Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/323430363a323063303a343030303a3a2f33352d3438203d3e20313430343233.roa
File:                     323430363a323063303a343030303a3a2f33352d3438203d3e20313430343233.roa (raw, json)
Hash identifier:          z1Z1jjWlENiSJrrLnZ1gAJh4C4XPIwUwDyEKPRK8yTw=
Subject key identifier:   F0:77:BA:72:A0:D5:E0:AC:97:36:C9:26:A6:1D:88:22:D9:E9:D3:42
Certificate issuer:       /CN=7CFD0F39FE2E90EA8B1F5D32D476E387352CB874
Certificate serial:       390D6D8F4CAE8158A64D9E855B8B649A4892211B
Authority key identifier: 7C:FD:0F:39:FE:2E:90:EA:8B:1F:5D:32:D4:76:E3:87:35:2C:B8:74
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/323430363a323063303a343030303a3a2f33352d3438203d3e20313430343233.roa
Signing time:             Sun 03 Aug 2025 07:00:00 +0000
ROA not before:           Sun 03 Aug 2025 06:55:00 +0000
ROA not after:            Sun 02 Aug 2026 07:00:00 +0000
asID:                     140423
IP address blocks:        2406:20c0:4000::/35 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.crl
                          rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 13 Aug 2025 03:14:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:0d:6d:8f:4c:ae:81:58:a6:4d:9e:85:5b:8b:64:9a:48:92:21:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7CFD0F39FE2E90EA8B1F5D32D476E387352CB874
        Validity
            Not Before: Aug  3 06:55:00 2025 GMT
            Not After : Aug  2 07:00:00 2026 GMT
        Subject: CN=F077BA72A0D5E0AC9736C926A61D8822D9E9D342
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:67:97:30:13:0d:71:6e:7c:71:7d:14:33:38:
                    06:75:23:f3:60:e1:7f:45:22:32:0e:f1:66:47:a3:
                    61:3a:74:a1:b2:5a:dc:34:e3:d7:25:1b:b2:73:8a:
                    a1:8a:3d:f8:93:dd:09:64:60:2e:51:5e:05:e0:06:
                    4d:2a:02:74:55:73:47:cd:b8:2f:dd:19:99:6c:72:
                    45:a7:58:75:4c:1c:fe:cd:55:b0:5a:c9:cc:56:14:
                    5f:dc:54:fb:25:3d:a7:33:c3:a5:73:40:ea:be:f3:
                    f9:3a:eb:48:0e:8f:30:69:f2:76:21:b4:ff:42:9c:
                    96:85:fd:f8:27:ae:04:c8:cf:e6:a0:3b:1b:5c:a8:
                    01:c9:37:4e:fa:d3:7b:be:86:fa:55:41:5b:b0:5b:
                    28:b5:ec:e6:cc:20:a2:3d:75:b7:81:f4:a2:84:e3:
                    78:23:db:28:ec:2a:74:70:a6:24:39:4f:e1:1b:70:
                    0b:d5:15:55:a6:4c:1c:91:ee:a2:f7:fd:f0:93:a3:
                    38:6b:00:b6:63:1e:cb:c5:0c:48:22:e8:ad:d7:1f:
                    bc:1b:67:bb:2f:c3:2b:53:eb:a6:4b:95:4c:9d:5e:
                    e4:37:cd:58:39:52:a1:49:59:ae:cf:f5:b6:11:00:
                    9a:9a:91:ad:c4:f2:a2:73:62:63:19:74:2f:80:d1:
                    94:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:77:BA:72:A0:D5:E0:AC:97:36:C9:26:A6:1D:88:22:D9:E9:D3:42
            X509v3 Authority Key Identifier:
                keyid:7C:FD:0F:39:FE:2E:90:EA:8B:1F:5D:32:D4:76:E3:87:35:2C:B8:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/323430363a323063303a343030303a3a2f33352d3438203d3e20313430343233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:20c0:4000::/35

    Signature Algorithm: sha256WithRSAEncryption
         4c:26:49:4c:0d:ca:63:c3:a6:58:a8:5b:68:eb:f5:82:fe:aa:
         22:23:2d:e0:6b:18:07:06:ae:25:89:42:1c:14:9a:70:7b:ce:
         51:0c:40:82:75:3e:42:e7:ae:18:6e:d8:13:26:b6:b1:35:f4:
         50:28:77:af:ea:26:c4:92:fc:52:d2:51:ca:8d:ea:8f:a2:b8:
         1b:66:d1:78:8e:02:40:de:6e:ee:07:93:1c:ef:fd:c6:96:27:
         08:97:85:b6:92:7d:15:97:d8:f4:d8:85:ad:a5:7b:8d:15:64:
         9a:ec:97:a6:3a:ee:49:22:0d:8d:b5:2c:c5:f3:12:8e:99:9b:
         36:2b:11:cf:56:84:2f:d0:7b:25:dc:51:d4:9c:f6:05:67:35:
         25:9f:cc:c7:71:9f:6c:78:71:3f:aa:1b:4a:ef:fb:5e:2b:31:
         3b:26:00:44:c6:bc:57:10:a3:a7:af:0b:bd:42:e5:65:f5:4c:
         1a:ab:68:94:e1:f4:b5:e7:8b:6c:4a:70:03:17:09:54:38:6b:
         2f:7e:73:cd:b5:62:e2:9e:82:dd:6e:1a:b6:68:5f:d7:51:49:
         4a:aa:51:7d:11:6c:75:86:ba:ac:de:00:23:87:20:40:5f:88:
         d2:7c:27:33:8d:80:10:97:1a:65:39:f0:26:f7:d6:48:31:88:
         27:8c:2e:6e
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUOQ1tj0yugVimTZ6FW4tkmkiSIRswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0NGRDBGMzlGRTJFOTBFQThCMUY1RDMyRDQ3NkUzODcz
NTJDQjg3NDAeFw0yNTA4MDMwNjU1MDBaFw0yNjA4MDIwNzAwMDBaMDMxMTAvBgNV
BAMTKEYwNzdCQTcyQTBENUUwQUM5NzM2QzkyNkE2MUQ4ODIyRDlFOUQzNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAZ5cwEw1xbnxxfRQzOAZ1I/Ng
4X9FIjIO8WZHo2E6dKGyWtw049clG7JziqGKPfiT3QlkYC5RXgXgBk0qAnRVc0fN
uC/dGZlsckWnWHVMHP7NVbBaycxWFF/cVPslPaczw6VzQOq+8/k660gOjzBp8nYh
tP9CnJaF/fgnrgTIz+agOxtcqAHJN07603u+hvpVQVuwWyi17ObMIKI9dbeB9KKE
43gj2yjsKnRwpiQ5T+EbcAvVFVWmTByR7qL3/fCTozhrALZjHsvFDEgi6K3XH7wb
Z7svwytT66ZLlUydXuQ3zVg5UqFJWa7P9bYRAJqaka3E8qJzYmMZdC+A0ZTnAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQU8He6cqDV4KyXNskmph2IItnp00IwHwYDVR0j
BBgwFoAUfP0POf4ukOqLH10y1HbjhzUsuHQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
OWEwMDM2OS02ODQwLTRhOTUtODliMS1hNDg1MThmOThkYzcvMC83Q0ZEMEYzOUZF
MkU5MEVBOEIxRjVEMzJENDc2RTM4NzM1MkNCODc0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvN0NGRDBGMzlGRTJFOTBFQThCMUY1RDMyRDQ3NkUzODczNTJD
Qjg3NC5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE5YTAwMzY5LTY4NDAtNGE5NS04
OWIxLWE0ODUxOGY5OGRjNy8wLzMyMzQzMDM2M2EzMjMwNjMzMDNhMzQzMDMwMzAz
YTNhMmYzMzM1MmQzNDM4MjAzZDNlMjAzMTM0MzAzNDMyMzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgUk
BiDAQDANBgkqhkiG9w0BAQsFAAOCAQEATCZJTA3KY8OmWKhbaOv1gv6qIiMt4GsY
BwauJYlCHBSacHvOUQxAgnU+QueuGG7YEya2sTX0UCh3r+omxJL8UtJRyo3qj6K4
G2bReI4CQN5u7geTHO/9xpYnCJeFtpJ9FZfY9NiFraV7jRVkmuyXpjruSSINjbUs
xfMSjpmbNisRz1aEL9B7JdxR1Jz2BWc1JZ/Mx3GfbHhxP6obSu/7XisxOyYARMa8
VxCjp68LvULlZfVMGqtolOH0teeLbEpwAxcJVDhrL35zzbVi4p6C3W4atmhf11FJ
SqpRfRFsdYa6rN4AI4cgQF+I0nwnM42AEJcaZTnwJvfWSDGIJ4wubg==
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:38:00 2025 by rpki-client