Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/f1eed09c-6068-407a-b0a6-59b7d0b87855/0/3130332e3136302e3133362e302f32342d3234203d3e20313431353838.roa
File:                     3130332e3136302e3133362e302f32342d3234203d3e20313431353838.roa (raw, json)
Hash identifier:          oUBWXXStIDyPZSiCAParv1979xKJJMQyaI/tmorNEfQ=
Subject key identifier:   17:B7:0A:C2:3E:C9:A3:C7:9F:03:B1:89:A8:D0:07:60:5F:E1:F3:D3
Certificate issuer:       /CN=07479445ACFB5044B3A1BCAAD626072CABEA5C10
Certificate serial:       5F8AC5DC6954F4FC825D62AFF356CF9EB4BC8344
Authority key identifier: 07:47:94:45:AC:FB:50:44:B3:A1:BC:AA:D6:26:07:2C:AB:EA:5C:10
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/07479445ACFB5044B3A1BCAAD626072CABEA5C10.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/f1eed09c-6068-407a-b0a6-59b7d0b87855/0/3130332e3136302e3133362e302f32342d3234203d3e20313431353838.roa
Signing time:             Sat 08 Mar 2025 06:01:44 +0000
ROA not before:           Sat 08 Mar 2025 05:56:44 +0000
ROA not after:            Sat 07 Mar 2026 06:01:44 +0000
asID:                     141588
IP address blocks:        103.160.136.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/f1eed09c-6068-407a-b0a6-59b7d0b87855/0/07479445ACFB5044B3A1BCAAD626072CABEA5C10.crl
                          rsync://repo-rpki.idnic.net/repo/f1eed09c-6068-407a-b0a6-59b7d0b87855/0/07479445ACFB5044B3A1BCAAD626072CABEA5C10.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/07479445ACFB5044B3A1BCAAD626072CABEA5C10.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 22 Apr 2025 18:20:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:8a:c5:dc:69:54:f4:fc:82:5d:62:af:f3:56:cf:9e:b4:bc:83:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07479445ACFB5044B3A1BCAAD626072CABEA5C10
        Validity
            Not Before: Mar  8 05:56:44 2025 GMT
            Not After : Mar  7 06:01:44 2026 GMT
        Subject: CN=17B70AC23EC9A3C79F03B189A8D007605FE1F3D3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:6e:c5:0b:8b:62:bb:f7:30:04:b1:f9:93:bc:
                    0f:b7:5c:f9:61:56:e6:20:cc:1d:61:8a:0a:77:f4:
                    90:77:e3:2c:ba:2f:83:9f:e5:f6:6e:1e:21:6d:46:
                    ae:80:d0:c3:22:e3:d8:e3:5a:a7:b5:75:08:da:6e:
                    8e:26:09:a7:32:22:51:ee:24:8f:92:5b:c0:2a:68:
                    00:f3:99:0a:37:c8:70:c8:03:8d:68:b0:5c:45:3f:
                    42:76:26:c2:e3:c8:0c:0b:91:57:f4:4a:65:cd:82:
                    c3:68:af:64:e2:ff:22:bb:1d:c9:36:82:52:cc:1a:
                    9b:9b:ea:6a:87:e6:d2:f7:d8:bf:52:e1:bc:8c:59:
                    b0:55:93:01:e8:af:8b:af:a2:80:90:df:e8:15:21:
                    d0:64:bd:95:b3:6d:04:ab:04:b5:fd:ef:8d:1b:fb:
                    57:c2:91:c0:83:e4:a0:16:e0:7b:b0:7d:b7:53:3a:
                    53:41:ed:dc:70:a4:d3:fd:5c:2c:b5:6f:6d:72:3d:
                    4c:b9:b6:ac:58:e2:b4:6b:bc:71:07:1a:77:dc:56:
                    74:1b:d0:32:d8:8d:b5:dc:a6:5a:85:07:fc:3b:e1:
                    39:61:de:d7:16:2a:c8:f9:f5:7f:52:5d:42:27:58:
                    c9:38:5a:8e:c3:83:70:7e:f2:6f:3c:8a:99:47:2b:
                    f5:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:B7:0A:C2:3E:C9:A3:C7:9F:03:B1:89:A8:D0:07:60:5F:E1:F3:D3
            X509v3 Authority Key Identifier:
