Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/c303e6bb-7349-47aa-a4cd-51d8a0e222f6/0/323430323a353638303a393961303a3a2f34342d3434203d3e20313333373938.roa
File:                     323430323a353638303a393961303a3a2f34342d3434203d3e20313333373938.roa (raw, json)
Hash identifier:          KhCGAn5Kk3CYjz0rekRNlTGHu3vxrYlqyMfbtaJ5Tgk=
Subject key identifier:   EF:EE:AF:00:5D:7E:A4:6D:7B:BE:26:79:19:90:47:16:7F:F8:84:7C
Certificate issuer:       /CN=347A275985EAE5BC9BA6C5CB929C06FA84C16B39
Certificate serial:       7BCB80E372AE09CA09F32C05A00E5B6CADB35EF8
Authority key identifier: 34:7A:27:59:85:EA:E5:BC:9B:A6:C5:CB:92:9C:06:FA:84:C1:6B:39
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/347A275985EAE5BC9BA6C5CB929C06FA84C16B39.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c303e6bb-7349-47aa-a4cd-51d8a0e222f6/0/323430323a353638303a393961303a3a2f34342d3434203d3e20313333373938.roa
Signing time:             Tue 27 May 2025 16:59:32 +0000
ROA not before:           Tue 27 May 2025 16:54:32 +0000
ROA not after:            Tue 26 May 2026 16:59:32 +0000
asID:                     133798
IP address blocks:        2402:5680:99a0::/44 maxlen: 44
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/c303e6bb-7349-47aa-a4cd-51d8a0e222f6/0/347A275985EAE5BC9BA6C5CB929C06FA84C16B39.crl
                          rsync://repo-rpki.idnic.net/repo/c303e6bb-7349-47aa-a4cd-51d8a0e222f6/0/347A275985EAE5BC9BA6C5CB929C06FA84C16B39.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/347A275985EAE5BC9BA6C5CB929C06FA84C16B39.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 11 Jun 2025 03:11:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:cb:80:e3:72:ae:09:ca:09:f3:2c:05:a0:0e:5b:6c:ad:b3:5e:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347A275985EAE5BC9BA6C5CB929C06FA84C16B39
        Validity
            Not Before: May 27 16:54:32 2025 GMT
            Not After : May 26 16:59:32 2026 GMT
        Subject: CN=EFEEAF005D7EA46D7BBE2679199047167FF8847C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:0d:a4:b3:41:fd:63:59:bf:93:05:4d:81:b7:
                    dd:4d:9b:40:04:8c:f6:33:0f:e4:f1:a3:a7:e1:fe:
                    48:21:f6:54:c1:37:d3:23:d8:79:99:af:28:22:89:
                    a5:13:de:2e:d3:4c:e1:73:95:3c:bd:46:ce:f6:c3:
                    ae:bc:94:03:fe:f3:30:b4:98:2f:a5:7f:3d:42:f6:
                    b6:30:24:f1:b6:60:b7:59:97:61:49:4a:c3:b4:d7:
                    73:cc:97:7c:68:71:19:33:a4:4d:47:26:63:99:17:
                    d9:7a:3b:3b:3a:c6:03:ed:fc:be:79:6b:7c:aa:9d:
                    de:52:98:e1:02:60:25:c6:5d:92:88:79:a8:8d:82:
                    a0:7f:9b:d7:88:db:f3:91:55:83:89:3c:99:d3:38:
                    77:3a:83:64:f8:f4:41:c4:2f:f3:72:b2:bf:26:f3:
                    47:96:68:85:2f:0b:88:8d:a1:a7:60:c7:72:8a:b7:
                    56:7a:36:27:1b:94:93:12:2e:27:d4:2a:95:83:07:
                    aa:dd:9e:31:4d:39:5f:e3:e4:1a:b4:09:6d:d3:0a:
                    37:d4:bb:8d:42:31:63:5f:b5:bf:f7:3e:e4:dc:4a:
                    09:6e:99:1d:d1:6d:09:27:1c:5e:db:fc:a7:8f:6f:
                    54:e2:b1:23:2b:fe:ce:b7:a9:7b:e1:ba:77:70:79:
                    18:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:EE:AF:00:5D:7E:A4:6D:7B:BE:26:79:19:90:47:16:7F:F8:84:7C
            X509v3 Authority Key Identifier:
