Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/724da152-0024-436d-990d-323806e01699/0/323030313a6466343a616138303a3a2f34382d3438203d3e20313431303537.roa
File:                     323030313a6466343a616138303a3a2f34382d3438203d3e20313431303537.roa (raw, json)
Hash identifier:          tTehZh9UKuAWzLXm3C0kYFHgqql5m+DDpx9m9vm/Bjg=
Subject key identifier:   33:F6:C2:9A:50:17:8B:2C:70:DD:BD:0E:41:DD:27:06:39:E5:B6:92
Certificate issuer:       /CN=F2286B78D2C96CF3CDF067A89D3F5481591CFE3F
Certificate serial:       6B56585CF91839578CCADE74805236915F70E70D
Authority key identifier: F2:28:6B:78:D2:C9:6C:F3:CD:F0:67:A8:9D:3F:54:81:59:1C:FE:3F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F2286B78D2C96CF3CDF067A89D3F5481591CFE3F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/724da152-0024-436d-990d-323806e01699/0/323030313a6466343a616138303a3a2f34382d3438203d3e20313431303537.roa
Signing time:             Mon 02 Jun 2025 02:02:48 +0000
ROA not before:           Mon 02 Jun 2025 01:57:48 +0000
ROA not after:            Mon 01 Jun 2026 02:02:48 +0000
asID:                     141057
IP address blocks:        2001:df4:aa80::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/724da152-0024-436d-990d-323806e01699/0/F2286B78D2C96CF3CDF067A89D3F5481591CFE3F.crl
                          rsync://repo-rpki.idnic.net/repo/724da152-0024-436d-990d-323806e01699/0/F2286B78D2C96CF3CDF067A89D3F5481591CFE3F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F2286B78D2C96CF3CDF067A89D3F5481591CFE3F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 12 Jun 2025 02:50:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:56:58:5c:f9:18:39:57:8c:ca:de:74:80:52:36:91:5f:70:e7:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F2286B78D2C96CF3CDF067A89D3F5481591CFE3F
        Validity
            Not Before: Jun  2 01:57:48 2025 GMT
            Not After : Jun  1 02:02:48 2026 GMT
        Subject: CN=33F6C29A50178B2C70DDBD0E41DD270639E5B692
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:8f:54:e4:96:f0:27:bf:ef:17:a2:88:ec:8d:
                    6c:89:e7:03:d1:f7:8e:f1:8a:58:72:2c:22:3b:fa:
                    2f:2e:60:9c:6d:4b:43:32:5e:99:ca:9e:d8:a8:5a:
                    d3:c4:6a:e0:80:4b:f9:9c:a3:3b:02:63:c1:73:8c:
                    62:ac:28:e0:d7:2f:cd:99:f2:3e:61:1c:06:72:0b:
                    7c:d0:2d:ea:38:61:1a:68:6c:ac:f4:22:58:4e:70:
                    d6:77:0e:2a:d7:8a:e2:58:3a:2d:2a:fc:ff:62:c7:
                    a3:83:b5:82:85:cb:7d:b2:98:21:12:64:a9:49:2c:
                    84:cc:57:1f:9c:7b:50:56:23:f3:9b:56:7b:b9:8a:
                    7c:22:19:5c:34:c1:42:ae:67:08:f6:79:3a:13:b0:
                    64:69:e9:8b:87:9a:64:dd:2a:85:d3:2e:ca:bf:fb:
                    74:3b:d5:40:3d:9b:b8:8b:83:88:c3:10:be:d4:b3:
                    e1:7d:14:0a:e6:03:14:10:de:9d:6f:25:e5:ff:21:
                    24:f7:93:bf:16:34:c7:fe:2f:46:e3:dc:0e:ab:a4:
                    31:e3:cb:f1:02:9a:15:09:1e:ed:e5:78:3e:cd:9d:
                    8c:7f:d7:16:21:7f:13:72:d2:38:03:40:df:71:3e:
                    c7:98:21:96:9c:a6:5d:0a:2f:e9:54:a4:2a:82:05:
                    cb:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:F6:C2:9A:50:17:8B:2C:70:DD:BD:0E:41:DD:27:06:39:E5:B6:92
            X509v3 Authority Key Identifier:
                keyid:F2:28:6B:78:D2:C9:6C:F3:CD:F0:67:A8:9D:3F:54:81:59:1C:FE:3F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/724da152-0024-436d-990d-323806e01699/0/F2286B78D2C96CF3CDF067A89D3F5481591CFE3F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F2286B78D2C96CF3CDF067A89D3F5481591CFE3F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/724da152-0024-436d-990d-323806e01699/0/323030313a6466343a616138303a3a2f34382d3438203d3e20313431303537.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df4:aa80::/48

    Signature Algorithm: sha256WithRSAEncryption
         af:a5:9d:c3:0e:04:c0:71:97:29:a9:4c:e7:c8:ec:11:25:4a:
         20:20:7e:f2:c5:2d:7b:00:e7:a8:f6:9e:8e:2b:35:94:b7:21:
         76:de:4b:af:e1:28:a3:ed:e1:ea:a6:31:52:65:1d:ec:83:83:
         75:f1:af:92:82:e1:f5:95:5f:ff:53:e2:cb:94:5b:75:ea:03:
         6c:1e:fa:4a:80:6b:3e:d0:40:df:47:c5:26:4d:c2:66:f0:3c:
         22:c2:8e:87:7c:43:6f:fb:52:5c:13:ef:33:54:0d:a1:52:4f:
         dd:cc:8a:91:2c:88:fc:67:de:64:e8:0d:92:1c:b6:d6:14:92:
         3c:34:d3:1f:2f:41:01:94:e3:80:e0:97:76:a2:83:a5:90:f4:
         03:18:af:76:25:83:f3:4d:51:d1:df:1a:e6:c0:7c:80:ce:ea:
         25:c8:46:5c:8e:3b:06:d8:e7:cf:a2:73:09:12:24:fc:3d:be:
         a9:9b:c2:b0:0d:a8:cd:95:13:5c:63:c1:52:70:2c:06:54:6b:
         b9:e3:47:75:ab:6f:ad:10:07:18:7d:1d:79:4a:2e:af:d7:1f:
         50:f4:68:c1:98:b0:4e:c1:59:10:07:ee:87:69:3a:ea:57:a2:
         a4:88:8a:21:6b:02:a8:04:90:d0:bb:c0:f3:27:da:fe:b7:7c:
         78:72:17:09
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUa1ZYXPkYOVeMyt50gFI2kV9w5w0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjIyODZCNzhEMkM5NkNGM0NERjA2N0E4OUQzRjU0ODE1
OTFDRkUzRjAeFw0yNTA2MDIwMTU3NDhaFw0yNjA2MDEwMjAyNDhaMDMxMTAvBgNV
BAMTKDMzRjZDMjlBNTAxNzhCMkM3MEREQkQwRTQxREQyNzA2MzlFNUI2OTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9j1TklvAnv+8XoojsjWyJ5wPR
947xilhyLCI7+i8uYJxtS0MyXpnKntioWtPEauCAS/mcozsCY8FzjGKsKODXL82Z
8j5hHAZyC3zQLeo4YRpobKz0IlhOcNZ3DirXiuJYOi0q/P9ix6ODtYKFy32ymCES
ZKlJLITMVx+ce1BWI/ObVnu5inwiGVw0wUKuZwj2eToTsGRp6YuHmmTdKoXTLsq/
+3Q71UA9m7iLg4jDEL7Us+F9FArmAxQQ3p1vJeX/IST3k78WNMf+L0bj3A6rpDHj
y/ECmhUJHu3leD7NnYx/1xYhfxNy0jgDQN9xPseYIZacpl0KL+lUpCqCBctLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUM/bCmlAXiyxw3b0OQd0nBjnltpIwHwYDVR0j
BBgwFoAU8ihreNLJbPPN8GeonT9UgVkc/j8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
MjRkYTE1Mi0wMDI0LTQzNmQtOTkwZC0zMjM4MDZlMDE2OTkvMC9GMjI4NkI3OEQy
Qzk2Q0YzQ0RGMDY3QTg5RDNGNTQ4MTU5MUNGRTNGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjIyODZCNzhEMkM5NkNGM0NERjA2N0E4OUQzRjU0ODE1OTFD
RkUzRi5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzcyNGRhMTUyLTAwMjQtNDM2ZC05
OTBkLTMyMzgwNmUwMTY5OS8wLzMyMzAzMDMxM2E2NDY2MzQzYTYxNjEzODMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNDMxMzAzNTM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
9KqAMA0GCSqGSIb3DQEBCwUAA4IBAQCvpZ3DDgTAcZcpqUznyOwRJUogIH7yxS17
AOeo9p6OKzWUtyF23kuv4Sij7eHqpjFSZR3sg4N18a+SguH1lV//U+LLlFt16gNs
HvpKgGs+0EDfR8UmTcJm8Dwiwo6HfENv+1JcE+8zVA2hUk/dzIqRLIj8Z95k6A2S
HLbWFJI8NNMfL0EBlOOA4Jd2ooOlkPQDGK92JYPzTVHR3xrmwHyAzuolyEZcjjsG
2OfPonMJEiT8Pb6pm8KwDajNlRNcY8FScCwGVGu540d1q2+tEAcYfR15Si6v1x9Q
9GjBmLBOwVkQB+6HaTrqV6KkiIohawKoBJDQu8DzJ9r+t3x4chcJ
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:20:47 2025 by rpki-client