Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/3130332e35312e39382e302f32332d3233203d3e20313530343639.roa
File:                     3130332e35312e39382e302f32332d3233203d3e20313530343639.roa (raw, json)
Hash identifier:          k08Sq9y+e0JBLFkahJuKjCY8UDmOXzCXbCJPnDfG/eg=
Subject key identifier:   D5:1E:55:CA:EA:E4:D9:7A:16:40:93:D5:07:C1:30:A6:84:B1:3F:04
Certificate issuer:       /CN=245A17CADB2BB2FDC5786C27E5BE959636E7F409
Certificate serial:       47B0654D6DDB40FE695B975B03B8AFA1BF60C4B5
Authority key identifier: 24:5A:17:CA:DB:2B:B2:FD:C5:78:6C:27:E5:BE:95:96:36:E7:F4:09
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/245A17CADB2BB2FDC5786C27E5BE959636E7F409.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/3130332e35312e39382e302f32332d3233203d3e20313530343639.roa
Signing time:             Thu 15 May 2025 11:20:26 +0000
ROA not before:           Thu 15 May 2025 11:15:26 +0000
ROA not after:            Thu 14 May 2026 11:20:26 +0000
asID:                     150469
IP address blocks:        103.51.98.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/245A17CADB2BB2FDC5786C27E5BE959636E7F409.crl
                          rsync://repo-rpki.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/245A17CADB2BB2FDC5786C27E5BE959636E7F409.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/245A17CADB2BB2FDC5786C27E5BE959636E7F409.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 12 Jun 2025 07:24:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:b0:65:4d:6d:db:40:fe:69:5b:97:5b:03:b8:af:a1:bf:60:c4:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=245A17CADB2BB2FDC5786C27E5BE959636E7F409
        Validity
            Not Before: May 15 11:15:26 2025 GMT
            Not After : May 14 11:20:26 2026 GMT
        Subject: CN=D51E55CAEAE4D97A164093D507C130A684B13F04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:78:d5:bf:ba:39:52:fc:26:b2:09:be:47:a7:
                    9f:46:9b:76:69:78:fa:0c:0b:b2:71:9a:45:02:54:
                    a5:71:c1:03:88:d7:76:2b:a3:76:a1:ad:9a:96:de:
                    95:ec:4c:47:9a:de:e6:b9:3d:bd:3b:1e:66:41:59:
                    5e:5a:2f:93:77:a2:1f:44:e7:62:2a:e1:24:05:d1:
                    aa:f1:06:14:77:92:48:96:45:75:76:3f:f5:21:e7:
                    9e:30:9b:2c:9b:db:c4:b2:70:02:3b:5c:bd:de:0c:
                    3d:31:08:5b:51:b2:a8:c6:f0:9c:67:6e:e2:83:66:
                    e7:82:ab:ea:08:ef:ae:65:f4:68:e5:a5:ea:5d:a5:
                    7d:24:d5:51:58:db:5c:02:92:7e:1b:f5:ca:3a:f0:
                    26:1a:c2:4e:df:8d:41:39:ca:35:3e:8d:ec:8f:3f:
                    3b:9b:80:69:14:a8:c7:83:8b:ab:72:f9:18:74:cf:
                    44:2b:34:1c:e4:01:41:c4:e5:c1:06:f1:88:e6:ae:
                    8f:aa:ff:d1:79:20:72:e2:96:6b:42:9a:ce:43:6f:
                    5d:2b:53:1f:ea:80:83:eb:f4:6d:12:5b:4c:b1:85:
                    72:95:cc:5d:e2:cf:31:ce:80:53:dc:54:f4:d6:1c:
                    6b:ac:14:c0:02:a7:79:2b:c0:1f:28:86:34:66:c4:
                    8e:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:1E:55:CA:EA:E4:D9:7A:16:40:93:D5:07:C1:30:A6:84:B1:3F:04
            X509v3 Authority Key Identifier:
