Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/73fe4255-1d91-4fcc-bce4-8a42adfe3c29/0/3130332e3133392e32352e302f32342d3234203d3e20313338383738.roa
File:                     3130332e3133392e32352e302f32342d3234203d3e20313338383738.roa (raw, json)
Hash identifier:          fXYsqxCjsvIrOq+7nStBZ2/w2ahyZCjmKRe5J8m8wVg=
Subject key identifier:   52:C7:1F:9C:C8:93:AD:D1:BC:18:B0:A8:C6:E1:85:0D:A8:B5:78:28
Certificate issuer:       /CN=EC39D766063B56E5EA4DBFB2A502298FB995956A
Certificate serial:       1F0A1102E0F4511DBA7490ED04BC62E3C94934
Authority key identifier: EC:39:D7:66:06:3B:56:E5:EA:4D:BF:B2:A5:02:29:8F:B9:95:95:6A
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EC39D766063B56E5EA4DBFB2A502298FB995956A.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/73fe4255-1d91-4fcc-bce4-8a42adfe3c29/0/3130332e3133392e32352e302f32342d3234203d3e20313338383738.roa
Signing time:             Mon 02 Jun 2025 01:02:37 +0000
ROA not before:           Mon 02 Jun 2025 00:57:37 +0000
ROA not after:            Mon 01 Jun 2026 01:02:37 +0000
asID:                     138878
IP address blocks:        103.139.25.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/73fe4255-1d91-4fcc-bce4-8a42adfe3c29/0/EC39D766063B56E5EA4DBFB2A502298FB995956A.crl
                          rsync://repo-rpki.idnic.net/repo/73fe4255-1d91-4fcc-bce4-8a42adfe3c29/0/EC39D766063B56E5EA4DBFB2A502298FB995956A.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EC39D766063B56E5EA4DBFB2A502298FB995956A.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 12 Jun 2025 01:48:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:0a:11:02:e0:f4:51:1d:ba:74:90:ed:04:bc:62:e3:c9:49:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EC39D766063B56E5EA4DBFB2A502298FB995956A
        Validity
            Not Before: Jun  2 00:57:37 2025 GMT
            Not After : Jun  1 01:02:37 2026 GMT
        Subject: CN=52C71F9CC893ADD1BC18B0A8C6E1850DA8B57828
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:d9:2e:76:8e:b3:1b:d3:e3:e0:0c:cc:19:c3:
                    5b:b2:93:ba:90:0b:c6:85:8a:05:e4:3c:a5:cf:30:
                    a0:29:f3:53:f2:2e:68:9b:6d:ea:5a:9b:a2:92:6c:
                    7b:04:af:bf:d2:c4:27:4b:89:24:75:a8:20:f4:f3:
                    2f:c9:12:0c:bf:0a:0f:f8:da:3b:f2:29:ff:e8:01:
                    01:7d:43:0e:4e:0d:85:19:72:c1:5e:47:7b:40:1b:
                    1c:e8:6e:b1:ec:2f:9e:fb:c0:b4:78:17:a1:70:e6:
                    f3:ff:a4:41:1c:5d:36:28:d3:1b:c0:f8:75:00:16:
                    7b:ae:81:55:98:ff:e4:5e:d3:f4:8e:d2:60:35:c4:
                    f5:08:32:50:78:24:04:72:2f:41:ad:29:3a:9f:e5:
                    cf:03:c5:27:3b:2f:59:df:4c:af:0b:8b:d4:d4:87:
                    32:25:11:68:cf:65:48:38:90:8b:30:94:66:0b:97:
                    68:c4:44:37:cd:5a:12:46:68:e6:94:d1:13:91:cb:
                    86:d1:ad:3e:ea:1c:c0:6b:9b:3d:a0:7f:64:93:57:
                    92:d6:39:9e:e9:c2:be:1a:d0:d2:7a:6d:86:e8:3a:
                    58:45:c2:43:7c:b4:dd:73:df:e1:ed:59:7f:b0:af:
                    9f:99:98:12:42:d3:f9:d0:78:93:78:a3:08:ca:bb:
                    04:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:C7:1F:9C:C8:93:AD:D1:BC:18:B0:A8:C6:E1:85:0D:A8:B5:78:28
            X509v3 Authority Key Identifier:
