Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/c397cfc5-e0b0-4820-b859-79625201ecaf/0/3130332e3137322e3139362e302f32332d3234203d3e20313432333934.roa
File:                     3130332e3137322e3139362e302f32332d3234203d3e20313432333934.roa (raw, json)
Hash identifier:          Z1tGWFEjU6+Gt3zLjm1kyQrIJ2QvnjBbeJw3y7l63DU=
Subject key identifier:   5E:D1:4B:B1:04:D1:7F:34:5F:2D:17:B8:FA:E0:3C:3F:59:63:01:F1
Certificate issuer:       /CN=CA13A9BAC29315E5C5DACF0BC7388C342AD6E592
Certificate serial:       228AF3D16CB079499988BB4597F5CAEC9B68130F
Authority key identifier: CA:13:A9:BA:C2:93:15:E5:C5:DA:CF:0B:C7:38:8C:34:2A:D6:E5:92
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA13A9BAC29315E5C5DACF0BC7388C342AD6E592.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c397cfc5-e0b0-4820-b859-79625201ecaf/0/3130332e3137322e3139362e302f32332d3234203d3e20313432333934.roa
Signing time:             Tue 08 Jul 2025 06:01:23 +0000
ROA not before:           Tue 08 Jul 2025 05:56:23 +0000
ROA not after:            Tue 07 Jul 2026 06:01:23 +0000
asID:                     142394
IP address blocks:        103.172.196.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/c397cfc5-e0b0-4820-b859-79625201ecaf/0/CA13A9BAC29315E5C5DACF0BC7388C342AD6E592.crl
                          rsync://repo-rpki.idnic.net/repo/c397cfc5-e0b0-4820-b859-79625201ecaf/0/CA13A9BAC29315E5C5DACF0BC7388C342AD6E592.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA13A9BAC29315E5C5DACF0BC7388C342AD6E592.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 03:31:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:8a:f3:d1:6c:b0:79:49:99:88:bb:45:97:f5:ca:ec:9b:68:13:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CA13A9BAC29315E5C5DACF0BC7388C342AD6E592
        Validity
            Not Before: Jul  8 05:56:23 2025 GMT
            Not After : Jul  7 06:01:23 2026 GMT
        Subject: CN=5ED14BB104D17F345F2D17B8FAE03C3F596301F1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:90:d3:ca:85:fa:ea:2e:07:ca:6f:a0:7b:f2:
                    29:7d:43:88:34:db:d8:c1:df:5c:83:3d:6d:77:5f:
                    38:04:10:b5:b0:7d:d5:f5:e1:a2:07:4e:e0:26:a3:
                    17:c1:fd:f2:6e:69:c1:66:19:65:13:25:97:37:a9:
                    12:93:ea:ce:81:3e:b3:79:2f:34:52:a9:c2:b6:ca:
                    0b:07:88:83:30:31:46:44:da:72:72:23:24:08:d5:
                    c3:5d:3d:dc:00:a7:bc:fb:56:2a:4c:cd:4e:3a:24:
                    b3:39:3d:b3:aa:7d:94:3e:a6:67:2f:bf:f6:65:7c:
                    07:78:5d:58:08:ae:da:b0:e7:81:d1:e5:d7:8c:9e:
                    09:8c:a2:96:95:da:40:39:89:de:cc:92:a6:3b:4c:
                    96:9f:90:55:a8:31:64:3c:3b:d7:a3:8d:df:ff:1e:
                    3d:68:6e:5a:12:fe:81:da:a7:80:b9:52:b5:02:38:
                    66:36:4e:c4:0b:99:c2:87:a0:22:23:f7:95:6f:da:
                    31:fb:fe:e0:9c:cc:03:2f:a4:e8:23:db:84:a8:07:
                    19:12:d1:ad:bb:88:9b:5d:65:7b:21:0f:4c:d2:6c:
                    81:db:4a:dc:45:bb:4a:af:bd:7b:31:51:92:cf:47:
                    ff:3a:f2:df:7e:c0:a9:02:59:6a:29:17:34:2a:b3:
                    97:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:D1:4B:B1:04:D1:7F:34:5F:2D:17:B8:FA:E0:3C:3F:59:63:01:F1
            X509v3 Authority Key Identifier:
