Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/0af31599-8b08-4ffd-a056-795e8aa0a586/0/3130332e3130372e3133362e302f32342d3234203d3e20313530393332.roa
File:                     3130332e3130372e3133362e302f32342d3234203d3e20313530393332.roa (raw, json)
Hash identifier:          pb2wVsCWTV18ZKzXGju0S2bueyNWmTFuncm9VY9yQr0=
Subject key identifier:   B2:9B:01:51:BD:0E:61:D0:D4:15:A2:03:A1:10:EA:AB:CF:09:48:07
Certificate issuer:       /CN=CC2FA8A692DDD44F4EA70EAEAC3204D53E6455C8
Certificate serial:       659DB74EA68B95C27489905B4CE7D65DFA6E6B6B
Authority key identifier: CC:2F:A8:A6:92:DD:D4:4F:4E:A7:0E:AE:AC:32:04:D5:3E:64:55:C8
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CC2FA8A692DDD44F4EA70EAEAC3204D53E6455C8.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/0af31599-8b08-4ffd-a056-795e8aa0a586/0/3130332e3130372e3133362e302f32342d3234203d3e20313530393332.roa
Signing time:             Thu 27 Feb 2025 16:00:02 +0000
ROA not before:           Thu 27 Feb 2025 15:55:02 +0000
ROA not after:            Thu 26 Feb 2026 16:00:02 +0000
asID:                     150932
IP address blocks:        103.107.136.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/0af31599-8b08-4ffd-a056-795e8aa0a586/0/CC2FA8A692DDD44F4EA70EAEAC3204D53E6455C8.crl
                          rsync://repo-rpki.idnic.net/repo/0af31599-8b08-4ffd-a056-795e8aa0a586/0/CC2FA8A692DDD44F4EA70EAEAC3204D53E6455C8.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CC2FA8A692DDD44F4EA70EAEAC3204D53E6455C8.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 23 Apr 2025 11:03:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:9d:b7:4e:a6:8b:95:c2:74:89:90:5b:4c:e7:d6:5d:fa:6e:6b:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CC2FA8A692DDD44F4EA70EAEAC3204D53E6455C8
        Validity
            Not Before: Feb 27 15:55:02 2025 GMT
            Not After : Feb 26 16:00:02 2026 GMT
        Subject: CN=B29B0151BD0E61D0D415A203A110EAABCF094807
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:fc:d9:5f:30:ba:de:5e:7c:3a:7b:a2:f0:f5:
                    ff:76:84:39:a3:e8:10:7a:bf:48:d9:2b:f4:34:aa:
                    49:69:2c:aa:73:6c:ef:9f:5c:39:07:8e:dd:28:30:
                    0f:8c:4f:b6:74:35:a7:a6:6d:e1:ff:28:7d:10:de:
                    a2:17:d1:93:1d:74:91:c0:93:25:c7:04:36:45:0f:
                    ce:23:8b:a3:d3:20:19:c5:3d:ed:e4:41:7c:bd:47:
                    2c:a8:d0:94:3c:fb:43:bb:58:9d:ac:78:ea:f5:a1:
                    f6:70:da:70:cf:9c:4e:67:43:ed:7c:2d:2d:ad:23:
                    35:ec:4d:14:c9:d3:e2:13:1e:20:1d:21:53:06:bc:
                    57:38:43:6a:73:b5:79:eb:b0:86:56:df:da:b7:51:
                    83:58:bd:9a:cd:1a:05:33:dc:f0:0c:7f:18:5b:92:
                    3e:48:72:b1:7f:6d:43:e7:aa:bc:79:87:3b:31:ab:
                    42:3a:5a:c3:83:dc:cc:c3:59:31:89:05:1e:f7:25:
                    2d:b0:a2:e4:ba:b2:33:47:32:59:21:4c:c2:ba:63:
                    8d:22:92:b5:2d:e7:00:39:31:dd:2d:e8:e9:75:4e:
                    87:22:a6:b7:55:0b:e1:35:07:59:ab:29:3d:ab:a1:
                    6a:89:11:0b:b5:19:90:96:66:54:54:1c:0b:bb:94:
                    24:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:9B:01:51:BD:0E:61:D0:D4:15:A2:03:A1:10:EA:AB:CF:09:48:07
            X509v3 Authority Key Identifier:
                keyid:CC:2F:A8:A6:92:DD:D4:4F:4E:A7:0E:AE:AC:32:04:D5:3E:64:55:C8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/0af31599-8b08-4ffd-a056-795e8aa0a586/0/CC2FA8A692DDD44F4EA70EAEAC3204D53E6455C8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CC2FA8A692DDD44F4EA70EAEAC3204D53E6455C8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0af31599-8b08-4ffd-a056-795e8aa0a586/0/3130332e3130372e3133362e302f32342d3234203d3e20313530393332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.107.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         dc:15:1f:d9:b6:9f:fe:37:9f:1d:7d:88:1b:07:97:1e:03:dd:
         2e:40:77:66:49:c5:17:59:72:00:7f:df:25:33:90:58:93:a5:
         6f:8f:5f:7a:eb:7c:fe:2a:6d:7e:72:53:07:99:61:78:64:2c:
         98:8a:bd:a3:ee:34:f5:62:41:a3:16:74:43:a1:86:ef:d6:8e:
         78:aa:ae:30:11:07:6d:63:88:a8:fc:70:59:6b:16:72:82:9e:
         97:3b:b1:ca:eb:ab:45:1d:f5:34:be:09:0e:91:b8:3d:4e:93:
         a4:52:3a:62:11:18:6b:15:9d:66:44:bd:1e:db:41:ff:e8:6f:
         c5:e3:8b:6a:6c:b6:f8:e5:b1:0a:04:c4:c6:70:55:ea:92:9b:
         59:36:a1:71:5b:02:22:fa:3c:ef:b1:2d:36:75:09:17:1e:35:
         2b:a0:0a:33:30:2b:32:d6:3e:d2:e4:cb:ef:7a:f1:02:29:cf:
         ba:f0:9b:61:5a:47:04:79:89:1c:89:c9:05:60:54:1a:80:cc:
         ef:77:c0:f2:f4:a3:a8:a3:df:a2:2c:97:d0:63:bf:f0:56:cf:
         4a:3b:56:90:00:24:68:89:59:44:ed:4e:68:d8:0c:73:4c:d0:
         c3:2a:b5:36:db:e4:20:48:5d:c8:ac:70:ea:e8:84:14:b0:70:
         62:59:64:f1
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUZZ23TqaLlcJ0iZBbTOfWXfpua2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0MyRkE4QTY5MkRERDQ0RjRFQTcwRUFFQUMzMjA0RDUz
RTY0NTVDODAeFw0yNTAyMjcxNTU1MDJaFw0yNjAyMjYxNjAwMDJaMDMxMTAvBgNV
BAMTKEIyOUIwMTUxQkQwRTYxRDBENDE1QTIwM0ExMTBFQUFCQ0YwOTQ4MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB/NlfMLreXnw6e6Lw9f92hDmj
6BB6v0jZK/Q0qklpLKpzbO+fXDkHjt0oMA+MT7Z0NaembeH/KH0Q3qIX0ZMddJHA
kyXHBDZFD84ji6PTIBnFPe3kQXy9Ryyo0JQ8+0O7WJ2seOr1ofZw2nDPnE5nQ+18
LS2tIzXsTRTJ0+ITHiAdIVMGvFc4Q2pztXnrsIZW39q3UYNYvZrNGgUz3PAMfxhb
kj5IcrF/bUPnqrx5hzsxq0I6WsOD3MzDWTGJBR73JS2wouS6sjNHMlkhTMK6Y40i
krUt5wA5Md0t6Ol1TociprdVC+E1B1mrKT2roWqJEQu1GZCWZlRUHAu7lCThAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUspsBUb0OYdDUFaIDoRDqq88JSAcwHwYDVR0j
BBgwFoAUzC+oppLd1E9Opw6urDIE1T5kVcgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
YWYzMTU5OS04YjA4LTRmZmQtYTA1Ni03OTVlOGFhMGE1ODYvMC9DQzJGQThBNjky
RERENDRGNEVBNzBFQUVBQzMyMDRENTNFNjQ1NUM4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQ0MyRkE4QTY5MkRERDQ0RjRFQTcwRUFFQUMzMjA0RDUzRTY0
NTVDOC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBhZjMxNTk5LThiMDgtNGZmZC1h
MDU2LTc5NWU4YWEwYTU4Ni8wLzMxMzAzMzJlMzEzMDM3MmUzMTMzMzYyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM1MzAzOTMzMzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABna4gwDQYJ
KoZIhvcNAQELBQADggEBANwVH9m2n/43nx19iBsHlx4D3S5Ad2ZJxRdZcgB/3yUz
kFiTpW+PX3rrfP4qbX5yUweZYXhkLJiKvaPuNPViQaMWdEOhhu/WjniqrjARB21j
iKj8cFlrFnKCnpc7scrrq0Ud9TS+CQ6RuD1Ok6RSOmIRGGsVnWZEvR7bQf/ob8Xj
i2pstvjlsQoExMZwVeqSm1k2oXFbAiL6PO+xLTZ1CRceNSugCjMwKzLWPtLky+96
8QIpz7rwm2FaRwR5iRyJyQVgVBqAzO93wPL0o6ij36Isl9Bjv/BWz0o7VpAAJGiJ
WUTtTmjYDHNM0MMqtTbb5CBIXciscOrohBSwcGJZZPE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:57:08 2025 by rpki-client