Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/3130332e3134322e3235342e302f32332d3234203d3e20313339333831.roa
File:                     3130332e3134322e3235342e302f32332d3234203d3e20313339333831.roa (raw, json)
Hash identifier:          gV2Q8xF8XiWikE1+w9yu7jENKeKHaDELW9P6oOlSzDE=
Subject key identifier:   FE:52:0A:E3:02:4B:B2:44:1A:67:F6:DF:7C:6E:55:D0:B9:C6:93:16
Certificate issuer:       /CN=D68CA7C6F514D7168C00790717FB869AF68B125E
Certificate serial:       10FCA92C98556077E49AB64FA36910FDE1864364
Authority key identifier: D6:8C:A7:C6:F5:14:D7:16:8C:00:79:07:17:FB:86:9A:F6:8B:12:5E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D68CA7C6F514D7168C00790717FB869AF68B125E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/3130332e3134322e3235342e302f32332d3234203d3e20313339333831.roa
Signing time:             Wed 06 Aug 2025 12:00:00 +0000
ROA not before:           Wed 06 Aug 2025 11:55:00 +0000
ROA not after:            Wed 05 Aug 2026 12:00:00 +0000
asID:                     139381
IP address blocks:        103.142.254.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.crl
                          rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D68CA7C6F514D7168C00790717FB869AF68B125E.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 17:52:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:fc:a9:2c:98:55:60:77:e4:9a:b6:4f:a3:69:10:fd:e1:86:43:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D68CA7C6F514D7168C00790717FB869AF68B125E
        Validity
            Not Before: Aug  6 11:55:00 2025 GMT
            Not After : Aug  5 12:00:00 2026 GMT
        Subject: CN=FE520AE3024BB2441A67F6DF7C6E55D0B9C69316
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:6d:b9:84:ac:17:0b:64:cc:d8:2c:5d:24:1b:
                    93:28:a5:6f:d1:e9:43:2a:6f:81:e2:9f:53:40:61:
                    49:d4:79:85:db:6f:b4:ce:f5:4f:73:5d:26:c2:65:
                    89:54:65:c5:72:8a:d1:e8:28:68:14:49:e6:fb:1b:
                    cd:06:c3:70:18:f2:fb:a6:ff:9c:f0:61:34:71:0d:
                    af:c2:52:b2:c6:16:d2:ed:70:ac:d1:c9:49:57:f3:
                    ea:5a:2a:b5:4d:a7:d1:14:21:60:e1:ca:ce:d6:1a:
                    25:24:9f:30:58:43:bb:26:f2:82:b0:0d:b1:db:d0:
                    3f:d4:34:a5:0f:28:7f:bd:f1:df:3e:9b:16:cf:48:
                    49:d8:1d:c4:a4:50:02:42:26:b5:12:b5:a6:33:47:
                    ce:be:1f:53:be:2a:69:21:54:00:43:5e:2c:b6:5a:
                    ac:f1:b8:f6:42:78:2a:aa:1c:dd:ca:46:1e:51:c2:
                    c8:ca:c0:45:8a:83:06:75:9a:10:86:ee:45:50:a8:
                    eb:96:16:4a:a2:c9:d3:d2:fa:d7:96:0a:54:bf:21:
                    ee:09:2e:06:59:58:c0:94:92:6d:66:79:f0:d2:22:
                    11:b2:c3:30:8e:c3:d3:20:bc:cd:53:b1:03:43:50:
                    92:98:69:e0:ea:6b:0c:e1:29:db:d3:f3:01:44:d9:
                    07:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:52:0A:E3:02:4B:B2:44:1A:67:F6:DF:7C:6E:55:D0:B9:C6:93:16
            X509v3 Authority Key Identifier:
                keyid:D6:8C:A7:C6:F5:14:D7:16:8C:00:79:07:17:FB:86:9A:F6:8B:12:5E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D68CA7C6F514D7168C00790717FB869AF68B125E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/3130332e3134322e3235342e302f32332d3234203d3e20313339333831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.142.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8c:57:ef:c4:ce:f2:23:73:0f:49:32:b0:03:ed:7a:10:cb:9d:
         dd:58:5e:21:72:4c:cc:53:49:f2:f9:3e:fd:31:8f:74:60:ce:
         40:4a:ed:0c:ee:f0:8f:d2:6e:bd:db:02:7a:b9:2c:b3:09:02:
         2c:82:5f:08:7e:68:5f:4d:05:59:fb:e7:63:19:97:85:69:7d:
         81:15:f1:69:86:11:be:2a:b1:e5:6c:d5:81:de:07:10:65:d3:
         94:dc:73:ef:bb:d2:22:0c:98:b3:69:60:7a:25:ee:4a:79:35:
         26:20:17:7d:bd:6b:19:43:07:d4:67:2b:bb:3d:0f:21:37:0c:
         c7:46:15:62:1e:ce:49:de:c5:5f:e3:3b:e7:ad:8e:8a:06:0c:
         d7:6d:71:03:81:1b:eb:9a:25:be:9a:98:53:41:6a:18:29:6b:
         6d:39:b8:f7:0d:be:ec:c1:d4:90:66:22:ad:8d:02:94:13:8a:
         51:b2:17:56:95:ad:ef:86:5e:da:d5:39:88:b3:ad:06:9c:83:
         78:40:0c:ab:49:46:76:05:1d:b3:ea:b0:82:9b:0a:f8:3b:23:
         e8:ac:33:b4:fa:3e:93:46:a5:0d:19:e3:9c:0d:ff:a5:5d:50:
         3e:82:24:2f:8d:06:05:7c:cc:96:f2:7e:fa:00:ef:5e:90:e9:
         3e:37:c7:b6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUEPypLJhVYHfkmrZPo2kQ/eGGQ2QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDY4Q0E3QzZGNTE0RDcxNjhDMDA3OTA3MTdGQjg2OUFG
NjhCMTI1RTAeFw0yNTA4MDYxMTU1MDBaFw0yNjA4MDUxMjAwMDBaMDMxMTAvBgNV
BAMTKEZFNTIwQUUzMDI0QkIyNDQxQTY3RjZERjdDNkU1NUQwQjlDNjkzMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9bbmErBcLZMzYLF0kG5MopW/R
6UMqb4Hin1NAYUnUeYXbb7TO9U9zXSbCZYlUZcVyitHoKGgUSeb7G80Gw3AY8vum
/5zwYTRxDa/CUrLGFtLtcKzRyUlX8+paKrVNp9EUIWDhys7WGiUknzBYQ7sm8oKw
DbHb0D/UNKUPKH+98d8+mxbPSEnYHcSkUAJCJrUStaYzR86+H1O+KmkhVABDXiy2
WqzxuPZCeCqqHN3KRh5RwsjKwEWKgwZ1mhCG7kVQqOuWFkqiydPS+teWClS/Ie4J
LgZZWMCUkm1mefDSIhGywzCOw9MgvM1TsQNDUJKYaeDqawzhKdvT8wFE2QcNAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQU/lIK4wJLskQaZ/bffG5V0LnGkxYwHwYDVR0j
BBgwFoAU1oynxvUU1xaMAHkHF/uGmvaLEl4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ZGRjMWRkOC02ZDI1LTQ3YzctYWFhNC1iZGRmMWI5ZDY3N2UvMC9ENjhDQTdDNkY1
MTRENzE2OEMwMDc5MDcxN0ZCODY5QUY2OEIxMjVFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDY4Q0E3QzZGNTE0RDcxNjhDMDA3OTA3MTdGQjg2OUFGNjhC
MTI1RS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFkZGMxZGQ4LTZkMjUtNDdjNy1h
YWE0LWJkZGYxYjlkNjc3ZS8wLzMxMzAzMzJlMzEzNDMyMmUzMjM1MzQyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTMzMzkzMzM4MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnjv4wDQYJ
KoZIhvcNAQELBQADggEBAIxX78TO8iNzD0kysAPtehDLnd1YXiFyTMxTSfL5Pv0x
j3RgzkBK7Qzu8I/Sbr3bAnq5LLMJAiyCXwh+aF9NBVn752MZl4VpfYEV8WmGEb4q
seVs1YHeBxBl05Tcc++70iIMmLNpYHol7kp5NSYgF329axlDB9RnK7s9DyE3DMdG
FWIezknexV/jO+etjooGDNdtcQOBG+uaJb6amFNBahgpa205uPcNvuzB1JBmIq2N
ApQTilGyF1aVre+GXtrVOYizrQacg3hADKtJRnYFHbPqsIKbCvg7I+isM7T6PpNG
pQ0Z45wN/6VdUD6CJC+NBgV8zJbyfvoA716Q6T43x7Y=
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:18:01 2025 by rpki-client