Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/27727c3e-9c1a-46de-a2b8-c88b90399f3d/0/323430343a343738303a313a3a2f34382d3438203d3e203538343935.roa
File:                     323430343a343738303a313a3a2f34382d3438203d3e203538343935.roa (raw, json)
Hash identifier:          oWtepmBqBvebT0Z+AytYxvJ+nwN7a/Aha+0+yrTyMss=
Subject key identifier:   C0:B3:57:31:03:21:B7:EC:FF:06:BF:C8:EE:BD:9A:D2:E1:27:30:8F
Certificate issuer:       /CN=803C9FF102836CEC8CEC49F01FCFAA0E92E26AF3
Certificate serial:       348E1BC8EBCB92BB73B9F8C5F45F3356F82089B5
Authority key identifier: 80:3C:9F:F1:02:83:6C:EC:8C:EC:49:F0:1F:CF:AA:0E:92:E2:6A:F3
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/803C9FF102836CEC8CEC49F01FCFAA0E92E26AF3.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/27727c3e-9c1a-46de-a2b8-c88b90399f3d/0/323430343a343738303a313a3a2f34382d3438203d3e203538343935.roa
Signing time:             Tue 22 Jul 2025 10:00:01 +0000
ROA not before:           Tue 22 Jul 2025 09:55:01 +0000
ROA not after:            Tue 21 Jul 2026 10:00:01 +0000
asID:                     58495
IP address blocks:        2404:4780:1::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/27727c3e-9c1a-46de-a2b8-c88b90399f3d/0/803C9FF102836CEC8CEC49F01FCFAA0E92E26AF3.crl
                          rsync://repo-rpki.idnic.net/repo/27727c3e-9c1a-46de-a2b8-c88b90399f3d/0/803C9FF102836CEC8CEC49F01FCFAA0E92E26AF3.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/803C9FF102836CEC8CEC49F01FCFAA0E92E26AF3.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 08 Aug 2025 10:43:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:8e:1b:c8:eb:cb:92:bb:73:b9:f8:c5:f4:5f:33:56:f8:20:89:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=803C9FF102836CEC8CEC49F01FCFAA0E92E26AF3
        Validity
            Not Before: Jul 22 09:55:01 2025 GMT
            Not After : Jul 21 10:00:01 2026 GMT
        Subject: CN=C0B357310321B7ECFF06BFC8EEBD9AD2E127308F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ca:77:ad:32:80:39:78:25:59:65:10:b0:ff:
                    e8:d4:e9:53:08:41:04:61:a1:93:c7:5a:50:4a:77:
                    78:03:cf:74:29:b2:22:ce:ca:44:78:22:34:e9:9a:
                    5e:c4:83:6d:5a:99:da:73:2b:f6:39:58:62:17:2c:
                    50:e9:7e:7b:a0:c2:2e:be:af:de:d5:8c:3a:d9:2e:
                    74:a6:5a:b7:54:6e:cf:a0:f2:0a:53:37:66:ac:07:
                    00:2a:cd:70:ed:11:b6:0b:40:0a:cb:d9:ea:65:22:
                    b8:65:be:13:f1:79:34:1a:6d:b8:8c:ed:ff:9c:54:
                    c2:c4:62:5d:41:d1:ae:9c:ad:ce:48:7d:76:2c:ef:
                    a2:35:2a:79:7e:ac:84:61:89:4c:b5:5f:da:a2:1d:
                    55:b8:56:f4:59:27:84:fc:29:14:7d:1d:7d:5f:e3:
                    ea:4e:c0:43:4a:ab:9d:d8:a3:df:c0:69:d3:e8:6b:
                    04:9a:bd:50:69:24:12:05:ae:00:73:5a:93:5d:f7:
                    c1:01:cd:04:ca:f5:f8:a8:6c:bf:92:f5:21:b9:3d:
                    0c:89:b2:b2:f4:c5:a2:3f:2f:9f:60:bf:d1:33:9a:
                    94:e5:50:53:a4:e2:17:03:7a:a5:68:a0:f1:da:10:
                    81:0b:c4:d0:ae:6b:24:c8:a2:94:d8:6c:c1:9d:43:
                    85:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:B3:57:31:03:21:B7:EC:FF:06:BF:C8:EE:BD:9A:D2:E1:27:30:8F
            X509v3 Authority Key Identifier:
                keyid:80:3C:9F:F1:02:83:6C:EC:8C:EC:49:F0:1F:CF:AA:0E:92:E2:6A:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/27727c3e-9c1a-46de-a2b8-c88b90399f3d/0/803C9FF102836CEC8CEC49F01FCFAA0E92E26AF3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/803C9FF102836CEC8CEC49F01FCFAA0E92E26AF3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/27727c3e-9c1a-46de-a2b8-c88b90399f3d/0/323430343a343738303a313a3a2f34382d3438203d3e203538343935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:4780:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         77:ab:34:8d:12:93:96:ca:c0:01:e1:c3:0b:32:d7:4d:89:35:
         3e:e7:31:d6:e3:a7:10:e8:e8:e4:4e:bd:06:6e:e0:0f:37:e6:
         66:4f:9e:cb:2e:1d:61:ac:c3:f9:b8:cd:2f:d2:8e:e5:a6:38:
         e2:9b:0f:4c:7e:b6:8f:95:99:c6:6d:5b:b9:ec:ef:88:40:f2:
         a8:a9:12:84:8d:86:13:ec:3a:8f:53:b5:c9:88:14:4b:32:54:
         bd:08:ea:b5:94:58:8c:c3:6c:77:6a:d7:60:7c:34:0f:ce:45:
         4e:29:08:53:51:6b:d2:28:fb:62:42:88:fe:ec:e6:85:01:27:
         c5:aa:65:ed:48:72:ff:da:d8:15:e8:be:0c:cc:4c:f7:8e:cb:
         fe:88:17:4b:cf:0f:fa:2b:46:99:47:d5:7b:00:74:47:a6:e5:
         57:fe:d4:20:b3:ef:d9:b1:2c:90:d7:23:27:00:94:38:f0:42:
         98:7e:63:c3:48:3d:58:2f:90:82:f6:4f:21:a7:00:fe:64:6a:
         ad:8c:87:ef:aa:41:39:8a:54:d2:3b:68:79:09:c8:34:9e:d2:
         7a:92:57:d3:8d:48:e1:4f:89:be:26:f9:7d:72:a0:74:6f:02:
         19:d3:49:be:c2:de:7a:6f:51:c2:c1:5b:7a:fa:18:cb:99:83:
         bd:3a:79:f1
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUNI4byOvLkrtzufjF9F8zVvggibUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODAzQzlGRjEwMjgzNkNFQzhDRUM0OUYwMUZDRkFBMEU5
MkUyNkFGMzAeFw0yNTA3MjIwOTU1MDFaFw0yNjA3MjExMDAwMDFaMDMxMTAvBgNV
BAMTKEMwQjM1NzMxMDMyMUI3RUNGRjA2QkZDOEVFQkQ5QUQyRTEyNzMwOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiynetMoA5eCVZZRCw/+jU6VMI
QQRhoZPHWlBKd3gDz3QpsiLOykR4IjTpml7Eg21amdpzK/Y5WGIXLFDpfnugwi6+
r97VjDrZLnSmWrdUbs+g8gpTN2asBwAqzXDtEbYLQArL2eplIrhlvhPxeTQabbiM
7f+cVMLEYl1B0a6crc5IfXYs76I1Knl+rIRhiUy1X9qiHVW4VvRZJ4T8KRR9HX1f
4+pOwENKq53Yo9/AadPoawSavVBpJBIFrgBzWpNd98EBzQTK9fiobL+S9SG5PQyJ
srL0xaI/L59gv9EzmpTlUFOk4hcDeqVooPHaEIELxNCuayTIopTYbMGdQ4XvAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUwLNXMQMht+z/Br/I7r2a0uEnMI8wHwYDVR0j
BBgwFoAUgDyf8QKDbOyM7EnwH8+qDpLiavMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
NzcyN2MzZS05YzFhLTQ2ZGUtYTJiOC1jODhiOTAzOTlmM2QvMC84MDNDOUZGMTAy
ODM2Q0VDOENFQzQ5RjAxRkNGQUEwRTkyRTI2QUYzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODAzQzlGRjEwMjgzNkNFQzhDRUM0OUYwMUZDRkFBMEU5MkUy
NkFGMy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI3NzI3YzNlLTljMWEtNDZkZS1h
MmI4LWM4OGI5MDM5OWYzZC8wLzMyMzQzMDM0M2EzNDM3MzgzMDNhMzEzYTNhMmYz
NDM4MmQzNDM4MjAzZDNlMjAzNTM4MzQzOTM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJARHgAABMA0G
CSqGSIb3DQEBCwUAA4IBAQB3qzSNEpOWysAB4cMLMtdNiTU+5zHW46cQ6OjkTr0G
buAPN+ZmT57LLh1hrMP5uM0v0o7lpjjimw9MfraPlZnGbVu57O+IQPKoqRKEjYYT
7DqPU7XJiBRLMlS9COq1lFiMw2x3atdgfDQPzkVOKQhTUWvSKPtiQoj+7OaFASfF
qmXtSHL/2tgV6L4MzEz3jsv+iBdLzw/6K0aZR9V7AHRHpuVX/tQgs+/ZsSyQ1yMn
AJQ48EKYfmPDSD1YL5CC9k8hpwD+ZGqtjIfvqkE5ilTSO2h5Ccg0ntJ6klfTjUjh
T4m+Jvl9cqB0bwIZ00m+wt56b1HCwVt6+hjLmYO9Onnx
-----END CERTIFICATE-----
Generated at Thu Aug 7 07:37:05 2025 by rpki-client