                keyid:07:47:94:45:AC:FB:50:44:B3:A1:BC:AA:D6:26:07:2C:AB:EA:5C:10

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/f1eed09c-6068-407a-b0a6-59b7d0b87855/0/07479445ACFB5044B3A1BCAAD626072CABEA5C10.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/07479445ACFB5044B3A1BCAAD626072CABEA5C10.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f1eed09c-6068-407a-b0a6-59b7d0b87855/0/3130332e3136302e3133362e302f32342d3234203d3e20313431353838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.160.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:3a:e0:73:97:0f:9d:88:fe:05:ef:32:7a:a8:f3:03:ba:21:
         99:be:3c:5f:44:df:94:3b:2f:65:ad:a4:59:5d:3d:36:63:fb:
         78:fe:cd:1a:df:36:c7:78:68:21:6f:6d:0d:30:4a:f0:96:0b:
         b5:93:2a:6a:9e:66:64:6a:f6:29:78:8a:3d:5c:dd:5b:ff:5b:
         e5:12:1a:a0:b0:40:67:d4:f7:4a:49:54:73:66:50:8e:03:8e:
         d8:7e:d5:5d:91:53:83:33:94:3d:f2:5c:d5:a0:25:ef:71:30:
         1e:d2:65:58:ae:49:a8:33:e5:7c:73:99:28:e8:40:18:66:e5:
         f8:af:6e:9f:a1:c3:ab:69:94:74:a4:82:13:dd:ff:8b:98:7d:
         46:b0:0d:c5:b7:85:73:6a:e5:ee:29:1d:80:eb:00:b1:11:27:
         59:af:de:70:24:74:8f:6b:2f:6e:9c:1f:f0:c8:07:77:ed:ed:
         00:1a:12:a5:10:0c:42:fd:1b:35:38:54:91:30:78:7c:95:23:
         50:31:bb:f0:b4:18:67:00:f2:37:4f:be:dd:93:f8:ba:0a:72:
         69:98:e9:f2:aa:d6:7b:54:58:25:76:8a:bd:f9:18:c2:09:c0:
         f3:95:2d:95:df:a1:2d:f8:9b:ba:65:99:02:22:c8:3e:3e:8a:
         b7:bc:dd:3b
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUX4rF3GlU9PyCXWKv81bPnrS8g0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDc0Nzk0NDVBQ0ZCNTA0NEIzQTFCQ0FBRDYyNjA3MkNB
QkVBNUMxMDAeFw0yNTAzMDgwNTU2NDRaFw0yNjAzMDcwNjAxNDRaMDMxMTAvBgNV
BAMTKDE3QjcwQUMyM0VDOUEzQzc5RjAzQjE4OUE4RDAwNzYwNUZFMUYzRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDbsULi2K79zAEsfmTvA+3XPlh
VuYgzB1higp39JB34yy6L4Of5fZuHiFtRq6A0MMi49jjWqe1dQjabo4mCacyIlHu
JI+SW8AqaADzmQo3yHDIA41osFxFP0J2JsLjyAwLkVf0SmXNgsNor2Ti/yK7Hck2
glLMGpub6mqH5tL32L9S4byMWbBVkwHor4uvooCQ3+gVIdBkvZWzbQSrBLX9740b
+1fCkcCD5KAW4HuwfbdTOlNB7dxwpNP9XCy1b21yPUy5tqxY4rRrvHEHGnfcVnQb
0DLYjbXcplqFB/w74Tlh3tcWKsj59X9SXUInWMk4Wo7Dg3B+8m88iplHK/WRAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUF7cKwj7Jo8efA7GJqNAHYF/h89MwHwYDVR0j
BBgwFoAUB0eURaz7UESzobyq1iYHLKvqXBAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m
MWVlZDA5Yy02MDY4LTQwN2EtYjBhNi01OWI3ZDBiODc4NTUvMC8wNzQ3OTQ0NUFD
RkI1MDQ0QjNBMUJDQUFENjI2MDcyQ0FCRUE1QzEwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDc0Nzk0NDVBQ0ZCNTA0NEIzQTFCQ0FBRDYyNjA3MkNBQkVB
NUMxMC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2YxZWVkMDljLTYwNjgtNDA3YS1i
MGE2LTU5YjdkMGI4Nzg1NS8wLzMxMzAzMzJlMzEzNjMwMmUzMTMzMzYyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzEzNTM4Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnoIgwDQYJ
KoZIhvcNAQELBQADggEBAEI64HOXD52I/gXvMnqo8wO6IZm+PF9E35Q7L2WtpFld
PTZj+3j+zRrfNsd4aCFvbQ0wSvCWC7WTKmqeZmRq9il4ij1c3Vv/W+USGqCwQGfU
90pJVHNmUI4Djth+1V2RU4MzlD3yXNWgJe9xMB7SZViuSagz5XxzmSjoQBhm5fiv
bp+hw6tplHSkghPd/4uYfUawDcW3hXNq5e4pHYDrALERJ1mv3nAkdI9rL26cH/DI
B3ft7QAaEqUQDEL9GzU4VJEweHyVI1Axu/C0GGcA8jdPvt2T+LoKcmmY6fKq1ntU
WCV2ir35GMIJwPOVLZXfoS34m7plmQIiyD4+ire83Ts=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:48:23 2025 by rpki-client