Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/7305ab30-5653-42bc-9c3f-aaf567eae701/0/3130332e3138392e3131362e302f32342d3234203d3e20313439383738.roa
File:                     3130332e3138392e3131362e302f32342d3234203d3e20313439383738.roa (raw, json)
Hash identifier:          WTqqW4cwushoWLyLWupS3yHzTC5AqZ4B8ENJ6k7wzI4=
Subject key identifier:   B5:1D:17:FB:06:5D:6B:AC:04:C7:9B:26:18:DB:87:3A:40:D5:E5:36
Certificate issuer:       /CN=F8B7C8E5DDBDD036513F10B87F39A94BE1DB3DCA
Certificate serial:       4C4D3D4FDF3644A488454462F2B9D7897C1537BC
Authority key identifier: F8:B7:C8:E5:DD:BD:D0:36:51:3F:10:B8:7F:39:A9:4B:E1:DB:3D:CA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F8B7C8E5DDBDD036513F10B87F39A94BE1DB3DCA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/7305ab30-5653-42bc-9c3f-aaf567eae701/0/3130332e3138392e3131362e302f32342d3234203d3e20313439383738.roa
Signing time:             Wed 04 Jun 2025 10:00:00 +0000
ROA not before:           Wed 04 Jun 2025 09:55:00 +0000
ROA not after:            Wed 03 Jun 2026 10:00:00 +0000
asID:                     149878
IP address blocks:        103.189.116.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/7305ab30-5653-42bc-9c3f-aaf567eae701/0/F8B7C8E5DDBDD036513F10B87F39A94BE1DB3DCA.crl
                          rsync://repo-rpki.idnic.net/repo/7305ab30-5653-42bc-9c3f-aaf567eae701/0/F8B7C8E5DDBDD036513F10B87F39A94BE1DB3DCA.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F8B7C8E5DDBDD036513F10B87F39A94BE1DB3DCA.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 12 Jun 2025 06:20:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:4d:3d:4f:df:36:44:a4:88:45:44:62:f2:b9:d7:89:7c:15:37:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F8B7C8E5DDBDD036513F10B87F39A94BE1DB3DCA
        Validity
            Not Before: Jun  4 09:55:00 2025 GMT
            Not After : Jun  3 10:00:00 2026 GMT
        Subject: CN=B51D17FB065D6BAC04C79B2618DB873A40D5E536
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:16:80:ba:c8:09:bc:2d:80:06:ae:7d:31:2c:
                    1a:2e:76:59:be:a0:2b:63:ba:91:65:9d:e9:8a:e3:
                    1f:82:d8:69:53:df:c6:c8:da:a0:7c:94:7c:4f:28:
                    26:1f:d8:4b:2b:6e:70:ef:a1:de:ab:06:d5:76:73:
                    df:bd:3d:a8:a8:69:1a:33:6a:03:26:18:ce:5a:a4:
                    2d:36:4a:02:a3:83:f4:c5:f4:9e:fb:02:48:4b:4a:
                    f1:e1:3f:bb:57:ed:2e:05:2d:e4:aa:1f:fa:93:0a:
                    15:e1:15:6b:d1:ee:33:b1:02:83:7f:49:de:5e:60:
                    b4:51:c4:9d:e7:6b:5f:6a:46:c5:69:25:ba:f6:ed:
                    79:c5:7e:a4:aa:80:c9:fc:8a:60:69:3d:76:0b:2f:
                    98:bb:8c:cd:47:09:58:0e:c3:9d:0b:bf:5b:a1:f9:
                    fc:28:05:10:2a:9b:e5:90:52:6b:9a:d4:51:90:c9:
                    37:02:fa:a0:47:96:7a:d4:a1:8b:a0:28:63:62:ee:
                    c4:24:9c:d5:98:e5:54:2e:65:ec:b0:42:46:12:7d:
                    70:11:1c:53:b7:03:a0:81:03:f1:5b:e9:bf:e2:34:
                    30:54:e4:a0:ec:ad:f8:e1:10:4f:5d:37:cb:ee:89:
                    92:32:87:be:90:95:c1:e9:84:d5:8c:c4:c4:96:cf:
                    cd:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:1D:17:FB:06:5D:6B:AC:04:C7:9B:26:18:DB:87:3A:40:D5:E5:36
            X509v3 Authority Key Identifier:
