Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/1653247a-a56e-424a-a07b-36a2511d7caa/0/3130332e31332e3133382e302f32342d3234203d3e20313530323135.roa
File:                     3130332e31332e3133382e302f32342d3234203d3e20313530323135.roa (raw, json)
Hash identifier:          6ADoYkeIrhNdhv/k4Oyj/4jDcP6VkQMjB86DXlVYGIc=
Subject key identifier:   7A:9C:2A:73:7C:E1:0E:5E:E2:43:C0:0C:84:62:D6:B6:1B:30:9A:55
Certificate issuer:       /CN=FE880CC93B6284E6833106A5BEB71A0CDDE57C0B
Certificate serial:       13AC5F97A36823712909DC8ADA614C7E82B08E86
Authority key identifier: FE:88:0C:C9:3B:62:84:E6:83:31:06:A5:BE:B7:1A:0C:DD:E5:7C:0B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FE880CC93B6284E6833106A5BEB71A0CDDE57C0B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1653247a-a56e-424a-a07b-36a2511d7caa/0/3130332e31332e3133382e302f32342d3234203d3e20313530323135.roa
Signing time:             Sat 05 Jul 2025 06:00:00 +0000
ROA not before:           Sat 05 Jul 2025 05:55:00 +0000
ROA not after:            Sat 04 Jul 2026 06:00:00 +0000
asID:                     150215
IP address blocks:        103.13.138.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/1653247a-a56e-424a-a07b-36a2511d7caa/0/FE880CC93B6284E6833106A5BEB71A0CDDE57C0B.crl
                          rsync://repo-rpki.idnic.net/repo/1653247a-a56e-424a-a07b-36a2511d7caa/0/FE880CC93B6284E6833106A5BEB71A0CDDE57C0B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FE880CC93B6284E6833106A5BEB71A0CDDE57C0B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 16 Aug 2025 06:14:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:ac:5f:97:a3:68:23:71:29:09:dc:8a:da:61:4c:7e:82:b0:8e:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FE880CC93B6284E6833106A5BEB71A0CDDE57C0B
        Validity
            Not Before: Jul  5 05:55:00 2025 GMT
            Not After : Jul  4 06:00:00 2026 GMT
        Subject: CN=7A9C2A737CE10E5EE243C00C8462D6B61B309A55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:da:08:e8:44:48:1d:49:fe:d7:d7:a8:5c:d3:
                    8c:39:09:66:b3:50:fe:47:e6:be:17:a7:9b:29:d5:
                    4b:a9:c2:76:77:97:4c:90:2f:2c:5a:ee:d5:73:a5:
                    59:88:ab:34:d6:60:a4:d7:14:5d:5d:ab:fc:c3:e8:
                    eb:b7:54:06:e3:da:7e:92:2b:a7:91:dc:18:c7:f4:
                    f1:3c:20:cc:e2:2c:9b:ba:be:7a:ab:12:0e:4e:be:
                    29:b7:32:6c:1c:ac:b6:db:fd:27:80:e4:14:58:97:
                    52:8e:db:63:00:12:28:91:b1:d6:52:6e:da:76:a9:
                    7f:64:9e:95:7f:09:b2:d2:7a:07:29:0d:c2:1a:82:
                    b5:8f:27:ef:9f:f8:59:f7:bd:6f:03:9f:04:f9:66:
                    43:6d:4d:87:ef:10:4a:b0:64:c1:0c:ad:c1:67:d7:
                    42:74:4d:2b:75:62:76:48:87:00:8b:e7:90:d8:75:
                    11:a6:5a:92:1d:c7:c8:14:0d:2c:6a:0b:1f:57:83:
                    0e:fe:dc:66:48:67:1c:f9:88:6c:ec:6d:fa:75:64:
                    6f:51:07:40:62:30:a1:f7:95:df:fa:e4:81:3a:aa:
                    31:9b:31:55:69:f1:1a:a4:c6:c0:26:23:c4:24:3d:
                    c3:e2:71:fd:59:5c:fb:43:bb:b4:c3:42:de:e2:33:
                    a0:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:9C:2A:73:7C:E1:0E:5E:E2:43:C0:0C:84:62:D6:B6:1B:30:9A:55
            X509v3 Authority Key Identifier:
