Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0/3130332e32342e3231342e302f32342d3234203d3e20313332363439.roa
File:                     3130332e32342e3231342e302f32342d3234203d3e20313332363439.roa (raw, json)
Hash identifier:          yAXaSsyAZCT1TlzRq2Ly3hqQXPTOIb4fK/X1XVhMrsQ=
Subject key identifier:   04:83:23:C7:68:C9:AF:39:22:AA:3D:2D:D1:C1:36:7D:27:74:63:9B
Certificate issuer:       /CN=4ACFA054E26D225A10C6B0FD316D21263924491E
Certificate serial:       3FD5371BDB24451821240C2048B76070E8EC9F2E
Authority key identifier: 4A:CF:A0:54:E2:6D:22:5A:10:C6:B0:FD:31:6D:21:26:39:24:49:1E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4ACFA054E26D225A10C6B0FD316D21263924491E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0/3130332e32342e3231342e302f32342d3234203d3e20313332363439.roa
Signing time:             Mon 02 Jun 2025 01:02:45 +0000
ROA not before:           Mon 02 Jun 2025 00:57:45 +0000
ROA not after:            Mon 01 Jun 2026 01:02:45 +0000
asID:                     132649
IP address blocks:        103.24.214.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0/4ACFA054E26D225A10C6B0FD316D21263924491E.crl
                          rsync://repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0/4ACFA054E26D225A10C6B0FD316D21263924491E.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4ACFA054E26D225A10C6B0FD316D21263924491E.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 11 Jun 2025 18:34:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:d5:37:1b:db:24:45:18:21:24:0c:20:48:b7:60:70:e8:ec:9f:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ACFA054E26D225A10C6B0FD316D21263924491E
        Validity
            Not Before: Jun  2 00:57:45 2025 GMT
            Not After : Jun  1 01:02:45 2026 GMT
        Subject: CN=048323C768C9AF3922AA3D2DD1C1367D2774639B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7b:2c:0f:84:59:47:4d:b3:d9:d2:0b:36:f2:
                    22:2e:99:e7:bd:91:71:df:12:eb:12:89:64:50:26:
                    78:a8:97:ff:62:d4:54:90:f8:db:16:75:39:f7:3f:
                    17:66:e9:bb:d9:ba:69:73:5f:d6:ff:ed:d5:6d:6b:
                    ee:fe:8c:59:95:24:48:1d:a9:bf:aa:0c:20:8c:6c:
                    16:18:63:c4:cf:30:f2:2f:0e:cb:09:ed:fd:4b:ff:
                    bf:65:92:3a:06:cc:56:77:5a:02:d3:3c:8a:b3:5f:
                    cf:92:61:44:e3:51:87:00:d5:c2:43:fb:5e:0d:49:
                    27:70:a6:55:eb:94:e8:a7:b0:80:05:4d:12:1c:eb:
                    43:c4:96:90:ab:db:ca:b8:b0:d1:ca:de:e5:f6:44:
                    e0:47:55:5c:0c:c4:05:b1:aa:e6:ac:f5:8d:5c:31:
                    f7:0c:4c:e9:ee:53:69:b2:62:64:01:80:67:1a:a2:
                    45:03:4b:21:3c:02:0e:33:54:39:21:ea:3c:a3:c3:
                    06:d3:b2:f0:31:c3:64:42:d5:d2:e6:8d:37:64:30:
                    74:8d:19:b6:f5:a2:58:ca:9e:c7:b3:fc:48:9e:fb:
                    a8:48:a9:bb:74:6d:37:a3:6a:00:f1:96:02:5c:fc:
                    b3:8f:9e:4f:b1:35:9b:29:c4:e9:61:99:91:61:79:
                    92:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:83:23:C7:68:C9:AF:39:22:AA:3D:2D:D1:C1:36:7D:27:74:63:9B
            X509v3 Authority Key Identifier:
