Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0/3130332e32342e3231352e302f32342d3234203d3e20313332363439.roa
File:                     3130332e32342e3231352e302f32342d3234203d3e20313332363439.roa (raw, json)
Hash identifier:          8s60aKm8BvyPqQYfQkCsPX1L1uTLkhjy/eeXecR9yKI=
Subject key identifier:   CE:D0:3F:14:64:79:0C:3D:49:DB:62:D9:10:E4:F2:EA:C7:F2:A5:10
Certificate issuer:       /CN=4ACFA054E26D225A10C6B0FD316D21263924491E
Certificate serial:       585242E4DC74CB3AF38D119A70BE8D327A395D5C
Authority key identifier: 4A:CF:A0:54:E2:6D:22:5A:10:C6:B0:FD:31:6D:21:26:39:24:49:1E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4ACFA054E26D225A10C6B0FD316D21263924491E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0/3130332e32342e3231352e302f32342d3234203d3e20313332363439.roa
Signing time:             Mon 02 Jun 2025 01:02:45 +0000
ROA not before:           Mon 02 Jun 2025 00:57:45 +0000
ROA not after:            Mon 01 Jun 2026 01:02:45 +0000
asID:                     132649
IP address blocks:        103.24.215.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0/4ACFA054E26D225A10C6B0FD316D21263924491E.crl
                          rsync://repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0/4ACFA054E26D225A10C6B0FD316D21263924491E.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4ACFA054E26D225A10C6B0FD316D21263924491E.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 11 Jun 2025 18:34:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:52:42:e4:dc:74:cb:3a:f3:8d:11:9a:70:be:8d:32:7a:39:5d:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ACFA054E26D225A10C6B0FD316D21263924491E
        Validity
            Not Before: Jun  2 00:57:45 2025 GMT
            Not After : Jun  1 01:02:45 2026 GMT
        Subject: CN=CED03F1464790C3D49DB62D910E4F2EAC7F2A510
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d4:f2:25:25:b3:33:d4:65:d9:21:46:cc:aa:
                    30:87:b0:10:1a:db:ab:83:ac:12:46:af:a2:33:6f:
                    0e:16:57:88:ac:99:6a:3b:20:db:0a:42:71:0b:60:
                    96:57:ab:bf:00:30:ca:3b:cc:ca:27:d3:9c:34:db:
                    1b:81:0e:78:d3:e4:0c:ab:8c:bb:45:bc:67:2c:50:
                    01:f9:b0:23:5e:84:ab:6e:f2:13:b5:01:1b:de:2f:
                    99:07:bb:76:3e:f3:e4:e0:4e:45:92:80:03:7c:a5:
                    34:d3:bd:1d:0d:81:d6:c9:cf:c4:9e:04:17:8b:f8:
                    f9:37:b4:f8:17:a5:46:80:b9:44:4d:62:3e:86:a4:
                    21:f5:3c:b4:39:fe:2d:19:60:2c:99:18:78:b8:21:
                    1d:e1:46:38:cb:e0:44:45:64:ad:57:a3:54:8c:21:
                    53:c9:c5:a8:62:15:1a:62:83:3e:c8:38:5c:f3:08:
                    24:0e:22:58:51:f4:ae:46:b5:f9:98:ed:72:75:ba:
                    29:21:41:91:bd:a6:71:00:1a:15:77:a6:22:84:4c:
                    06:2e:d6:39:a3:b2:38:e3:02:4b:26:0d:b7:97:84:
                    00:9a:da:d7:b1:ff:a2:54:bd:14:fd:2f:c2:57:a5:
                    db:d6:e0:bf:6a:40:20:cb:ae:64:ad:3c:a9:43:c4:
                    5e:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:D0:3F:14:64:79:0C:3D:49:DB:62:D9:10:E4:F2:EA:C7:F2:A5:10
            X509v3 Authority Key Identifier:
                keyid:4A:CF:A0:54:E2:6D:22:5A:10:C6:B0:FD:31:6D:21:26:39:24:49:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0/4ACFA054E26D225A10C6B0FD316D21263924491E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4ACFA054E26D225A10C6B0FD316D21263924491E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0/3130332e32342e3231352e302f32342d3234203d3e20313332363439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.24.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:8e:71:d5:25:cd:35:94:a2:dd:d6:52:82:c9:12:09:a8:43:
         d6:be:67:43:79:5c:6c:a9:a5:62:a5:97:fb:8f:df:1d:0e:d5:
         a4:b8:70:fc:a0:b1:11:e1:bf:fa:c3:ee:83:00:f0:a2:f4:97:
         aa:35:d3:96:a0:a6:35:45:0b:3f:0d:c5:d1:4c:8f:c6:90:ae:
         e1:17:3d:f5:01:e9:5c:65:88:ba:20:bf:64:d0:bf:d1:18:43:
         21:24:ec:1c:fc:28:9b:09:4e:d6:c2:fd:8c:bc:c6:a1:cc:d9:
         0d:d5:99:e9:cd:36:3d:1c:18:00:11:eb:d4:84:f8:bb:3d:26:
         86:ad:38:8a:2c:28:e9:32:f7:84:72:97:26:44:e4:43:3e:90:
         74:92:9f:80:6d:d5:6d:a5:31:72:41:2e:96:4d:a9:5b:4a:4b:
         8c:ed:34:2f:32:6a:b9:ee:32:85:cd:70:48:b3:87:b1:29:ae:
         2a:af:42:36:42:b9:fa:04:b5:20:54:4b:d3:eb:fd:5d:ae:f8:
         3e:53:3c:f8:34:97:c8:dd:7f:1f:a7:fc:4b:ba:fe:28:74:eb:
         19:a4:90:1b:21:a7:24:62:24:c2:41:64:77:63:e0:ae:ac:76:
         98:99:97:62:92:15:a1:b0:4a:4c:7d:4d:7d:84:9a:22:fd:3e:
         c4:0f:96:48
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUWFJC5Nx0yzrzjRGacL6NMno5XVwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNEFDRkEwNTRFMjZEMjI1QTEwQzZCMEZEMzE2RDIxMjYz
OTI0NDkxRTAeFw0yNTA2MDIwMDU3NDVaFw0yNjA2MDEwMTAyNDVaMDMxMTAvBgNV
BAMTKENFRDAzRjE0NjQ3OTBDM0Q0OURCNjJEOTEwRTRGMkVBQzdGMkE1MTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf1PIlJbMz1GXZIUbMqjCHsBAa
26uDrBJGr6Izbw4WV4ismWo7INsKQnELYJZXq78AMMo7zMon05w02xuBDnjT5Ayr
jLtFvGcsUAH5sCNehKtu8hO1ARveL5kHu3Y+8+TgTkWSgAN8pTTTvR0NgdbJz8Se
BBeL+Pk3tPgXpUaAuURNYj6GpCH1PLQ5/i0ZYCyZGHi4IR3hRjjL4ERFZK1Xo1SM
IVPJxahiFRpigz7IOFzzCCQOIlhR9K5GtfmY7XJ1uikhQZG9pnEAGhV3piKETAYu
1jmjsjjjAksmDbeXhACa2tex/6JUvRT9L8JXpdvW4L9qQCDLrmStPKlDxF7JAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUztA/FGR5DD1J22LZEOTy6sfypRAwHwYDVR0j
BBgwFoAUSs+gVOJtIloQxrD9MW0hJjkkSR4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
ZTQ2YTMwNS1kZjc3LTQ1ODctODcwMy1hOTA1YzUzNzc5YWMvMC80QUNGQTA1NEUy
NkQyMjVBMTBDNkIwRkQzMTZEMjEyNjM5MjQ0OTFFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNEFDRkEwNTRFMjZEMjI1QTEwQzZCMEZEMzE2RDIxMjYzOTI0
NDkxRS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBlNDZhMzA1LWRmNzctNDU4Ny04
NzAzLWE5MDVjNTM3NzlhYy8wLzMxMzAzMzJlMzIzNDJlMzIzMTM1MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzMyMzYzNDM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZxjXMA0GCSqG
SIb3DQEBCwUAA4IBAQCjjnHVJc01lKLd1lKCyRIJqEPWvmdDeVxsqaVipZf7j98d
DtWkuHD8oLER4b/6w+6DAPCi9JeqNdOWoKY1RQs/DcXRTI/GkK7hFz31AelcZYi6
IL9k0L/RGEMhJOwc/CibCU7Wwv2MvMahzNkN1ZnpzTY9HBgAEevUhPi7PSaGrTiK
LCjpMveEcpcmRORDPpB0kp+AbdVtpTFyQS6WTalbSkuM7TQvMmq57jKFzXBIs4ex
Ka4qr0I2Qrn6BLUgVEvT6/1drvg+Uzz4NJfI3X8fp/xLuv4odOsZpJAbIackYiTC
QWR3Y+CurHaYmZdikhWhsEpMfU19hJoi/T7ED5ZI
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:05:53 2025 by rpki-client