Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3135302e3130372e3133382e302f32332d3234203d3e20313338383431.roa
File:                     3135302e3130372e3133382e302f32332d3234203d3e20313338383431.roa (raw, json)
Hash identifier:          RCzkwXiragkbd0suZVFfS25yCV4YRot+5F7Mbn5I5L8=
Subject key identifier:   5A:91:15:A2:6C:9E:B4:0E:2D:A8:41:B6:CA:6C:72:B9:83:92:6D:21
Certificate issuer:       /CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984
Certificate serial:       555F3C2DDAB0509AAB00A32DBF01CAA61873EFBF
Authority key identifier: 55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3135302e3130372e3133382e302f32332d3234203d3e20313338383431.roa
Signing time:             Fri 25 Jul 2025 06:01:30 +0000
ROA not before:           Fri 25 Jul 2025 05:56:30 +0000
ROA not after:            Fri 24 Jul 2026 06:01:30 +0000
asID:                     138841
IP address blocks:        150.107.138.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl
                          rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 11 Aug 2025 00:45:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:5f:3c:2d:da:b0:50:9a:ab:00:a3:2d:bf:01:ca:a6:18:73:ef:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984
        Validity
            Not Before: Jul 25 05:56:30 2025 GMT
            Not After : Jul 24 06:01:30 2026 GMT
        Subject: CN=5A9115A26C9EB40E2DA841B6CA6C72B983926D21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:63:4c:02:51:27:ca:da:ae:83:1f:97:ba:a5:
                    4d:38:a4:7a:af:74:82:e4:aa:76:5d:0e:4e:97:da:
                    8b:9c:af:8b:bd:9c:07:d8:db:7e:dd:53:5c:50:56:
                    45:4b:84:8d:6e:18:ba:cb:4c:aa:1f:72:57:47:e4:
                    5d:8b:d6:29:75:18:2e:3b:db:db:ff:aa:db:d4:b8:
                    d2:aa:a8:09:8d:82:1c:12:6d:ba:11:28:89:13:2e:
                    1d:62:5f:01:3b:69:11:7e:5e:9a:49:a9:dd:9f:5f:
                    8f:6a:d8:f5:33:8a:0d:ce:8d:c5:31:1d:d3:d0:d4:
                    81:78:49:87:b5:f7:ee:4f:58:96:eb:18:7c:4e:1b:
                    07:e3:84:42:15:8f:74:3f:15:15:27:f8:dd:77:ba:
                    bd:ab:e9:7a:6a:3e:67:67:57:42:3f:fa:60:6b:0d:
                    61:9b:35:69:e3:b9:e9:e6:88:e3:38:b2:5c:a5:a9:
                    72:fb:7c:4b:ed:6e:34:88:73:d5:a9:83:61:25:95:
                    c3:3a:d2:5f:85:88:41:fa:a8:f6:5a:3e:88:15:52:
                    28:66:21:62:96:d7:3b:c3:dc:9a:ce:2f:dc:a7:04:
                    a1:68:b6:b2:80:7c:50:5b:54:a1:d3:3d:6f:04:2f:
                    2f:99:a5:cc:3c:43:24:f6:d0:f6:96:16:c3:3b:13:
                    8c:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:91:15:A2:6C:9E:B4:0E:2D:A8:41:B6:CA:6C:72:B9:83:92:6D:21
            X509v3 Authority Key Identifier:
                keyid:55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3135302e3130372e3133382e302f32332d3234203d3e20313338383431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.107.138.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a6:73:25:67:d9:97:ab:1d:03:51:2f:19:6b:11:ee:40:98:94:
         3d:eb:bf:9b:49:10:b6:28:13:77:e5:ba:3c:05:35:49:bb:68:
         24:f9:c4:e4:a3:aa:6e:57:aa:09:40:30:c5:1a:1e:8a:eb:f3:
         ab:aa:ea:35:99:50:05:79:8a:0c:53:f5:28:26:40:36:07:b9:
         d6:fa:5a:04:3d:10:04:48:9f:7e:80:70:3b:0f:4b:06:13:4e:
         d8:0e:b2:27:bc:1c:f3:9b:89:95:51:70:dd:1f:16:a8:a3:7f:
         ba:6a:96:87:96:e5:b5:64:ab:6a:3c:67:62:a1:ad:27:9e:fe:
         7a:1d:bf:21:19:a8:9f:a5:25:c1:5d:2c:05:c6:dc:82:4e:9d:
         dc:65:7c:2d:db:c5:55:2b:90:9a:bc:d2:f4:c2:2e:4b:bd:b5:
         69:81:eb:0e:45:25:d1:96:0b:47:30:1a:e3:a3:5c:aa:1b:13:
         69:11:c9:c9:ee:ea:5c:61:c1:67:d0:73:d3:e3:cc:85:f9:cc:
         30:0e:7b:92:e6:9f:29:9d:30:13:30:b0:75:a7:ed:ca:be:b4:
         bd:86:3c:21:f6:c7:96:3d:58:80:6e:f7:b7:52:a6:62:3d:14:
         ef:2a:e7:98:d5:7c:49:99:f4:00:2f:e5:15:75:5c:69:17:3c:
         83:36:bb:c6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUVV88LdqwUJqrAKMtvwHKphhz778wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0
RkE2Njk4NDAeFw0yNTA3MjUwNTU2MzBaFw0yNjA3MjQwNjAxMzBaMDMxMTAvBgNV
BAMTKDVBOTExNUEyNkM5RUI0MEUyREE4NDFCNkNBNkM3MkI5ODM5MjZEMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvY0wCUSfK2q6DH5e6pU04pHqv
dILkqnZdDk6X2oucr4u9nAfY237dU1xQVkVLhI1uGLrLTKofcldH5F2L1il1GC47
29v/qtvUuNKqqAmNghwSbboRKIkTLh1iXwE7aRF+XppJqd2fX49q2PUzig3OjcUx
HdPQ1IF4SYe19+5PWJbrGHxOGwfjhEIVj3Q/FRUn+N13ur2r6XpqPmdnV0I/+mBr
DWGbNWnjuenmiOM4slylqXL7fEvtbjSIc9Wpg2EllcM60l+FiEH6qPZaPogVUihm
IWKW1zvD3JrOL9ynBKFotrKAfFBbVKHTPW8ELy+Zpcw8QyT20PaWFsM7E4wjAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUWpEVomyetA4tqEG2ymxyuYOSbSEwHwYDVR0j
BBgwFoAUVSsxom6Sqd1qWFuSN1t/yk+maYQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
MDE0MzJjYy0zYmM5LTQ4NTgtYjUwNi0yMThhYWIwYjA4OWMvMC81NTJCMzFBMjZF
OTJBOURENkE1ODVCOTIzNzVCN0ZDQTRGQTY2OTg0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0RkE2
Njk4NC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i
NTA2LTIxOGFhYjBiMDg5Yy8wLzMxMzUzMDJlMzEzMDM3MmUzMTMzMzgyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTMzMzgzODM0MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGWa4owDQYJ
KoZIhvcNAQELBQADggEBAKZzJWfZl6sdA1EvGWsR7kCYlD3rv5tJELYoE3flujwF
NUm7aCT5xOSjqm5XqglAMMUaHorr86uq6jWZUAV5igxT9SgmQDYHudb6WgQ9EARI
n36AcDsPSwYTTtgOsie8HPObiZVRcN0fFqijf7pqloeW5bVkq2o8Z2KhrSee/nod
vyEZqJ+lJcFdLAXG3IJOndxlfC3bxVUrkJq80vTCLku9tWmB6w5FJdGWC0cwGuOj
XKobE2kRycnu6lxhwWfQc9PjzIX5zDAOe5LmnymdMBMwsHWn7cq+tL2GPCH2x5Y9
WIBu97dSpmI9FO8q55jVfEmZ9AAv5RV1XGkXPIM2u8Y=
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:41:54 2025 by rpki-client