Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/ea1e0bd7-281a-4eba-b98c-82939327ddd7/0/323030313a6466343a343938303a3a2f34382d3438203d3e20313430343633.roa
File:                     323030313a6466343a343938303a3a2f34382d3438203d3e20313430343633.roa (raw, json)
Hash identifier:          ALvwx2swtpbz8NGxp51wtfjrJRECE+XKLqFSLUrMbz4=
Subject key identifier:   4A:47:75:61:07:60:11:78:5E:14:E1:0C:3E:9E:47:0D:C4:9E:71:4E
Certificate issuer:       /CN=0A1DE6FD88BB9EF4E349C1774DA926E423264796
Certificate serial:       29B879DE097E6BC22139CCB88EC947478BF2127C
Authority key identifier: 0A:1D:E6:FD:88:BB:9E:F4:E3:49:C1:77:4D:A9:26:E4:23:26:47:96
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0A1DE6FD88BB9EF4E349C1774DA926E423264796.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/ea1e0bd7-281a-4eba-b98c-82939327ddd7/0/323030313a6466343a343938303a3a2f34382d3438203d3e20313430343633.roa
Signing time:             Mon 02 Jun 2025 02:04:09 +0000
ROA not before:           Mon 02 Jun 2025 01:59:09 +0000
ROA not after:            Mon 01 Jun 2026 02:04:09 +0000
asID:                     140463
IP address blocks:        2001:df4:4980::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/ea1e0bd7-281a-4eba-b98c-82939327ddd7/0/0A1DE6FD88BB9EF4E349C1774DA926E423264796.crl
                          rsync://repo-rpki.idnic.net/repo/ea1e0bd7-281a-4eba-b98c-82939327ddd7/0/0A1DE6FD88BB9EF4E349C1774DA926E423264796.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0A1DE6FD88BB9EF4E349C1774DA926E423264796.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 11 Jun 2025 18:12:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:b8:79:de:09:7e:6b:c2:21:39:cc:b8:8e:c9:47:47:8b:f2:12:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0A1DE6FD88BB9EF4E349C1774DA926E423264796
        Validity
            Not Before: Jun  2 01:59:09 2025 GMT
            Not After : Jun  1 02:04:09 2026 GMT
        Subject: CN=4A477561076011785E14E10C3E9E470DC49E714E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c1:ed:e4:eb:b1:f5:4e:d5:5f:ca:ec:a0:b2:
                    d3:40:b4:8d:bd:d7:ff:fd:f4:e0:17:58:67:5f:c4:
                    ee:93:af:3e:6f:2c:87:ba:32:19:ed:5a:d3:73:6c:
                    4c:be:bb:84:2d:5f:15:0d:4d:9e:cb:fc:fd:9c:7a:
                    3c:e3:95:6e:76:8b:38:51:20:98:bb:a3:cb:ba:fa:
                    b7:77:c8:cf:b7:53:d8:b8:e6:36:eb:73:8e:6c:cc:
                    14:c4:32:3d:60:5d:a5:e3:4b:ce:60:ed:c0:f4:2c:
                    17:ba:9f:f1:60:8e:d4:86:95:3c:73:fa:fa:c7:a1:
                    b4:16:57:0c:95:7d:bc:0d:8c:2c:f1:97:44:b2:6b:
                    dd:0e:a4:40:78:74:6b:07:2a:6e:85:c4:32:17:a5:
                    31:89:3b:67:cf:9e:eb:a4:4c:9d:3b:db:18:fd:5a:
                    3b:5b:18:09:39:05:d1:d8:e2:d3:12:23:50:d2:85:
                    fb:e5:24:b4:12:5a:6e:bb:c5:8c:ed:80:83:34:1e:
                    dc:1f:9f:93:4d:0c:bf:d2:79:9b:f5:27:9b:88:0f:
                    dd:9d:1f:f1:ed:a0:de:5b:ef:ea:6a:f1:8a:8d:e6:
                    f3:d8:15:ad:85:f6:59:3f:94:99:a4:e9:35:2a:d8:
                    9f:8e:c5:c0:da:1f:07:05:00:0e:f7:24:ac:c3:d7:
                    74:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:47:75:61:07:60:11:78:5E:14:E1:0C:3E:9E:47:0D:C4:9E:71:4E
            X509v3 Authority Key Identifier:
                keyid:0A:1D:E6:FD:88:BB:9E:F4:E3:49:C1:77:4D:A9:26:E4:23:26:47:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/ea1e0bd7-281a-4eba-b98c-82939327ddd7/0/0A1DE6FD88BB9EF4E349C1774DA926E423264796.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0A1DE6FD88BB9EF4E349C1774DA926E423264796.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ea1e0bd7-281a-4eba-b98c-82939327ddd7/0/323030313a6466343a343938303a3a2f34382d3438203d3e20313430343633.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df4:4980::/48

    Signature Algorithm: sha256WithRSAEncryption
         14:bd:64:44:2a:6d:a5:af:6d:52:58:a9:36:b4:0a:d5:23:a1:
         fe:17:82:3c:81:ba:80:da:a8:15:b5:c0:9d:ac:f4:bc:f0:5b:
         da:5d:d9:ca:53:e0:e8:3c:95:61:33:0e:26:78:85:c5:3f:31:
         04:a7:84:90:f2:32:e0:f3:03:c9:f0:a6:8a:94:18:6d:3c:0c:
         2f:b9:ab:98:29:45:8a:2f:0b:e3:02:ab:ae:e2:ad:6b:11:92:
         02:ef:77:c8:4f:6f:29:75:1d:6e:d9:7d:6e:56:3e:7a:ca:71:
         22:c9:80:61:59:f9:e9:b9:8d:dc:f4:ff:c0:d9:31:35:88:0c:
         cb:c8:b3:74:69:19:fd:b3:60:c2:0a:28:ce:dd:b3:1f:a8:53:
         cd:8c:76:39:02:45:19:70:ac:90:7f:d0:b6:9d:17:9b:72:f2:
         8f:73:80:d1:43:e5:da:e5:09:c1:2a:be:65:89:96:ae:ca:68:
         02:36:d6:27:c2:4f:ac:81:ba:12:ae:a8:ad:03:11:8a:8b:ee:
         17:eb:c8:a6:96:d4:42:cd:61:de:fa:4e:fa:f0:49:35:8f:b6:
         e4:b5:30:08:87:80:d1:be:6b:f8:5f:55:e4:c1:ac:09:6c:8d:
         25:39:b8:dd:b8:55:a1:f2:0b:2d:de:af:2a:55:2d:6c:b4:d4:
         d2:2a:e7:62
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKbh53gl+a8IhOcy4jslHR4vyEnwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEExREU2RkQ4OEJCOUVGNEUzNDlDMTc3NERBOTI2RTQy
MzI2NDc5NjAeFw0yNTA2MDIwMTU5MDlaFw0yNjA2MDEwMjA0MDlaMDMxMTAvBgNV
BAMTKDRBNDc3NTYxMDc2MDExNzg1RTE0RTEwQzNFOUU0NzBEQzQ5RTcxNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZwe3k67H1TtVfyuygstNAtI29
1//99OAXWGdfxO6Trz5vLIe6MhntWtNzbEy+u4QtXxUNTZ7L/P2cejzjlW52izhR
IJi7o8u6+rd3yM+3U9i45jbrc45szBTEMj1gXaXjS85g7cD0LBe6n/FgjtSGlTxz
+vrHobQWVwyVfbwNjCzxl0Sya90OpEB4dGsHKm6FxDIXpTGJO2fPnuukTJ072xj9
WjtbGAk5BdHY4tMSI1DShfvlJLQSWm67xYztgIM0Htwfn5NNDL/SeZv1J5uID92d
H/HtoN5b7+pq8YqN5vPYFa2F9lk/lJmk6TUq2J+OxcDaHwcFAA73JKzD13R/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUSkd1YQdgEXheFOEMPp5HDcSecU4wHwYDVR0j
BBgwFoAUCh3m/Yi7nvTjScF3Takm5CMmR5YwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
YTFlMGJkNy0yODFhLTRlYmEtYjk4Yy04MjkzOTMyN2RkZDcvMC8wQTFERTZGRDg4
QkI5RUY0RTM0OUMxNzc0REE5MjZFNDIzMjY0Nzk2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMEExREU2RkQ4OEJCOUVGNEUzNDlDMTc3NERBOTI2RTQyMzI2
NDc5Ni5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2VhMWUwYmQ3LTI4MWEtNGViYS1i
OThjLTgyOTM5MzI3ZGRkNy8wLzMyMzAzMDMxM2E2NDY2MzQzYTM0MzkzODMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNDMwMzQzNjMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
9EmAMA0GCSqGSIb3DQEBCwUAA4IBAQAUvWREKm2lr21SWKk2tArVI6H+F4I8gbqA
2qgVtcCdrPS88FvaXdnKU+DoPJVhMw4meIXFPzEEp4SQ8jLg8wPJ8KaKlBhtPAwv
uauYKUWKLwvjAquu4q1rEZIC73fIT28pdR1u2X1uVj56ynEiyYBhWfnpuY3c9P/A
2TE1iAzLyLN0aRn9s2DCCijO3bMfqFPNjHY5AkUZcKyQf9C2nRebcvKPc4DRQ+Xa
5QnBKr5liZauymgCNtYnwk+sgboSrqitAxGKi+4X68imltRCzWHe+k768Ek1j7bk
tTAIh4DRvmv4X1XkwawJbI0lObjduFWh8gst3q8qVS1stNTSKudi
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:34:20 2025 by rpki-client