                keyid:EC:39:D7:66:06:3B:56:E5:EA:4D:BF:B2:A5:02:29:8F:B9:95:95:6A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/73fe4255-1d91-4fcc-bce4-8a42adfe3c29/0/EC39D766063B56E5EA4DBFB2A502298FB995956A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EC39D766063B56E5EA4DBFB2A502298FB995956A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/73fe4255-1d91-4fcc-bce4-8a42adfe3c29/0/3130332e3133392e32352e302f32342d3234203d3e20313338383738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.139.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:91:4b:88:30:07:68:fc:77:8c:f4:59:d8:1c:31:2b:45:a5:
         42:4e:b1:e7:25:62:36:d4:c4:41:88:8d:19:ca:05:79:f6:72:
         43:6f:61:77:fa:74:78:da:ed:30:b3:7b:3c:6b:05:e1:5b:ec:
         2b:c0:df:b4:5c:ca:39:47:bd:ed:4b:94:e1:64:f5:06:ae:87:
         00:86:06:3f:4a:ab:7e:97:8d:6a:3b:01:d1:3c:eb:6d:c2:7f:
         70:70:d0:4a:14:ac:3b:3c:a2:fc:d9:27:27:92:c8:66:72:6d:
         1b:e8:ac:b8:39:52:a2:67:78:90:e6:0f:31:ef:07:b5:a3:9c:
         b5:0c:a2:0b:ae:34:55:5b:bd:5c:c3:9f:47:cb:81:a8:00:61:
         ea:b3:c7:0d:b6:2d:81:28:60:a1:90:69:ba:d5:32:2c:2a:e4:
         49:33:c7:67:6c:79:20:64:4f:f7:6f:82:84:6b:46:bd:15:42:
         25:30:2f:3a:95:26:7b:1d:74:bb:1e:b8:03:49:d9:dd:79:fb:
         e9:ab:48:27:5f:77:c0:99:ba:26:fc:52:6a:eb:8e:4f:1d:64:
         9b:d8:01:88:30:b2:47:db:5f:32:53:52:47:ab:17:bb:fe:95:
         1d:9f:3e:e2:9f:3a:28:a7:44:85:88:22:0c:5e:3e:a3:c4:61:
         37:4e:0a:de
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgITHwoRAuD0UR26dJDtBLxi48lJNDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyhFQzM5RDc2NjA2M0I1NkU1RUE0REJGQjJBNTAyMjk4RkI5
OTU5NTZBMB4XDTI1MDYwMjAwNTczN1oXDTI2MDYwMTAxMDIzN1owMzExMC8GA1UE
AxMoNTJDNzFGOUNDODkzQUREMUJDMThCMEE4QzZFMTg1MERBOEI1NzgyODCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALTZLnaOsxvT4+AMzBnDW7KTupAL
xoWKBeQ8pc8woCnzU/IuaJtt6lqbopJsewSvv9LEJ0uJJHWoIPTzL8kSDL8KD/ja
O/Ip/+gBAX1DDk4NhRlywV5He0AbHOhusewvnvvAtHgXoXDm8/+kQRxdNijTG8D4
dQAWe66BVZj/5F7T9I7SYDXE9QgyUHgkBHIvQa0pOp/lzwPFJzsvWd9MrwuL1NSH
MiURaM9lSDiQizCUZguXaMREN81aEkZo5pTRE5HLhtGtPuocwGubPaB/ZJNXktY5
nunCvhrQ0npthug6WEXCQ3y03XPf4e1Zf7Cvn5mYEkLT+dB4k3ijCMq7BKUCAwEA
AaOCAjQwggIwMB0GA1UdDgQWBBRSxx+cyJOt0bwYsKjG4YUNqLV4KDAfBgNVHSME
GDAWgBTsOddmBjtW5epNv7KlAimPuZWVajAOBgNVHQ8BAf8EBAMCB4AwgYUGA1Ud
HwR+MHwweqB4oHaGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzcz
ZmU0MjU1LTFkOTEtNGZjYy1iY2U0LThhNDJhZGZlM2MyOS8wL0VDMzlENzY2MDYz
QjU2RTVFQTREQkZCMkE1MDIyOThGQjk5NTk1NkEuY3JsMHQGCCsGAQUFBwEBBGgw
ZjBkBggrBgEFBQcwAoZYcnN5bmM6Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8v
SUROSUMtSUQvMi9FQzM5RDc2NjA2M0I1NkU1RUE0REJGQjJBNTAyMjk4RkI5OTU5
NTZBLmNlcjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUFBzALhoGEcnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNzNmZTQyNTUtMWQ5MS00ZmNjLWJj
ZTQtOGE0MmFkZmUzYzI5LzAvMzEzMDMzMmUzMTMzMzkyZTMyMzUyZTMwMmYzMjM0
MmQzMjM0MjAzZDNlMjAzMTMzMzgzODM3Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnixkwDQYJKoZI
hvcNAQELBQADggEBAAaRS4gwB2j8d4z0WdgcMStFpUJOseclYjbUxEGIjRnKBXn2
ckNvYXf6dHja7TCzezxrBeFb7CvA37RcyjlHve1LlOFk9QauhwCGBj9Kq36XjWo7
AdE8623Cf3Bw0EoUrDs8ovzZJyeSyGZybRvorLg5UqJneJDmDzHvB7WjnLUMoguu
NFVbvVzDn0fLgagAYeqzxw22LYEoYKGQabrVMiwq5Ekzx2dseSBkT/dvgoRrRr0V
QiUwLzqVJnsddLseuANJ2d15++mrSCdfd8CZuib8Umrrjk8dZJvYAYgwskfbXzJT
UkerF7v+lR2fPuKfOiinRIWIIgxePqPEYTdOCt4=
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:56:09 2025 by rpki-client