                keyid:CA:13:A9:BA:C2:93:15:E5:C5:DA:CF:0B:C7:38:8C:34:2A:D6:E5:92

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c397cfc5-e0b0-4820-b859-79625201ecaf/0/CA13A9BAC29315E5C5DACF0BC7388C342AD6E592.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA13A9BAC29315E5C5DACF0BC7388C342AD6E592.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c397cfc5-e0b0-4820-b859-79625201ecaf/0/3130332e3137322e3139362e302f32332d3234203d3e20313432333934.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.196.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:42:5c:56:11:8d:66:e3:d2:a5:cf:a6:40:80:9e:c5:8c:bd:
         42:cc:fd:7d:24:62:48:1a:dd:70:ff:ce:41:b2:54:c8:ee:70:
         ef:67:a7:7a:0d:0e:10:b3:d0:89:40:5f:bc:a1:43:7d:93:a3:
         05:1c:bb:99:18:2c:12:a3:8d:8b:af:bd:f7:63:86:5a:fa:63:
         f8:04:c6:62:c2:81:07:6b:57:80:c4:d4:6c:3c:2d:5a:e2:9f:
         63:f1:fd:1b:72:6a:82:3a:37:43:29:42:b7:da:e7:e1:e0:6d:
         2b:50:62:c0:3a:02:5e:3b:dc:3e:32:4e:3a:32:ed:84:77:33:
         9d:d3:b6:21:5b:42:c0:de:40:d8:68:e8:94:e5:62:f9:9a:57:
         8b:8e:db:73:e9:f7:cc:60:9d:58:34:46:dc:69:bb:cc:e3:78:
         0c:67:1b:18:bb:e0:7b:a4:80:8c:ee:8f:67:94:72:d2:4f:14:
         dd:18:66:5b:aa:fb:11:8d:7b:61:4e:f7:a4:da:f8:cc:9b:be:
         18:02:f3:20:e7:ad:69:4f:5c:6d:40:fb:ec:32:13:51:22:d5:
         38:64:26:51:a4:8c:82:29:81:1c:66:a0:56:1e:16:62:75:96:
         1b:41:e8:51:c1:f8:68:d2:ef:8b:f0:0c:2b:01:c5:aa:1a:89:
         66:78:82:ae
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUIorz0WyweUmZiLtFl/XK7JtoEw8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0ExM0E5QkFDMjkzMTVFNUM1REFDRjBCQzczODhDMzQy
QUQ2RTU5MjAeFw0yNTA3MDgwNTU2MjNaFw0yNjA3MDcwNjAxMjNaMDMxMTAvBgNV
BAMTKDVFRDE0QkIxMDREMTdGMzQ1RjJEMTdCOEZBRTAzQzNGNTk2MzAxRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfkNPKhfrqLgfKb6B78il9Q4g0
29jB31yDPW13XzgEELWwfdX14aIHTuAmoxfB/fJuacFmGWUTJZc3qRKT6s6BPrN5
LzRSqcK2ygsHiIMwMUZE2nJyIyQI1cNdPdwAp7z7VipMzU46JLM5PbOqfZQ+pmcv
v/ZlfAd4XVgIrtqw54HR5deMngmMopaV2kA5id7MkqY7TJafkFWoMWQ8O9ejjd//
Hj1obloS/oHap4C5UrUCOGY2TsQLmcKHoCIj95Vv2jH7/uCczAMvpOgj24SoBxkS
0a27iJtdZXshD0zSbIHbStxFu0qvvXsxUZLPR/868t9+wKkCWWopFzQqs5epAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUXtFLsQTRfzRfLRe4+uA8P1ljAfEwHwYDVR0j
BBgwFoAUyhOpusKTFeXF2s8LxziMNCrW5ZIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
Mzk3Y2ZjNS1lMGIwLTQ4MjAtYjg1OS03OTYyNTIwMWVjYWYvMC9DQTEzQTlCQUMy
OTMxNUU1QzVEQUNGMEJDNzM4OEMzNDJBRDZFNTkyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQ0ExM0E5QkFDMjkzMTVFNUM1REFDRjBCQzczODhDMzQyQUQ2
RTU5Mi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2MzOTdjZmM1LWUwYjAtNDgyMC1i
ODU5LTc5NjI1MjAxZWNhZi8wLzMxMzAzMzJlMzEzNzMyMmUzMTM5MzYyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTM0MzIzMzM5MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnrMQwDQYJ
KoZIhvcNAQELBQADggEBAE1CXFYRjWbj0qXPpkCAnsWMvULM/X0kYkga3XD/zkGy
VMjucO9np3oNDhCz0IlAX7yhQ32TowUcu5kYLBKjjYuvvfdjhlr6Y/gExmLCgQdr
V4DE1Gw8LVrin2Px/RtyaoI6N0MpQrfa5+HgbStQYsA6Al473D4yTjoy7YR3M53T
tiFbQsDeQNho6JTlYvmaV4uO23Pp98xgnVg0Rtxpu8zjeAxnGxi74HukgIzuj2eU
ctJPFN0YZluq+xGNe2FO96Ta+MybvhgC8yDnrWlPXG1A++wyE1Ei1ThkJlGkjIIp
gRxmoFYeFmJ1lhtB6FHB+GjS74vwDCsBxaoaiWZ4gq4=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:16:53 2025 by rpki-client