Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/323430363a323063303a343030303a3a2f33342d3438203d3e20313430343233.roa
File:                     323430363a323063303a343030303a3a2f33342d3438203d3e20313430343233.roa (raw, json)
Hash identifier:          IDRUhj4vME2Yz9XjUrRGlLFqsHAzHZNAOXuxIKvP7Zs=
Subject key identifier:   19:86:D4:D5:A1:37:BE:E8:36:86:6A:8E:74:14:C4:02:EA:0D:47:E7
Certificate issuer:       /CN=7CFD0F39FE2E90EA8B1F5D32D476E387352CB874
Certificate serial:       2D40FF557CFE83C91A4D8CA8A76AAF6AF9B31269
Authority key identifier: 7C:FD:0F:39:FE:2E:90:EA:8B:1F:5D:32:D4:76:E3:87:35:2C:B8:74
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/323430363a323063303a343030303a3a2f33342d3438203d3e20313430343233.roa
Signing time:             Sun 03 Aug 2025 08:00:00 +0000
ROA not before:           Sun 03 Aug 2025 07:55:00 +0000
ROA not after:            Sun 02 Aug 2026 08:00:00 +0000
asID:                     140423
IP address blocks:        2406:20c0:4000::/34 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.crl
                          rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 13 Aug 2025 03:14:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:40:ff:55:7c:fe:83:c9:1a:4d:8c:a8:a7:6a:af:6a:f9:b3:12:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7CFD0F39FE2E90EA8B1F5D32D476E387352CB874
        Validity
            Not Before: Aug  3 07:55:00 2025 GMT
            Not After : Aug  2 08:00:00 2026 GMT
        Subject: CN=1986D4D5A137BEE836866A8E7414C402EA0D47E7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:5f:a0:a9:fa:63:69:29:92:01:89:b6:b9:7a:
                    be:0e:48:23:49:41:84:27:1c:b3:57:6f:ae:94:fe:
                    8e:e2:32:b2:e1:d9:0f:8f:5e:28:20:58:7c:de:2d:
                    e2:d3:36:bc:3b:fa:b6:21:8f:2a:c3:62:0c:1b:f0:
                    d5:40:87:a8:b6:73:fd:43:90:33:5e:a7:c7:ec:71:
                    11:99:48:7d:20:14:dc:8c:44:4a:9c:2e:9b:ec:8c:
                    a9:d1:61:cb:ed:d9:18:d5:9e:12:fd:28:10:4a:4d:
                    e2:8b:4c:b2:57:70:5d:26:48:98:7d:bf:2e:5e:4e:
                    b5:da:7e:5b:b3:4a:6a:ef:3c:11:0d:90:d5:a2:06:
                    1a:4b:27:73:d8:d7:cc:5a:af:2d:82:a4:e7:34:c5:
                    63:97:20:9e:38:4c:40:d6:a8:31:75:0b:60:b5:2e:
                    db:f4:c1:b2:86:56:44:62:db:74:87:b4:78:2b:a7:
                    21:13:27:79:e5:6b:72:ab:68:5b:a6:c6:02:ed:ed:
                    45:7f:98:33:3c:35:af:81:30:a4:38:09:9c:ac:cd:
                    99:e8:d8:19:69:9a:21:b8:45:3c:60:55:3e:89:3b:
                    b6:60:c5:ce:31:e8:67:ec:6a:09:0e:5a:72:da:bc:
                    60:f6:d4:1e:3e:71:ff:01:c7:69:37:c1:a7:a8:42:
                    55:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:86:D4:D5:A1:37:BE:E8:36:86:6A:8E:74:14:C4:02:EA:0D:47:E7
            X509v3 Authority Key Identifier:
                keyid:7C:FD:0F:39:FE:2E:90:EA:8B:1F:5D:32:D4:76:E3:87:35:2C:B8:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/323430363a323063303a343030303a3a2f33342d3438203d3e20313430343233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:20c0:4000::/34

    Signature Algorithm: sha256WithRSAEncryption
         80:54:cd:42:56:fa:a1:45:cb:32:71:f0:9c:1b:98:52:70:ed:
         c0:78:bc:8a:89:bc:02:c8:fc:3c:e0:ab:fa:9b:ff:73:84:2c:
         11:af:bf:67:b3:ce:97:fd:88:a0:7b:54:46:23:6c:a2:62:c1:
         fd:fb:34:ad:27:0a:da:a0:6f:16:bd:25:e1:29:c9:5f:b2:8e:
         e4:60:5f:04:27:6f:de:40:21:d7:70:0e:5f:9b:ff:25:7f:46:
         37:5f:7c:2d:fe:30:13:81:52:b2:9b:5d:c7:59:f6:a2:cc:5b:
         51:b7:3f:c9:9c:31:c9:38:93:15:48:c9:9a:5b:c8:5f:26:45:
         38:9c:56:ec:82:87:d8:c5:f4:0b:7e:aa:27:30:b7:12:64:f9:
         e7:d9:35:3b:56:89:fc:52:bf:c6:5c:03:7b:48:ef:c4:ce:d9:
         cb:82:18:36:1d:2c:8b:fb:f0:12:8f:b2:64:02:51:37:c3:2c:
         88:74:86:18:d9:61:db:27:73:0c:3e:7d:7a:77:6b:19:5d:70:
         ce:2d:a6:40:10:99:c0:3b:7a:0f:5c:f9:6d:75:65:34:f9:68:
         d8:bc:4d:4a:b1:21:1f:c9:b7:f4:c9:a8:51:60:c5:bc:db:2c:
         db:aa:33:bc:5e:f0:7c:e9:48:99:6d:1b:36:55:90:8a:70:3e:
         5c:a1:19:01
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIULUD/VXz+g8kaTYyop2qvavmzEmkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0NGRDBGMzlGRTJFOTBFQThCMUY1RDMyRDQ3NkUzODcz
NTJDQjg3NDAeFw0yNTA4MDMwNzU1MDBaFw0yNjA4MDIwODAwMDBaMDMxMTAvBgNV
BAMTKDE5ODZENEQ1QTEzN0JFRTgzNjg2NkE4RTc0MTRDNDAyRUEwRDQ3RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3X6Cp+mNpKZIBiba5er4OSCNJ
QYQnHLNXb66U/o7iMrLh2Q+PXiggWHzeLeLTNrw7+rYhjyrDYgwb8NVAh6i2c/1D
kDNep8fscRGZSH0gFNyMREqcLpvsjKnRYcvt2RjVnhL9KBBKTeKLTLJXcF0mSJh9
vy5eTrXafluzSmrvPBENkNWiBhpLJ3PY18xary2CpOc0xWOXIJ44TEDWqDF1C2C1
Ltv0wbKGVkRi23SHtHgrpyETJ3nla3KraFumxgLt7UV/mDM8Na+BMKQ4CZyszZno
2BlpmiG4RTxgVT6JO7Zgxc4x6GfsagkOWnLavGD21B4+cf8Bx2k3waeoQlVzAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUGYbU1aE3vug2hmqOdBTEAuoNR+cwHwYDVR0j
BBgwFoAUfP0POf4ukOqLH10y1HbjhzUsuHQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
OWEwMDM2OS02ODQwLTRhOTUtODliMS1hNDg1MThmOThkYzcvMC83Q0ZEMEYzOUZF
MkU5MEVBOEIxRjVEMzJENDc2RTM4NzM1MkNCODc0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvN0NGRDBGMzlGRTJFOTBFQThCMUY1RDMyRDQ3NkUzODczNTJD
Qjg3NC5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE5YTAwMzY5LTY4NDAtNGE5NS04
OWIxLWE0ODUxOGY5OGRjNy8wLzMyMzQzMDM2M2EzMjMwNjMzMDNhMzQzMDMwMzAz
YTNhMmYzMzM0MmQzNDM4MjAzZDNlMjAzMTM0MzAzNDMyMzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgYk
BiDAQDANBgkqhkiG9w0BAQsFAAOCAQEAgFTNQlb6oUXLMnHwnBuYUnDtwHi8iom8
Asj8POCr+pv/c4QsEa+/Z7POl/2IoHtURiNsomLB/fs0rScK2qBvFr0l4SnJX7KO
5GBfBCdv3kAh13AOX5v/JX9GN198Lf4wE4FSsptdx1n2osxbUbc/yZwxyTiTFUjJ
mlvIXyZFOJxW7IKH2MX0C36qJzC3EmT559k1O1aJ/FK/xlwDe0jvxM7Zy4IYNh0s
i/vwEo+yZAJRN8MsiHSGGNlh2ydzDD59endrGV1wzi2mQBCZwDt6D1z5bXVlNPlo
2LxNSrEhH8m39MmoUWDFvNss26ozvF7wfOlImW0bNlWQinA+XKEZAQ==
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:37:17 2025 by rpki-client