Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3230322e3136322e3230362e302f32332d3234203d3e20313338383431.roa
File:                     3230322e3136322e3230362e302f32332d3234203d3e20313338383431.roa (raw, json)
Hash identifier:          NTWU55mTPb+wxd69yx9CZhvAKUtT2TauZ/WndesgZ+g=
Subject key identifier:   B1:AE:6E:7C:96:CD:12:37:88:E6:45:15:84:40:BE:C3:79:C8:18:E7
Certificate issuer:       /CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984
Certificate serial:       792F14E3A2D8F798B9F52DF355DECDFFDCF574A2
Authority key identifier: 55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3230322e3136322e3230362e302f32332d3234203d3e20313338383431.roa
Signing time:             Fri 25 Jul 2025 06:01:31 +0000
ROA not before:           Fri 25 Jul 2025 05:56:31 +0000
ROA not after:            Fri 24 Jul 2026 06:01:31 +0000
asID:                     138841
IP address blocks:        202.162.206.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl
                          rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 11 Aug 2025 00:45:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:2f:14:e3:a2:d8:f7:98:b9:f5:2d:f3:55:de:cd:ff:dc:f5:74:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984
        Validity
            Not Before: Jul 25 05:56:31 2025 GMT
            Not After : Jul 24 06:01:31 2026 GMT
        Subject: CN=B1AE6E7C96CD123788E645158440BEC379C818E7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:cf:cc:ba:0e:a8:5f:8a:64:bf:66:83:ea:c1:
                    89:de:af:c1:80:9e:a6:0d:58:35:69:a4:c5:36:01:
                    b3:b0:9e:02:ef:da:e2:9d:29:d5:a9:04:ca:f4:3f:
                    29:d3:01:74:d3:c7:7d:ef:14:85:0c:1e:a6:1f:75:
                    66:2b:66:10:ce:82:ca:ba:56:63:49:8a:9f:f6:a8:
                    aa:60:bb:c5:2b:71:97:67:cc:b8:09:6c:ff:21:e7:
                    9b:cb:8c:43:ff:35:0d:02:64:0e:9f:db:d3:e7:c8:
                    69:ff:ea:5c:67:3d:ea:06:4d:83:0d:a4:b6:65:77:
                    b0:d4:52:e4:bb:f6:64:e4:4d:b6:23:9e:58:0b:b6:
                    48:fe:d4:ea:a6:9b:5c:45:ab:00:6e:62:73:94:10:
                    15:35:d5:06:f7:f9:ab:aa:09:05:e9:c3:dc:c1:d9:
                    4e:2e:8e:bc:52:44:6c:c5:a4:4c:1e:52:96:d1:f9:
                    fa:25:e5:78:0a:ee:be:93:70:5c:e8:7d:0d:5d:7a:
                    ba:19:67:33:95:69:3c:ab:04:94:75:e9:44:4e:c2:
                    c3:f6:6d:35:c1:09:3a:f5:6b:17:a0:1c:d6:2e:28:
                    26:3b:e7:7a:a7:2c:a7:06:b0:0a:8e:61:20:da:39:
                    6a:a3:63:35:b3:6a:27:e3:a7:af:98:65:80:5f:d0:
                    bc:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:AE:6E:7C:96:CD:12:37:88:E6:45:15:84:40:BE:C3:79:C8:18:E7
            X509v3 Authority Key Identifier:
                keyid:55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3230322e3136322e3230362e302f32332d3234203d3e20313338383431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.162.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         96:c1:3b:86:9f:51:82:44:a1:48:45:57:4d:2b:2b:af:0d:1d:
         a4:cf:16:1f:ff:07:f3:dd:0e:99:30:13:bc:fb:fe:78:78:e8:
         5c:91:88:3b:c2:66:1c:e4:13:17:c6:11:23:d1:da:80:a7:87:
         ba:01:51:d3:de:eb:bb:bf:96:d2:e1:36:41:66:c8:b4:26:cb:
         05:21:9e:c5:8f:a9:bd:74:4b:f9:d7:77:9f:32:95:9b:2b:b2:
         64:0b:52:6d:cb:bd:f9:00:44:73:b7:60:3f:b9:4e:a9:c5:3f:
         a2:55:42:79:5f:72:01:3e:d7:6a:de:aa:1c:f0:36:15:02:13:
         ba:fb:b3:aa:34:29:9f:86:1d:c3:3d:31:a1:66:51:7f:87:2f:
         1a:59:ea:e0:d4:d4:cc:c7:42:aa:ca:f7:a7:29:d9:e0:90:57:
         2e:d1:01:e6:d7:45:82:b3:32:05:81:e6:b0:c7:c5:92:e2:df:
         7d:27:76:e3:e9:21:18:4b:3d:53:55:b0:4f:ab:75:a5:f2:9e:
         59:f0:23:ef:a1:25:a7:3f:72:0c:d7:ae:b9:3b:34:d8:37:98:
         4a:b8:69:d9:59:39:39:44:2a:4e:23:ea:1c:d2:9a:4d:e2:28:
         cf:d1:8f:75:72:87:0e:a5:39:a1:63:8d:7a:6f:a2:36:be:1f:
         17:7d:c9:20
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUeS8U46LY95i59S3zVd7N/9z1dKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0
RkE2Njk4NDAeFw0yNTA3MjUwNTU2MzFaFw0yNjA3MjQwNjAxMzFaMDMxMTAvBgNV
BAMTKEIxQUU2RTdDOTZDRDEyMzc4OEU2NDUxNTg0NDBCRUMzNzlDODE4RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2z8y6DqhfimS/ZoPqwYner8GA
nqYNWDVppMU2AbOwngLv2uKdKdWpBMr0PynTAXTTx33vFIUMHqYfdWYrZhDOgsq6
VmNJip/2qKpgu8UrcZdnzLgJbP8h55vLjEP/NQ0CZA6f29PnyGn/6lxnPeoGTYMN
pLZld7DUUuS79mTkTbYjnlgLtkj+1Oqmm1xFqwBuYnOUEBU11Qb3+auqCQXpw9zB
2U4ujrxSRGzFpEweUpbR+fol5XgK7r6TcFzofQ1deroZZzOVaTyrBJR16UROwsP2
bTXBCTr1axegHNYuKCY753qnLKcGsAqOYSDaOWqjYzWzaifjp6+YZYBf0LwvAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUsa5ufJbNEjeI5kUVhEC+w3nIGOcwHwYDVR0j
BBgwFoAUVSsxom6Sqd1qWFuSN1t/yk+maYQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
MDE0MzJjYy0zYmM5LTQ4NTgtYjUwNi0yMThhYWIwYjA4OWMvMC81NTJCMzFBMjZF
OTJBOURENkE1ODVCOTIzNzVCN0ZDQTRGQTY2OTg0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0RkE2
Njk4NC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i
NTA2LTIxOGFhYjBiMDg5Yy8wLzMyMzAzMjJlMzEzNjMyMmUzMjMwMzYyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTMzMzgzODM0MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHKos4wDQYJ
KoZIhvcNAQELBQADggEBAJbBO4afUYJEoUhFV00rK68NHaTPFh//B/PdDpkwE7z7
/nh46FyRiDvCZhzkExfGESPR2oCnh7oBUdPe67u/ltLhNkFmyLQmywUhnsWPqb10
S/nXd58ylZsrsmQLUm3LvfkARHO3YD+5TqnFP6JVQnlfcgE+12reqhzwNhUCE7r7
s6o0KZ+GHcM9MaFmUX+HLxpZ6uDU1MzHQqrK96cp2eCQVy7RAebXRYKzMgWB5rDH
xZLi330nduPpIRhLPVNVsE+rdaXynlnwI++hJac/cgzXrrk7NNg3mEq4adlZOTlE
Kk4j6hzSmk3iKM/Rj3Vyhw6lOaFjjXpvoja+Hxd9ySA=
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:48:06 2025 by rpki-client