Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/22c69440-8b17-4a68-a0fa-66159e2162e0/0/3130332e3230382e3130322e302f32342d3234203d3e20313334363438.roa
File:                     3130332e3230382e3130322e302f32342d3234203d3e20313334363438.roa (raw, json)
Hash identifier:          UcHmCNm704dRdxu5mGnFESd+cYb7vs2gxWT3im+cP2U=
Subject key identifier:   BC:BC:8F:C2:46:43:45:D7:9A:EE:3B:13:B4:C8:7F:8C:3D:29:7D:9C
Certificate issuer:       /CN=97D77F08669FB94E4E99F795519FB61DCAC62C9F
Certificate serial:       0E3A4049C89EF8AF7695D00255328CF1AD9588F5
Authority key identifier: 97:D7:7F:08:66:9F:B9:4E:4E:99:F7:95:51:9F:B6:1D:CA:C6:2C:9F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/97D77F08669FB94E4E99F795519FB61DCAC62C9F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/22c69440-8b17-4a68-a0fa-66159e2162e0/0/3130332e3230382e3130322e302f32342d3234203d3e20313334363438.roa
Signing time:             Mon 02 Jun 2025 02:01:45 +0000
ROA not before:           Mon 02 Jun 2025 01:56:45 +0000
ROA not after:            Mon 01 Jun 2026 02:01:45 +0000
asID:                     134648
IP address blocks:        103.208.102.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/22c69440-8b17-4a68-a0fa-66159e2162e0/0/97D77F08669FB94E4E99F795519FB61DCAC62C9F.crl
                          rsync://repo-rpki.idnic.net/repo/22c69440-8b17-4a68-a0fa-66159e2162e0/0/97D77F08669FB94E4E99F795519FB61DCAC62C9F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/97D77F08669FB94E4E99F795519FB61DCAC62C9F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 11 Jun 2025 23:54:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:3a:40:49:c8:9e:f8:af:76:95:d0:02:55:32:8c:f1:ad:95:88:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97D77F08669FB94E4E99F795519FB61DCAC62C9F
        Validity
            Not Before: Jun  2 01:56:45 2025 GMT
            Not After : Jun  1 02:01:45 2026 GMT
        Subject: CN=BCBC8FC2464345D79AEE3B13B4C87F8C3D297D9C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:16:9a:92:48:21:2d:db:ec:cb:83:6f:67:68:
                    8f:71:00:52:36:1c:18:58:71:52:7a:14:d4:8f:fd:
                    1b:e9:32:e2:e0:3b:df:ff:b2:f3:d7:07:9f:e9:8d:
                    ca:e0:bf:eb:33:1a:aa:43:08:c9:33:2b:37:7a:53:
                    19:48:d4:01:88:38:91:5c:88:4e:c6:0d:c4:16:22:
                    55:df:3c:d9:6f:1a:58:d2:75:d6:f4:53:a0:3e:31:
                    4a:41:7f:b0:2b:b7:ff:5f:81:c1:49:9e:40:e5:cf:
                    e4:a7:87:a1:29:07:d3:b3:8b:1c:0c:72:9c:70:49:
                    20:e2:d1:d2:67:af:d0:cb:a0:3b:b6:a1:d4:f0:79:
                    6a:2a:a5:49:ac:80:48:c8:93:a6:81:3b:f7:ec:ac:
                    89:ac:4d:35:fc:b0:37:47:63:2a:99:af:6d:a5:29:
                    c0:d6:d5:a7:5c:b0:26:70:ea:fc:28:01:92:c2:3f:
                    aa:bb:c8:99:62:5f:98:ab:f8:4d:0c:fa:8c:dd:a7:
                    c3:b6:0b:fa:64:f0:cb:9d:36:80:ea:3e:14:4a:92:
                    1e:cb:0b:ac:67:70:90:1f:78:89:dc:a0:56:4e:73:
                    4c:6f:3d:f9:10:b9:c4:a4:f9:c6:97:55:52:f1:c2:
                    6d:cf:60:ae:08:fe:c1:17:b8:a2:85:86:a6:2f:05:
                    f7:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:BC:8F:C2:46:43:45:D7:9A:EE:3B:13:B4:C8:7F:8C:3D:29:7D:9C
            X509v3 Authority Key Identifier:
                keyid:97:D7:7F:08:66:9F:B9:4E:4E:99:F7:95:51:9F:B6:1D:CA:C6:2C:9F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/22c69440-8b17-4a68-a0fa-66159e2162e0/0/97D77F08669FB94E4E99F795519FB61DCAC62C9F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/97D77F08669FB94E4E99F795519FB61DCAC62C9F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/22c69440-8b17-4a68-a0fa-66159e2162e0/0/3130332e3230382e3130322e302f32342d3234203d3e20313334363438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.208.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:f0:e4:66:36:45:82:6d:a7:8c:d3:20:56:2a:b7:13:9e:ba:
         b8:c9:76:1c:7a:e4:2b:74:ee:c4:f9:55:97:b0:23:62:17:00:
         91:1e:4c:53:a3:fc:0c:6a:0b:57:e7:56:cc:2a:d8:c3:0b:ee:
         4d:39:ea:6d:88:d4:21:e4:4d:1a:db:85:0d:ef:fb:72:2c:7e:
         f2:cd:67:dc:80:e3:7b:28:dc:7a:c9:05:8d:20:ba:73:aa:22:
         5a:60:b7:fd:61:f3:a1:53:4b:17:fe:b9:70:4a:93:49:42:5a:
         a6:d8:dd:77:de:8a:3e:cc:6a:45:18:8e:23:f5:99:86:b9:a5:
         e4:b7:92:86:0b:11:ee:d0:e5:e3:ed:3a:e8:a8:52:44:12:e1:
         19:ae:9d:03:89:d6:0d:15:89:70:6f:1d:fe:c0:b2:f9:61:8b:
         24:8b:ba:46:3d:b1:e3:ae:b2:85:19:0f:67:93:9d:3d:cd:f0:
         73:84:6f:9c:07:f0:0d:0d:8b:6c:cf:25:95:78:61:5b:47:c8:
         49:13:7f:73:a6:c5:41:c0:b6:67:ad:0a:8a:b1:5d:f6:ff:cc:
         6f:59:c7:ae:b5:0a:d6:49:7c:89:38:d2:93:4c:bc:89:7b:fe:
         24:0f:d3:8b:87:4c:34:80:21:76:6c:e3:3f:56:17:b8:df:68:
         a8:86:ca:42
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUDjpAScie+K92ldACVTKM8a2ViPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTdENzdGMDg2NjlGQjk0RTRFOTlGNzk1NTE5RkI2MURD
QUM2MkM5RjAeFw0yNTA2MDIwMTU2NDVaFw0yNjA2MDEwMjAxNDVaMDMxMTAvBgNV
BAMTKEJDQkM4RkMyNDY0MzQ1RDc5QUVFM0IxM0I0Qzg3RjhDM0QyOTdEOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5FpqSSCEt2+zLg29naI9xAFI2
HBhYcVJ6FNSP/RvpMuLgO9//svPXB5/pjcrgv+szGqpDCMkzKzd6UxlI1AGIOJFc
iE7GDcQWIlXfPNlvGljSddb0U6A+MUpBf7Art/9fgcFJnkDlz+Snh6EpB9OzixwM
cpxwSSDi0dJnr9DLoDu2odTweWoqpUmsgEjIk6aBO/fsrImsTTX8sDdHYyqZr22l
KcDW1adcsCZw6vwoAZLCP6q7yJliX5ir+E0M+ozdp8O2C/pk8MudNoDqPhRKkh7L
C6xncJAfeIncoFZOc0xvPfkQucSk+caXVVLxwm3PYK4I/sEXuKKFhqYvBfe7AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUvLyPwkZDRdea7jsTtMh/jD0pfZwwHwYDVR0j
BBgwFoAUl9d/CGafuU5OmfeVUZ+2HcrGLJ8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
MmM2OTQ0MC04YjE3LTRhNjgtYTBmYS02NjE1OWUyMTYyZTAvMC85N0Q3N0YwODY2
OUZCOTRFNEU5OUY3OTU1MTlGQjYxRENBQzYyQzlGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTdENzdGMDg2NjlGQjk0RTRFOTlGNzk1NTE5RkI2MURDQUM2
MkM5Ri5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyYzY5NDQwLThiMTctNGE2OC1h
MGZhLTY2MTU5ZTIxNjJlMC8wLzMxMzAzMzJlMzIzMDM4MmUzMTMwMzIyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzQzNjM0Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn0GYwDQYJ
KoZIhvcNAQELBQADggEBAHzw5GY2RYJtp4zTIFYqtxOeurjJdhx65Ct07sT5VZew
I2IXAJEeTFOj/AxqC1fnVswq2MML7k056m2I1CHkTRrbhQ3v+3IsfvLNZ9yA43so
3HrJBY0gunOqIlpgt/1h86FTSxf+uXBKk0lCWqbY3Xfeij7MakUYjiP1mYa5peS3
koYLEe7Q5ePtOuioUkQS4RmunQOJ1g0ViXBvHf7AsvlhiySLukY9seOusoUZD2eT
nT3N8HOEb5wH8A0Ni2zPJZV4YVtHyEkTf3OmxUHAtmetCoqxXfb/zG9Zx661CtZJ
fIk40pNMvIl7/iQP04uHTDSAIXZs4z9WF7jfaKiGykI=
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:40:27 2025 by rpki-client