Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/323030313a6466303a663530303a3a2f34382d3438203d3e20313432333739.roa
File:                     323030313a6466303a663530303a3a2f34382d3438203d3e20313432333739.roa (raw, json)
Hash identifier:          umfOMEf4PNhhbuKnch8HYrE60kq2nglkRwojJY3Rq50=
Subject key identifier:   F0:66:77:01:87:D7:34:E8:B0:08:4E:D7:9C:C1:68:4A:74:79:61:52
Certificate issuer:       /CN=25D788BD2A450C01354B9AB70826895FDFF56208
Certificate serial:       769C8B21AE396DF59C71221C078AB1D1405CAF19
Authority key identifier: 25:D7:88:BD:2A:45:0C:01:35:4B:9A:B7:08:26:89:5F:DF:F5:62:08
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/323030313a6466303a663530303a3a2f34382d3438203d3e20313432333739.roa
Signing time:             Sun 19 Nov 2023 04:00:02 +0000
ROA not before:           Sun 19 Nov 2023 03:55:02 +0000
ROA not after:            Sun 17 Nov 2024 04:00:02 +0000
asID:                     142379
IP address blocks:        2001:df0:f500::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.crl
                          rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 19 Jun 2024 09:50:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:9c:8b:21:ae:39:6d:f5:9c:71:22:1c:07:8a:b1:d1:40:5c:af:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25D788BD2A450C01354B9AB70826895FDFF56208
        Validity
            Not Before: Nov 19 03:55:02 2023 GMT
            Not After : Nov 17 04:00:02 2024 GMT
        Subject: CN=F066770187D734E8B0084ED79CC1684A74796152
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:15:10:a6:a9:ef:db:97:95:c3:90:96:87:d6:
                    a0:f4:8e:4b:09:21:46:65:e8:20:62:11:db:dd:8e:
                    b3:38:6b:dc:32:38:43:b4:1c:65:ad:c3:ad:77:fc:
                    fa:29:9f:a6:56:50:37:f5:8d:e9:81:67:57:27:c2:
                    31:14:00:28:5c:72:00:75:4c:c8:2d:07:24:84:df:
                    6b:13:4b:8f:dc:91:b3:98:3d:cc:15:73:05:c2:1a:
                    61:e2:47:3d:99:7a:61:b6:09:d8:b7:86:86:31:f4:
                    03:a1:8e:4d:f8:d4:b4:68:bf:a8:7a:33:2a:e0:c5:
                    03:cb:b5:b9:f1:47:9d:02:44:9a:18:87:c8:25:6f:
                    39:9b:3a:92:ba:00:3f:02:08:f1:5c:e6:03:8a:82:
                    b5:55:7a:a6:68:e3:a4:9f:33:aa:53:64:0f:a4:c4:
                    ee:a6:29:6a:d5:49:a8:81:6b:e9:33:2f:ad:ea:3e:
                    ea:a9:36:03:db:93:cc:3e:d0:f2:52:16:54:05:1d:
                    c1:b6:7f:48:b1:17:8b:a5:c7:2f:1e:33:74:9f:4f:
                    64:7b:8b:05:d7:5d:39:21:6a:1a:ae:55:b4:cf:13:
                    09:b8:35:47:91:2a:50:c7:7c:b4:b5:50:b1:b1:e4:
                    57:3e:ed:45:8a:c9:af:77:75:b2:27:fa:5c:22:e6:
                    ae:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:66:77:01:87:D7:34:E8:B0:08:4E:D7:9C:C1:68:4A:74:79:61:52
            X509v3 Authority Key Identifier:
                keyid:25:D7:88:BD:2A:45:0C:01:35:4B:9A:B7:08:26:89:5F:DF:F5:62:08

