Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/038d580b-452e-42d7-b041-901dc33d6857/0/3130332e3136382e3235312e302f32342d3234203d3e20313432333237.roa
File:                     3130332e3136382e3235312e302f32342d3234203d3e20313432333237.roa (raw, json)
Hash identifier:          mP3dXLTjkrRr0prh2Jzplj5CirAMZtpiVu7s//8AY3w=
Subject key identifier:   DD:ED:A8:4A:AF:3D:6E:4F:28:C2:BB:97:96:CA:A5:CF:9D:B0:1E:CE
Certificate issuer:       /CN=4EE959798755CD4BA407AEB6EBDD3100261EAA55
Certificate serial:       65AEC7987B9693C9CCC44625D9B75D948ED2E239
Authority key identifier: 4E:E9:59:79:87:55:CD:4B:A4:07:AE:B6:EB:DD:31:00:26:1E:AA:55
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4EE959798755CD4BA407AEB6EBDD3100261EAA55.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/038d580b-452e-42d7-b041-901dc33d6857/0/3130332e3136382e3235312e302f32342d3234203d3e20313432333237.roa
Signing time:             Sat 05 Jul 2025 14:00:00 +0000
ROA not before:           Sat 05 Jul 2025 13:55:00 +0000
ROA not after:            Sat 04 Jul 2026 14:00:00 +0000
asID:                     142327
IP address blocks:        103.168.251.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/038d580b-452e-42d7-b041-901dc33d6857/0/4EE959798755CD4BA407AEB6EBDD3100261EAA55.crl
                          rsync://repo-rpki.idnic.net/repo/038d580b-452e-42d7-b041-901dc33d6857/0/4EE959798755CD4BA407AEB6EBDD3100261EAA55.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4EE959798755CD4BA407AEB6EBDD3100261EAA55.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 04:31:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:ae:c7:98:7b:96:93:c9:cc:c4:46:25:d9:b7:5d:94:8e:d2:e2:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4EE959798755CD4BA407AEB6EBDD3100261EAA55
        Validity
            Not Before: Jul  5 13:55:00 2025 GMT
            Not After : Jul  4 14:00:00 2026 GMT
        Subject: CN=DDEDA84AAF3D6E4F28C2BB9796CAA5CF9DB01ECE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:66:00:bc:e0:80:dd:ac:97:67:3c:e2:da:e7:
                    c8:13:92:9d:eb:29:35:11:51:ba:00:9b:f0:a7:46:
                    12:8c:fb:28:b6:09:9a:ff:81:2d:04:73:76:b0:d7:
                    b8:4b:b2:67:9d:e0:40:37:a5:b0:0a:9a:54:9b:bb:
                    00:73:88:46:d1:fc:cd:d1:0f:d6:c1:97:33:02:90:
                    5d:28:1d:4d:18:d7:59:8c:6f:02:7e:eb:84:22:c3:
                    e2:6f:5c:87:e6:6f:e7:4b:f1:57:18:a2:ef:c3:ef:
                    80:1a:05:3a:52:5a:6e:0d:dc:57:a9:21:f2:87:e3:
                    af:70:9d:66:fe:83:77:25:aa:4b:9c:b5:03:04:81:
                    b3:22:bf:f9:cd:be:a3:11:f0:62:2a:0e:bc:d6:21:
                    0f:f9:ca:6a:76:3c:29:23:34:8b:b2:35:58:1d:0b:
                    18:43:89:20:38:0f:82:af:57:70:3e:bd:db:3e:6a:
                    08:9b:db:c5:20:82:90:a7:07:2a:4d:a1:c4:60:a1:
                    f3:76:4c:5d:2f:a9:b5:37:2a:dd:6e:21:eb:26:51:
                    d8:0b:8e:87:a6:61:09:59:4d:aa:08:48:21:e6:93:
                    81:e1:6a:51:0d:0e:ea:c8:4f:7a:9e:7a:84:28:44:
                    6e:6c:8a:b3:ea:59:ab:67:4e:c3:f3:3f:e8:ce:83:
                    38:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:ED:A8:4A:AF:3D:6E:4F:28:C2:BB:97:96:CA:A5:CF:9D:B0:1E:CE
            X509v3 Authority Key Identifier:
                keyid:4E:E9:59:79:87:55:CD:4B:A4:07:AE:B6:EB:DD:31:00:26:1E:AA:55

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/038d580b-452e-42d7-b041-901dc33d6857/0/4EE959798755CD4BA407AEB6EBDD3100261EAA55.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4EE959798755CD4BA407AEB6EBDD3100261EAA55.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/038d580b-452e-42d7-b041-901dc33d6857/0/3130332e3136382e3235312e302f32342d3234203d3e20313432333237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.168.251.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:7b:cf:84:4f:47:a9:50:8b:f7:42:99:84:fd:5f:41:92:00:
         34:bc:a8:13:17:9c:ea:0e:32:34:69:73:56:ca:05:b3:9b:a3:
         e5:e2:e4:36:b0:80:c2:20:a7:fc:62:e1:35:57:ae:a8:39:bd:
         8d:95:5e:5b:48:f3:d7:cc:83:b0:d4:c4:2d:c1:71:0b:81:4f:
         f5:9c:cd:d1:3c:7b:2e:05:61:b5:74:1c:89:bf:cd:57:07:b1:
         fc:c4:f9:cf:99:cb:07:b5:dd:06:51:16:43:8f:1a:a2:4a:69:
         5f:40:78:7b:62:b9:0e:77:3f:b6:99:25:bd:95:32:b9:19:74:
         1a:a0:a4:ff:49:de:73:e2:84:ec:e0:7d:c7:f4:42:7e:d4:b7:
         52:30:b9:84:3a:38:4b:2f:65:ff:e5:5a:ba:65:1e:6a:be:bc:
         11:6e:4a:bb:85:d5:0b:a3:32:c5:07:21:c7:b0:7e:6b:8d:ce:
         40:98:a1:f3:39:ee:4e:af:29:53:8b:58:08:28:a3:9e:87:47:
         5c:a0:ec:61:11:ff:29:c4:4f:51:11:c4:2b:5d:1f:44:b9:ef:
         06:83:b5:88:f7:0e:4a:80:f5:0d:1a:ac:e0:ee:c5:28:c8:35:
         20:4f:49:ad:33:6f:a1:e6:c1:52:bb:f8:00:0e:73:da:a3:c2:
         b9:fd:f5:c3
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUZa7HmHuWk8nMxEYl2bddlI7S4jkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNEVFOTU5Nzk4NzU1Q0Q0QkE0MDdBRUI2RUJERDMxMDAy
NjFFQUE1NTAeFw0yNTA3MDUxMzU1MDBaFw0yNjA3MDQxNDAwMDBaMDMxMTAvBgNV
BAMTKERERURBODRBQUYzRDZFNEYyOEMyQkI5Nzk2Q0FBNUNGOURCMDFFQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqZgC84IDdrJdnPOLa58gTkp3r
KTURUboAm/CnRhKM+yi2CZr/gS0Ec3aw17hLsmed4EA3pbAKmlSbuwBziEbR/M3R
D9bBlzMCkF0oHU0Y11mMbwJ+64Qiw+JvXIfmb+dL8VcYou/D74AaBTpSWm4N3Fep
IfKH469wnWb+g3clqkuctQMEgbMiv/nNvqMR8GIqDrzWIQ/5ymp2PCkjNIuyNVgd
CxhDiSA4D4KvV3A+vds+agib28UggpCnBypNocRgofN2TF0vqbU3Kt1uIesmUdgL
joemYQlZTaoISCHmk4HhalENDurIT3qeeoQoRG5sirPqWatnTsPzP+jOgzhxAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQU3e2oSq89bk8owruXlsqlz52wHs4wHwYDVR0j
BBgwFoAUTulZeYdVzUukB662690xACYeqlUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
MzhkNTgwYi00NTJlLTQyZDctYjA0MS05MDFkYzMzZDY4NTcvMC80RUU5NTk3OTg3
NTVDRDRCQTQwN0FFQjZFQkREMzEwMDI2MUVBQTU1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNEVFOTU5Nzk4NzU1Q0Q0QkE0MDdBRUI2RUJERDMxMDAyNjFF
QUE1NS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAzOGQ1ODBiLTQ1MmUtNDJkNy1i
MDQxLTkwMWRjMzNkNjg1Ny8wLzMxMzAzMzJlMzEzNjM4MmUzMjM1MzEyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzIzMzMyMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnqPswDQYJ
KoZIhvcNAQELBQADggEBAEJ7z4RPR6lQi/dCmYT9X0GSADS8qBMXnOoOMjRpc1bK
BbObo+Xi5DawgMIgp/xi4TVXrqg5vY2VXltI89fMg7DUxC3BcQuBT/WczdE8ey4F
YbV0HIm/zVcHsfzE+c+Zywe13QZRFkOPGqJKaV9AeHtiuQ53P7aZJb2VMrkZdBqg
pP9J3nPihOzgfcf0Qn7Ut1IwuYQ6OEsvZf/lWrplHmq+vBFuSruF1QujMsUHIcew
fmuNzkCYofM57k6vKVOLWAgoo56HR1yg7GER/ynET1ERxCtdH0S57waDtYj3DkqA
9Q0arODuxSjINSBPSa0zb6HmwVK7+AAOc9qjwrn99cM=
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:27:28 2025 by rpki-client