Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2d234d50-67e1-419c-85ba-64ba8c111225/0/3130332e3136332e38302e302f32342d3234203d3e20313431363734.roa
File:                     3130332e3136332e38302e302f32342d3234203d3e20313431363734.roa (raw, json)
Hash identifier:          yyP1s7Drm4K7i/5vyWhbMeYMvkp/vo6vSFKCXgZUuLI=
Subject key identifier:   99:93:57:25:3C:24:10:F0:39:C4:3D:C6:F4:F8:F8:72:FC:06:35:73
Certificate issuer:       /CN=81C94BE998ECBDD2EF897BFE8E8E51B874C0A652
Certificate serial:       2270C78449DAB0DF7F4A28695F1D449F636CDA47
Authority key identifier: 81:C9:4B:E9:98:EC:BD:D2:EF:89:7B:FE:8E:8E:51:B8:74:C0:A6:52
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/81C94BE998ECBDD2EF897BFE8E8E51B874C0A652.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2d234d50-67e1-419c-85ba-64ba8c111225/0/3130332e3136332e38302e302f32342d3234203d3e20313431363734.roa
Signing time:             Sun 03 Aug 2025 03:00:02 +0000
ROA not before:           Sun 03 Aug 2025 02:55:02 +0000
ROA not after:            Sun 02 Aug 2026 03:00:02 +0000
asID:                     141674
IP address blocks:        103.163.80.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/2d234d50-67e1-419c-85ba-64ba8c111225/0/81C94BE998ECBDD2EF897BFE8E8E51B874C0A652.crl
                          rsync://repo-rpki.idnic.net/repo/2d234d50-67e1-419c-85ba-64ba8c111225/0/81C94BE998ECBDD2EF897BFE8E8E51B874C0A652.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/81C94BE998ECBDD2EF897BFE8E8E51B874C0A652.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 23:41:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:70:c7:84:49:da:b0:df:7f:4a:28:69:5f:1d:44:9f:63:6c:da:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81C94BE998ECBDD2EF897BFE8E8E51B874C0A652
        Validity
            Not Before: Aug  3 02:55:02 2025 GMT
            Not After : Aug  2 03:00:02 2026 GMT
        Subject: CN=999357253C2410F039C43DC6F4F8F872FC063573
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:1b:1d:6c:02:6d:a7:cf:02:0e:e8:08:4a:79:
                    1d:8d:d9:1e:7f:5e:bd:49:d7:56:91:8e:34:61:89:
                    d6:6c:0d:63:c1:4f:28:64:c3:73:fd:40:6b:3c:00:
                    fc:9d:a1:e4:80:a3:05:24:3b:71:c5:35:d6:22:e5:
                    5f:dc:3c:57:be:40:cc:a6:9b:63:61:2d:b4:45:41:
                    22:7b:a0:dc:00:a3:33:23:fe:f4:a3:47:8b:cc:46:
                    56:d8:53:a3:2e:a0:24:4a:ef:c3:60:20:ed:c9:ac:
                    46:a6:63:35:06:20:c2:7d:be:c0:8a:c3:98:5b:ce:
                    d4:61:bb:32:b6:5d:5d:15:8e:87:c5:08:2a:53:01:
                    79:9f:1b:de:18:c3:02:fa:f4:ff:97:6e:09:a0:0d:
                    65:7a:b0:6e:21:b3:58:f2:b8:1a:f4:e6:79:5d:85:
                    94:88:a3:51:4e:09:ab:91:52:21:32:6e:fa:29:d9:
                    18:c3:0b:9a:cf:e0:d0:60:2c:b5:4b:5d:65:7f:c7:
                    75:1d:1a:52:7f:d5:7a:d3:bf:61:18:af:a1:72:d1:
                    72:87:26:ac:d6:26:d5:76:da:59:b0:63:64:d5:18:
                    db:3b:32:d4:50:e3:02:33:42:ba:e6:4e:ed:aa:e4:
                    38:56:75:75:a6:f0:29:d2:56:bc:aa:8e:f5:6d:ec:
                    cd:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:93:57:25:3C:24:10:F0:39:C4:3D:C6:F4:F8:F8:72:FC:06:35:73
