Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/316aa54f-7158-43af-b336-be4714816fad/0/3130332e3130352e3235322e302f32322d3234203d3e20313336383835.roa
File:                     3130332e3130352e3235322e302f32322d3234203d3e20313336383835.roa (raw, json)
Hash identifier:          78aRtA03tdL6oV14dW3aN00qRLjvVDFQ6jhLRcjVdxc=
Subject key identifier:   49:E7:9F:AD:F7:EC:F6:A8:39:3F:C3:AC:82:BA:C6:27:AB:49:E0:71
Certificate issuer:       /CN=6A9DC566C8CBF1D7CEB17FC9917ACD582E5C0A95
Certificate serial:       0219238C811C03E2A1B839B4FAEF84221696DB1F
Authority key identifier: 6A:9D:C5:66:C8:CB:F1:D7:CE:B1:7F:C9:91:7A:CD:58:2E:5C:0A:95
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6A9DC566C8CBF1D7CEB17FC9917ACD582E5C0A95.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/316aa54f-7158-43af-b336-be4714816fad/0/3130332e3130352e3235322e302f32322d3234203d3e20313336383835.roa
Signing time:             Mon 02 Jun 2025 02:04:54 +0000
ROA not before:           Mon 02 Jun 2025 01:59:54 +0000
ROA not after:            Mon 01 Jun 2026 02:04:54 +0000
asID:                     136885
IP address blocks:        103.105.252.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/316aa54f-7158-43af-b336-be4714816fad/0/6A9DC566C8CBF1D7CEB17FC9917ACD582E5C0A95.crl
                          rsync://repo-rpki.idnic.net/repo/316aa54f-7158-43af-b336-be4714816fad/0/6A9DC566C8CBF1D7CEB17FC9917ACD582E5C0A95.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6A9DC566C8CBF1D7CEB17FC9917ACD582E5C0A95.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 16 Jun 2025 11:08:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:19:23:8c:81:1c:03:e2:a1:b8:39:b4:fa:ef:84:22:16:96:db:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6A9DC566C8CBF1D7CEB17FC9917ACD582E5C0A95
        Validity
            Not Before: Jun  2 01:59:54 2025 GMT
            Not After : Jun  1 02:04:54 2026 GMT
        Subject: CN=49E79FADF7ECF6A8393FC3AC82BAC627AB49E071
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:3f:25:58:5a:c6:2a:c4:e6:61:69:23:28:fb:
                    9b:59:3c:aa:ee:5c:2f:ab:dd:aa:19:d0:82:7f:63:
                    ce:81:80:84:5f:d0:9a:2b:08:60:78:58:86:ce:32:
                    fe:63:ce:66:cb:89:28:df:b7:26:64:86:2f:fd:3d:
                    e8:5f:6b:bb:b5:76:d2:28:f5:da:3a:0b:4f:9b:aa:
                    dc:19:b8:9b:01:69:69:3b:3b:d7:a2:3b:b9:f0:a4:
                    33:f2:73:38:fc:7a:a1:d0:c5:2b:3e:6d:ad:2a:20:
                    dc:54:2b:c5:54:23:fb:96:3d:43:16:13:79:6a:17:
                    f3:d2:12:8a:d9:77:49:f7:e4:93:2a:e4:96:23:2b:
                    7d:95:72:6a:f8:8d:11:dc:b8:6e:1a:f7:bd:63:11:
                    04:40:57:f1:42:e1:a0:c8:bc:42:2f:78:10:f5:41:
                    1b:00:85:14:72:c7:93:f5:fe:67:9e:9c:4c:94:bf:
                    58:17:7e:cd:51:fc:32:b0:7f:2d:20:2c:56:ee:b2:
                    bf:b5:da:f0:5d:f7:a5:5a:99:4c:f0:69:f9:37:f4:
                    af:77:f2:62:dd:da:59:fc:2e:a9:8b:e7:d8:db:2c:
                    55:d5:37:e5:0e:99:87:b3:13:bc:53:c4:d7:70:f9:
                    f2:3c:f3:21:c3:d6:d9:26:7c:bb:45:50:39:86:38:
                    49:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:E7:9F:AD:F7:EC:F6:A8:39:3F:C3:AC:82:BA:C6:27:AB:49:E0:71
            X509v3 Authority Key Identifier:
                keyid:6A:9D:C5:66:C8:CB:F1:D7:CE:B1:7F:C9:91:7A:CD:58:2E:5C:0A:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/316aa54f-7158-43af-b336-be4714816fad/0/6A9DC566C8CBF1D7CEB17FC9917ACD582E5C0A95.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6A9DC566C8CBF1D7CEB17FC9917ACD582E5C0A95.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/316aa54f-7158-43af-b336-be4714816fad/0/3130332e3130352e3235322e302f32322d3234203d3e20313336383835.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.105.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8e:31:76:2d:39:de:4e:ea:1e:83:90:3a:6e:2a:17:ce:a0:d9:
         a6:ff:bd:34:f6:3c:0d:a6:51:d6:7e:c2:b6:2b:74:02:9d:1f:
         7b:c8:6f:68:8e:ec:87:34:c2:76:ce:7d:f5:14:8a:ef:29:8a:
         e2:23:40:ff:08:86:16:a0:1f:9c:fe:27:e5:24:ed:b7:ec:de:
         2f:6d:47:fa:08:bf:a5:e2:55:11:fb:35:aa:4f:5b:9a:d4:4c:
         1d:bc:76:e1:c0:20:d4:ca:d7:2b:77:ec:72:62:3f:8c:6b:59:
         20:a4:f3:cc:e5:98:47:8e:e3:e9:82:75:67:f4:8b:ef:f4:94:
         4d:37:fc:ed:fa:ae:97:5f:ad:9c:fe:c6:fd:3a:b4:8d:53:d4:
         44:69:8e:4c:ca:33:9f:84:b3:5f:84:5f:80:54:c7:05:de:9a:
         04:5c:2b:7f:60:5b:a5:37:32:e1:0a:d9:be:24:f6:20:d4:60:
         70:d1:3d:8a:4e:06:e7:78:68:56:e6:da:81:21:77:64:cd:57:
         c9:b9:3c:1b:af:b8:f8:05:5c:63:b4:91:29:05:38:41:22:7c:
         57:a3:58:88:de:c0:ac:86:56:d2:22:5b:b9:38:7e:85:f1:8d:
         7c:48:5e:57:82:1f:09:9f:f8:30:ae:8e:02:6c:77:16:22:2b:
         d8:53:19:0b
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUAhkjjIEcA+KhuDm0+u+EIhaW2x8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkE5REM1NjZDOENCRjFEN0NFQjE3RkM5OTE3QUNENTgy
RTVDMEE5NTAeFw0yNTA2MDIwMTU5NTRaFw0yNjA2MDEwMjA0NTRaMDMxMTAvBgNV
BAMTKDQ5RTc5RkFERjdFQ0Y2QTgzOTNGQzNBQzgyQkFDNjI3QUI0OUUwNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZPyVYWsYqxOZhaSMo+5tZPKru
XC+r3aoZ0IJ/Y86BgIRf0JorCGB4WIbOMv5jzmbLiSjftyZkhi/9Pehfa7u1dtIo
9do6C0+bqtwZuJsBaWk7O9eiO7nwpDPyczj8eqHQxSs+ba0qINxUK8VUI/uWPUMW
E3lqF/PSEorZd0n35JMq5JYjK32Vcmr4jRHcuG4a971jEQRAV/FC4aDIvEIveBD1
QRsAhRRyx5P1/meenEyUv1gXfs1R/DKwfy0gLFbusr+12vBd96VamUzwafk39K93
8mLd2ln8LqmL59jbLFXVN+UOmYezE7xTxNdw+fI88yHD1tkmfLtFUDmGOEn/AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUSeefrffs9qg5P8OsgrrGJ6tJ4HEwHwYDVR0j
BBgwFoAUap3FZsjL8dfOsX/JkXrNWC5cCpUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MTZhYTU0Zi03MTU4LTQzYWYtYjMzNi1iZTQ3MTQ4MTZmYWQvMC82QTlEQzU2NkM4
Q0JGMUQ3Q0VCMTdGQzk5MTdBQ0Q1ODJFNUMwQTk1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNkE5REM1NjZDOENCRjFEN0NFQjE3RkM5OTE3QUNENTgyRTVD
MEE5NS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMxNmFhNTRmLTcxNTgtNDNhZi1i
MzM2LWJlNDcxNDgxNmZhZC8wLzMxMzAzMzJlMzEzMDM1MmUzMjM1MzIyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzMTMzMzYzODM4MzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJnafwwDQYJ
KoZIhvcNAQELBQADggEBAI4xdi053k7qHoOQOm4qF86g2ab/vTT2PA2mUdZ+wrYr
dAKdH3vIb2iO7Ic0wnbOffUUiu8piuIjQP8IhhagH5z+J+Uk7bfs3i9tR/oIv6Xi
VRH7NapPW5rUTB28duHAINTK1yt37HJiP4xrWSCk88zlmEeO4+mCdWf0i+/0lE03
/O36rpdfrZz+xv06tI1T1ERpjkzKM5+Es1+EX4BUxwXemgRcK39gW6U3MuEK2b4k
9iDUYHDRPYpOBud4aFbm2oEhd2TNV8m5PBuvuPgFXGO0kSkFOEEifFejWIjewKyG
VtIiW7k4foXxjXxIXleCHwmf+DCujgJsdxYiK9hTGQs=
-----END CERTIFICATE-----
Generated at Fri Jun 13 09:49:31 2025 by rpki-client