Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/3130332e37352e3133362e302f32332d3233203d3e20313530353233.roa
File:                     3130332e37352e3133362e302f32332d3233203d3e20313530353233.roa (raw, json)
Hash identifier:          PrxzBXs1EQ5brf5KcoFfZ8wD5Vwu/rI2lhRN8AijEYI=
Subject key identifier:   75:09:13:6F:ED:91:7F:CC:5F:FF:74:D4:F9:74:15:AF:C3:C4:B4:70
Certificate issuer:       /CN=D0F79D826E43EAB61A7A834E6A2777C5EC821FFD
Certificate serial:       6AB09892444488515CA4B7B3E82B3BD2EF2F4DF1
Authority key identifier: D0:F7:9D:82:6E:43:EA:B6:1A:7A:83:4E:6A:27:77:C5:EC:82:1F:FD
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/3130332e37352e3133362e302f32332d3233203d3e20313530353233.roa
Signing time:             Tue 02 Jan 2024 00:00:01 +0000
ROA not before:           Mon 01 Jan 2024 23:55:01 +0000
ROA not after:            Tue 31 Dec 2024 00:00:01 +0000
asID:                     150523
IP address blocks:        103.75.136.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.crl
                          rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 21:44:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:b0:98:92:44:44:88:51:5c:a4:b7:b3:e8:2b:3b:d2:ef:2f:4d:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D0F79D826E43EAB61A7A834E6A2777C5EC821FFD
        Validity
            Not Before: Jan  1 23:55:01 2024 GMT
            Not After : Dec 31 00:00:01 2024 GMT
        Subject: CN=7509136FED917FCC5FFF74D4F97415AFC3C4B470
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d5:cf:34:e1:ff:78:3d:42:b7:41:72:65:82:
                    66:16:b0:09:19:55:59:3a:2d:2c:0b:ec:b1:b9:f9:
                    17:d5:2a:bf:3e:ea:be:09:38:4a:15:3f:8e:92:0b:
                    7d:9e:d3:3c:07:12:a4:da:4c:77:5f:7a:35:66:6e:
                    32:d5:c2:b4:f8:27:ee:69:77:ee:db:89:0f:23:6c:
                    cd:88:12:f7:48:0b:38:f2:e5:c7:ba:6d:27:ff:b8:
                    d3:fd:cf:a9:3b:06:85:a5:19:2c:de:8f:20:4a:d6:
                    93:03:6a:e8:54:f9:07:41:9f:80:3b:3e:4e:fd:9e:
                    8c:b6:42:d8:d6:f1:e5:ee:40:57:d7:d0:12:9e:a5:
                    db:06:0e:b4:9c:da:0c:f2:43:c9:c9:b1:ed:e5:4d:
                    21:14:3f:df:98:18:0e:06:f4:7e:c3:72:a5:12:fc:
                    34:5d:01:b4:83:b8:63:ee:7f:10:3d:45:8d:fe:22:
                    3d:a3:b4:f7:0f:39:e0:5e:10:f0:cb:23:ef:25:f9:
                    56:81:de:2b:cd:08:83:b4:a0:bf:84:45:05:3d:a3:
                    72:0d:27:dd:81:ae:0d:f2:e2:a9:08:ad:fe:a4:d0:
                    d9:c5:28:2d:43:18:76:ad:e7:a8:8c:47:23:2f:28:
                    05:10:0e:31:e9:af:77:7b:c2:fb:05:d8:82:89:34:
                    70:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:09:13:6F:ED:91:7F:CC:5F:FF:74:D4:F9:74:15:AF:C3:C4:B4:70
            X509v3 Authority Key Identifier:
