Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/3231302e3234372e3234332e302f32342d3234203d3e20313331373435.roa
File:                     3231302e3234372e3234332e302f32342d3234203d3e20313331373435.roa (raw, json)
Hash identifier:          lzhEeQ6DAkKFZoSDXb/ij7h8jtExSjFLGzcvwIopMPE=
Subject key identifier:   FF:D1:79:4B:61:73:7B:9C:12:9E:90:06:83:0D:09:2C:72:DB:74:DF
Certificate issuer:       /CN=8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F
Certificate serial:       3285BEFAAD5A3BFD6DDB56EDC89049AF43530F35
Authority key identifier: 8A:FE:BB:51:D0:0C:8E:06:AA:EA:84:2E:0C:0C:FF:C2:CA:B9:61:0F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/3231302e3234372e3234332e302f32342d3234203d3e20313331373435.roa
Signing time:             Sun 06 Jul 2025 01:00:01 +0000
ROA not before:           Sun 06 Jul 2025 00:55:01 +0000
ROA not after:            Sun 05 Jul 2026 01:00:01 +0000
asID:                     131745
IP address blocks:        210.247.243.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.crl
                          rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 24 Jul 2025 18:04:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:85:be:fa:ad:5a:3b:fd:6d:db:56:ed:c8:90:49:af:43:53:0f:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F
        Validity
            Not Before: Jul  6 00:55:01 2025 GMT
            Not After : Jul  5 01:00:01 2026 GMT
        Subject: CN=FFD1794B61737B9C129E9006830D092C72DB74DF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:56:67:a3:f2:46:a0:de:9d:45:82:d0:8f:e1:
                    11:4b:94:eb:61:66:2e:9e:c8:0f:cc:45:8f:43:93:
                    a2:e9:70:b3:07:e2:32:33:37:79:5e:a7:68:76:aa:
                    d9:46:30:49:9e:fb:8d:15:c9:17:3c:56:21:e1:6b:
                    1a:35:c6:a3:99:a7:41:8b:ef:c8:a9:a3:81:ca:8c:
                    86:ec:78:67:94:90:45:91:44:18:5f:80:47:2b:e0:
                    54:85:9c:15:89:c6:e8:cd:46:b9:19:12:49:0c:8f:
                    6f:c2:56:29:5e:63:25:c6:ed:9a:df:c8:fb:72:32:
                    8b:cb:28:f0:99:15:cc:48:e6:0b:9f:26:97:01:91:
                    fa:1e:36:d7:32:ad:7e:41:f8:d9:b2:e5:aa:be:84:
                    cf:d9:39:f3:d2:34:5f:ae:96:6c:37:fd:9b:e8:81:
                    97:5c:96:86:57:d1:e0:a0:d2:dd:d2:00:51:6b:2f:
                    16:9b:7e:e3:0b:11:dd:bf:e6:ae:65:e6:cf:c2:04:
                    a3:7c:07:aa:b4:9e:e3:f3:1f:70:22:84:ac:c3:4b:
                    60:f5:4d:09:27:ee:c8:1e:88:8c:c3:f8:d7:24:f7:
                    c9:b3:70:9b:d6:78:59:38:7a:19:9a:c1:d1:33:2b:
                    2e:75:22:53:77:e6:31:f4:e6:62:1a:d5:bd:2f:53:
                    4f:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:D1:79:4B:61:73:7B:9C:12:9E:90:06:83:0D:09:2C:72:DB:74:DF
            X509v3 Authority Key Identifier:
                keyid:8A:FE:BB:51:D0:0C:8E:06:AA:EA:84:2E:0C:0C:FF:C2:CA:B9:61:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/3231302e3234372e3234332e302f32342d3234203d3e20313331373435.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.247.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:ca:00:74:22:5e:23:1c:1c:2c:d9:64:90:98:b2:24:5c:0a:
         87:e0:cb:9f:84:b3:94:c1:9c:2b:95:7c:11:57:bb:55:1b:e9:
         f1:b9:fd:bb:44:f7:4e:3a:6b:6a:5c:ca:20:c3:dd:c2:58:1c:
         ad:42:36:20:fc:e8:f6:57:a4:1e:81:ed:26:9a:3f:98:37:be:
         ef:39:ef:b3:c6:19:63:e1:a4:e2:5b:12:44:c5:be:0e:9e:14:
         91:bf:90:4c:f7:29:1f:85:40:54:2b:79:bd:7f:bf:59:94:7a:
         d6:1f:43:c1:83:9c:ad:b1:4b:e3:b3:0e:cf:43:84:6a:e5:d4:
         4a:8c:14:a2:82:2b:27:c2:76:2d:df:c3:e3:09:e8:14:b8:c4:
         ad:b1:aa:d2:54:65:f5:8f:18:a7:29:4e:f0:60:3e:da:d2:d1:
         48:05:58:3f:a5:f9:f0:3e:87:3f:83:fd:1d:10:6a:0f:70:a2:
         f6:80:84:cd:b9:1e:d4:dc:bf:9b:b1:05:2d:14:0d:16:ae:75:
         d3:8c:8c:d4:f3:ab:7b:0b:5c:1f:0d:8b:e7:9a:d4:6f:35:f9:
         3a:b6:a3:4c:d5:d6:1c:d9:5d:ac:c4:84:95:48:53:4e:7f:2a:
         3a:cb:29:fb:4f:39:ec:ec:e0:6e:f4:62:16:bc:ac:dc:24:7a:
         51:d2:69:8e
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUMoW++q1aO/1t21btyJBJr0NTDzUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEFGRUJCNTFEMDBDOEUwNkFBRUE4NDJFMEMwQ0ZGQzJD
QUI5NjEwRjAeFw0yNTA3MDYwMDU1MDFaFw0yNjA3MDUwMTAwMDFaMDMxMTAvBgNV
BAMTKEZGRDE3OTRCNjE3MzdCOUMxMjlFOTAwNjgzMEQwOTJDNzJEQjc0REYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Vmej8kag3p1FgtCP4RFLlOth
Zi6eyA/MRY9Dk6LpcLMH4jIzN3lep2h2qtlGMEme+40VyRc8ViHhaxo1xqOZp0GL
78ipo4HKjIbseGeUkEWRRBhfgEcr4FSFnBWJxujNRrkZEkkMj2/CVileYyXG7Zrf
yPtyMovLKPCZFcxI5gufJpcBkfoeNtcyrX5B+Nmy5aq+hM/ZOfPSNF+ulmw3/Zvo
gZdcloZX0eCg0t3SAFFrLxabfuMLEd2/5q5l5s/CBKN8B6q0nuPzH3AihKzDS2D1
TQkn7sgeiIzD+Nck98mzcJvWeFk4ehmawdEzKy51IlN35jH05mIa1b0vU0/5AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQU/9F5S2Fze5wSnpAGgw0JLHLbdN8wHwYDVR0j
BBgwFoAUiv67UdAMjgaq6oQuDAz/wsq5YQ8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
NjEyNDMyOS1lYzIwLTQ0NjAtYWMzMS05YzM2Y2Y5NGYzZmIvMC84QUZFQkI1MUQw
MEM4RTA2QUFFQTg0MkUwQzBDRkZDMkNBQjk2MTBGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOEFGRUJCNTFEMDBDOEUwNkFBRUE4NDJFMEMwQ0ZGQzJDQUI5
NjEwRi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk2MTI0MzI5LWVjMjAtNDQ2MC1h
YzMxLTljMzZjZjk0ZjNmYi8wLzMyMzEzMDJlMzIzNDM3MmUzMjM0MzMyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzEzNzM0MzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADS9/MwDQYJ
KoZIhvcNAQELBQADggEBACDKAHQiXiMcHCzZZJCYsiRcCofgy5+Es5TBnCuVfBFX
u1Ub6fG5/btE9046a2pcyiDD3cJYHK1CNiD86PZXpB6B7SaaP5g3vu8577PGGWPh
pOJbEkTFvg6eFJG/kEz3KR+FQFQreb1/v1mUetYfQ8GDnK2xS+OzDs9DhGrl1EqM
FKKCKyfCdi3fw+MJ6BS4xK2xqtJUZfWPGKcpTvBgPtrS0UgFWD+l+fA+hz+D/R0Q
ag9wovaAhM25HtTcv5uxBS0UDRauddOMjNTzq3sLXB8Ni+ea1G81+Tq2o0zV1hzZ
XazEhJVIU05/KjrLKftPOezs4G70Yha8rNwkelHSaY4=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:27:11 2025 by rpki-client