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/323030313a6466303a663530303a3a2f34382d3438203d3e20313432333739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df0:f500::/48

    Signature Algorithm: sha256WithRSAEncryption
         b6:ae:75:0b:c8:e5:cf:3b:44:17:82:b9:a8:f8:96:f4:8d:7e:
         23:4c:14:29:57:ad:b7:4d:93:0d:7d:13:b7:af:3b:f8:f4:2b:
         50:e2:4f:b8:9a:37:63:90:74:29:a1:f5:d3:48:09:92:06:1b:
         9a:b7:49:6e:8e:36:39:88:35:f1:5f:4c:a8:e9:9b:c1:18:fc:
         70:64:ba:36:fb:d7:06:74:95:c2:28:ab:5d:fa:63:82:42:f9:
         75:c6:47:82:8a:3c:f9:3f:4b:ae:c2:25:b4:a4:c3:bb:fb:68:
         75:75:d4:b6:cc:be:68:ad:ae:f0:fd:49:1e:1e:51:9e:6a:84:
         f8:4f:51:f2:d8:5b:8e:a9:ac:f6:4e:0f:89:94:22:1a:4d:46:
         b0:33:28:ec:b8:7c:26:c2:09:9e:44:a2:6a:6a:4c:76:91:d1:
         c8:54:28:69:03:74:e2:52:8d:51:62:fa:14:3c:02:41:d2:82:
         e1:fc:67:af:ed:ba:d0:38:25:83:9a:4e:18:7a:bc:57:de:2c:
         bc:26:84:bd:2f:cc:7f:bd:2d:3a:81:23:10:1f:41:32:67:cc:
         c0:04:e3:d0:ac:b4:8d:f2:05:23:59:88:e4:ec:c4:1a:b6:2a:
         b6:66:52:ba:17:05:89:e6:38:1f:df:d9:83:b0:6b:b1:4a:7c:
         ea:6b:6a:43
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdpyLIa45bfWccSIcB4qx0UBcrxkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5NUZE
RkY1NjIwODAeFw0yMzExMTkwMzU1MDJaFw0yNDExMTcwNDAwMDJaMDMxMTAvBgNV
BAMTKEYwNjY3NzAxODdENzM0RThCMDA4NEVENzlDQzE2ODRBNzQ3OTYxNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSFRCmqe/bl5XDkJaH1qD0jksJ
IUZl6CBiEdvdjrM4a9wyOEO0HGWtw613/Popn6ZWUDf1jemBZ1cnwjEUAChccgB1
TMgtBySE32sTS4/ckbOYPcwVcwXCGmHiRz2ZemG2Cdi3hoYx9AOhjk341LRov6h6
MyrgxQPLtbnxR50CRJoYh8glbzmbOpK6AD8CCPFc5gOKgrVVeqZo46SfM6pTZA+k
xO6mKWrVSaiBa+kzL63qPuqpNgPbk8w+0PJSFlQFHcG2f0ixF4ulxy8eM3SfT2R7
iwXXXTkhahquVbTPEwm4NUeRKlDHfLS1ULGx5Fc+7UWKya93dbIn+lwi5q5nAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU8GZ3AYfXNOiwCE7XnMFoSnR5YVIwHwYDVR0j
BBgwFoAUJdeIvSpFDAE1S5q3CCaJX9/1YggwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
NmE3NjY1YS1iNTBiLTRhNDUtYThmOS0wZDY5YmQ3ZDc0M2QvMC8yNUQ3ODhCRDJB
NDUwQzAxMzU0QjlBQjcwODI2ODk1RkRGRjU2MjA4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5NUZERkY1
NjIwOC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA2YTc2NjVhLWI1MGItNGE0NS1h
OGY5LTBkNjliZDdkNzQzZC8wLzMyMzAzMDMxM2E2NDY2MzAzYTY2MzUzMDMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNDMyMzMzNzM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
8PUAMA0GCSqGSIb3DQEBCwUAA4IBAQC2rnULyOXPO0QXgrmo+Jb0jX4jTBQpV623
TZMNfRO3rzv49CtQ4k+4mjdjkHQpofXTSAmSBhuat0lujjY5iDXxX0yo6ZvBGPxw
ZLo2+9cGdJXCKKtd+mOCQvl1xkeCijz5P0uuwiW0pMO7+2h1ddS2zL5ora7w/Uke
HlGeaoT4T1Hy2FuOqaz2Tg+JlCIaTUawMyjsuHwmwgmeRKJqakx2kdHIVChpA3Ti
Uo1RYvoUPAJB0oLh/Gev7brQOCWDmk4YerxX3iy8JoS9L8x/vS06gSMQH0EyZ8zA
BOPQrLSN8gUjWYjk7MQatiq2ZlK6FwWJ5jgf39mDsGuxSnzqa2pD
-----END CERTIFICATE-----
Generated at Sun Jun 16 05:29:49 2024 by rpki-client on console-fra.rpki-client.org