                keyid:D0:F7:9D:82:6E:43:EA:B6:1A:7A:83:4E:6A:27:77:C5:EC:82:1F:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/3130332e37352e3133362e302f32332d3233203d3e20313530353233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.75.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c7:8a:78:bc:89:53:cf:a0:38:70:d2:86:a3:65:6a:1b:e4:9d:
         6f:2e:bf:f8:9f:7c:10:b5:c7:27:3a:98:eb:61:cf:39:45:f2:
         7e:06:f4:12:b4:8e:66:6d:e6:57:66:bd:db:38:02:9d:4d:b7:
         18:95:39:d2:1c:27:a8:43:fd:0f:b0:f7:49:7d:9a:03:8f:1e:
         ef:43:f7:57:96:27:d8:8a:41:1a:f2:12:a6:e6:43:d6:fd:23:
         05:26:ef:68:72:ac:6b:82:c9:b8:8a:d2:76:69:64:4b:7b:5d:
         de:a0:57:b7:0d:69:1e:85:ff:60:95:82:22:c6:d7:df:de:48:
         a1:92:86:20:0b:b1:f0:f6:ad:15:e2:df:76:69:57:ad:6e:d9:
         5f:f5:8c:5d:22:d2:8a:d7:23:d3:84:2c:9c:ca:46:64:f9:88:
         58:9a:be:2b:2f:e6:3b:01:49:9a:86:c2:ad:0b:aa:64:ac:ce:
         8e:27:9a:a1:a9:0a:a7:74:c6:11:5c:ce:f7:90:92:78:ec:56:
         dd:54:a6:67:3b:b8:a4:9a:04:69:5f:d3:24:85:62:2e:c8:96:
         94:69:e4:e0:a9:af:f7:c6:46:dc:3b:6c:28:12:ed:32:68:95:
         90:d9:ae:52:ef:a2:74:96:66:00:00:36:e2:91:83:d8:f9:69:
         5d:c8:19:6a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUarCYkkREiFFcpLez6Cs70u8vTfEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDBGNzlEODI2RTQzRUFCNjFBN0E4MzRFNkEyNzc3QzVF
QzgyMUZGRDAeFw0yNDAxMDEyMzU1MDFaFw0yNDEyMzEwMDAwMDFaMDMxMTAvBgNV
BAMTKDc1MDkxMzZGRUQ5MTdGQ0M1RkZGNzRENEY5NzQxNUFGQzNDNEI0NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj1c804f94PUK3QXJlgmYWsAkZ
VVk6LSwL7LG5+RfVKr8+6r4JOEoVP46SC32e0zwHEqTaTHdfejVmbjLVwrT4J+5p
d+7biQ8jbM2IEvdICzjy5ce6bSf/uNP9z6k7BoWlGSzejyBK1pMDauhU+QdBn4A7
Pk79noy2QtjW8eXuQFfX0BKepdsGDrSc2gzyQ8nJse3lTSEUP9+YGA4G9H7DcqUS
/DRdAbSDuGPufxA9RY3+Ij2jtPcPOeBeEPDLI+8l+VaB3ivNCIO0oL+ERQU9o3IN
J92Brg3y4qkIrf6k0NnFKC1DGHat56iMRyMvKAUQDjHpr3d7wvsF2IKJNHBdAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUdQkTb+2Rf8xf/3TU+XQVr8PEtHAwHwYDVR0j
BBgwFoAU0Pedgm5D6rYaeoNOaid3xeyCH/0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ODQ2MzI4NS03YzI4LTQzNWEtODJiYi1mY2MzMmQ1ODAyMGUvMC9EMEY3OUQ4MjZF
NDNFQUI2MUE3QTgzNEU2QTI3NzdDNUVDODIxRkZELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDBGNzlEODI2RTQzRUFCNjFBN0E4MzRFNkEyNzc3QzVFQzgy
MUZGRC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI4NDYzMjg1LTdjMjgtNDM1YS04
MmJiLWZjYzMyZDU4MDIwZS8wLzMxMzAzMzJlMzczNTJlMzEzMzM2MmUzMDJmMzIz
MzJkMzIzMzIwM2QzZTIwMzEzNTMwMzUzMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ0uIMA0GCSqG
SIb3DQEBCwUAA4IBAQDHini8iVPPoDhw0oajZWob5J1vLr/4n3wQtccnOpjrYc85
RfJ+BvQStI5mbeZXZr3bOAKdTbcYlTnSHCeoQ/0PsPdJfZoDjx7vQ/dXlifYikEa
8hKm5kPW/SMFJu9ocqxrgsm4itJ2aWRLe13eoFe3DWkehf9glYIixtff3kihkoYg
C7Hw9q0V4t92aVetbtlf9YxdItKK1yPThCycykZk+YhYmr4rL+Y7AUmahsKtC6pk
rM6OJ5qhqQqndMYRXM73kJJ47FbdVKZnO7ikmgRpX9MkhWIuyJaUaeTgqa/3xkbc
O2woEu0yaJWQ2a5S76J0lmYAADbikYPY+WldyBlq
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:20:41 2024 by rpki-client on console-fra.rpki-client.org