                keyid:24:5A:17:CA:DB:2B:B2:FD:C5:78:6C:27:E5:BE:95:96:36:E7:F4:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/245A17CADB2BB2FDC5786C27E5BE959636E7F409.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/245A17CADB2BB2FDC5786C27E5BE959636E7F409.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/3130332e35312e39382e302f32332d3233203d3e20313530343639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.51.98.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ab:38:df:c4:cf:11:9e:28:dd:dd:86:9c:07:0a:b9:91:2e:48:
         f2:fa:f7:6f:22:21:39:fc:36:00:c7:2e:f3:00:cb:8f:11:1f:
         18:3f:99:4e:3d:9a:b9:2d:59:0b:6f:2c:48:3e:4e:d6:94:3b:
         8f:72:22:f0:3a:e9:0c:54:72:f2:99:d5:63:84:ff:85:4e:4d:
         24:1b:0c:c3:3f:11:2a:d1:dc:b4:f3:44:19:35:e5:c0:73:ae:
         95:0b:35:bc:f9:63:9c:6f:82:35:13:af:33:8b:52:b3:e1:97:
         8a:55:aa:1f:19:c8:3e:09:8e:ff:04:ca:bb:e4:ad:5f:46:24:
         94:4c:4c:84:29:66:f9:f8:c3:f9:38:51:af:11:48:c9:85:cd:
         e1:7a:02:85:be:3a:93:dc:c8:b6:27:76:5c:f1:4a:f2:6a:de:
         64:de:53:30:45:7f:6b:d7:df:d9:79:1e:e5:21:9c:b3:44:23:
         4b:21:53:6a:8d:17:10:2a:23:ab:53:4c:ad:6b:79:ea:4e:67:
         f6:9b:e7:1a:a4:19:2f:83:89:0a:e6:a0:66:1e:a7:2b:77:b3:
         01:5f:81:9a:a8:ef:01:af:8e:99:76:10:66:2d:72:ba:79:90:
         1c:6f:5d:bd:ad:39:0a:c9:05:29:f0:f9:27:f6:34:bc:81:a5:
         1c:da:1a:a7
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUR7BlTW3bQP5pW5dbA7ivob9gxLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjQ1QTE3Q0FEQjJCQjJGREM1Nzg2QzI3RTVCRTk1OTYz
NkU3RjQwOTAeFw0yNTA1MTUxMTE1MjZaFw0yNjA1MTQxMTIwMjZaMDMxMTAvBgNV
BAMTKEQ1MUU1NUNBRUFFNEQ5N0ExNjQwOTNENTA3QzEzMEE2ODRCMTNGMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHeNW/ujlS/CayCb5Hp59Gm3Zp
ePoMC7JxmkUCVKVxwQOI13Yro3ahrZqW3pXsTEea3ua5Pb07HmZBWV5aL5N3oh9E
52Iq4SQF0arxBhR3kkiWRXV2P/Uh554wmyyb28SycAI7XL3eDD0xCFtRsqjG8Jxn
buKDZueCq+oI765l9GjlpepdpX0k1VFY21wCkn4b9co68CYawk7fjUE5yjU+jeyP
PzubgGkUqMeDi6ty+Rh0z0QrNBzkAUHE5cEG8Yjmro+q/9F5IHLilmtCms5Db10r
Ux/qgIPr9G0SW0yxhXKVzF3izzHOgFPcVPTWHGusFMACp3krwB8ohjRmxI7hAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU1R5Vyurk2XoWQJPVB8EwpoSxPwQwHwYDVR0j
BBgwFoAUJFoXytsrsv3FeGwn5b6Vljbn9AkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZjEzYTZlZi0zNDM0LTQ0MDEtYjNlMS02NTE1MzA2NmZiM2UvMC8yNDVBMTdDQURC
MkJCMkZEQzU3ODZDMjdFNUJFOTU5NjM2RTdGNDA5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjQ1QTE3Q0FEQjJCQjJGREM1Nzg2QzI3RTVCRTk1OTYzNkU3
RjQwOS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmMTNhNmVmLTM0MzQtNDQwMS1i
M2UxLTY1MTUzMDY2ZmIzZS8wLzMxMzAzMzJlMzUzMTJlMzkzODJlMzAyZjMyMzMy
ZDMyMzMyMDNkM2UyMDMxMzUzMDM0MzYzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWczYjANBgkqhkiG
9w0BAQsFAAOCAQEAqzjfxM8Rnijd3YacBwq5kS5I8vr3byIhOfw2AMcu8wDLjxEf
GD+ZTj2auS1ZC28sSD5O1pQ7j3Ii8DrpDFRy8pnVY4T/hU5NJBsMwz8RKtHctPNE
GTXlwHOulQs1vPljnG+CNROvM4tSs+GXilWqHxnIPgmO/wTKu+StX0YklExMhClm
+fjD+ThRrxFIyYXN4XoChb46k9zItid2XPFK8mreZN5TMEV/a9ff2Xke5SGcs0Qj
SyFTao0XECojq1NMrWt56k5n9pvnGqQZL4OJCuagZh6nK3ezAV+BmqjvAa+OmXYQ
Zi1yunmQHG9dva05CskFKfD5J/Y0vIGlHNoapw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:55:11 2025 by rpki-client