Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3130332e3130312e3133382e302f32332d3234203d3e203233393531.roa
File:                     3130332e3130312e3133382e302f32332d3234203d3e203233393531.roa (raw, json)
Hash identifier:          gYdjbrllcxVsFjz+69ccDbd/xh/3XuSos0MpuObt62I=
Subject key identifier:   0B:83:97:8C:82:A5:F1:1A:F3:A3:7C:44:9B:B5:B5:96:C2:2A:56:D7
Certificate issuer:       /CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F
Certificate serial:       1525466D1F0F116FE7B5FB4053EBF678487F97FF
Authority key identifier: CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3130332e3130312e3133382e302f32332d3234203d3e203233393531.roa
Signing time:             Tue 22 Jul 2025 04:02:51 +0000
ROA not before:           Tue 22 Jul 2025 03:57:51 +0000
ROA not after:            Tue 21 Jul 2026 04:02:51 +0000
asID:                     23951
IP address blocks:        103.101.138.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl
                          rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 02:21:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:25:46:6d:1f:0f:11:6f:e7:b5:fb:40:53:eb:f6:78:48:7f:97:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F
        Validity
            Not Before: Jul 22 03:57:51 2025 GMT
            Not After : Jul 21 04:02:51 2026 GMT
        Subject: CN=0B83978C82A5F11AF3A37C449BB5B596C22A56D7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:cd:77:f3:02:d0:34:a6:2c:04:f1:aa:51:2f:
                    18:cb:f2:07:ef:b5:30:b4:a1:7b:50:4d:0b:b5:12:
                    40:cb:c4:c3:67:90:73:19:ab:fb:5d:f1:fa:27:8f:
                    d6:b0:0b:42:a4:c6:fa:da:00:fa:6b:3b:df:bf:a6:
                    d9:64:69:1b:17:14:4a:10:97:28:0a:af:90:bf:db:
                    20:ff:24:30:97:25:52:50:42:5b:e5:8a:80:e3:b5:
                    ea:29:52:b3:5e:68:29:83:c8:fa:58:16:c3:28:b5:
                    67:15:83:25:9c:57:b1:fa:91:bf:a5:3e:01:d2:da:
                    ed:13:f7:89:0b:f1:b2:55:bb:29:7f:4a:f2:8e:0e:
                    0f:52:4d:e6:13:68:7a:48:33:3d:95:b2:a1:e7:1e:
                    e6:2e:1b:26:80:d7:4f:fd:76:84:84:e5:52:b9:3f:
                    8d:1d:2c:6a:7e:1e:4f:36:96:16:d4:51:e6:d1:20:
                    c9:12:c5:2d:2f:c0:60:91:72:a4:cb:51:81:66:bd:
                    df:0a:09:e3:f1:38:ab:5a:04:cb:61:f9:8d:f7:ba:
                    63:ee:f7:d3:0b:7c:38:f1:64:4c:02:94:4b:89:85:
                    54:34:a3:b8:c3:ea:4b:b6:90:2f:ea:a5:d5:30:16:
                    27:a5:5e:11:ec:ef:30:5e:5d:d5:fc:ef:13:56:68:
                    2f:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:83:97:8C:82:A5:F1:1A:F3:A3:7C:44:9B:B5:B5:96:C2:2A:56:D7
            X509v3 Authority Key Identifier:
                keyid:CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3130332e3130312e3133382e302f32332d3234203d3e203233393531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.101.138.0/23

    Signature Algorithm: sha256WithRSAEncryption
         57:92:55:95:f2:29:89:8c:b0:db:6c:65:bd:0b:6a:7e:6b:39:
         26:79:95:cd:1a:d1:13:c2:5c:1c:60:a0:21:22:ea:54:ce:68:
         ce:5f:81:3f:0f:e1:71:d5:36:11:0a:bf:4d:25:a4:6d:33:84:
         db:1b:f7:cb:85:6d:66:c9:92:92:c5:b4:cc:c9:33:10:cf:eb:
         da:b1:11:63:74:b6:f1:d7:fe:6d:32:fb:bb:9f:f0:71:41:a5:
         37:bd:5c:83:a5:54:e1:10:0b:db:80:45:df:da:0a:31:dd:81:
         41:02:fb:10:58:f0:cc:05:af:36:38:bc:33:50:c5:8b:fb:83:
         55:1d:58:ae:c1:28:af:e9:72:c1:4a:2c:59:3a:54:65:8d:48:
         23:b3:43:10:84:5a:91:78:13:64:77:9b:ad:af:c1:f6:c1:f3:
         f9:42:6e:0c:57:a0:e7:87:5f:ed:89:41:76:15:5e:cd:02:fe:
         2d:40:1e:95:3a:c1:38:19:7c:fb:2b:89:3f:f7:a4:90:80:5e:
         f4:30:03:e6:1d:9a:df:68:32:cd:bf:77:fc:0f:fd:41:74:fc:
         ab:cb:a8:be:f3:00:7f:6d:5b:6c:4e:62:ef:a6:30:71:25:b9:
         9b:43:a7:4d:ab:d9:e8:74:14:8d:f8:e9:fa:39:d9:d7:f5:57:
         7f:33:0a:f7
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUFSVGbR8PEW/ntftAU+v2eEh/l/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUx
NDNDOEU4RjAeFw0yNTA3MjIwMzU3NTFaFw0yNjA3MjEwNDAyNTFaMDMxMTAvBgNV
BAMTKDBCODM5NzhDODJBNUYxMUFGM0EzN0M0NDlCQjVCNTk2QzIyQTU2RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfzXfzAtA0piwE8apRLxjL8gfv
tTC0oXtQTQu1EkDLxMNnkHMZq/td8fonj9awC0KkxvraAPprO9+/ptlkaRsXFEoQ
lygKr5C/2yD/JDCXJVJQQlvlioDjteopUrNeaCmDyPpYFsMotWcVgyWcV7H6kb+l
PgHS2u0T94kL8bJVuyl/SvKODg9STeYTaHpIMz2VsqHnHuYuGyaA10/9doSE5VK5
P40dLGp+Hk82lhbUUebRIMkSxS0vwGCRcqTLUYFmvd8KCePxOKtaBMth+Y33umPu
99MLfDjxZEwClEuJhVQ0o7jD6ku2kC/qpdUwFielXhHs7zBeXdX87xNWaC+3AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUC4OXjIKl8Rrzo3xEm7W1lsIqVtcwHwYDVR0j
BBgwFoAUyjW6x6QF3x7Z7WLwnS9PLhQ8jo8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ZTZhN2U0Ni1iNmFkLTRhN2QtYjkzMC0xYWIwYmYwMmRkNWQvMC9DQTM1QkFDN0E0
MDVERjFFRDlFRDYyRjA5RDJGNEYyRTE0M0M4RThGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUxNDND
OEU4Ri5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFlNmE3ZTQ2LWI2YWQtNGE3ZC1i
OTMwLTFhYjBiZjAyZGQ1ZC8wLzMxMzAzMzJlMzEzMDMxMmUzMTMzMzgyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMjMzMzkzNTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ2WKMA0GCSqG
SIb3DQEBCwUAA4IBAQBXklWV8imJjLDbbGW9C2p+azkmeZXNGtETwlwcYKAhIupU
zmjOX4E/D+Fx1TYRCr9NJaRtM4TbG/fLhW1myZKSxbTMyTMQz+vasRFjdLbx1/5t
Mvu7n/BxQaU3vVyDpVThEAvbgEXf2gox3YFBAvsQWPDMBa82OLwzUMWL+4NVHViu
wSiv6XLBSixZOlRljUgjs0MQhFqReBNkd5utr8H2wfP5Qm4MV6Dnh1/tiUF2FV7N
Av4tQB6VOsE4GXz7K4k/96SQgF70MAPmHZrfaDLNv3f8D/1BdPyry6i+8wB/bVts
TmLvpjBxJbmbQ6dNq9nodBSN+On6OdnX9Vd/Mwr3
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:12:12 2025 by rpki-client