Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9422.roa
File:                     AS9422.roa (raw, json)
Hash identifier:          jRJKItaReNhmuvK2NOQMDrp8jv/uNAghQqj6yTefvFU=
Subject key identifier:   B4:38:5A:EF:7C:B8:E3:C4:09:A9:E7:60:B8:C1:07:49:3E:4B:99:16
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       71E6FBDABC7B1DB7FD30D44EEAFBD57A276FC0
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9422.roa
Signing time:             Fri 01 Mar 2024 07:00:00 +0000
ROA not before:           Fri 01 Mar 2024 06:55:00 +0000
ROA not after:            Fri 28 Feb 2025 07:00:00 +0000
asID:                     9422
IP address blocks:        103.173.128.0/24 maxlen: 24
                          103.248.217.0/24 maxlen: 24
                          103.248.218.0/24 maxlen: 24
                          2407:7c0:100::/40 maxlen: 48
                          2407:7c0:9422::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 20:39:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:e6:fb:da:bc:7b:1d:b7:fd:30:d4:4e:ea:fb:d5:7a:27:6f:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Mar  1 06:55:00 2024 GMT
            Not After : Feb 28 07:00:00 2025 GMT
        Subject: CN=B4385AEF7CB8E3C409A9E760B8C107493E4B9916
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:57:5b:01:1f:41:e9:a8:11:45:74:e8:40:44:
                    b3:ce:d4:30:0f:61:83:13:eb:a6:08:64:b5:2e:0a:
                    e8:ce:c1:fe:ae:0f:0f:33:52:c1:19:06:2e:e6:88:
                    3a:3f:9c:3a:79:1d:33:42:81:fd:61:9a:4d:0d:5b:
                    72:13:03:f2:10:7e:13:cc:19:ac:1e:78:93:17:3c:
                    d5:19:82:17:40:2c:e1:df:98:3a:6d:eb:ad:80:3b:
                    5b:1d:16:b0:e5:34:62:92:55:c7:6e:d5:88:1a:00:
                    b3:e7:29:24:0a:4f:f4:a5:a4:0d:bd:60:9a:e9:33:
                    60:23:18:9a:25:f0:65:df:f9:a9:1b:22:e6:ea:de:
                    75:6b:9c:87:43:8d:ef:c8:b0:62:27:dc:e7:86:a8:
                    86:0b:43:49:06:8d:e5:1c:10:63:f4:a0:7a:f8:ff:
                    00:6a:ce:c7:7d:6c:0f:5b:30:e1:c4:72:1a:b1:70:
                    fc:c6:be:88:5b:9d:f0:e0:7b:7e:29:10:aa:e7:40:
                    5b:3c:36:b1:8c:dd:64:bf:e0:0a:cc:16:f5:a8:0d:
                    35:30:4e:42:b1:e5:b6:94:b2:81:eb:6a:fd:5a:1b:
                    02:34:b7:77:91:75:c6:79:3a:af:e6:4d:70:de:be:
                    50:ee:23:f6:96:bd:32:9f:53:07:33:5b:fc:5b:05:
                    46:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:38:5A:EF:7C:B8:E3:C4:09:A9:E7:60:B8:C1:07:49:3E:4B:99:16
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS9422.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.173.128.0/24
                  103.248.217.0-103.248.218.255
                IPv6:
                  2407:7c0:100::/40
                  2407:7c0:9422::/48

    Signature Algorithm: sha256WithRSAEncryption
