Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/33362e33372e3132302e302f32342d3234203d3e203338353133.roa
File:                     33362e33372e3132302e302f32342d3234203d3e203338353133.roa (raw, json)
Hash identifier:          jY1ewBlVRj+nwjQ9dNcmUMP1vYh5U+kZ3WOKcR1L7Ig=
Subject key identifier:   DE:B9:AE:24:3B:88:C7:F0:01:F8:B6:E9:3A:4E:16:42:5F:37:E6:9F
Certificate issuer:       /CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
Certificate serial:       79FB03696AD6D68615E5E87A02B56BC03056932A
Authority key identifier: 44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/33362e33372e3132302e302f32342d3234203d3e203338353133.roa
Signing time:             Mon 02 Jun 2025 02:01:39 +0000
ROA not before:           Mon 02 Jun 2025 01:56:39 +0000
ROA not after:            Mon 01 Jun 2026 02:01:39 +0000
asID:                     38513
IP address blocks:        36.37.120.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl
                          rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 12 Jun 2025 09:14:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:fb:03:69:6a:d6:d6:86:15:e5:e8:7a:02:b5:6b:c0:30:56:93:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
        Validity
            Not Before: Jun  2 01:56:39 2025 GMT
            Not After : Jun  1 02:01:39 2026 GMT
        Subject: CN=DEB9AE243B88C7F001F8B6E93A4E16425F37E69F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a6:00:f8:91:02:06:07:a5:8d:da:2d:bc:e9:
                    d3:be:eb:99:3b:04:37:27:f0:ad:4d:80:76:49:46:
                    b1:d6:a3:a5:ee:bc:13:86:14:d3:75:1d:3c:f2:45:
                    69:69:1c:1e:e4:f3:fe:09:c1:71:3a:c5:90:c5:ac:
                    1e:f1:25:13:e5:27:83:a6:70:54:bd:ce:66:ba:49:
                    73:0c:f2:5f:17:78:40:9d:f3:a9:57:6e:22:e3:7a:
                    84:eb:3b:35:4e:3f:ee:cb:d0:80:17:4c:98:36:5a:
                    3f:09:e0:f5:2e:f6:4c:e1:bc:94:38:65:fb:22:4f:
                    0c:cd:4d:89:c8:9b:32:59:dc:a6:24:fb:99:81:0e:
                    b9:c8:62:ba:4b:da:84:0b:65:e7:51:19:ee:c4:b1:
                    4a:16:03:3b:a4:19:0c:48:7c:2b:25:24:f2:86:67:
                    33:9b:be:64:94:a6:d8:56:0d:9d:a4:fb:32:62:f4:
                    f5:88:74:a5:a0:49:6b:7b:73:95:05:a2:71:02:7d:
                    ae:c0:6b:67:ac:95:25:a0:ca:e9:90:b9:8e:be:f0:
                    8d:44:3b:9e:e2:ac:0f:74:61:92:bf:a9:d1:57:ca:
                    4c:94:bd:9a:82:9e:ca:ec:8a:40:d4:ae:8b:87:f2:
                    82:39:b4:29:3c:5b:be:f5:4a:24:7a:ac:ac:bb:66:
                    65:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:B9:AE:24:3B:88:C7:F0:01:F8:B6:E9:3A:4E:16:42:5F:37:E6:9F
            X509v3 Authority Key Identifier:
                keyid:44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/33362e33372e3132302e302f32342d3234203d3e203338353133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.37.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:df:50:74:82:b2:1c:1b:29:cc:a1:ce:9f:d9:ac:96:22:e2:
         42:61:45:7a:8d:4e:9b:34:98:47:3c:d7:d7:dd:03:b7:bf:79:
         7e:65:ba:b6:37:58:27:1e:fb:a6:78:de:4e:2f:77:e7:98:ee:
         63:23:e2:75:18:4a:32:5a:dc:00:a6:74:c4:3c:64:9c:7b:36:
         96:af:6a:95:ab:f2:97:51:f7:79:57:0a:1b:07:65:6c:b7:b6:
         54:8e:70:46:e2:38:0d:fc:ac:b9:3a:44:d0:13:c5:de:2f:21:
         ab:5c:55:76:58:a6:37:e6:48:d7:40:d6:4d:94:cc:45:ec:8e:
         27:b4:31:03:fa:41:a2:7e:1d:3a:2a:7e:cb:16:f3:f6:f2:48:
         73:64:e1:be:3a:7c:8f:a4:b8:b5:61:cf:c2:c1:39:78:b2:90:
         46:cb:38:05:bd:a2:e4:99:70:50:5d:c7:1c:50:9b:e0:55:99:
         78:17:25:29:e0:9d:4e:69:19:f5:51:7e:13:ce:fc:f3:8f:47:
         98:d5:fb:a3:8e:a7:1b:b6:f4:fc:10:eb:56:b6:0a:98:81:63:
         b5:61:c2:27:a5:71:fe:08:d4:a1:ed:af:f9:f1:bc:a0:f1:07:
         5d:e9:43:05:19:62:f7:aa:01:9d:4c:d2:42:22:03:b5:20:26:
         05:eb:a9:03
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUefsDaWrW1oYV5eh6ArVrwDBWkyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VD
RjY2NzUyQjAeFw0yNTA2MDIwMTU2MzlaFw0yNjA2MDEwMjAxMzlaMDMxMTAvBgNV
BAMTKERFQjlBRTI0M0I4OEM3RjAwMUY4QjZFOTNBNEUxNjQyNUYzN0U2OUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1pgD4kQIGB6WN2i286dO+65k7
BDcn8K1NgHZJRrHWo6XuvBOGFNN1HTzyRWlpHB7k8/4JwXE6xZDFrB7xJRPlJ4Om
cFS9zma6SXMM8l8XeECd86lXbiLjeoTrOzVOP+7L0IAXTJg2Wj8J4PUu9kzhvJQ4
ZfsiTwzNTYnImzJZ3KYk+5mBDrnIYrpL2oQLZedRGe7EsUoWAzukGQxIfCslJPKG
ZzObvmSUpthWDZ2k+zJi9PWIdKWgSWt7c5UFonECfa7Aa2eslSWgyumQuY6+8I1E
O57irA90YZK/qdFXykyUvZqCnsrsikDUrouH8oI5tCk8W771SiR6rKy7ZmX7AgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU3rmuJDuIx/AB+LbpOk4WQl835p8wHwYDVR0j
BBgwFoAURL9mgra0kwSMbxhkoN6kfs9mdSswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
NWNlMzZkZS1mOTIxLTQyNzQtODQ5Ny0yOTg3ZDkwOTU0M2UvMC80NEJGNjY4MkI2
QjQ5MzA0OEM2RjE4NjRBMERFQTQ3RUNGNjY3NTJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VDRjY2
NzUyQi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU1Y2UzNmRlLWY5MjEtNDI3NC04
NDk3LTI5ODdkOTA5NTQzZS8wLzMzMzYyZTMzMzcyZTMxMzIzMDJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMzMzgzNTMxMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAkJXgwDQYJKoZIhvcN
AQELBQADggEBAE/fUHSCshwbKcyhzp/ZrJYi4kJhRXqNTps0mEc819fdA7e/eX5l
urY3WCce+6Z43k4vd+eY7mMj4nUYSjJa3ACmdMQ8ZJx7NpavapWr8pdR93lXChsH
ZWy3tlSOcEbiOA38rLk6RNATxd4vIatcVXZYpjfmSNdA1k2UzEXsjie0MQP6QaJ+
HToqfssW8/bySHNk4b46fI+kuLVhz8LBOXiykEbLOAW9ouSZcFBdxxxQm+BVmXgX
JSngnU5pGfVRfhPO/POPR5jV+6OOpxu29PwQ61a2CpiBY7Vhwielcf4I1KHtr/nx
vKDxB13pQwUZYveqAZ1M0kIiA7UgJgXrqQM=
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:59:34 2025 by rpki-client