                keyid:4A:CF:A0:54:E2:6D:22:5A:10:C6:B0:FD:31:6D:21:26:39:24:49:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0/4ACFA054E26D225A10C6B0FD316D21263924491E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4ACFA054E26D225A10C6B0FD316D21263924491E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0/3130332e32342e3231342e302f32342d3234203d3e20313332363439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.24.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:3a:cc:52:b5:6c:f4:7d:56:93:41:78:d8:22:ef:b4:a2:05:
         0f:5f:33:b2:eb:26:30:fe:dd:6f:72:9a:81:f5:82:11:34:a0:
         1e:c8:9d:f9:bf:d7:77:0f:20:69:d7:ff:01:3a:5f:6e:0c:40:
         b7:85:e6:eb:ed:56:f3:9b:81:83:df:c5:b7:4d:9c:74:cb:cb:
         26:45:c0:e2:99:1a:9e:b9:14:44:57:9f:3c:32:be:5b:72:76:
         11:9b:c5:06:b8:51:51:f2:81:b5:1b:ef:65:16:26:a1:d4:73:
         c7:ba:c1:3f:f8:dd:f9:37:cb:32:b7:25:78:c8:ad:57:af:e8:
         33:d1:9b:ab:50:56:f2:19:b6:94:b2:6d:af:c7:e9:ab:45:e5:
         d0:ed:58:5f:8e:3a:0d:c7:86:d2:4a:77:b0:13:77:06:19:ca:
         d8:16:d8:b8:51:9b:1c:4b:9f:57:43:76:e5:19:b1:76:84:2c:
         d3:65:59:18:a0:d0:5c:e9:c5:e3:c8:a9:dc:e8:12:de:5f:de:
         ca:5f:c8:bd:de:e5:5a:48:54:8c:5a:48:a6:05:66:ce:b9:fa:
         9a:e5:af:50:83:d8:5a:8d:32:93:08:ae:16:95:df:d0:30:4d:
         45:80:be:80:4c:34:5d:37:ae:fa:1b:42:37:87:a6:ee:89:6a:
         8b:eb:1d:07
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUP9U3G9skRRghJAwgSLdgcOjsny4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNEFDRkEwNTRFMjZEMjI1QTEwQzZCMEZEMzE2RDIxMjYz
OTI0NDkxRTAeFw0yNTA2MDIwMDU3NDVaFw0yNjA2MDEwMTAyNDVaMDMxMTAvBgNV
BAMTKDA0ODMyM0M3NjhDOUFGMzkyMkFBM0QyREQxQzEzNjdEMjc3NDYzOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCreywPhFlHTbPZ0gs28iIumee9
kXHfEusSiWRQJniol/9i1FSQ+NsWdTn3Pxdm6bvZumlzX9b/7dVta+7+jFmVJEgd
qb+qDCCMbBYYY8TPMPIvDssJ7f1L/79lkjoGzFZ3WgLTPIqzX8+SYUTjUYcA1cJD
+14NSSdwplXrlOinsIAFTRIc60PElpCr28q4sNHK3uX2ROBHVVwMxAWxquas9Y1c
MfcMTOnuU2myYmQBgGcaokUDSyE8Ag4zVDkh6jyjwwbTsvAxw2RC1dLmjTdkMHSN
Gbb1oljKnsez/Eie+6hIqbt0bTejagDxlgJc/LOPnk+xNZspxOlhmZFheZIFAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUBIMjx2jJrzkiqj0t0cE2fSd0Y5swHwYDVR0j
BBgwFoAUSs+gVOJtIloQxrD9MW0hJjkkSR4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
ZTQ2YTMwNS1kZjc3LTQ1ODctODcwMy1hOTA1YzUzNzc5YWMvMC80QUNGQTA1NEUy
NkQyMjVBMTBDNkIwRkQzMTZEMjEyNjM5MjQ0OTFFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNEFDRkEwNTRFMjZEMjI1QTEwQzZCMEZEMzE2RDIxMjYzOTI0
NDkxRS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBlNDZhMzA1LWRmNzctNDU4Ny04
NzAzLWE5MDVjNTM3NzlhYy8wLzMxMzAzMzJlMzIzNDJlMzIzMTM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzMyMzYzNDM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZxjWMA0GCSqG
SIb3DQEBCwUAA4IBAQBiOsxStWz0fVaTQXjYIu+0ogUPXzOy6yYw/t1vcpqB9YIR
NKAeyJ35v9d3DyBp1/8BOl9uDEC3hebr7Vbzm4GD38W3TZx0y8smRcDimRqeuRRE
V588Mr5bcnYRm8UGuFFR8oG1G+9lFiah1HPHusE/+N35N8sytyV4yK1Xr+gz0Zur
UFbyGbaUsm2vx+mrReXQ7VhfjjoNx4bSSnewE3cGGcrYFti4UZscS59XQ3blGbF2
hCzTZVkYoNBc6cXjyKnc6BLeX97KX8i93uVaSFSMWkimBWbOufqa5a9Qg9hajTKT
CK4Wld/QME1FgL6ATDRdN676G0I3h6buiWqL6x0H
-----END CERTIFICATE-----
Generated at Tue Jun 10 11:00:24 2025 by rpki-client