Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63882.roa
File:                     AS63882.roa (raw, json)
Hash identifier:          HUuFOUz4bv16/SEDdUFSc5PyWy4mTy8n0Tzev4EIDaY=
Subject key identifier:   DD:C3:6B:32:7A:37:85:05:B8:A9:1C:D8:7C:86:EC:C6:4B:AE:2B:44
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       1CBD66BCF582B8049C8D788F121FBEC2691A351B
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63882.roa
Signing time:             Mon 30 Jun 2025 05:02:20 +0000
ROA not before:           Mon 30 Jun 2025 04:57:20 +0000
ROA not after:            Mon 29 Jun 2026 05:02:20 +0000
asID:                     63882
IP address blocks:        103.57.192.0/22 maxlen: 24
                          2401:9540::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 24 Jul 2025 00:11:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:bd:66:bc:f5:82:b8:04:9c:8d:78:8f:12:1f:be:c2:69:1a:35:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jun 30 04:57:20 2025 GMT
            Not After : Jun 29 05:02:20 2026 GMT
        Subject: CN=DDC36B327A378505B8A91CD87C86ECC64BAE2B44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:a4:fa:ee:6e:51:6c:74:f7:a4:27:8f:ef:23:
                    21:cd:29:48:90:19:cc:05:44:ae:01:a4:19:58:cb:
                    bd:4a:a6:3f:2f:96:8f:e7:8f:d1:b0:1e:94:a6:d0:
                    0e:04:f4:1c:3b:b4:34:e1:77:36:a2:e1:6f:5b:7b:
                    69:bf:71:3f:c5:00:d7:da:3c:b6:2f:68:0d:83:f4:
                    be:71:78:fe:2f:dd:e4:6f:f1:12:81:3c:1f:28:64:
                    df:02:c1:00:13:c7:d3:b2:7f:63:18:5a:14:47:2e:
                    8c:b8:12:6f:65:9e:6d:11:da:0f:80:e4:8c:50:78:
                    d7:aa:88:9a:16:a9:13:27:24:cb:f6:f5:81:cd:bb:
                    39:82:2f:ed:95:6b:9c:a0:a4:0c:7d:2d:d5:c6:63:
                    a4:7e:95:97:ab:89:e3:b2:7f:8f:e0:61:04:2a:a3:
                    30:84:b1:0d:67:40:8a:08:04:3c:af:c3:e0:a0:32:
                    d4:93:b6:93:78:25:55:6d:cd:0b:c6:f5:ca:01:31:
                    4d:ec:b1:ca:f4:79:aa:52:ee:4e:f2:c5:20:5b:66:
                    c1:d8:29:72:fa:01:e1:b0:fb:38:04:9a:bb:dd:01:
                    2c:91:4d:9a:4c:9a:ad:82:f7:f8:64:e3:1e:b4:c4:
                    c8:72:e2:6f:08:4e:32:79:89:94:95:c9:1b:ea:02:
                    2d:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:C3:6B:32:7A:37:85:05:B8:A9:1C:D8:7C:86:EC:C6:4B:AE:2B:44
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63882.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.57.192.0/22
                IPv6:
                  2401:9540::/32

    Signature Algorithm: sha256WithRSAEncryption
         50:8f:98:36:28:80:db:e7:4b:58:63:f5:83:f6:da:2b:20:17:
         fb:1f:a2:d2:45:31:e9:72:6a:30:e5:56:85:44:6e:98:c1:e2:
         b9:ab:04:55:be:e7:83:34:64:ac:82:aa:97:d5:dd:a9:c2:a0:
         4f:0a:a9:16:59:9e:c6:d2:9d:25:66:07:a3:8e:7f:d5:3a:ae:
         93:58:4a:e9:b2:c3:45:4a:82:d4:02:16:98:cc:59:88:51:9c:
         a4:c4:da:70:d8:fb:c3:43:b7:ac:73:28:b3:99:f5:57:eb:da:
         0b:af:26:ae:c0:c4:a8:92:c0:bc:15:8c:ba:e8:72:9e:e3:6b:
         15:fd:12:c7:5a:3f:f0:1c:41:79:e3:d2:76:67:a1:ae:47:35:
         29:8d:02:79:29:c3:b6:e5:7a:54:52:78:51:01:89:00:ab:ec:
         87:80:7d:a3:23:59:aa:f5:9e:43:5e:07:60:79:c0:af:e9:b8:
         5f:02:47:60:61:57:1c:6e:ae:d0:1c:00:ea:13:0f:9f:a6:fe:
         41:a9:a6:9b:97:55:64:57:2a:f9:8a:e8:73:ea:19:0d:7f:c5:
         45:95:d6:49:79:a3:0b:c1:64:12:c2:dc:3c:d4:63:79:70:63:
         2d:44:a6:30:07:ba:d2:1b:9e:69:ef:2e:63:95:21:41:71:f2:
         42:6d:88:92
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUHL1mvPWCuAScjXiPEh++wmkaNRswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYzMDA0NTcyMFoX
DTI2MDYyOTA1MDIyMFowMzExMC8GA1UEAxMoRERDMzZCMzI3QTM3ODUwNUI4QTkx
Q0Q4N0M4NkVDQzY0QkFFMkI0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKk+u5uUWx096Qnj+8jIc0pSJAZzAVErgGkGVjLvUqmPy+Wj+eP0bAelKbQ
DgT0HDu0NOF3NqLhb1t7ab9xP8UA19o8ti9oDYP0vnF4/i/d5G/xEoE8Hyhk3wLB
ABPH07J/YxhaFEcujLgSb2WebRHaD4DkjFB416qImhapEycky/b1gc27OYIv7ZVr
nKCkDH0t1cZjpH6Vl6uJ47J/j+BhBCqjMISxDWdAiggEPK/D4KAy1JO2k3glVW3N
C8b1ygExTeyxyvR5qlLuTvLFIFtmwdgpcvoB4bD7OASau90BLJFNmkyarYL3+GTj
HrTEyHLibwhOMnmJlJXJG+oCLXUCAwEAAaOCAd4wggHaMB0GA1UdDgQWBBTdw2sy
ejeFBbipHNh8huzGS64rRDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzYzODgyLnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCZznAMA0EAgACMAcDBQAkAZVAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ
j5g2KIDb50tYY/WD9torIBf7H6LSRTHpcmow5VaFRG6YweK5qwRVvueDNGSsgqqX
1d2pwqBPCqkWWZ7G0p0lZgejjn/VOq6TWErpssNFSoLUAhaYzFmIUZykxNpw2PvD
Q7escyizmfVX69oLryauwMSoksC8FYy66HKe42sV/RLHWj/wHEF549J2Z6GuRzUp
jQJ5KcO25XpUUnhRAYkAq+yHgH2jI1mq9Z5DXgdgecCv6bhfAkdgYVccbq7QHADq
Ew+fpv5Bqaabl1VkVyr5iuhz6hkNf8VFldZJeaMLwWQSwtw81GN5cGMtRKYwB7rS
G55p7y5jlSFBcfJCbYiS
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:51:20 2025 by rpki-client