                keyid:34:7A:27:59:85:EA:E5:BC:9B:A6:C5:CB:92:9C:06:FA:84:C1:6B:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c303e6bb-7349-47aa-a4cd-51d8a0e222f6/0/347A275985EAE5BC9BA6C5CB929C06FA84C16B39.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/347A275985EAE5BC9BA6C5CB929C06FA84C16B39.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c303e6bb-7349-47aa-a4cd-51d8a0e222f6/0/323430323a353638303a393961303a3a2f34342d3434203d3e20313333373938.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2402:5680:99a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         85:af:37:b8:4b:91:3f:95:e2:33:3f:2a:38:cc:ca:25:16:ce:
         31:cb:4c:66:e5:b8:99:bb:5e:f8:51:00:98:9d:1d:c4:9e:e0:
         e0:04:8e:46:28:3b:77:4b:81:01:3e:e0:1a:14:d4:78:07:a1:
         5a:cd:fc:33:c8:68:22:ab:30:d8:73:47:6f:07:47:19:04:b1:
         d8:99:34:44:0c:40:94:32:34:df:22:10:4c:87:a5:7a:22:16:
         06:07:90:43:75:e9:58:8d:d6:61:69:87:70:2d:98:f8:98:b8:
         e8:58:94:d1:d1:4f:0f:ef:6d:7e:0b:65:c0:1c:ca:d7:e0:79:
         f3:78:3b:9d:2f:9f:50:04:a1:67:45:34:0e:ec:bb:98:fc:63:
         05:e4:63:85:47:00:34:bc:7c:66:73:f2:63:7d:e7:14:47:d0:
         59:82:17:1e:90:c4:c0:74:4f:cf:6f:d0:25:47:ba:27:7d:e3:
         bf:53:7f:a0:52:68:ae:51:5c:82:5f:64:3b:25:c7:f4:ab:b8:
         40:59:39:0d:ec:bc:af:46:69:c1:ad:47:0b:35:88:72:20:6d:
         ea:3e:e4:0d:1d:0c:57:37:c0:81:53:0b:48:1a:d5:2d:6f:00:
         7c:17:5c:0b:58:ef:15:07:0a:f7:8c:67:47:61:bb:0e:33:79:
         f3:50:d0:c3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUe8uA43KuCcoJ8ywFoA5bbK2zXvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzQ3QTI3NTk4NUVBRTVCQzlCQTZDNUNCOTI5QzA2RkE4
NEMxNkIzOTAeFw0yNTA1MjcxNjU0MzJaFw0yNjA1MjYxNjU5MzJaMDMxMTAvBgNV
BAMTKEVGRUVBRjAwNUQ3RUE0NkQ3QkJFMjY3OTE5OTA0NzE2N0ZGODg0N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqDaSzQf1jWb+TBU2Bt91Nm0AE
jPYzD+Txo6fh/kgh9lTBN9Mj2HmZrygiiaUT3i7TTOFzlTy9Rs72w668lAP+8zC0
mC+lfz1C9rYwJPG2YLdZl2FJSsO013PMl3xocRkzpE1HJmOZF9l6Ozs6xgPt/L55
a3yqnd5SmOECYCXGXZKIeaiNgqB/m9eI2/ORVYOJPJnTOHc6g2T49EHEL/Nysr8m
80eWaIUvC4iNoadgx3KKt1Z6NicblJMSLifUKpWDB6rdnjFNOV/j5Bq0CW3TCjfU
u41CMWNftb/3PuTcSglumR3RbQknHF7b/KePb1TisSMr/s63qXvhundweRhbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7+6vAF1+pG17viZ5GZBHFn/4hHwwHwYDVR0j
BBgwFoAUNHonWYXq5bybpsXLkpwG+oTBazkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
MzAzZTZiYi03MzQ5LTQ3YWEtYTRjZC01MWQ4YTBlMjIyZjYvMC8zNDdBMjc1OTg1
RUFFNUJDOUJBNkM1Q0I5MjlDMDZGQTg0QzE2QjM5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMzQ3QTI3NTk4NUVBRTVCQzlCQTZDNUNCOTI5QzA2RkE4NEMx
NkIzOS5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2MzMDNlNmJiLTczNDktNDdhYS1h
NGNkLTUxZDhhMGUyMjJmNi8wLzMyMzQzMDMyM2EzNTM2MzgzMDNhMzkzOTYxMzAz
YTNhMmYzNDM0MmQzNDM0MjAzZDNlMjAzMTMzMzMzNzM5Mzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQk
AlaAmaAwDQYJKoZIhvcNAQELBQADggEBAIWvN7hLkT+V4jM/KjjMyiUWzjHLTGbl
uJm7XvhRAJidHcSe4OAEjkYoO3dLgQE+4BoU1HgHoVrN/DPIaCKrMNhzR28HRxkE
sdiZNEQMQJQyNN8iEEyHpXoiFgYHkEN16ViN1mFph3AtmPiYuOhYlNHRTw/vbX4L
ZcAcytfgefN4O50vn1AEoWdFNA7su5j8YwXkY4VHADS8fGZz8mN95xRH0FmCFx6Q
xMB0T89v0CVHuid9479Tf6BSaK5RXIJfZDslx/SruEBZOQ3svK9GacGtRws1iHIg
beo+5A0dDFc3wIFTC0ga1S1vAHwXXAtY7xUHCveMZ0dhuw4zefNQ0MM=
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:34:15 2025 by rpki-client