Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/96bb333c-982b-4fce-ac81-bc069229e243/0/3130332e3132372e3134342e302f32332d3233203d3e203633383732.roa
File:                     3130332e3132372e3134342e302f32332d3233203d3e203633383732.roa (raw, json)
Hash identifier:          WwxwZlv3TUa9yicqgZtEOiKWXTIZnKX9bVQhI95JUio=
Subject key identifier:   AF:E0:48:28:5C:74:7E:4D:61:DC:1B:1B:5D:0E:81:45:29:C9:49:E7
Certificate issuer:       /CN=6D6BAEDBFDBBAA46BF3DA2185570771627BE7B19
Certificate serial:       63A59EFCD63B861CCC5EEE97CEB5EB82BBAFFADB
Authority key identifier: 6D:6B:AE:DB:FD:BB:AA:46:BF:3D:A2:18:55:70:77:16:27:BE:7B:19
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6D6BAEDBFDBBAA46BF3DA2185570771627BE7B19.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/96bb333c-982b-4fce-ac81-bc069229e243/0/3130332e3132372e3134342e302f32332d3233203d3e203633383732.roa
Signing time:             Mon 01 Jul 2024 01:05:52 +0000
ROA not before:           Mon 01 Jul 2024 01:00:52 +0000
ROA not after:            Mon 30 Jun 2025 01:05:52 +0000
asID:                     63872
IP address blocks:        103.127.144.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/96bb333c-982b-4fce-ac81-bc069229e243/0/6D6BAEDBFDBBAA46BF3DA2185570771627BE7B19.crl
                          rsync://repo-rpki.idnic.net/repo/96bb333c-982b-4fce-ac81-bc069229e243/0/6D6BAEDBFDBBAA46BF3DA2185570771627BE7B19.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6D6BAEDBFDBBAA46BF3DA2185570771627BE7B19.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 05:54:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:a5:9e:fc:d6:3b:86:1c:cc:5e:ee:97:ce:b5:eb:82:bb:af:fa:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6D6BAEDBFDBBAA46BF3DA2185570771627BE7B19
        Validity
            Not Before: Jul  1 01:00:52 2024 GMT
            Not After : Jun 30 01:05:52 2025 GMT
        Subject: CN=AFE048285C747E4D61DC1B1B5D0E814529C949E7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:7e:1d:88:61:f9:ba:59:f3:80:5d:3b:90:36:
                    fe:90:3a:da:7d:3c:23:00:dd:45:d9:85:ff:ca:69:
                    1e:31:b8:ed:e8:90:79:42:de:cd:98:f2:26:a8:99:
                    d2:d2:d2:f2:56:bb:97:73:d8:f0:ca:54:c2:0d:19:
                    86:4f:c3:5e:7c:0f:e2:bb:1f:3b:04:e6:dd:7c:0d:
                    f0:ff:5f:fa:36:41:3d:c4:b6:32:f4:18:41:38:16:
                    fa:fc:5b:75:f7:86:1f:d3:e2:33:58:6e:a3:bb:4f:
                    a1:4d:57:c1:2b:00:82:bd:f8:c6:71:0b:93:36:d3:
                    de:1f:31:6c:e5:61:3a:13:bf:73:59:16:8f:b4:a1:
                    8e:43:e0:75:c1:88:03:b8:dd:33:df:52:70:c4:85:
                    ee:51:6b:ff:95:16:aa:ac:1e:d8:0f:19:9d:7c:6d:
                    5d:dd:a6:57:f6:85:5b:e5:eb:b7:44:ba:24:62:88:
                    91:1a:fd:a5:20:ad:89:50:d2:d4:63:dd:7f:01:0c:
                    09:5b:07:5f:bf:dc:34:c6:c6:4a:05:5f:95:13:ec:
                    ef:0c:c9:39:6c:ca:02:0d:cb:98:4e:b6:ee:69:b5:
                    2c:1b:10:de:f0:a2:e3:35:76:41:f8:45:cc:d9:e6:
                    92:51:5b:1d:5f:d1:f9:f8:45:58:51:bf:12:a3:e3:
                    55:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:E0:48:28:5C:74:7E:4D:61:DC:1B:1B:5D:0E:81:45:29:C9:49:E7
            X509v3 Authority Key Identifier:
                keyid:6D:6B:AE:DB:FD:BB:AA:46:BF:3D:A2:18:55:70:77:16:27:BE:7B:19

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/96bb333c-982b-4fce-ac81-bc069229e243/0/6D6BAEDBFDBBAA46BF3DA2185570771627BE7B19.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6D6BAEDBFDBBAA46BF3DA2185570771627BE7B19.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/96bb333c-982b-4fce-ac81-bc069229e243/0/3130332e3132372e3134342e302f32332d3233203d3e203633383732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.127.144.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3e:2a:38:68:7f:66:4f:48:3f:cd:99:60:b4:49:6d:b8:cf:27:
         8c:ef:c4:a3:d8:a3:f8:9a:33:74:93:32:ae:be:be:e6:28:39:
         6b:52:dd:52:46:b6:d5:2e:dd:fd:bc:f0:5d:79:78:35:0c:18:
         37:a8:d0:90:e9:77:18:12:f0:3b:a7:89:39:83:f3:75:f7:84:
         d4:4e:d7:8d:38:5a:0f:12:9b:14:68:94:5c:2a:c3:3c:d7:d3:
         a1:a2:ce:4d:c5:82:0f:0d:b2:ae:83:1e:d8:04:58:67:fd:c2:
         e7:f2:8e:a1:28:c2:eb:64:13:e0:f0:45:61:da:92:f8:c6:36:
         97:0d:1a:a9:ef:86:20:bc:4c:61:8c:50:1a:71:b2:a4:4c:65:
         39:cc:90:ab:0f:e4:c2:62:ef:fc:b2:31:95:c8:24:fd:fb:d7:
         9e:cd:e4:9e:02:20:dd:3e:4a:95:48:e4:4e:77:a2:d7:a7:bd:
         5c:1e:0f:e7:03:6c:df:e7:74:f3:17:c5:98:e4:c6:4b:09:d6:
         44:89:32:88:0c:69:9a:27:8c:29:bc:55:f9:5e:bf:aa:ff:b5:
         42:04:bb:8e:7f:56:34:2a:87:03:4d:db:6e:7d:16:f9:1a:e2:
         e9:b1:c4:11:6a:92:13:d2:7d:b9:1b:e4:f8:12:f9:79:31:6b:
         1a:a3:88:18
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUY6We/NY7hhzMXu6XzrXrgruv+tswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkQ2QkFFREJGREJCQUE0NkJGM0RBMjE4NTU3MDc3MTYy
N0JFN0IxOTAeFw0yNDA3MDEwMTAwNTJaFw0yNTA2MzAwMTA1NTJaMDMxMTAvBgNV
BAMTKEFGRTA0ODI4NUM3NDdFNEQ2MURDMUIxQjVEMEU4MTQ1MjlDOTQ5RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLfh2IYfm6WfOAXTuQNv6QOtp9
PCMA3UXZhf/KaR4xuO3okHlC3s2Y8iaomdLS0vJWu5dz2PDKVMINGYZPw158D+K7
HzsE5t18DfD/X/o2QT3EtjL0GEE4Fvr8W3X3hh/T4jNYbqO7T6FNV8ErAIK9+MZx
C5M2094fMWzlYToTv3NZFo+0oY5D4HXBiAO43TPfUnDEhe5Ra/+VFqqsHtgPGZ18
bV3dplf2hVvl67dEuiRiiJEa/aUgrYlQ0tRj3X8BDAlbB1+/3DTGxkoFX5UT7O8M
yTlsygINy5hOtu5ptSwbEN7wouM1dkH4RczZ5pJRWx1f0fn4RVhRvxKj41VRAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUr+BIKFx0fk1h3BsbXQ6BRSnJSecwHwYDVR0j
BBgwFoAUbWuu2/27qka/PaIYVXB3Fie+exkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
NmJiMzMzYy05ODJiLTRmY2UtYWM4MS1iYzA2OTIyOWUyNDMvMC82RDZCQUVEQkZE
QkJBQTQ2QkYzREEyMTg1NTcwNzcxNjI3QkU3QjE5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNkQ2QkFFREJGREJCQUE0NkJGM0RBMjE4NTU3MDc3MTYyN0JF
N0IxOS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk2YmIzMzNjLTk4MmItNGZjZS1h
YzgxLWJjMDY5MjI5ZTI0My8wLzMxMzAzMzJlMzEzMjM3MmUzMTM0MzQyZTMwMmYz
MjMzMmQzMjMzMjAzZDNlMjAzNjMzMzgzNzMyLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ3+QMA0GCSqG
SIb3DQEBCwUAA4IBAQA+Kjhof2ZPSD/NmWC0SW24zyeM78Sj2KP4mjN0kzKuvr7m
KDlrUt1SRrbVLt39vPBdeXg1DBg3qNCQ6XcYEvA7p4k5g/N194TUTteNOFoPEpsU
aJRcKsM819Ohos5NxYIPDbKugx7YBFhn/cLn8o6hKMLrZBPg8EVh2pL4xjaXDRqp
74YgvExhjFAacbKkTGU5zJCrD+TCYu/8sjGVyCT9+9eezeSeAiDdPkqVSOROd6LX
p71cHg/nA2zf53TzF8WY5MZLCdZEiTKIDGmaJ4wpvFX5Xr+q/7VCBLuOf1Y0KocD
TdtufRb5GuLpscQRapIT0n25G+T4Evl5MWsao4gY
-----END CERTIFICATE-----
Generated at Tue Nov 26 04:35:17 2024 by rpki-client on console-fra.rpki-client.org