                keyid:FE:88:0C:C9:3B:62:84:E6:83:31:06:A5:BE:B7:1A:0C:DD:E5:7C:0B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1653247a-a56e-424a-a07b-36a2511d7caa/0/FE880CC93B6284E6833106A5BEB71A0CDDE57C0B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FE880CC93B6284E6833106A5BEB71A0CDDE57C0B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1653247a-a56e-424a-a07b-36a2511d7caa/0/3130332e31332e3133382e302f32342d3234203d3e20313530323135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.13.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:19:3c:91:88:37:7a:cd:54:86:d1:38:6a:d1:31:1c:2a:1e:
         75:df:e6:02:ff:9b:fa:3e:46:d1:dd:0c:3e:20:23:33:ab:45:
         37:15:b9:e6:1a:b2:db:ec:b8:42:cc:cd:21:e4:3d:c0:15:0d:
         fb:c6:f8:39:2f:1a:68:82:b3:52:42:ce:4f:51:e2:af:90:32:
         21:85:9e:41:bd:24:d9:a0:89:70:d4:31:07:b5:20:65:51:03:
         79:10:f4:fc:dd:fe:71:f5:2f:50:fa:62:93:4f:4f:d4:af:c8:
         b4:ca:4f:08:bb:e3:d4:d7:b9:37:81:b6:70:c5:75:0f:2e:9e:
         17:56:e2:b6:71:9a:bf:b0:be:07:ec:c9:35:0b:d3:e4:80:1b:
         9e:f7:c6:40:09:9a:18:82:f6:e2:62:57:12:50:bf:a5:f0:65:
         8a:9e:0a:07:26:8e:94:9e:70:9b:29:c6:7d:d2:db:f9:e2:24:
         57:ba:a7:fb:a4:be:ad:30:12:26:10:6b:d9:10:31:31:46:4a:
         56:74:44:9a:f1:80:c6:4b:a5:9c:5e:c7:90:c5:34:77:81:28:
         4a:33:22:53:c7:4c:4a:23:f0:90:38:ca:d4:79:ec:7a:f2:72:
         aa:a9:9a:61:c8:c2:37:dd:6b:3d:f7:fe:3b:a1:ea:c7:c7:68:
         e3:48:e4:f6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUE6xfl6NoI3EpCdyK2mFMfoKwjoYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkU4ODBDQzkzQjYyODRFNjgzMzEwNkE1QkVCNzFBMENE
REU1N0MwQjAeFw0yNTA3MDUwNTU1MDBaFw0yNjA3MDQwNjAwMDBaMDMxMTAvBgNV
BAMTKDdBOUMyQTczN0NFMTBFNUVFMjQzQzAwQzg0NjJENkI2MUIzMDlBNTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDw2gjoREgdSf7X16hc04w5CWaz
UP5H5r4Xp5sp1UupwnZ3l0yQLyxa7tVzpVmIqzTWYKTXFF1dq/zD6Ou3VAbj2n6S
K6eR3BjH9PE8IMziLJu6vnqrEg5Ovim3MmwcrLbb/SeA5BRYl1KO22MAEiiRsdZS
btp2qX9knpV/CbLSegcpDcIagrWPJ++f+Fn3vW8DnwT5ZkNtTYfvEEqwZMEMrcFn
10J0TSt1YnZIhwCL55DYdRGmWpIdx8gUDSxqCx9Xgw7+3GZIZxz5iGzsbfp1ZG9R
B0BiMKH3ld/65IE6qjGbMVVp8RqkxsAmI8QkPcPicf1ZXPtDu7TDQt7iM6CDAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUepwqc3zhDl7iQ8AMhGLWthswmlUwHwYDVR0j
BBgwFoAU/ogMyTtihOaDMQalvrcaDN3lfAswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
NjUzMjQ3YS1hNTZlLTQyNGEtYTA3Yi0zNmEyNTExZDdjYWEvMC9GRTg4MENDOTNC
NjI4NEU2ODMzMTA2QTVCRUI3MUEwQ0RERTU3QzBCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRkU4ODBDQzkzQjYyODRFNjgzMzEwNkE1QkVCNzFBMENEREU1
N0MwQi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE2NTMyNDdhLWE1NmUtNDI0YS1h
MDdiLTM2YTI1MTFkN2NhYS8wLzMxMzAzMzJlMzEzMzJlMzEzMzM4MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNTMwMzIzMTM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZw2KMA0GCSqG
SIb3DQEBCwUAA4IBAQBVGTyRiDd6zVSG0Thq0TEcKh513+YC/5v6PkbR3Qw+ICMz
q0U3FbnmGrLb7LhCzM0h5D3AFQ37xvg5LxpogrNSQs5PUeKvkDIhhZ5BvSTZoIlw
1DEHtSBlUQN5EPT83f5x9S9Q+mKTT0/Ur8i0yk8Iu+PU17k3gbZwxXUPLp4XVuK2
cZq/sL4H7Mk1C9PkgBue98ZACZoYgvbiYlcSUL+l8GWKngoHJo6UnnCbKcZ90tv5
4iRXuqf7pL6tMBImEGvZEDExRkpWdESa8YDGS6WcXseQxTR3gShKMyJTx0xKI/CQ
OMrUeex68nKqqZphyMI33Ws99/47oerHx2jjSOT2
-----END CERTIFICATE-----
Generated at Wed Aug 13 05:50:29 2025 by rpki-client