Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/3130332e35312e39392e302f32342d3234203d3e20313530343639.roa
File:                     3130332e35312e39392e302f32342d3234203d3e20313530343639.roa (raw, json)
Hash identifier:          K8NaZjX156AzJZCxAFCtUR2kv1eIuI1LvcL4WWNgNxE=
Subject key identifier:   91:EB:70:D5:E6:2C:A5:3C:CE:53:C9:67:B5:DD:B4:16:F3:BB:16:5A
Certificate issuer:       /CN=245A17CADB2BB2FDC5786C27E5BE959636E7F409
Certificate serial:       5C19D064B1D607E53E545F954DC9FB018A02366F
Authority key identifier: 24:5A:17:CA:DB:2B:B2:FD:C5:78:6C:27:E5:BE:95:96:36:E7:F4:09
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/245A17CADB2BB2FDC5786C27E5BE959636E7F409.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/3130332e35312e39392e302f32342d3234203d3e20313530343639.roa
Signing time:             Thu 15 May 2025 11:24:22 +0000
ROA not before:           Thu 15 May 2025 11:19:22 +0000
ROA not after:            Thu 14 May 2026 11:24:22 +0000
asID:                     150469
IP address blocks:        103.51.99.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/245A17CADB2BB2FDC5786C27E5BE959636E7F409.crl
                          rsync://repo-rpki.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/245A17CADB2BB2FDC5786C27E5BE959636E7F409.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/245A17CADB2BB2FDC5786C27E5BE959636E7F409.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 12 Jun 2025 07:24:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:19:d0:64:b1:d6:07:e5:3e:54:5f:95:4d:c9:fb:01:8a:02:36:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=245A17CADB2BB2FDC5786C27E5BE959636E7F409
        Validity
            Not Before: May 15 11:19:22 2025 GMT
            Not After : May 14 11:24:22 2026 GMT
        Subject: CN=91EB70D5E62CA53CCE53C967B5DDB416F3BB165A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:2a:ed:ef:f1:fc:15:3f:4e:a3:a0:14:3e:c9:
                    e1:36:71:58:7a:68:f8:56:7f:a1:77:d7:5f:32:3f:
                    cd:4f:74:ae:65:0d:95:c9:93:70:66:00:0f:22:cb:
                    2c:75:da:ab:a6:54:f9:b0:1f:ad:48:e0:91:c7:6e:
                    70:b2:8b:2a:1f:f2:bd:e6:8c:55:2e:9b:1c:12:a3:
                    83:95:bd:74:4e:1c:6e:96:1f:a3:3c:7d:f6:d5:7e:
                    b2:af:45:c0:20:77:6d:ec:33:2e:0d:b0:2d:17:e0:
                    c1:f1:0e:1d:01:be:64:2e:e5:d2:d4:53:c5:bd:9e:
                    b0:1a:f2:85:f5:b4:ac:b8:0d:26:76:65:16:0c:8e:
                    1f:c5:fa:dd:23:9b:c2:dc:51:90:23:89:28:83:08:
                    51:4e:7e:05:2c:34:a1:51:28:a6:b6:10:63:c4:c4:
                    b5:c9:76:ab:02:c0:a9:a0:7e:ec:e5:14:80:6e:86:
                    4a:6d:ae:40:2a:5c:b5:0d:6c:b1:42:e9:61:0e:23:
                    b5:48:96:06:3f:ea:87:78:b2:7c:48:68:81:8e:e2:
                    0b:e5:da:35:50:14:81:aa:4c:7a:9a:ee:c7:94:a6:
                    89:fb:32:98:06:83:6b:71:e2:a9:2b:5d:da:5e:95:
                    ac:7a:d0:a0:80:95:ce:5f:9a:f0:94:15:f6:13:f5:
                    24:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:EB:70:D5:E6:2C:A5:3C:CE:53:C9:67:B5:DD:B4:16:F3:BB:16:5A
            X509v3 Authority Key Identifier:
                keyid:24:5A:17:CA:DB:2B:B2:FD:C5:78:6C:27:E5:BE:95:96:36:E7:F4:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/245A17CADB2BB2FDC5786C27E5BE959636E7F409.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/245A17CADB2BB2FDC5786C27E5BE959636E7F409.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2f13a6ef-3434-4401-b3e1-65153066fb3e/0/3130332e35312e39392e302f32342d3234203d3e20313530343639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.51.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:60:34:44:db:6f:fe:e8:40:67:c9:48:5e:d5:0c:50:88:55:
         16:6e:43:d2:62:ce:7c:63:80:47:f2:52:27:a7:12:61:dc:69:
         9e:0f:80:06:dc:4f:8a:51:0a:70:4e:5f:59:a0:f9:6e:6f:c4:
         7a:8d:59:7a:5e:73:e7:61:87:79:42:8f:bc:13:e5:16:7a:f3:
         4a:7c:aa:43:2e:fe:d9:33:2e:00:5c:a1:2f:ee:90:ae:62:29:
         7c:66:22:ad:12:49:39:cd:6d:02:e7:0d:d9:cc:0f:f6:af:d0:
         45:ca:c3:fb:3e:09:a6:b1:9f:cc:5b:24:ab:db:47:c8:d9:f3:
         5e:f7:88:98:30:d8:fe:d4:73:57:95:a2:a6:ff:6c:f9:84:1a:
         ba:cb:c0:c5:29:0f:25:08:bb:37:fe:58:19:8a:a9:f7:92:ea:
         d5:d0:8b:97:cf:6e:d1:13:54:a7:0a:ce:d0:6e:a1:8b:fb:44:
         3c:98:ac:1c:e4:f9:ab:9e:47:ea:51:1d:a4:10:06:56:a4:82:
         92:b5:97:34:8e:f8:e1:33:57:a1:9a:7d:f8:cb:e7:36:19:26:
         a1:4e:13:26:a9:f3:45:55:3e:bf:37:76:9e:1b:30:0e:e6:f3:
         1a:42:bf:86:ea:2b:c6:ef:4c:1e:37:e6:f4:89:b4:6e:c9:79:
         be:54:7b:9b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUXBnQZLHWB+U+VF+VTcn7AYoCNm8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjQ1QTE3Q0FEQjJCQjJGREM1Nzg2QzI3RTVCRTk1OTYz
NkU3RjQwOTAeFw0yNTA1MTUxMTE5MjJaFw0yNjA1MTQxMTI0MjJaMDMxMTAvBgNV
BAMTKDkxRUI3MEQ1RTYyQ0E1M0NDRTUzQzk2N0I1RERCNDE2RjNCQjE2NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuKu3v8fwVP06joBQ+yeE2cVh6
aPhWf6F3118yP81PdK5lDZXJk3BmAA8iyyx12qumVPmwH61I4JHHbnCyiyof8r3m
jFUumxwSo4OVvXROHG6WH6M8ffbVfrKvRcAgd23sMy4NsC0X4MHxDh0BvmQu5dLU
U8W9nrAa8oX1tKy4DSZ2ZRYMjh/F+t0jm8LcUZAjiSiDCFFOfgUsNKFRKKa2EGPE
xLXJdqsCwKmgfuzlFIBuhkptrkAqXLUNbLFC6WEOI7VIlgY/6od4snxIaIGO4gvl
2jVQFIGqTHqa7seUpon7MpgGg2tx4qkrXdpelax60KCAlc5fmvCUFfYT9SQXAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUketw1eYspTzOU8lntd20FvO7FlowHwYDVR0j
BBgwFoAUJFoXytsrsv3FeGwn5b6Vljbn9AkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZjEzYTZlZi0zNDM0LTQ0MDEtYjNlMS02NTE1MzA2NmZiM2UvMC8yNDVBMTdDQURC
MkJCMkZEQzU3ODZDMjdFNUJFOTU5NjM2RTdGNDA5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjQ1QTE3Q0FEQjJCQjJGREM1Nzg2QzI3RTVCRTk1OTYzNkU3
RjQwOS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmMTNhNmVmLTM0MzQtNDQwMS1i
M2UxLTY1MTUzMDY2ZmIzZS8wLzMxMzAzMzJlMzUzMTJlMzkzOTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMDM0MzYzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGczYzANBgkqhkiG
9w0BAQsFAAOCAQEAGmA0RNtv/uhAZ8lIXtUMUIhVFm5D0mLOfGOAR/JSJ6cSYdxp
ng+ABtxPilEKcE5fWaD5bm/Eeo1Zel5z52GHeUKPvBPlFnrzSnyqQy7+2TMuAFyh
L+6QrmIpfGYirRJJOc1tAucN2cwP9q/QRcrD+z4JprGfzFskq9tHyNnzXveImDDY
/tRzV5Wipv9s+YQausvAxSkPJQi7N/5YGYqp95Lq1dCLl89u0RNUpwrO0G6hi/tE
PJisHOT5q55H6lEdpBAGVqSCkrWXNI744TNXoZp9+MvnNhkmoU4TJqnzRVU+vzd2
nhswDubzGkK/huorxu9MHjfm9Im0bsl5vlR7mw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:14:05 2025 by rpki-client