Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/ba9f81cb-5a59-40f3-86a0-cde5b94cef86/0/3130332e3130322e3135312e302f32342d3234203d3e20313331373036.roa
File:                     3130332e3130322e3135312e302f32342d3234203d3e20313331373036.roa (raw, json)
Hash identifier:          fIAZJQRdc8KtDMugJm1HvAiImbOSq132x0qDhsfcvRU=
Subject key identifier:   A4:73:AC:5D:D0:1E:02:E4:F2:24:3B:D8:D4:87:B0:04:4F:4C:44:2B
Certificate issuer:       /CN=18E9DC5BACAAE68D1C9F50698256E0EDEF9A5169
Certificate serial:       7E5A04BE8805E50099512E16C217C117F7872A9F
Authority key identifier: 18:E9:DC:5B:AC:AA:E6:8D:1C:9F:50:69:82:56:E0:ED:EF:9A:51:69
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/18E9DC5BACAAE68D1C9F50698256E0EDEF9A5169.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/ba9f81cb-5a59-40f3-86a0-cde5b94cef86/0/3130332e3130322e3135312e302f32342d3234203d3e20313331373036.roa
Signing time:             Mon 05 Aug 2024 05:01:26 +0000
ROA not before:           Mon 05 Aug 2024 04:56:26 +0000
ROA not after:            Mon 04 Aug 2025 05:01:26 +0000
asID:                     131706
IP address blocks:        103.102.151.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/ba9f81cb-5a59-40f3-86a0-cde5b94cef86/0/18E9DC5BACAAE68D1C9F50698256E0EDEF9A5169.crl
                          rsync://repo-rpki.idnic.net/repo/ba9f81cb-5a59-40f3-86a0-cde5b94cef86/0/18E9DC5BACAAE68D1C9F50698256E0EDEF9A5169.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/18E9DC5BACAAE68D1C9F50698256E0EDEF9A5169.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Nov 2024 06:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:5a:04:be:88:05:e5:00:99:51:2e:16:c2:17:c1:17:f7:87:2a:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18E9DC5BACAAE68D1C9F50698256E0EDEF9A5169
        Validity
            Not Before: Aug  5 04:56:26 2024 GMT
            Not After : Aug  4 05:01:26 2025 GMT
        Subject: CN=A473AC5DD01E02E4F2243BD8D487B0044F4C442B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:15:46:29:dd:ab:2a:ac:62:f2:6d:28:60:6c:
                    ff:d3:40:fa:ae:ae:d6:97:98:2c:43:30:bb:48:af:
                    b7:27:2a:72:54:b6:c4:62:24:30:7f:56:df:66:55:
                    de:8c:02:ab:66:af:51:b5:54:79:ad:8e:ea:fc:4a:
                    34:b6:d1:bf:a4:a9:a4:e7:2c:e3:3e:b6:05:3f:f7:
                    b1:7a:13:65:93:12:d6:e4:6a:5a:36:8f:64:77:ee:
                    45:8b:4d:f5:57:97:97:0e:83:d1:2e:3c:81:ba:6a:
                    2e:36:a8:d3:15:a1:f1:0c:c0:e4:6a:c8:21:05:f5:
                    eb:0f:bb:23:cf:0e:7b:2d:3c:a6:ba:cf:2b:98:92:
                    a9:55:36:8c:e7:08:fa:27:c0:82:34:4f:2d:8e:30:
                    8c:d0:0b:ba:d8:6f:39:fb:e4:10:ef:76:39:e2:6b:
                    ee:9a:c3:d3:0f:9b:2d:ee:b7:3e:96:18:84:b7:17:
                    b1:13:d1:44:d9:fa:4a:7f:37:e4:f9:00:83:98:f6:
                    c9:72:9f:25:12:8c:1d:78:5e:4e:1e:a3:65:fc:f4:
                    21:a5:63:64:68:31:99:27:e4:5d:85:80:ce:05:80:
                    5d:d4:1f:88:61:bb:ab:7c:96:a8:70:7b:5d:75:8a:
                    b2:6d:6e:3e:67:63:cf:16:cf:83:fa:b3:7f:28:73:
                    56:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:73:AC:5D:D0:1E:02:E4:F2:24:3B:D8:D4:87:B0:04:4F:4C:44:2B
            X509v3 Authority Key Identifier:
                keyid:18:E9:DC:5B:AC:AA:E6:8D:1C:9F:50:69:82:56:E0:ED:EF:9A:51:69

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/ba9f81cb-5a59-40f3-86a0-cde5b94cef86/0/18E9DC5BACAAE68D1C9F50698256E0EDEF9A5169.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/18E9DC5BACAAE68D1C9F50698256E0EDEF9A5169.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ba9f81cb-5a59-40f3-86a0-cde5b94cef86/0/3130332e3130322e3135312e302f32342d3234203d3e20313331373036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.102.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:d2:44:f3:c2:28:19:f2:3f:e0:82:77:a6:88:05:7c:12:db:
         11:f6:86:9f:8d:39:8a:da:04:a9:57:0e:fe:45:2e:21:e7:58:
         1b:b1:50:d8:34:62:57:a9:2e:33:f9:c1:dd:d2:47:a7:bd:56:
         73:10:52:b7:c8:55:6e:9f:b7:b5:13:90:41:23:6e:2c:4b:d9:
         a3:14:ae:b5:28:43:e1:35:2b:5c:da:2f:19:2d:58:f9:e8:23:
         c3:e5:21:cf:cd:1f:59:33:2d:14:91:3e:87:3b:ec:d1:0e:c6:
         d1:37:bd:42:a2:81:df:d7:b2:e3:64:d3:da:15:f4:91:5c:be:
         0c:31:55:e7:05:d7:2e:b6:6f:73:2a:93:87:38:18:c2:eb:01:
         dc:45:65:ce:f9:2d:20:ee:27:16:cd:88:fd:94:d0:5d:c9:d2:
         1a:d7:a2:dc:10:7c:2a:9d:d1:ce:51:de:1d:d9:04:6f:24:43:
         92:5d:e6:4b:c1:72:3d:0b:a1:89:86:32:86:60:14:12:df:39:
         48:3f:c6:e9:7f:06:a1:69:af:5a:20:17:cd:8b:cd:dc:f4:6c:
         51:60:89:e1:e7:ad:56:b2:9b:d8:60:92:c0:9b:6d:86:72:f8:
         fd:0a:9f:18:e9:f7:09:5f:7a:f8:80:74:70:15:cc:2b:c0:68:
         d6:9f:56:1d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUfloEvogF5QCZUS4WwhfBF/eHKp8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMThFOURDNUJBQ0FBRTY4RDFDOUY1MDY5ODI1NkUwRURF
RjlBNTE2OTAeFw0yNDA4MDUwNDU2MjZaFw0yNTA4MDQwNTAxMjZaMDMxMTAvBgNV
BAMTKEE0NzNBQzVERDAxRTAyRTRGMjI0M0JEOEQ0ODdCMDA0NEY0QzQ0MkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJFUYp3asqrGLybShgbP/TQPqu
rtaXmCxDMLtIr7cnKnJUtsRiJDB/Vt9mVd6MAqtmr1G1VHmtjur8SjS20b+kqaTn
LOM+tgU/97F6E2WTEtbkalo2j2R37kWLTfVXl5cOg9EuPIG6ai42qNMVofEMwORq
yCEF9esPuyPPDnstPKa6zyuYkqlVNoznCPonwII0Ty2OMIzQC7rYbzn75BDvdjni
a+6aw9MPmy3utz6WGIS3F7ET0UTZ+kp/N+T5AIOY9slynyUSjB14Xk4eo2X89CGl
Y2RoMZkn5F2FgM4FgF3UH4hhu6t8lqhwe111irJtbj5nY88Wz4P6s38oc1aZAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUpHOsXdAeAuTyJDvY1IewBE9MRCswHwYDVR0j
BBgwFoAUGOncW6yq5o0cn1Bpglbg7e+aUWkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
YTlmODFjYi01YTU5LTQwZjMtODZhMC1jZGU1Yjk0Y2VmODYvMC8xOEU5REM1QkFD
QUFFNjhEMUM5RjUwNjk4MjU2RTBFREVGOUE1MTY5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMThFOURDNUJBQ0FBRTY4RDFDOUY1MDY5ODI1NkUwRURFRjlB
NTE2OS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JhOWY4MWNiLTVhNTktNDBmMy04
NmEwLWNkZTViOTRjZWY4Ni8wLzMxMzAzMzJlMzEzMDMyMmUzMTM1MzEyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzEzNzMwMzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnZpcwDQYJ
KoZIhvcNAQELBQADggEBABHSRPPCKBnyP+CCd6aIBXwS2xH2hp+NOYraBKlXDv5F
LiHnWBuxUNg0YlepLjP5wd3SR6e9VnMQUrfIVW6ft7UTkEEjbixL2aMUrrUoQ+E1
K1zaLxktWPnoI8PlIc/NH1kzLRSRPoc77NEOxtE3vUKigd/XsuNk09oV9JFcvgwx
VecF1y62b3Mqk4c4GMLrAdxFZc75LSDuJxbNiP2U0F3J0hrXotwQfCqd0c5R3h3Z
BG8kQ5Jd5kvBcj0LoYmGMoZgFBLfOUg/xul/BqFpr1ogF82Lzdz0bFFgieHnrVay
m9hgksCbbYZy+P0Knxjp9wlfeviAdHAVzCvAaNafVh0=
-----END CERTIFICATE-----
Generated at Thu Nov 21 06:48:40 2024 by rpki-client on console-fra.rpki-client.org