Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/3231302e37392e3230382e302f32302d3230203d3e203137393130.roa
File:                     3231302e37392e3230382e302f32302d3230203d3e203137393130.roa (raw, json)
Hash identifier:          1kbjcVz7NV7SFqtMY1gTY7M0GuY6igkJGp6NsdTqDPc=
Subject key identifier:   95:7E:BB:A1:A9:CB:3F:53:C6:DE:6A:DE:41:57:1B:6C:EE:C8:19:5D
Certificate issuer:       /CN=1635F5E419798341BDC615D4E1C6AE340C34BEED
Certificate serial:       29EFC6287ED4549DEC70896AD5D4A279F97EF6E0
Authority key identifier: 16:35:F5:E4:19:79:83:41:BD:C6:15:D4:E1:C6:AE:34:0C:34:BE:ED
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1635F5E419798341BDC615D4E1C6AE340C34BEED.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/3231302e37392e3230382e302f32302d3230203d3e203137393130.roa
Signing time:             Mon 02 Jun 2025 02:04:26 +0000
ROA not before:           Mon 02 Jun 2025 01:59:26 +0000
ROA not after:            Mon 01 Jun 2026 02:04:26 +0000
asID:                     17910
IP address blocks:        210.79.208.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/1635F5E419798341BDC615D4E1C6AE340C34BEED.crl
                          rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/1635F5E419798341BDC615D4E1C6AE340C34BEED.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1635F5E419798341BDC615D4E1C6AE340C34BEED.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 11 Jun 2025 22:51:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:ef:c6:28:7e:d4:54:9d:ec:70:89:6a:d5:d4:a2:79:f9:7e:f6:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1635F5E419798341BDC615D4E1C6AE340C34BEED
        Validity
            Not Before: Jun  2 01:59:26 2025 GMT
            Not After : Jun  1 02:04:26 2026 GMT
        Subject: CN=957EBBA1A9CB3F53C6DE6ADE41571B6CEEC8195D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:16:65:c8:d2:83:1e:70:01:74:c0:25:88:2b:
                    fd:d2:90:dd:0b:fc:a7:a3:36:7a:30:66:b3:c8:3f:
                    c2:76:6a:c9:e4:81:3e:38:cc:72:07:7d:f0:cb:2f:
                    f2:b6:a8:9f:36:25:23:13:a1:a6:b5:b9:d9:15:f8:
                    4d:1f:16:2b:6e:8b:1d:d9:93:36:cd:0b:1b:0c:57:
                    68:8f:12:2f:e8:ff:3d:a1:ab:db:24:3a:3a:26:96:
                    9e:08:90:5b:2a:dc:e1:a8:f7:74:69:bf:a3:f0:ba:
                    0b:f4:1f:54:c0:8d:39:4b:16:a3:3d:2b:47:51:fc:
                    80:7f:a0:cf:cb:f8:65:a5:f2:87:99:f2:b8:1b:b4:
                    06:37:35:cc:4a:c6:9f:cb:3f:5d:5f:f8:91:42:c1:
                    0e:6f:24:64:68:ef:32:5b:f7:f0:85:02:9c:f2:80:
                    80:7c:0a:4f:31:65:be:5d:e2:98:3c:ec:b6:29:49:
                    c1:f1:ea:b3:fd:9d:be:7a:ba:dd:68:b4:4d:1a:ac:
                    f8:8b:5b:31:bc:71:1a:78:1f:ec:de:8b:5e:a5:e3:
                    9a:0e:21:0d:c5:0f:51:5c:f5:18:67:c7:5d:d2:6e:
                    72:75:02:ae:fb:2d:bd:57:c9:70:f2:2b:20:8d:f8:
                    d3:45:b4:9a:ba:e0:c6:78:b1:7b:b8:4e:5a:b8:3a:
                    83:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:7E:BB:A1:A9:CB:3F:53:C6:DE:6A:DE:41:57:1B:6C:EE:C8:19:5D
            X509v3 Authority Key Identifier:
                keyid:16:35:F5:E4:19:79:83:41:BD:C6:15:D4:E1:C6:AE:34:0C:34:BE:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/1635F5E419798341BDC615D4E1C6AE340C34BEED.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1635F5E419798341BDC615D4E1C6AE340C34BEED.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/3231302e37392e3230382e302f32302d3230203d3e203137393130.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.79.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         85:f1:51:a4:b6:85:e8:4c:cf:11:fc:36:ea:da:22:cc:ef:f1:
         b4:5a:19:56:cf:17:54:c4:28:6c:97:cd:06:06:2c:e4:5f:cd:
         c1:6e:f1:3e:e4:60:14:03:62:f3:17:fd:02:90:67:09:ab:16:
         e6:bd:76:c3:0d:b6:ca:d3:f5:4e:12:81:f2:60:8b:99:14:95:
         fa:6f:90:8b:58:2d:91:01:a2:f5:d1:19:76:b4:c6:f2:7d:7c:
         89:3c:48:6c:2c:57:f3:52:6e:d4:cc:54:18:c5:a2:f6:a8:15:
         58:a6:9f:c3:04:73:ea:eb:60:62:76:7e:7c:8f:7d:7d:e8:e2:
         c6:d2:2c:d1:d2:fb:c2:e5:71:98:04:db:ef:ff:0b:1b:8b:c0:
         c8:7c:92:88:91:3d:bd:42:d6:ed:3f:8b:a0:24:a1:8f:1f:63:
         e3:9e:f5:87:ac:ce:e0:60:a6:38:de:46:d3:8c:a7:61:ca:dc:
         c9:1f:0b:24:0b:d6:31:99:f8:bc:9d:d6:70:20:61:9f:39:d7:
         ff:88:20:ea:b9:06:c6:28:c8:75:a3:e7:8c:6f:70:c1:f4:7c:
         71:eb:eb:32:e7:ab:20:9d:17:16:66:7a:1a:85:a0:ef:93:f6:
         74:b8:70:27:b4:36:00:fe:a8:e8:1e:07:84:11:c0:a8:f1:55:
         f4:0a:7a:18
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUKe/GKH7UVJ3scIlq1dSiefl+9uAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTYzNUY1RTQxOTc5ODM0MUJEQzYxNUQ0RTFDNkFFMzQw
QzM0QkVFRDAeFw0yNTA2MDIwMTU5MjZaFw0yNjA2MDEwMjA0MjZaMDMxMTAvBgNV
BAMTKDk1N0VCQkExQTlDQjNGNTNDNkRFNkFERTQxNTcxQjZDRUVDODE5NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLFmXI0oMecAF0wCWIK/3SkN0L
/KejNnowZrPIP8J2asnkgT44zHIHffDLL/K2qJ82JSMToaa1udkV+E0fFituix3Z
kzbNCxsMV2iPEi/o/z2hq9skOjomlp4IkFsq3OGo93Rpv6Pwugv0H1TAjTlLFqM9
K0dR/IB/oM/L+GWl8oeZ8rgbtAY3NcxKxp/LP11f+JFCwQ5vJGRo7zJb9/CFApzy
gIB8Ck8xZb5d4pg87LYpScHx6rP9nb56ut1otE0arPiLWzG8cRp4H+zei16l45oO
IQ3FD1Fc9Rhnx13SbnJ1Aq77Lb1XyXDyKyCN+NNFtJq64MZ4sXu4Tlq4OoNlAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUlX67oanLP1PG3mreQVcbbO7IGV0wHwYDVR0j
BBgwFoAUFjX15Bl5g0G9xhXU4cauNAw0vu0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
NjQ1MDAzMi01NDkyLTRhNWEtOTQzZi1iZGI0NzMzNDEyMzMvMC8xNjM1RjVFNDE5
Nzk4MzQxQkRDNjE1RDRFMUM2QUUzNDBDMzRCRUVELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTYzNUY1RTQxOTc5ODM0MUJEQzYxNUQ0RTFDNkFFMzQwQzM0
QkVFRC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg2NDUwMDMyLTU0OTItNGE1YS05
NDNmLWJkYjQ3MzM0MTIzMy8wLzMyMzEzMDJlMzczOTJlMzIzMDM4MmUzMDJmMzIz
MDJkMzIzMDIwM2QzZTIwMzEzNzM5MzEzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNJP0DANBgkqhkiG
9w0BAQsFAAOCAQEAhfFRpLaF6EzPEfw26toizO/xtFoZVs8XVMQobJfNBgYs5F/N
wW7xPuRgFANi8xf9ApBnCasW5r12ww22ytP1ThKB8mCLmRSV+m+Qi1gtkQGi9dEZ
drTG8n18iTxIbCxX81Ju1MxUGMWi9qgVWKafwwRz6utgYnZ+fI99fejixtIs0dL7
wuVxmATb7/8LG4vAyHySiJE9vULW7T+LoCShjx9j4571h6zO4GCmON5G04ynYcrc
yR8LJAvWMZn4vJ3WcCBhnznX/4gg6rkGxijIdaPnjG9wwfR8cevrMuerIJ0XFmZ6
GoWg75P2dLhwJ7Q2AP6o6B4HhBHAqPFV9Ap6GA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 05:44:38 2025 by rpki-client