         28:63:5f:85:ba:5e:82:af:d7:5b:1a:d9:f3:0c:0a:98:a7:81:
         8b:d0:1a:6a:56:fe:11:4a:08:b9:d2:a7:00:b4:4e:fb:8f:79:
         f2:21:9a:b6:ce:a0:e3:95:36:ff:e3:22:80:af:90:c3:ec:1f:
         23:c9:2f:61:7f:2a:cb:19:d8:3b:3b:9d:14:e2:bd:e6:f4:57:
         3f:58:0d:78:f7:47:f3:15:9b:e7:bf:d0:53:d8:1a:c6:db:2d:
         16:55:85:2a:40:b1:99:6a:df:11:bb:92:fd:9d:de:58:a6:47:
         5c:d1:da:01:9a:4f:a5:b9:45:39:fd:71:ca:5a:20:f0:6e:37:
         f6:8a:fb:19:88:e4:a7:a7:7a:c6:22:b1:1d:fa:49:53:6f:e7:
         e6:19:30:32:28:8d:b9:2a:a6:35:2d:c3:14:42:63:e7:32:f5:
         81:f3:39:62:44:58:6e:2d:55:6c:f8:0a:c1:9f:4e:b7:7e:4f:
         8a:bd:d5:b8:5c:13:ec:a2:1a:d4:28:37:01:be:ee:7a:cd:a5:
         28:15:9d:3f:22:5d:0d:e9:af:99:99:03:e7:8d:94:f5:7c:a8:
         a6:7b:07:27:1e:73:4e:41:ad:2c:14:10:f3:ed:3a:23:29:a8:
         d5:fb:5c:73:d2:1c:6c:a6:eb:d5:0c:21:01:a3:44:ce:16:b6:
         6c:82:f5:bb
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgITceb72rx7Hbf9MNRO6vvVeidvwDANBgkqhkiG9w0BAQsF
ADBKMRUwEwYDVQQDEwxBOTE4NjIxNDAwMDAxMTAvBgNVBAUTKEJBOEY3N0QyMUU1
OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIwHhcNMjQwMzAxMDY1NTAwWhcN
MjUwMjI4MDcwMDAwWjAzMTEwLwYDVQQDEyhCNDM4NUFFRjdDQjhFM0M0MDlBOUU3
NjBCOEMxMDc0OTNFNEI5OTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq1dbAR9B6agRRXToQESzztQwD2GDE+umCGS1LgrozsH+rg8PM1LBGQYu5og6
P5w6eR0zQoH9YZpNDVtyEwPyEH4TzBmsHniTFzzVGYIXQCzh35g6beutgDtbHRaw
5TRiklXHbtWIGgCz5ykkCk/0paQNvWCa6TNgIxiaJfBl3/mpGyLm6t51a5yHQ43v
yLBiJ9znhqiGC0NJBo3lHBBj9KB6+P8Aas7HfWwPWzDhxHIasXD8xr6IW53w4Ht+
KRCq50BbPDaxjN1kv+AKzBb1qA01ME5CseW2lLKB62r9WhsCNLd3kXXGeTqv5k1w
3r5Q7iP2lr0yn1MHM1v8WwVGdwIDAQABo4IB9TCCAfEwHQYDVR0OBBYEFLQ4Wu98
uOPECannYLjBB0k+S5kWMB8GA1UdIwQYMBaAFLqPd9IeWP6ck5prcOJYVhfhgzdr
MA4GA1UdDwEB/wQEAwIHgDBpBgNVHR8EYjBgMF6gXKBahlhyc3luYzovL3JlcG8t
cnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0JBOEY3N0QyMUU1OEZFOUM5
MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggr
BgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdF
RjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3VvOTMwaDVZX3B5VG1tdHc0bGhX
Ri1HRE4ycy5jZXIwUgYIKwYBBQUHAQsERjBEMEIGCCsGAQUFBzALhjZyc3luYzov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FTOTQyMi5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBGBggrBgEFBQcBBwEB/wQ3MDUwGgQC
AAEwFAMEAGetgDAMAwQAZ/jZAwQAZ/jaMBcEAgACMBEDBgAkBwfAAQMHACQHB8CU
IjANBgkqhkiG9w0BAQsFAAOCAQEAKGNfhbpegq/XWxrZ8wwKmKeBi9Aaalb+EUoI
udKnALRO+4958iGats6g45U2/+MigK+Qw+wfI8kvYX8qyxnYOzudFOK95vRXP1gN
ePdH8xWb57/QU9gaxtstFlWFKkCxmWrfEbuS/Z3eWKZHXNHaAZpPpblFOf1xylog
8G439or7GYjkp6d6xiKxHfpJU2/n5hkwMiiNuSqmNS3DFEJj5zL1gfM5YkRYbi1V
bPgKwZ9Ot35Pir3VuFwT7KIa1Cg3Ab7ues2lKBWdPyJdDemvmZkD542U9XyopnsH
Jx5zTkGtLBQQ8+06Iymo1ftcc9IcbKbr1QwhAaNEzha2bIL1uw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:14:28 2024 by rpki-client on console-fra.rpki-client.org