Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/911417c0-37bb-446d-87f2-d8184178c149/0/323430363a626534303a623135613a3a2f34382d3438203d3e20313338383138.roa
File:                     323430363a626534303a623135613a3a2f34382d3438203d3e20313338383138.roa (raw, json)
Hash identifier:          GzXYpE71o4tlTZAt4Hyg0opydgJ4djQwIaGFzaYbjpM=
Subject key identifier:   B4:71:E5:61:97:B8:C9:C0:5D:4E:CB:2B:02:D6:68:B1:AA:75:B7:57
Certificate issuer:       /CN=084550E9619FF5ABD20864D9A6383053B59BF91E
Certificate serial:       6688E3B4FE501F1108F906EED660B7FD65BC8A8C
Authority key identifier: 08:45:50:E9:61:9F:F5:AB:D2:08:64:D9:A6:38:30:53:B5:9B:F9:1E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/084550E9619FF5ABD20864D9A6383053B59BF91E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/911417c0-37bb-446d-87f2-d8184178c149/0/323430363a626534303a623135613a3a2f34382d3438203d3e20313338383138.roa
Signing time:             Fri 16 May 2025 07:00:56 +0000
ROA not before:           Fri 16 May 2025 06:55:56 +0000
ROA not after:            Fri 15 May 2026 07:00:56 +0000
asID:                     138818
IP address blocks:        2406:be40:b15a::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/911417c0-37bb-446d-87f2-d8184178c149/0/084550E9619FF5ABD20864D9A6383053B59BF91E.crl
                          rsync://repo-rpki.idnic.net/repo/911417c0-37bb-446d-87f2-d8184178c149/0/084550E9619FF5ABD20864D9A6383053B59BF91E.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/084550E9619FF5ABD20864D9A6383053B59BF91E.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 10 Jun 2025 11:47:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:88:e3:b4:fe:50:1f:11:08:f9:06:ee:d6:60:b7:fd:65:bc:8a:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=084550E9619FF5ABD20864D9A6383053B59BF91E
        Validity
            Not Before: May 16 06:55:56 2025 GMT
            Not After : May 15 07:00:56 2026 GMT
        Subject: CN=B471E56197B8C9C05D4ECB2B02D668B1AA75B757
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:95:6b:d4:43:4e:1a:13:a8:fa:86:75:56:dc:
                    0e:52:30:57:7f:c2:1c:46:00:81:cd:c7:be:83:41:
                    89:29:e4:d0:ce:c3:bc:1a:05:75:b6:70:b5:5e:de:
                    70:7e:c6:c8:39:ba:46:8f:da:e0:fd:7c:e8:92:2d:
                    40:0f:88:32:df:7d:75:03:9c:c4:7a:d6:a5:5d:af:
                    d5:55:68:22:06:3b:4a:d6:8c:d0:07:4c:37:c2:a0:
                    a7:aa:a6:3e:a2:13:f2:83:4a:9a:53:6f:09:07:f2:
                    e2:be:93:01:a3:5b:d9:ae:c2:ec:ba:69:39:7b:21:
                    b6:a8:6c:b5:2d:d8:30:d0:60:4d:b3:09:f7:fd:49:
                    cc:47:47:11:84:b0:c3:be:59:a3:86:86:0c:6a:6c:
                    2c:ea:7b:d5:33:eb:ff:ef:ac:77:04:e0:67:c7:f3:
                    d0:7d:16:ea:b3:d0:ca:40:1e:40:85:67:0f:26:c1:
                    74:38:42:c5:0e:e7:fb:06:b6:56:8c:34:31:1d:23:
                    c8:09:0c:d0:9e:25:e9:16:c7:5d:64:9f:96:d1:4b:
                    b8:99:e3:41:8b:ec:88:8c:a7:c9:4b:f1:c0:8a:26:
                    de:ed:e5:51:4d:1a:60:e8:af:22:f8:de:25:d1:cf:
                    5b:71:de:9f:fb:d5:44:c1:79:8b:17:76:4e:34:59:
                    0f:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:71:E5:61:97:B8:C9:C0:5D:4E:CB:2B:02:D6:68:B1:AA:75:B7:57
            X509v3 Authority Key Identifier:
                keyid:08:45:50:E9:61:9F:F5:AB:D2:08:64:D9:A6:38:30:53:B5:9B:F9:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/911417c0-37bb-446d-87f2-d8184178c149/0/084550E9619FF5ABD20864D9A6383053B59BF91E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/084550E9619FF5ABD20864D9A6383053B59BF91E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/911417c0-37bb-446d-87f2-d8184178c149/0/323430363a626534303a623135613a3a2f34382d3438203d3e20313338383138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:be40:b15a::/48

    Signature Algorithm: sha256WithRSAEncryption
         08:fb:9b:f0:4a:a3:3e:f1:6f:7d:a4:03:75:8f:9e:fb:81:6d:
         72:16:71:0e:9b:ba:37:ba:0f:2a:ad:a4:68:96:ef:00:3a:7c:
         fe:49:8a:df:bc:aa:83:d2:cd:b8:1f:ef:de:8c:39:5f:fb:21:
         b8:48:8e:68:2e:27:de:c7:d3:d3:27:31:cd:fd:58:d5:99:03:
         ce:51:d5:f5:b4:0f:99:6e:2f:4b:71:b5:23:55:34:ee:58:56:
         f9:e7:15:42:92:e0:39:16:5d:07:d1:8a:23:2c:94:f4:79:f8:
         24:9e:7e:6e:20:28:3c:c3:99:fe:9c:b5:9a:77:0a:4c:40:39:
         ab:a0:f6:ee:7d:b2:9f:6e:4f:46:ec:a8:e2:af:c8:d2:ff:13:
         c5:82:96:6b:6a:43:84:cc:0a:fb:12:cf:c0:81:c9:46:53:0d:
         f7:dd:a0:f5:ee:2e:44:33:e2:d5:dc:78:f0:62:d6:a1:c2:8a:
         f8:bf:44:8b:91:6b:f2:19:22:87:7c:65:30:4c:df:bd:98:b0:
         8b:98:5a:5a:45:2a:d2:33:ba:fe:ae:64:61:8a:98:7f:de:69:
         47:36:ca:63:58:83:0b:86:12:c2:0e:21:5c:6a:7b:9b:8d:2f:
         17:fa:74:f7:e7:f4:32:4f:49:5b:89:e2:40:b0:44:69:11:cd:
         22:51:15:99
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZojjtP5QHxEI+Qbu1mC3/WW8iowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg0NTUwRTk2MTlGRjVBQkQyMDg2NEQ5QTYzODMwNTNC
NTlCRjkxRTAeFw0yNTA1MTYwNjU1NTZaFw0yNjA1MTUwNzAwNTZaMDMxMTAvBgNV
BAMTKEI0NzFFNTYxOTdCOEM5QzA1RDRFQ0IyQjAyRDY2OEIxQUE3NUI3NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMlWvUQ04aE6j6hnVW3A5SMFd/
whxGAIHNx76DQYkp5NDOw7waBXW2cLVe3nB+xsg5ukaP2uD9fOiSLUAPiDLffXUD
nMR61qVdr9VVaCIGO0rWjNAHTDfCoKeqpj6iE/KDSppTbwkH8uK+kwGjW9muwuy6
aTl7IbaobLUt2DDQYE2zCff9ScxHRxGEsMO+WaOGhgxqbCzqe9Uz6//vrHcE4GfH
89B9Fuqz0MpAHkCFZw8mwXQ4QsUO5/sGtlaMNDEdI8gJDNCeJekWx11kn5bRS7iZ
40GL7IiMp8lL8cCKJt7t5VFNGmDoryL43iXRz1tx3p/71UTBeYsXdk40WQ9HAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtHHlYZe4ycBdTssrAtZosap1t1cwHwYDVR0j
BBgwFoAUCEVQ6WGf9avSCGTZpjgwU7Wb+R4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
MTE0MTdjMC0zN2JiLTQ0NmQtODdmMi1kODE4NDE3OGMxNDkvMC8wODQ1NTBFOTYx
OUZGNUFCRDIwODY0RDlBNjM4MzA1M0I1OUJGOTFFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDg0NTUwRTk2MTlGRjVBQkQyMDg2NEQ5QTYzODMwNTNCNTlC
RjkxRS5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkxMTQxN2MwLTM3YmItNDQ2ZC04
N2YyLWQ4MTg0MTc4YzE0OS8wLzMyMzQzMDM2M2E2MjY1MzQzMDNhNjIzMTM1NjEz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTMzMzgzODMxMzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk
Br5AsVowDQYJKoZIhvcNAQELBQADggEBAAj7m/BKoz7xb32kA3WPnvuBbXIWcQ6b
uje6DyqtpGiW7wA6fP5Jit+8qoPSzbgf796MOV/7IbhIjmguJ97H09MnMc39WNWZ
A85R1fW0D5luL0txtSNVNO5YVvnnFUKS4DkWXQfRiiMslPR5+CSefm4gKDzDmf6c
tZp3CkxAOaug9u59sp9uT0bsqOKvyNL/E8WClmtqQ4TMCvsSz8CByUZTDffdoPXu
LkQz4tXcePBi1qHCivi/RIuRa/IZIod8ZTBM372YsIuYWlpFKtIzuv6uZGGKmH/e
aUc2ymNYgwuGEsIOIVxqe5uNLxf6dPfn9DJPSVuJ4kCwRGkRzSJRFZk=
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:17:31 2025 by rpki-client