                keyid:F8:B7:C8:E5:DD:BD:D0:36:51:3F:10:B8:7F:39:A9:4B:E1:DB:3D:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/7305ab30-5653-42bc-9c3f-aaf567eae701/0/F8B7C8E5DDBDD036513F10B87F39A94BE1DB3DCA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F8B7C8E5DDBDD036513F10B87F39A94BE1DB3DCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7305ab30-5653-42bc-9c3f-aaf567eae701/0/3130332e3138392e3131362e302f32342d3234203d3e20313439383738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.189.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:b5:5e:a6:91:2a:eb:5f:7c:e1:07:c1:0c:e1:fb:b8:34:b1:
         2a:77:29:fc:5b:b2:38:8c:13:d3:9a:ca:f6:0c:57:f9:40:60:
         3e:cf:6a:19:25:52:3e:35:5e:ad:11:ad:6d:27:f7:b7:35:f5:
         19:05:da:41:ec:2c:05:e0:a8:38:3d:6f:2c:b4:8a:72:15:03:
         3c:63:55:a4:d3:58:97:3a:61:4f:23:04:52:24:5d:03:e6:17:
         af:6f:e0:dd:ce:21:92:39:a6:cd:fb:4d:93:48:a1:10:99:a4:
         03:5b:61:d6:b9:a2:9a:a0:2d:8e:a1:bf:81:bf:da:60:cf:46:
         f9:17:73:a7:7a:0e:6c:54:d8:22:cd:c6:4e:c7:42:bf:d5:44:
         c7:37:98:78:18:ac:99:bf:5a:14:3d:a6:30:03:01:fd:e2:0a:
         20:ae:4e:f4:a5:3b:b9:dd:db:27:6c:12:b3:7f:46:d7:ce:73:
         46:d3:91:f3:89:34:d4:bb:28:f4:91:40:ef:db:f2:87:05:ba:
         e6:59:65:42:86:d3:da:f1:05:a1:d8:b0:2d:a6:d1:20:43:ae:
         1b:ff:22:9a:58:3c:de:e6:d4:06:26:23:74:b8:dd:09:80:5b:
         64:e4:54:25:76:51:7a:76:16:b9:1c:b1:ce:80:76:65:02:6f:
         bf:4c:d4:ea
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUTE09T982RKSIRURi8rnXiXwVN7wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjhCN0M4RTVEREJERDAzNjUxM0YxMEI4N0YzOUE5NEJF
MURCM0RDQTAeFw0yNTA2MDQwOTU1MDBaFw0yNjA2MDMxMDAwMDBaMDMxMTAvBgNV
BAMTKEI1MUQxN0ZCMDY1RDZCQUMwNEM3OUIyNjE4REI4NzNBNDBENUU1MzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeFoC6yAm8LYAGrn0xLBoudlm+
oCtjupFlnemK4x+C2GlT38bI2qB8lHxPKCYf2EsrbnDvod6rBtV2c9+9PaioaRoz
agMmGM5apC02SgKjg/TF9J77AkhLSvHhP7tX7S4FLeSqH/qTChXhFWvR7jOxAoN/
Sd5eYLRRxJ3na19qRsVpJbr27XnFfqSqgMn8imBpPXYLL5i7jM1HCVgOw50Lv1uh
+fwoBRAqm+WQUmua1FGQyTcC+qBHlnrUoYugKGNi7sQknNWY5VQuZeywQkYSfXAR
HFO3A6CBA/Fb6b/iNDBU5KDsrfjhEE9dN8vuiZIyh76QlcHphNWMxMSWz83bAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUtR0X+wZda6wEx5smGNuHOkDV5TYwHwYDVR0j
BBgwFoAU+LfI5d290DZRPxC4fzmpS+HbPcowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
MzA1YWIzMC01NjUzLTQyYmMtOWMzZi1hYWY1NjdlYWU3MDEvMC9GOEI3QzhFNURE
QkREMDM2NTEzRjEwQjg3RjM5QTk0QkUxREIzRENBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjhCN0M4RTVEREJERDAzNjUxM0YxMEI4N0YzOUE5NEJFMURC
M0RDQS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzczMDVhYjMwLTU2NTMtNDJiYy05
YzNmLWFhZjU2N2VhZTcwMS8wLzMxMzAzMzJlMzEzODM5MmUzMTMxMzYyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzkzODM3Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnvXQwDQYJ
KoZIhvcNAQELBQADggEBAHC1XqaRKutffOEHwQzh+7g0sSp3KfxbsjiME9OayvYM
V/lAYD7PahklUj41Xq0RrW0n97c19RkF2kHsLAXgqDg9byy0inIVAzxjVaTTWJc6
YU8jBFIkXQPmF69v4N3OIZI5ps37TZNIoRCZpANbYda5opqgLY6hv4G/2mDPRvkX
c6d6DmxU2CLNxk7HQr/VRMc3mHgYrJm/WhQ9pjADAf3iCiCuTvSlO7nd2ydsErN/
RtfOc0bTkfOJNNS7KPSRQO/b8ocFuuZZZUKG09rxBaHYsC2m0SBDrhv/IppYPN7m
1AYmI3S43QmAW2TkVCV2UXp2Frkcsc6AdmUCb79M1Oo=
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:48:32 2025 by rpki-client