Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/9329793e-8f18-4116-9268-a133daf11cef/1/3130332e3232382e31382e302f32342d3234203d3e20313530393835.roa
File:                     3130332e3232382e31382e302f32342d3234203d3e20313530393835.roa (raw, json)
Hash identifier:          0/OqllA56TlHB+/g3q6s+l8VMpQYYTb8qnYADWBkbik=
Subject key identifier:   3B:CD:CD:D4:9B:08:15:72:CD:7F:E6:5C:FB:DD:8A:60:2B:40:96:43
Certificate issuer:       /CN=6C9FD300DFD761AFDA950CE979599BBE316BB13C
Certificate serial:       3302053456839040F1A7DFA4A98CDAEA3BF957E7
Authority key identifier: 6C:9F:D3:00:DF:D7:61:AF:DA:95:0C:E9:79:59:9B:BE:31:6B:B1:3C
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6C9FD300DFD761AFDA950CE979599BBE316BB13C.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/9329793e-8f18-4116-9268-a133daf11cef/1/3130332e3232382e31382e302f32342d3234203d3e20313530393835.roa
Signing time:             Wed 21 May 2025 11:00:01 +0000
ROA not before:           Wed 21 May 2025 10:55:01 +0000
ROA not after:            Wed 20 May 2026 11:00:01 +0000
asID:                     150985
IP address blocks:        103.228.18.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/9329793e-8f18-4116-9268-a133daf11cef/1/6C9FD300DFD761AFDA950CE979599BBE316BB13C.crl
                          rsync://repo-rpki.idnic.net/repo/9329793e-8f18-4116-9268-a133daf11cef/1/6C9FD300DFD761AFDA950CE979599BBE316BB13C.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6C9FD300DFD761AFDA950CE979599BBE316BB13C.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 12 Jun 2025 06:10:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:02:05:34:56:83:90:40:f1:a7:df:a4:a9:8c:da:ea:3b:f9:57:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6C9FD300DFD761AFDA950CE979599BBE316BB13C
        Validity
            Not Before: May 21 10:55:01 2025 GMT
            Not After : May 20 11:00:01 2026 GMT
        Subject: CN=3BCDCDD49B081572CD7FE65CFBDD8A602B409643
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b4:32:2c:e0:3d:4f:5a:d9:02:74:eb:52:76:
                    22:84:16:6d:c1:b1:08:47:e3:81:d6:e5:23:83:d0:
                    42:84:a7:61:db:6c:80:cc:76:e7:aa:ac:4a:08:2d:
                    f6:e7:71:b3:2d:36:4b:3f:ad:fb:8d:86:65:de:3f:
                    d5:44:55:94:76:4b:bf:31:6c:6c:8f:dc:3c:99:79:
                    5c:04:76:23:0c:c8:44:4b:6f:7e:e6:7b:21:e0:5b:
                    fc:9e:7c:65:49:38:7c:8f:54:ce:55:f2:48:23:2c:
                    ac:af:96:bc:a7:0f:63:81:8a:69:85:ed:7a:d5:b7:
                    a3:b9:2d:88:5a:7f:e1:b2:6f:20:c2:dd:94:38:19:
                    3d:74:76:fd:d8:4d:df:7d:9a:af:56:9f:a1:d9:ce:
                    26:cb:e3:8c:c5:dd:8b:bc:bd:9c:8a:62:65:68:08:
                    99:49:0d:18:ea:a5:f6:16:18:aa:d2:8c:19:67:68:
                    c2:2f:62:12:f1:aa:b8:05:56:18:b3:71:bc:0f:c5:
                    6d:02:f9:dc:4c:fb:2b:9a:43:39:42:4b:d4:4f:93:
                    bb:ad:1d:ca:fa:c5:48:a0:db:6f:bb:8a:9c:12:96:
                    af:b9:a2:32:7d:84:93:bd:3d:47:07:e5:fe:61:4d:
                    af:29:01:c2:cc:09:44:76:93:19:62:70:76:74:4f:
                    03:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:CD:CD:D4:9B:08:15:72:CD:7F:E6:5C:FB:DD:8A:60:2B:40:96:43
            X509v3 Authority Key Identifier:
                keyid:6C:9F:D3:00:DF:D7:61:AF:DA:95:0C:E9:79:59:9B:BE:31:6B:B1:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/9329793e-8f18-4116-9268-a133daf11cef/1/6C9FD300DFD761AFDA950CE979599BBE316BB13C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6C9FD300DFD761AFDA950CE979599BBE316BB13C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9329793e-8f18-4116-9268-a133daf11cef/1/3130332e3232382e31382e302f32342d3234203d3e20313530393835.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.228.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:52:e9:07:51:bf:c6:20:a4:0f:73:53:b4:80:39:ce:c8:81:
         60:c2:e0:cb:58:84:c5:1e:99:4b:6e:61:31:e0:a9:01:25:92:
         61:ae:b6:6c:3d:73:db:0a:f5:ad:cf:aa:55:90:26:b5:57:80:
         c4:77:8e:0a:f0:cb:27:b2:df:75:31:d8:9b:fc:e9:7b:f7:a5:
         77:f5:84:65:d3:87:b2:68:04:43:fe:e5:6c:2d:98:88:78:1f:
         a5:3a:be:4c:bd:81:bf:22:fb:20:64:b4:bd:c1:7d:e6:04:20:
         fd:f1:dc:bd:45:77:b4:87:b1:96:3f:76:86:98:aa:7f:dc:b8:
         d4:24:f3:b4:91:50:8e:28:43:c3:51:2c:f2:d6:43:6d:20:15:
         55:99:84:ff:2f:02:f6:83:8e:74:64:6a:16:c3:1c:a4:2f:c0:
         82:de:ac:fc:d5:d2:6b:97:cf:aa:8a:e5:cd:62:02:00:1b:70:
         fc:00:96:3d:15:15:cf:1d:96:20:ac:eb:93:45:35:b8:94:d2:
         e4:ba:21:ea:aa:f4:b5:6b:1f:39:f1:56:5c:f6:7d:d6:0a:05:
         33:20:70:5f:41:90:9d:9e:0b:6d:d3:2b:0b:a4:06:d2:fb:c1:
         9e:0c:0e:ad:5c:f8:a7:7b:e6:79:b6:09:26:5d:76:d9:82:0b:
         b3:cd:a5:25
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUMwIFNFaDkEDxp9+kqYza6jv5V+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkM5RkQzMDBERkQ3NjFBRkRBOTUwQ0U5Nzk1OTlCQkUz
MTZCQjEzQzAeFw0yNTA1MjExMDU1MDFaFw0yNjA1MjAxMTAwMDFaMDMxMTAvBgNV
BAMTKDNCQ0RDREQ0OUIwODE1NzJDRDdGRTY1Q0ZCREQ4QTYwMkI0MDk2NDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqtDIs4D1PWtkCdOtSdiKEFm3B
sQhH44HW5SOD0EKEp2HbbIDMdueqrEoILfbncbMtNks/rfuNhmXeP9VEVZR2S78x
bGyP3DyZeVwEdiMMyERLb37meyHgW/yefGVJOHyPVM5V8kgjLKyvlrynD2OBimmF
7XrVt6O5LYhaf+GybyDC3ZQ4GT10dv3YTd99mq9Wn6HZzibL44zF3Yu8vZyKYmVo
CJlJDRjqpfYWGKrSjBlnaMIvYhLxqrgFVhizcbwPxW0C+dxM+yuaQzlCS9RPk7ut
Hcr6xUig22+7ipwSlq+5ojJ9hJO9PUcH5f5hTa8pAcLMCUR2kxlicHZ0TwOTAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUO83N1JsIFXLNf+Zc+92KYCtAlkMwHwYDVR0j
BBgwFoAUbJ/TAN/XYa/alQzpeVmbvjFrsTwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
MzI5NzkzZS04ZjE4LTQxMTYtOTI2OC1hMTMzZGFmMTFjZWYvMS82QzlGRDMwMERG
RDc2MUFGREE5NTBDRTk3OTU5OUJCRTMxNkJCMTNDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNkM5RkQzMDBERkQ3NjFBRkRBOTUwQ0U5Nzk1OTlCQkUzMTZC
QjEzQy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkzMjk3OTNlLThmMTgtNDExNi05
MjY4LWExMzNkYWYxMWNlZi8xLzMxMzAzMzJlMzIzMjM4MmUzMTM4MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNTMwMzkzODM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+QSMA0GCSqG
SIb3DQEBCwUAA4IBAQAlUukHUb/GIKQPc1O0gDnOyIFgwuDLWITFHplLbmEx4KkB
JZJhrrZsPXPbCvWtz6pVkCa1V4DEd44K8Msnst91Mdib/Ol796V39YRl04eyaARD
/uVsLZiIeB+lOr5MvYG/IvsgZLS9wX3mBCD98dy9RXe0h7GWP3aGmKp/3LjUJPO0
kVCOKEPDUSzy1kNtIBVVmYT/LwL2g450ZGoWwxykL8CC3qz81dJrl8+qiuXNYgIA
G3D8AJY9FRXPHZYgrOuTRTW4lNLkuiHqqvS1ax858VZc9n3WCgUzIHBfQZCdngtt
0ysLpAbS+8GeDA6tXPine+Z5tgkmXXbZgguzzaUl
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:35:38 2025 by rpki-client