Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/323430363a323063303a633030303a3a2f33352d3438203d3e20313430343233.roa
File:                     323430363a323063303a633030303a3a2f33352d3438203d3e20313430343233.roa (raw, json)
Hash identifier:          nd5q1pRIdM0hAIKxdlBv7D7ABN85fx0AF/aqhoAhC6g=
Subject key identifier:   7E:21:23:90:52:D1:90:53:77:ED:F0:80:A2:27:1A:0A:E8:A1:FF:18
Certificate issuer:       /CN=7CFD0F39FE2E90EA8B1F5D32D476E387352CB874
Certificate serial:       1A2FF13820633AC96732B0EDFC06223715E1A143
Authority key identifier: 7C:FD:0F:39:FE:2E:90:EA:8B:1F:5D:32:D4:76:E3:87:35:2C:B8:74
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/323430363a323063303a633030303a3a2f33352d3438203d3e20313430343233.roa
Signing time:             Sun 03 Aug 2025 06:00:00 +0000
ROA not before:           Sun 03 Aug 2025 05:55:00 +0000
ROA not after:            Sun 02 Aug 2026 06:00:00 +0000
asID:                     140423
IP address blocks:        2406:20c0:c000::/35 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.crl
                          rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 13 Aug 2025 03:14:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:2f:f1:38:20:63:3a:c9:67:32:b0:ed:fc:06:22:37:15:e1:a1:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7CFD0F39FE2E90EA8B1F5D32D476E387352CB874
        Validity
            Not Before: Aug  3 05:55:00 2025 GMT
            Not After : Aug  2 06:00:00 2026 GMT
        Subject: CN=7E21239052D1905377EDF080A2271A0AE8A1FF18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:eb:25:ee:bf:98:16:a6:6c:1e:b1:50:ef:b4:
                    7b:4a:d7:e6:0a:80:4f:41:bf:ed:7d:20:32:12:d1:
                    26:dd:37:72:1c:d9:7d:05:2f:52:46:2e:76:31:30:
                    78:d1:e3:b7:fc:ec:47:6c:ce:16:0e:a8:b1:fb:3f:
                    7c:78:a2:29:91:66:28:f2:75:63:86:1c:1a:a3:33:
                    f4:d3:e0:44:94:ff:96:22:30:06:43:80:69:a3:af:
                    25:53:19:b6:a6:6e:3f:06:13:17:f2:88:a6:26:cc:
                    13:af:18:d2:cc:50:da:f4:13:11:53:b8:4d:d3:07:
                    cf:2e:f4:21:45:a2:7a:87:e7:c3:6a:e8:fc:ab:e3:
                    de:a1:9c:f4:ac:42:35:4d:a6:a0:a7:4d:b1:63:52:
                    74:8f:b6:43:a6:9c:d6:bc:ae:58:a3:4e:dd:6b:33:
                    cb:cd:5d:08:9f:d5:3a:6e:8b:25:b6:7c:c2:03:7c:
                    ae:47:2f:1b:22:94:6d:1a:98:7e:e6:37:d8:81:5d:
                    ff:69:26:b7:2e:9c:ca:01:d2:68:07:bb:ef:d2:84:
                    e0:57:1f:70:86:b5:d8:e3:1c:f1:86:b1:84:fc:45:
                    c8:ad:eb:65:d1:5b:ab:19:f5:c7:f5:54:54:ad:b9:
                    4b:e5:f3:ea:15:52:08:f2:d6:43:fd:32:75:f9:64:
                    06:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:21:23:90:52:D1:90:53:77:ED:F0:80:A2:27:1A:0A:E8:A1:FF:18
            X509v3 Authority Key Identifier:
                keyid:7C:FD:0F:39:FE:2E:90:EA:8B:1F:5D:32:D4:76:E3:87:35:2C:B8:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7CFD0F39FE2E90EA8B1F5D32D476E387352CB874.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/19a00369-6840-4a95-89b1-a48518f98dc7/0/323430363a323063303a633030303a3a2f33352d3438203d3e20313430343233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:20c0:c000::/35

    Signature Algorithm: sha256WithRSAEncryption
         0d:2a:37:69:ac:4c:92:11:e6:e1:c9:2b:ff:d4:f0:f6:2a:48:
         df:0e:34:47:d6:54:62:6d:00:fc:e0:28:96:ba:97:e9:90:01:
         c1:1c:40:a8:9d:fc:1c:e2:3f:d1:63:72:b2:8c:e5:69:86:2a:
         df:8f:a7:32:13:e1:6e:10:ec:b7:ec:d0:d3:b1:8b:06:cd:58:
         70:62:15:67:ac:29:14:5c:72:8d:57:14:b0:fc:77:64:7f:f6:
         58:bb:47:dd:ea:44:72:63:f8:2e:3a:a9:40:b1:35:c7:76:63:
         2b:88:5e:ca:cb:cb:3e:de:f1:a3:96:e3:1e:73:f8:6b:ee:3c:
         b1:59:91:8a:6e:a3:f4:5b:6a:c2:97:7f:e5:37:96:d7:4b:11:
         d0:1c:1f:5f:bf:d6:6c:63:90:ce:94:a4:f2:89:d0:41:7c:a9:
         11:01:ea:1e:ff:53:7e:05:62:64:95:ad:c9:e7:74:7b:77:41:
         af:4b:20:2b:c8:9a:f8:8d:62:20:59:71:20:ee:b4:38:dc:25:
         b2:4d:79:3f:2f:af:8c:0f:06:1c:8a:10:ca:3c:00:85:e2:ba:
         14:77:46:a0:a5:29:20:72:df:cc:17:8c:c8:bc:b9:c9:b4:50:
         68:c0:8a:5d:f3:26:4c:70:2a:04:e7:60:b9:97:7a:5c:a9:f0:
         5e:70:ab:c2
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUGi/xOCBjOslnMrDt/AYiNxXhoUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0NGRDBGMzlGRTJFOTBFQThCMUY1RDMyRDQ3NkUzODcz
NTJDQjg3NDAeFw0yNTA4MDMwNTU1MDBaFw0yNjA4MDIwNjAwMDBaMDMxMTAvBgNV
BAMTKDdFMjEyMzkwNTJEMTkwNTM3N0VERjA4MEEyMjcxQTBBRThBMUZGMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe6yXuv5gWpmwesVDvtHtK1+YK
gE9Bv+19IDIS0SbdN3Ic2X0FL1JGLnYxMHjR47f87EdszhYOqLH7P3x4oimRZijy
dWOGHBqjM/TT4ESU/5YiMAZDgGmjryVTGbambj8GExfyiKYmzBOvGNLMUNr0ExFT
uE3TB88u9CFFonqH58Nq6Pyr496hnPSsQjVNpqCnTbFjUnSPtkOmnNa8rlijTt1r
M8vNXQif1TpuiyW2fMIDfK5HLxsilG0amH7mN9iBXf9pJrcunMoB0mgHu+/ShOBX
H3CGtdjjHPGGsYT8Rcit62XRW6sZ9cf1VFStuUvl8+oVUgjy1kP9MnX5ZAZHAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUfiEjkFLRkFN37fCAoicaCuih/xgwHwYDVR0j
BBgwFoAUfP0POf4ukOqLH10y1HbjhzUsuHQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
OWEwMDM2OS02ODQwLTRhOTUtODliMS1hNDg1MThmOThkYzcvMC83Q0ZEMEYzOUZF
MkU5MEVBOEIxRjVEMzJENDc2RTM4NzM1MkNCODc0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvN0NGRDBGMzlGRTJFOTBFQThCMUY1RDMyRDQ3NkUzODczNTJD
Qjg3NC5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE5YTAwMzY5LTY4NDAtNGE5NS04
OWIxLWE0ODUxOGY5OGRjNy8wLzMyMzQzMDM2M2EzMjMwNjMzMDNhNjMzMDMwMzAz
YTNhMmYzMzM1MmQzNDM4MjAzZDNlMjAzMTM0MzAzNDMyMzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgUk
BiDAwDANBgkqhkiG9w0BAQsFAAOCAQEADSo3aaxMkhHm4ckr/9Tw9ipI3w40R9ZU
Ym0A/OAolrqX6ZABwRxAqJ38HOI/0WNysozlaYYq34+nMhPhbhDst+zQ07GLBs1Y
cGIVZ6wpFFxyjVcUsPx3ZH/2WLtH3epEcmP4LjqpQLE1x3ZjK4heysvLPt7xo5bj
HnP4a+48sVmRim6j9Ftqwpd/5TeW10sR0BwfX7/WbGOQzpSk8onQQXypEQHqHv9T
fgViZJWtyed0e3dBr0sgK8ia+I1iIFlxIO60ONwlsk15Py+vjA8GHIoQyjwAheK6
FHdGoKUpIHLfzBeMyLy5ybRQaMCKXfMmTHAqBOdguZd6XKnwXnCrwg==
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:37:50 2025 by rpki-client