Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3138322e32332e36362e302f32342d3234203d3e203338353133.roa
File:                     3138322e32332e36362e302f32342d3234203d3e203338353133.roa (raw, json)
Hash identifier:          vNgSyVKI/n7LJeFvgnr6XgRyKef6201Qf1Ff/OsIU28=
Subject key identifier:   7B:DB:02:37:1C:8C:42:F4:10:96:38:D2:04:27:08:96:0C:DD:3F:9C
Certificate issuer:       /CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
Certificate serial:       43A2933F1A068CD8A06377165D51C2224A89F71F
Authority key identifier: 44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3138322e32332e36362e302f32342d3234203d3e203338353133.roa
Signing time:             Mon 02 Jun 2025 01:03:20 +0000
ROA not before:           Mon 02 Jun 2025 00:58:20 +0000
ROA not after:            Mon 01 Jun 2026 01:03:20 +0000
asID:                     38513
IP address blocks:        182.23.66.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl
                          rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 12 Jun 2025 09:14:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:a2:93:3f:1a:06:8c:d8:a0:63:77:16:5d:51:c2:22:4a:89:f7:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
        Validity
            Not Before: Jun  2 00:58:20 2025 GMT
            Not After : Jun  1 01:03:20 2026 GMT
        Subject: CN=7BDB02371C8C42F4109638D2042708960CDD3F9C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:b4:6c:c0:68:3b:03:85:62:ea:30:14:57:7a:
                    56:d3:e6:b6:5f:28:bf:85:09:e8:59:f9:28:08:83:
                    db:6b:06:2c:ef:0d:1a:be:e8:a3:d1:15:e1:3f:3b:
                    14:ea:bc:1f:56:b0:2f:20:fb:26:53:7a:27:08:32:
                    71:06:a0:2c:18:61:77:c7:55:8b:39:66:b2:12:c7:
                    1e:a3:0e:0d:07:98:86:97:ac:34:4c:c1:e9:09:e1:
                    b4:4d:81:7a:ff:cb:a4:42:a8:20:05:bc:9d:a1:e3:
                    ef:9e:3d:f6:47:30:aa:50:6e:a2:6f:2a:73:35:e0:
                    80:0c:7d:23:9d:9c:9c:2b:62:51:75:eb:44:d2:3c:
                    66:73:c9:e5:2e:43:d3:97:34:36:1d:45:28:e1:d1:
                    ac:ce:72:41:38:9a:2a:90:0b:cc:6f:4e:70:2e:19:
                    c8:70:55:c0:9e:3d:af:68:c7:bb:ae:14:7d:a5:90:
                    67:1b:2b:a2:1c:75:59:dc:54:85:59:89:9d:78:1a:
                    12:76:04:79:7c:d5:b7:87:c0:c8:ef:4d:10:be:30:
                    f5:80:97:41:5f:db:98:51:34:9e:aa:16:33:0a:1b:
                    bb:de:b1:7c:fe:4b:a5:66:37:5e:27:c6:ae:a5:2d:
                    23:bd:fc:c2:a7:2e:66:84:6e:bd:46:6d:8c:88:83:
                    f4:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:DB:02:37:1C:8C:42:F4:10:96:38:D2:04:27:08:96:0C:DD:3F:9C
            X509v3 Authority Key Identifier:
                keyid:44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3138322e32332e36362e302f32342d3234203d3e203338353133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.23.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:6a:38:6f:b1:f8:09:94:4f:a4:e2:2b:7e:f5:2e:64:c2:27:
         e2:3d:82:60:de:5b:cd:13:fc:36:44:98:17:e9:01:f0:b1:58:
         0e:80:6a:5e:ec:24:53:b4:1b:7e:8d:8f:95:b6:06:bf:ac:92:
         5b:2d:58:c1:52:d3:7a:73:40:08:37:9d:82:91:b9:ae:80:e4:
         56:63:c4:7d:7a:25:30:b7:ac:91:49:73:37:40:d5:9a:95:7c:
         e2:9c:2b:f0:c0:79:6f:e0:68:3b:aa:44:fb:78:0b:a4:e5:c2:
         94:38:7d:a0:03:3f:5f:f0:35:82:88:62:36:d8:62:0e:d9:31:
         3d:6a:8a:65:da:67:62:2f:74:88:7e:85:d5:bd:3d:c7:42:7e:
         a9:ed:9c:49:ed:a2:cf:83:c9:e5:39:67:e6:28:70:7a:f4:10:
         fc:30:c3:d3:fc:8e:21:8d:84:10:e5:44:6e:b1:8c:a5:de:3b:
         87:1d:fc:18:a8:6c:f3:1a:2b:4c:5c:85:3f:06:57:9a:99:5f:
         fd:24:32:fb:bd:30:a4:65:a1:2d:8c:65:f7:c9:f5:f0:11:57:
         f6:e6:04:91:4a:4b:8a:b2:2f:fe:5c:a6:40:c5:78:37:ca:a4:
         18:51:cd:df:40:09:62:14:3c:cd:1f:9b:55:10:ec:b8:ab:4b:
         4a:04:78:34
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUQ6KTPxoGjNigY3cWXVHCIkqJ9x8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VD
RjY2NzUyQjAeFw0yNTA2MDIwMDU4MjBaFw0yNjA2MDEwMTAzMjBaMDMxMTAvBgNV
BAMTKDdCREIwMjM3MUM4QzQyRjQxMDk2MzhEMjA0MjcwODk2MENERDNGOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDktGzAaDsDhWLqMBRXelbT5rZf
KL+FCehZ+SgIg9trBizvDRq+6KPRFeE/OxTqvB9WsC8g+yZTeicIMnEGoCwYYXfH
VYs5ZrISxx6jDg0HmIaXrDRMwekJ4bRNgXr/y6RCqCAFvJ2h4++ePfZHMKpQbqJv
KnM14IAMfSOdnJwrYlF160TSPGZzyeUuQ9OXNDYdRSjh0azOckE4miqQC8xvTnAu
GchwVcCePa9ox7uuFH2lkGcbK6IcdVncVIVZiZ14GhJ2BHl81beHwMjvTRC+MPWA
l0Ff25hRNJ6qFjMKG7vesXz+S6VmN14nxq6lLSO9/MKnLmaEbr1GbYyIg/R3AgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUe9sCNxyMQvQQljjSBCcIlgzdP5wwHwYDVR0j
BBgwFoAURL9mgra0kwSMbxhkoN6kfs9mdSswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
NWNlMzZkZS1mOTIxLTQyNzQtODQ5Ny0yOTg3ZDkwOTU0M2UvMC80NEJGNjY4MkI2
QjQ5MzA0OEM2RjE4NjRBMERFQTQ3RUNGNjY3NTJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VDRjY2
NzUyQi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU1Y2UzNmRlLWY5MjEtNDI3NC04
NDk3LTI5ODdkOTA5NTQzZS8wLzMxMzgzMjJlMzIzMzJlMzYzNjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMzMzgzNTMxMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC2F0IwDQYJKoZIhvcN
AQELBQADggEBABhqOG+x+AmUT6TiK371LmTCJ+I9gmDeW80T/DZEmBfpAfCxWA6A
al7sJFO0G36Nj5W2Br+sklstWMFS03pzQAg3nYKRua6A5FZjxH16JTC3rJFJczdA
1ZqVfOKcK/DAeW/gaDuqRPt4C6TlwpQ4faADP1/wNYKIYjbYYg7ZMT1qimXaZ2Iv
dIh+hdW9PcdCfqntnEntos+DyeU5Z+YocHr0EPwww9P8jiGNhBDlRG6xjKXeO4cd
/BiobPMaK0xchT8GV5qZX/0kMvu9MKRloS2MZffJ9fARV/bmBJFKS4qyL/5cpkDF
eDfKpBhRzd9ACWIUPM0fm1UQ7LirS0oEeDQ=
-----END CERTIFICATE-----
Generated at Mon Jun 9 16:32:34 2025 by rpki-client