Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/d2f1417a-5718-4071-9f35-c122555dac7a/0/3130332e31392e3232392e302f32342d3234203d3e20313332363638.roa
File:                     3130332e31392e3232392e302f32342d3234203d3e20313332363638.roa (raw, json)
Hash identifier:          lJA11B888lTAIORO0k9rdft4p7t0vrr4FyWBG++arwA=
Subject key identifier:   AB:66:0C:F5:0A:F3:77:6B:D1:D9:B7:DF:39:97:B0:B8:4F:A0:5E:7D
Certificate issuer:       /CN=95966A8DB250307CF9852483F96922EE520F6E2A
Certificate serial:       560F0EBA1463B5E2CB7136B9674C8426D7B5FD4A
Authority key identifier: 95:96:6A:8D:B2:50:30:7C:F9:85:24:83:F9:69:22:EE:52:0F:6E:2A
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95966A8DB250307CF9852483F96922EE520F6E2A.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/d2f1417a-5718-4071-9f35-c122555dac7a/0/3130332e31392e3232392e302f32342d3234203d3e20313332363638.roa
Signing time:             Thu 10 Jul 2025 08:02:49 +0000
ROA not before:           Thu 10 Jul 2025 07:57:49 +0000
ROA not after:            Thu 09 Jul 2026 08:02:49 +0000
asID:                     132668
IP address blocks:        103.19.229.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/d2f1417a-5718-4071-9f35-c122555dac7a/0/95966A8DB250307CF9852483F96922EE520F6E2A.crl
                          rsync://repo-rpki.idnic.net/repo/d2f1417a-5718-4071-9f35-c122555dac7a/0/95966A8DB250307CF9852483F96922EE520F6E2A.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95966A8DB250307CF9852483F96922EE520F6E2A.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 22:33:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:0f:0e:ba:14:63:b5:e2:cb:71:36:b9:67:4c:84:26:d7:b5:fd:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95966A8DB250307CF9852483F96922EE520F6E2A
        Validity
            Not Before: Jul 10 07:57:49 2025 GMT
            Not After : Jul  9 08:02:49 2026 GMT
        Subject: CN=AB660CF50AF3776BD1D9B7DF3997B0B84FA05E7D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:99:84:b2:78:4c:ce:f0:11:64:68:2b:22:38:
                    e6:d3:3f:de:ef:15:d5:ec:89:fe:76:45:56:7b:8d:
                    9a:65:64:a7:43:70:a8:be:01:73:fd:3d:44:56:b8:
                    59:19:09:a1:85:54:3a:e5:27:be:fa:90:da:54:31:
                    bc:b8:59:b3:e1:b5:a1:1c:d2:53:c3:fa:b9:49:1b:
                    e5:b2:21:c0:82:95:f2:2e:95:69:ac:f8:8f:33:06:
                    0c:ce:91:dd:69:72:e5:b4:24:0e:de:58:8a:9c:1f:
                    32:86:35:1e:a0:d4:9b:20:f7:5a:bb:68:d5:29:c2:
                    02:55:5a:31:7f:72:9d:79:0c:61:b8:79:84:4c:e7:
                    4f:4a:19:e2:ca:7e:8c:5f:ea:45:8f:31:31:06:f4:
                    4a:a6:90:51:a4:3a:b0:e8:6e:07:92:59:b3:78:58:
                    9c:99:f1:0d:30:0c:b0:10:7b:b9:84:fc:2a:57:a8:
                    53:0d:9f:10:d1:35:86:74:89:4c:55:c7:60:17:ea:
                    3d:05:b5:b5:07:04:77:6f:f4:8f:4d:c1:f0:3b:b6:
                    27:84:9a:37:13:3f:ea:e8:7b:71:14:c3:eb:f1:a4:
                    82:1d:77:e8:e8:0f:1e:e3:80:2e:5f:15:67:f9:60:
                    9a:ca:fa:85:9a:e4:23:3d:c2:2e:33:bb:49:8d:26:
                    53:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:66:0C:F5:0A:F3:77:6B:D1:D9:B7:DF:39:97:B0:B8:4F:A0:5E:7D
            X509v3 Authority Key Identifier:
                keyid:95:96:6A:8D:B2:50:30:7C:F9:85:24:83:F9:69:22:EE:52:0F:6E:2A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/d2f1417a-5718-4071-9f35-c122555dac7a/0/95966A8DB250307CF9852483F96922EE520F6E2A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95966A8DB250307CF9852483F96922EE520F6E2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d2f1417a-5718-4071-9f35-c122555dac7a/0/3130332e31392e3232392e302f32342d3234203d3e20313332363638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.19.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e5:1a:0f:33:36:e1:9e:5f:7d:f1:d0:9d:f7:ae:1f:2c:c9:cf:
         7f:17:cd:e8:1a:6e:6f:bd:e9:9b:ee:08:2b:64:f2:34:b1:7a:
         2c:96:55:b8:eb:4f:97:55:95:ac:20:a6:b7:ec:2a:1d:41:3f:
         9f:00:ae:9b:6b:84:5f:a6:f8:9a:7e:3a:a8:3c:93:52:b6:ba:
         4d:70:94:ab:2d:e6:61:a2:9e:73:8b:5a:0c:b9:51:65:5c:42:
         2d:1c:b6:86:33:5b:ed:56:63:8b:e2:3b:38:4a:c5:14:f9:4d:
         49:82:de:ba:9d:df:95:40:3c:f9:a4:82:ca:ac:f0:af:4d:1d:
         79:ba:e4:9e:21:07:51:0e:c8:01:f6:5c:d2:aa:19:7e:d1:6b:
         c5:6e:23:af:45:51:03:8f:18:37:08:26:13:90:81:67:0c:a1:
         cd:ab:f1:e4:3e:bd:c6:05:a6:52:9d:bf:d8:b8:f5:da:14:6c:
         3d:62:b1:be:e8:f5:0e:ee:64:2a:52:51:47:4c:08:d3:90:6f:
         35:9c:8a:0b:f1:55:38:a3:3c:f2:d0:bc:68:21:f5:fb:b4:94:
         7c:c2:d7:a2:38:c8:4e:f7:b4:01:4b:66:23:0b:33:c4:9b:bb:
         f4:90:50:8d:d8:21:4c:2f:b2:69:72:7c:61:87:a3:9d:86:04:
         33:60:00:f2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUVg8OuhRjteLLcTa5Z0yEJte1/UowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTU5NjZBOERCMjUwMzA3Q0Y5ODUyNDgzRjk2OTIyRUU1
MjBGNkUyQTAeFw0yNTA3MTAwNzU3NDlaFw0yNjA3MDkwODAyNDlaMDMxMTAvBgNV
BAMTKEFCNjYwQ0Y1MEFGMzc3NkJEMUQ5QjdERjM5OTdCMEI4NEZBMDVFN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrmYSyeEzO8BFkaCsiOObTP97v
FdXsif52RVZ7jZplZKdDcKi+AXP9PURWuFkZCaGFVDrlJ776kNpUMby4WbPhtaEc
0lPD+rlJG+WyIcCClfIulWms+I8zBgzOkd1pcuW0JA7eWIqcHzKGNR6g1Jsg91q7
aNUpwgJVWjF/cp15DGG4eYRM509KGeLKfoxf6kWPMTEG9EqmkFGkOrDobgeSWbN4
WJyZ8Q0wDLAQe7mE/CpXqFMNnxDRNYZ0iUxVx2AX6j0FtbUHBHdv9I9NwfA7tieE
mjcTP+roe3EUw+vxpIIdd+joDx7jgC5fFWf5YJrK+oWa5CM9wi4zu0mNJlNDAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUq2YM9Qrzd2vR2bffOZewuE+gXn0wHwYDVR0j
BBgwFoAUlZZqjbJQMHz5hSSD+Wki7lIPbiowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
MmYxNDE3YS01NzE4LTQwNzEtOWYzNS1jMTIyNTU1ZGFjN2EvMC85NTk2NkE4REIy
NTAzMDdDRjk4NTI0ODNGOTY5MjJFRTUyMEY2RTJBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTU5NjZBOERCMjUwMzA3Q0Y5ODUyNDgzRjk2OTIyRUU1MjBG
NkUyQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QyZjE0MTdhLTU3MTgtNDA3MS05
ZjM1LWMxMjI1NTVkYWM3YS8wLzMxMzAzMzJlMzEzOTJlMzIzMjM5MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzMyMzYzNjM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZxPlMA0GCSqG
SIb3DQEBCwUAA4IBAQDlGg8zNuGeX33x0J33rh8syc9/F83oGm5vvemb7ggrZPI0
sXosllW460+XVZWsIKa37CodQT+fAK6ba4RfpviafjqoPJNStrpNcJSrLeZhop5z
i1oMuVFlXEItHLaGM1vtVmOL4js4SsUU+U1Jgt66nd+VQDz5pILKrPCvTR15uuSe
IQdRDsgB9lzSqhl+0WvFbiOvRVEDjxg3CCYTkIFnDKHNq/HkPr3GBaZSnb/YuPXa
FGw9YrG+6PUO7mQqUlFHTAjTkG81nIoL8VU4ozzy0LxoIfX7tJR8wteiOMhO97QB
S2YjCzPEm7v0kFCN2CFML7Jpcnxhh6OdhgQzYADy
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:20:17 2025 by rpki-client