Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/0a1f3971-3a47-455d-ab30-e7c23b61b9f2/0/3130332e3130312e3231362e302f32342d3234203d3e20313530393431.roa
File:                     3130332e3130312e3231362e302f32342d3234203d3e20313530393431.roa (raw, json)
Hash identifier:          V76cC5CNnJtNiE3A1eNlVqFtp7QA7yYWZJ54/BrVb60=
Subject key identifier:   A6:29:3A:DF:A6:56:29:82:35:FF:91:05:26:6F:5F:BD:DE:49:5E:9B
Certificate issuer:       /CN=EB78214F248EFE08B4E462FDAFD4E70BC3D05A2F
Certificate serial:       2B3162D91C13A5C68FD0050B737EB99FACD53174
Authority key identifier: EB:78:21:4F:24:8E:FE:08:B4:E4:62:FD:AF:D4:E7:0B:C3:D0:5A:2F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EB78214F248EFE08B4E462FDAFD4E70BC3D05A2F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/0a1f3971-3a47-455d-ab30-e7c23b61b9f2/0/3130332e3130312e3231362e302f32342d3234203d3e20313530393431.roa
Signing time:             Sat 26 Jul 2025 08:00:02 +0000
ROA not before:           Sat 26 Jul 2025 07:55:02 +0000
ROA not after:            Sat 25 Jul 2026 08:00:02 +0000
asID:                     150941
IP address blocks:        103.101.216.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/0a1f3971-3a47-455d-ab30-e7c23b61b9f2/0/EB78214F248EFE08B4E462FDAFD4E70BC3D05A2F.crl
                          rsync://repo-rpki.idnic.net/repo/0a1f3971-3a47-455d-ab30-e7c23b61b9f2/0/EB78214F248EFE08B4E462FDAFD4E70BC3D05A2F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EB78214F248EFE08B4E462FDAFD4E70BC3D05A2F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 03:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:31:62:d9:1c:13:a5:c6:8f:d0:05:0b:73:7e:b9:9f:ac:d5:31:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB78214F248EFE08B4E462FDAFD4E70BC3D05A2F
        Validity
            Not Before: Jul 26 07:55:02 2025 GMT
            Not After : Jul 25 08:00:02 2026 GMT
        Subject: CN=A6293ADFA656298235FF9105266F5FBDDE495E9B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:50:08:5e:25:f3:b9:86:8b:25:cb:cd:2c:a5:
                    08:43:c7:1c:17:3b:a1:d4:a3:ad:1a:e8:f0:13:cc:
                    23:e9:db:7b:9c:57:fc:a6:2d:5e:e1:38:8c:6c:98:
                    f0:1b:30:3c:64:12:8e:d7:8a:cc:b2:61:80:75:f2:
                    33:92:3f:47:e1:d7:e7:e3:79:0d:36:75:a3:bd:ee:
                    4b:db:7b:d6:46:7a:fc:43:e3:30:45:a1:a2:78:b9:
                    94:0b:c3:75:2c:ad:4c:f6:7a:31:80:eb:5f:47:db:
                    ce:73:b3:7a:fc:f4:29:f1:8b:e1:5e:f3:e3:78:c8:
                    6a:6e:52:de:23:19:5c:13:f5:6d:75:6a:69:6c:c9:
                    31:c8:0a:53:6a:df:27:7c:93:29:c4:a7:2b:53:dd:
                    56:6d:0f:a4:c1:62:da:1f:1e:67:b7:f1:54:9f:ba:
                    b7:d1:30:93:b7:a0:b8:0a:45:9b:47:d3:5d:bd:ed:
                    28:46:86:68:98:bc:c8:17:20:b3:a6:34:7d:fa:b0:
                    0a:ff:b9:70:02:a8:b1:76:f0:6c:61:97:c8:52:7a:
                    d7:46:29:dc:b0:fd:9a:0b:db:bd:7b:2f:cd:58:fd:
                    d6:11:32:2f:2d:c6:b8:1c:b1:e1:f8:06:cf:eb:e1:
                    03:7d:2b:e0:d0:2d:52:69:b4:9f:79:63:10:c4:f9:
                    67:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:29:3A:DF:A6:56:29:82:35:FF:91:05:26:6F:5F:BD:DE:49:5E:9B
            X509v3 Authority Key Identifier:
                keyid:EB:78:21:4F:24:8E:FE:08:B4:E4:62:FD:AF:D4:E7:0B:C3:D0:5A:2F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/0a1f3971-3a47-455d-ab30-e7c23b61b9f2/0/EB78214F248EFE08B4E462FDAFD4E70BC3D05A2F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EB78214F248EFE08B4E462FDAFD4E70BC3D05A2F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0a1f3971-3a47-455d-ab30-e7c23b61b9f2/0/3130332e3130312e3231362e302f32342d3234203d3e20313530393431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.101.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:0d:8b:c7:9c:39:26:68:09:6d:02:2a:8d:8f:bc:2e:e7:7a:
         db:02:e4:66:45:78:c0:66:69:73:70:d8:04:19:cb:0f:ef:89:
         bb:0d:14:2f:45:8a:04:96:51:d0:51:f4:50:f0:cc:c9:14:37:
         6c:62:3e:bd:b6:e4:56:84:09:42:1e:d7:f1:3b:f7:2e:4a:d7:
         a7:aa:73:7d:88:d9:7c:13:9a:1d:c0:dd:c1:72:6a:64:bb:4b:
         fe:43:ba:4e:63:2a:a1:cf:c8:fd:86:0b:e5:0a:10:d2:5f:a4:
         cd:fe:e5:92:49:5e:ef:e8:a9:ee:9d:f9:5a:cc:4a:c2:c2:f4:
         d2:4d:84:d8:dc:29:4c:f6:52:42:d1:9a:cc:ea:75:4b:47:37:
         1d:58:b5:19:8e:5e:dc:11:78:46:e2:6b:50:4a:31:60:46:ab:
         6a:01:90:65:4b:1a:cd:1d:4f:02:51:09:41:c4:ec:09:66:41:
         31:9c:8c:ec:71:e0:d2:90:f9:2a:d1:0f:38:43:92:e1:38:bb:
         90:8d:78:76:58:cf:69:18:75:9f:a1:6f:52:2c:a8:70:07:8e:
         cd:74:de:98:71:f6:23:2c:d4:cd:3a:d1:d5:54:2f:46:5b:8d:
         55:ed:f1:42:83:86:7e:fb:a6:9a:7e:cf:66:aa:e5:17:e3:0e:
         29:04:95:00
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUKzFi2RwTpcaP0AULc365n6zVMXQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUI3ODIxNEYyNDhFRkUwOEI0RTQ2MkZEQUZENEU3MEJD
M0QwNUEyRjAeFw0yNTA3MjYwNzU1MDJaFw0yNjA3MjUwODAwMDJaMDMxMTAvBgNV
BAMTKEE2MjkzQURGQTY1NjI5ODIzNUZGOTEwNTI2NkY1RkJEREU0OTVFOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWUAheJfO5hosly80spQhDxxwX
O6HUo60a6PATzCPp23ucV/ymLV7hOIxsmPAbMDxkEo7XisyyYYB18jOSP0fh1+fj
eQ02daO97kvbe9ZGevxD4zBFoaJ4uZQLw3UsrUz2ejGA619H285zs3r89Cnxi+Fe
8+N4yGpuUt4jGVwT9W11amlsyTHIClNq3yd8kynEpytT3VZtD6TBYtofHme38VSf
urfRMJO3oLgKRZtH01297ShGhmiYvMgXILOmNH36sAr/uXACqLF28Gxhl8hSetdG
Kdyw/ZoL2717L81Y/dYRMi8txrgcseH4Bs/r4QN9K+DQLVJptJ95YxDE+Wd7AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUpik636ZWKYI1/5EFJm9fvd5JXpswHwYDVR0j
BBgwFoAU63ghTySO/gi05GL9r9TnC8PQWi8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
YTFmMzk3MS0zYTQ3LTQ1NWQtYWIzMC1lN2MyM2I2MWI5ZjIvMC9FQjc4MjE0RjI0
OEVGRTA4QjRFNDYyRkRBRkQ0RTcwQkMzRDA1QTJGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRUI3ODIxNEYyNDhFRkUwOEI0RTQ2MkZEQUZENEU3MEJDM0Qw
NUEyRi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBhMWYzOTcxLTNhNDctNDU1ZC1h
YjMwLWU3YzIzYjYxYjlmMi8wLzMxMzAzMzJlMzEzMDMxMmUzMjMxMzYyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM1MzAzOTM0MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnZdgwDQYJ
KoZIhvcNAQELBQADggEBADMNi8ecOSZoCW0CKo2PvC7netsC5GZFeMBmaXNw2AQZ
yw/vibsNFC9FigSWUdBR9FDwzMkUN2xiPr225FaECUIe1/E79y5K16eqc32I2XwT
mh3A3cFyamS7S/5Duk5jKqHPyP2GC+UKENJfpM3+5ZJJXu/oqe6d+VrMSsLC9NJN
hNjcKUz2UkLRmszqdUtHNx1YtRmOXtwReEbia1BKMWBGq2oBkGVLGs0dTwJRCUHE
7AlmQTGcjOxx4NKQ+SrRDzhDkuE4u5CNeHZYz2kYdZ+hb1IsqHAHjs103phx9iMs
1M060dVUL0ZbjVXt8UKDhn77ppp+z2aq5RfjDikElQA=
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:16:17 2025 by rpki-client