Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/f2d66d10-b857-4bef-9395-45d5ab2c44f9/0/3130332e3134382e3130302e302f32332d3234203d3e20313339393838.roa
File:                     3130332e3134382e3130302e302f32332d3234203d3e20313339393838.roa (raw, json)
Hash identifier:          hRVeSPhdphVESxw/HVaRN7Uso4dNGcBae9fMOmvqYMU=
Subject key identifier:   D5:E8:0D:60:94:BE:74:7A:EC:2A:11:9E:31:94:83:FB:EF:D6:31:8F
Certificate issuer:       /CN=5335076B95F2978BE3ACDB39360AE5A22D0D4B55
Certificate serial:       6C40AA8100F531A5ABD465981615F1E5CF331BF4
Authority key identifier: 53:35:07:6B:95:F2:97:8B:E3:AC:DB:39:36:0A:E5:A2:2D:0D:4B:55
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5335076B95F2978BE3ACDB39360AE5A22D0D4B55.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/f2d66d10-b857-4bef-9395-45d5ab2c44f9/0/3130332e3134382e3130302e302f32332d3234203d3e20313339393838.roa
Signing time:             Tue 15 Jul 2025 10:02:24 +0000
ROA not before:           Tue 15 Jul 2025 09:57:24 +0000
ROA not after:            Tue 14 Jul 2026 10:02:24 +0000
asID:                     139988
IP address blocks:        103.148.100.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/f2d66d10-b857-4bef-9395-45d5ab2c44f9/0/5335076B95F2978BE3ACDB39360AE5A22D0D4B55.crl
                          rsync://repo-rpki.idnic.net/repo/f2d66d10-b857-4bef-9395-45d5ab2c44f9/0/5335076B95F2978BE3ACDB39360AE5A22D0D4B55.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5335076B95F2978BE3ACDB39360AE5A22D0D4B55.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 05:16:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:40:aa:81:00:f5:31:a5:ab:d4:65:98:16:15:f1:e5:cf:33:1b:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5335076B95F2978BE3ACDB39360AE5A22D0D4B55
        Validity
            Not Before: Jul 15 09:57:24 2025 GMT
            Not After : Jul 14 10:02:24 2026 GMT
        Subject: CN=D5E80D6094BE747AEC2A119E319483FBEFD6318F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:35:89:6d:62:95:8c:81:59:06:ff:d9:41:3a:
                    b4:f8:b4:1a:73:f2:e6:87:14:ca:5a:5d:a4:6b:d4:
                    0e:40:07:70:2f:ce:6d:2f:79:a7:f7:eb:aa:e1:12:
                    57:6a:a3:a7:77:16:9d:b3:a6:46:63:a1:6b:7f:2d:
                    3f:6c:d1:cb:55:1f:a7:bf:88:74:95:ae:6f:95:f3:
                    15:23:c1:7f:ec:ec:0c:21:a2:71:a2:c3:99:e1:04:
                    f0:9a:11:4c:6c:a1:bf:d8:b5:71:6c:cb:3c:1f:f5:
                    85:e3:cd:3e:2f:92:85:0e:6a:f4:13:d7:28:0e:72:
                    2a:90:66:65:83:0a:e9:e3:5f:e8:4e:de:20:8a:e2:
                    eb:f8:1d:38:29:a0:5a:16:1d:d4:26:71:04:30:ee:
                    c7:ec:42:76:dc:5a:89:35:01:63:70:04:58:5b:d6:
                    a9:ae:d7:10:1b:76:e5:70:54:f8:9e:a3:79:4f:13:
                    af:d9:78:5f:68:e0:2b:fb:31:c5:6e:e1:a2:df:cd:
                    ab:85:ab:19:d5:cf:e0:0e:5a:88:98:ab:b0:a2:2a:
                    4b:bd:eb:aa:f5:ba:31:37:22:70:99:6e:37:02:26:
                    2c:4e:72:d9:cc:67:6d:59:9d:89:51:19:a9:47:fd:
                    43:59:43:a4:4d:91:42:32:cd:3f:37:19:8f:0b:f6:
                    7b:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:E8:0D:60:94:BE:74:7A:EC:2A:11:9E:31:94:83:FB:EF:D6:31:8F
            X509v3 Authority Key Identifier:
                keyid:53:35:07:6B:95:F2:97:8B:E3:AC:DB:39:36:0A:E5:A2:2D:0D:4B:55

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/f2d66d10-b857-4bef-9395-45d5ab2c44f9/0/5335076B95F2978BE3ACDB39360AE5A22D0D4B55.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5335076B95F2978BE3ACDB39360AE5A22D0D4B55.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f2d66d10-b857-4bef-9395-45d5ab2c44f9/0/3130332e3134382e3130302e302f32332d3234203d3e20313339393838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.148.100.0/23

    Signature Algorithm: sha256WithRSAEncryption
         af:90:aa:a2:90:94:0f:bd:24:53:6a:1a:e7:a9:71:7b:97:3b:
         39:4c:4e:06:79:f0:66:ed:1d:28:3d:93:df:d1:13:9c:a4:2e:
         4c:a2:40:dc:25:04:3d:55:71:04:a7:8f:17:25:c9:e3:52:b6:
         99:fb:3a:41:93:32:f3:1d:b9:2d:ae:f4:d4:0e:c9:4d:70:2c:
         fb:e3:07:e0:9f:6c:7a:7f:cc:cb:76:ef:83:79:6a:03:6a:a5:
         04:b7:14:14:68:42:af:0f:6f:a6:f6:06:a0:2b:dc:bc:2e:17:
         94:5a:69:a1:54:b5:30:35:0d:15:2c:62:01:3f:e7:d9:d0:ce:
         74:d1:84:d4:0e:1e:ba:d7:18:54:64:43:7c:5e:20:d9:16:bc:
         ff:3b:66:43:fc:64:a5:b3:5f:05:06:ac:74:09:d4:ae:b5:3e:
         e5:c9:2e:a5:5a:d3:99:83:6e:19:a2:eb:1a:e2:3a:c4:37:39:
         e8:98:76:03:e9:bf:bb:3a:30:3b:2e:86:94:7f:78:31:76:53:
         a0:b0:db:e4:d2:76:5c:af:b0:40:a9:8a:fd:54:1d:48:a2:22:
         6c:2d:df:24:57:47:a5:d9:8f:d5:2c:4d:00:2b:18:9b:d2:91:
         9e:6e:21:c1:7f:f7:db:d3:b3:fd:1a:3a:ec:66:bf:44:d6:b8:
         29:4f:c6:23
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUbECqgQD1MaWr1GWYFhXx5c8zG/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTMzNTA3NkI5NUYyOTc4QkUzQUNEQjM5MzYwQUU1QTIy
RDBENEI1NTAeFw0yNTA3MTUwOTU3MjRaFw0yNjA3MTQxMDAyMjRaMDMxMTAvBgNV
BAMTKEQ1RTgwRDYwOTRCRTc0N0FFQzJBMTE5RTMxOTQ4M0ZCRUZENjMxOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNNYltYpWMgVkG/9lBOrT4tBpz
8uaHFMpaXaRr1A5AB3Avzm0veaf366rhEldqo6d3Fp2zpkZjoWt/LT9s0ctVH6e/
iHSVrm+V8xUjwX/s7AwhonGiw5nhBPCaEUxsob/YtXFsyzwf9YXjzT4vkoUOavQT
1ygOciqQZmWDCunjX+hO3iCK4uv4HTgpoFoWHdQmcQQw7sfsQnbcWok1AWNwBFhb
1qmu1xAbduVwVPieo3lPE6/ZeF9o4Cv7McVu4aLfzauFqxnVz+AOWoiYq7CiKku9
66r1ujE3InCZbjcCJixOctnMZ21ZnYlRGalH/UNZQ6RNkUIyzT83GY8L9nvpAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQU1egNYJS+dHrsKhGeMZSD++/WMY8wHwYDVR0j
BBgwFoAUUzUHa5Xyl4vjrNs5Ngrloi0NS1UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m
MmQ2NmQxMC1iODU3LTRiZWYtOTM5NS00NWQ1YWIyYzQ0ZjkvMC81MzM1MDc2Qjk1
RjI5NzhCRTNBQ0RCMzkzNjBBRTVBMjJEMEQ0QjU1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNTMzNTA3NkI5NUYyOTc4QkUzQUNEQjM5MzYwQUU1QTIyRDBE
NEI1NS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2YyZDY2ZDEwLWI4NTctNGJlZi05
Mzk1LTQ1ZDVhYjJjNDRmOS8wLzMxMzAzMzJlMzEzNDM4MmUzMTMwMzAyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTMzMzkzOTM4Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnlGQwDQYJ
KoZIhvcNAQELBQADggEBAK+QqqKQlA+9JFNqGuepcXuXOzlMTgZ58GbtHSg9k9/R
E5ykLkyiQNwlBD1VcQSnjxclyeNStpn7OkGTMvMduS2u9NQOyU1wLPvjB+CfbHp/
zMt274N5agNqpQS3FBRoQq8Pb6b2BqAr3LwuF5RaaaFUtTA1DRUsYgE/59nQznTR
hNQOHrrXGFRkQ3xeINkWvP87ZkP8ZKWzXwUGrHQJ1K61PuXJLqVa05mDbhmi6xri
OsQ3OeiYdgPpv7s6MDsuhpR/eDF2U6Cw2+TSdlyvsECpiv1UHUiiImwt3yRXR6XZ
j9UsTQArGJvSkZ5uIcF/99vTs/0aOuxmv0TWuClPxiM=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:20:15 2025 by rpki-client