 2025 GMT
            Not After : Jul 14 02:00:02 2026 GMT
        Subject: CN=56696AE59EF93B38FD003021F4D00EF598F27535
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b8:de:fa:7c:72:9f:84:75:13:dc:14:08:7a:
                    73:4a:1b:9f:24:c4:cb:98:7c:45:a2:05:cd:07:00:
                    1a:02:7d:82:db:e9:79:b3:aa:d0:9f:c5:43:b4:69:
                    d9:1d:a8:29:10:8b:a5:1b:a7:17:59:8c:1a:48:4a:
                    c0:ff:b5:06:3d:7f:f9:5e:01:d6:a5:bc:a6:22:8d:
                    04:86:d1:40:32:bc:e1:e0:54:5f:0f:21:77:68:64:
                    e7:f2:e4:e7:15:ec:2b:ee:c8:f0:41:64:34:bd:df:
                    94:3d:3b:b7:15:d3:30:81:a5:1e:ef:97:ff:ee:a8:
                    c6:ab:2a:90:b2:6e:8e:88:04:2e:fa:b3:d9:9f:ce:
                    cc:77:8b:f0:c7:d8:e1:81:18:8b:15:19:e5:5f:9b:
                    5d:53:de:9c:c1:c7:7c:49:55:22:8e:4f:b2:31:de:
                    bb:2e:95:b6:97:df:b7:5d:14:fd:4b:3e:31:88:d3:
                    d6:fd:d7:62:0b:30:bf:43:3b:0c:cc:5a:5a:ca:f9:
                    13:d3:28:82:8d:af:8c:1e:50:f2:2e:16:3e:46:c6:
                    ae:47:1b:1c:a0:27:04:7f:51:c5:cf:fb:cf:51:82:
                    e2:d5:72:cc:2c:87:3e:a2:6f:54:1e:04:ff:5b:c8:
                    18:7a:88:ef:86:91:bf:8e:a5:eb:c2:79:6d:1e:1f:
                    ea:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:69:6A:E5:9E:F9:3B:38:FD:00:30:21:F4:D0:0E:F5:98:F2:75:35
            X509v3 Authority Key Identifier:
                keyid:F3:AB:A8:F3:C2:DD:89:25:DD:47:BF:7E:A2:13:73:02:A7:2B:58:37

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/323430353a326363303a383a3a2f34382d3438203d3e20313336303739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:2cc0:8::/48

    Signature Algorithm: sha256WithRSAEncryption
         1d:91:15:bd:7d:54:61:0f:62:cf:89:bc:a4:20:45:f5:60:54:
         0f:1b:a4:04:dc:e2:e4:af:e9:0d:a4:f1:18:87:e0:c7:68:a3:
         48:5e:2f:97:10:04:fc:4e:56:a3:d1:a6:01:92:c6:36:1b:dd:
         77:17:73:8e:f1:9e:f4:e4:4e:02:b3:9e:7a:d4:8f:97:d9:86:
         fc:67:2f:03:0b:64:f9:09:72:f1:2d:38:fd:10:68:e2:0c:56:
         4d:84:75:ba:e5:cf:f5:fa:63:ea:b8:33:a4:30:53:6e:cf:97:
         f0:48:29:1b:8b:2c:22:81:6d:a8:94:9e:bc:aa:31:20:bc:54:
         ad:b3:f0:0d:1e:11:11:a3:fe:ee:20:76:3f:c1:13:ad:cf:54:
         9d:e2:38:a5:75:85:cf:7a:47:1d:74:e4:e0:22:5b:89:29:b6:
         b6:b1:23:0e:34:cf:fc:ea:e6:be:0e:cd:ad:c5:91:73:95:14:
         79:54:b7:90:43:ff:74:bb:3d:a4:4f:1b:03:1e:7c:33:9e:50:
         fc:47:a8:91:34:cb:9a:8f:0f:4a:ac:a3:f9:2e:38:54:ea:e1:
         01:70:fd:a3:bf:b5:92:5c:58:a9:b8:c1:82:a5:73:e0:85:de:
         c4:99:cd:73:6f:c3:26:1c:18:3b:71:2c:bc:87:ee:77:2d:72:
         f3:62:7e:4d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUMSXWBMf+S7M72l4PfnbSrmN4iuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjNBQkE4RjNDMkREODkyNURENDdCRjdFQTIxMzczMDJB
NzJCNTgzNzAeFw0yNTA3MTUwMTU1MDJaFw0yNjA3MTQwMjAwMDJaMDMxMTAvBgNV
BAMTKDU2Njk2QUU1OUVGOTNCMzhGRDAwMzAyMUY0RDAwRUY1OThGMjc1MzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9uN76fHKfhHUT3BQIenNKG58k
xMuYfEWiBc0HABoCfYLb6XmzqtCfxUO0adkdqCkQi6UbpxdZjBpISsD/tQY9f/le
AdalvKYijQSG0UAyvOHgVF8PIXdoZOfy5OcV7CvuyPBBZDS935Q9O7cV0zCBpR7v
l//uqMarKpCybo6IBC76s9mfzsx3i/DH2OGBGIsVGeVfm11T3pzBx3xJVSKOT7Ix
3rsulbaX37ddFP1LPjGI09b912ILML9DOwzMWlrK+RPTKIKNr4weUPIuFj5Gxq5H
GxygJwR/UcXP+89RguLVcswshz6ib1QeBP9byBh6iO+Gkb+OpevCeW0eH+ofAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUVmlq5Z75Ozj9ADAh9NAO9ZjydTUwHwYDVR0j
BBgwFoAU86uo88LdiSXdR79+ohNzAqcrWDcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
ZTY5M2I4OS00NTk3LTQwYjUtOTJiMC1iMjk5ZmE3NjlhZmEvMC9GM0FCQThGM0My
REQ4OTI1REQ0N0JGN0VBMjEzNzMwMkE3MkI1ODM3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjNBQkE4RjNDMkREODkyNURENDdCRjdFQTIxMzczMDJBNzJC
NTgzNy5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhlNjkzYjg5LTQ1OTctNDBiNS05
MmIwLWIyOTlmYTc2OWFmYS8wLzMyMzQzMDM1M2EzMjYzNjMzMDNhMzgzYTNhMmYz
NDM4MmQzNDM4MjAzZDNlMjAzMTMzMzYzMDM3Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkBSzAAAgw
DQYJKoZIhvcNAQELBQADggEBAB2RFb19VGEPYs+JvKQgRfVgVA8bpATc4uSv6Q2k
8RiH4Mdoo0heL5cQBPxOVqPRpgGSxjYb3XcXc47xnvTkTgKznnrUj5fZhvxnLwML
ZPkJcvEtOP0QaOIMVk2Edbrlz/X6Y+q4M6QwU27Pl/BIKRuLLCKBbaiUnryqMSC8
VK2z8A0eERGj/u4gdj/BE63PVJ3iOKV1hc96Rx105OAiW4kptraxIw40z/zq5r4O
za3FkXOVFHlUt5BD/3S7PaRPGwMefDOeUPxHqJE0y5qPD0qso/kuOFTq4QFw/aO/
tZJcWKm4wYKlc+CF3sSZzXNvwyYcGDtxLLyH7nctcvNifk0=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:10:24 2025 by rpki-client