            X509v3 Authority Key Identifier:
                keyid:81:C9:4B:E9:98:EC:BD:D2:EF:89:7B:FE:8E:8E:51:B8:74:C0:A6:52

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2d234d50-67e1-419c-85ba-64ba8c111225/0/81C94BE998ECBDD2EF897BFE8E8E51B874C0A652.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/81C94BE998ECBDD2EF897BFE8E8E51B874C0A652.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2d234d50-67e1-419c-85ba-64ba8c111225/0/3130332e3136332e38302e302f32342d3234203d3e20313431363734.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.163.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:47:bf:f3:c8:9f:a8:9a:74:49:53:28:a0:b8:62:74:34:d7:
         1e:83:2f:fd:3a:3b:8f:9d:ae:6d:0f:69:93:b3:ba:fe:3c:c2:
         7c:80:46:88:d1:f4:10:8e:c3:ec:bd:26:e4:35:90:49:8a:d3:
         ca:71:25:d4:51:7a:1a:57:67:0d:fd:5e:d7:46:d0:9a:02:24:
         70:40:df:d4:9b:a8:1d:9b:58:ef:44:b3:03:c7:b4:6a:50:8d:
         91:1a:14:52:a7:36:b8:49:d4:82:88:40:0b:97:c7:fb:03:97:
         34:d5:ba:c9:af:f0:62:b6:db:b3:66:2b:38:ca:3b:26:14:2f:
         5a:fe:8e:be:7d:ce:21:a5:1f:c2:3f:c1:95:bb:a4:81:40:8d:
         d2:a2:f6:bf:78:2a:44:59:74:df:45:e2:87:e8:bb:28:62:28:
         c8:6d:a9:2f:64:e1:13:1d:d0:cc:88:f3:0b:1f:f8:28:30:fa:
         dd:88:4b:23:67:ce:86:e5:b5:10:36:79:e0:cb:1e:df:34:2f:
         5d:da:41:6c:0a:60:08:64:26:75:21:72:25:8f:d5:45:d7:06:
         03:df:e8:bd:26:0e:5c:13:7a:4e:4c:ab:8a:1d:de:4b:e3:77:
         41:f4:04:6e:41:31:5c:33:79:4e:60:c1:26:95:29:ac:fc:3e:
         cc:89:08:f8
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUInDHhEnasN9/SihpXx1En2Ns2kcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODFDOTRCRTk5OEVDQkREMkVGODk3QkZFOEU4RTUxQjg3
NEMwQTY1MjAeFw0yNTA4MDMwMjU1MDJaFw0yNjA4MDIwMzAwMDJaMDMxMTAvBgNV
BAMTKDk5OTM1NzI1M0MyNDEwRjAzOUM0M0RDNkY0RjhGODcyRkMwNjM1NzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxGx1sAm2nzwIO6AhKeR2N2R5/
Xr1J11aRjjRhidZsDWPBTyhkw3P9QGs8APydoeSAowUkO3HFNdYi5V/cPFe+QMym
m2NhLbRFQSJ7oNwAozMj/vSjR4vMRlbYU6MuoCRK78NgIO3JrEamYzUGIMJ9vsCK
w5hbztRhuzK2XV0VjofFCCpTAXmfG94YwwL69P+XbgmgDWV6sG4hs1jyuBr05nld
hZSIo1FOCauRUiEybvop2RjDC5rP4NBgLLVLXWV/x3UdGlJ/1XrTv2EYr6Fy0XKH
JqzWJtV22lmwY2TVGNs7MtRQ4wIzQrrmTu2q5DhWdXWm8CnSVryqjvVt7M2pAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUmZNXJTwkEPA5xD3G9Pj4cvwGNXMwHwYDVR0j
BBgwFoAUgclL6ZjsvdLviXv+jo5RuHTAplIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZDIzNGQ1MC02N2UxLTQxOWMtODViYS02NGJhOGMxMTEyMjUvMC84MUM5NEJFOTk4
RUNCREQyRUY4OTdCRkU4RThFNTFCODc0QzBBNjUyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODFDOTRCRTk5OEVDQkREMkVGODk3QkZFOEU4RTUxQjg3NEMw
QTY1Mi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJkMjM0ZDUwLTY3ZTEtNDE5Yy04
NWJhLTY0YmE4YzExMTIyNS8wLzMxMzAzMzJlMzEzNjMzMmUzODMwMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDMxMzYzNzM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ6NQMA0GCSqG
SIb3DQEBCwUAA4IBAQAtR7/zyJ+omnRJUyiguGJ0NNcegy/9OjuPna5tD2mTs7r+
PMJ8gEaI0fQQjsPsvSbkNZBJitPKcSXUUXoaV2cN/V7XRtCaAiRwQN/Um6gdm1jv
RLMDx7RqUI2RGhRSpza4SdSCiEALl8f7A5c01brJr/BittuzZis4yjsmFC9a/o6+
fc4hpR/CP8GVu6SBQI3Sova/eCpEWXTfReKH6LsoYijIbakvZOETHdDMiPMLH/go
MPrdiEsjZ86G5bUQNnngyx7fNC9d2kFsCmAIZCZ1IXIlj9VF1wYD3+i9Jg5cE3pO
TKuKHd5L43dB9ARuQTFcM3lOYMEmlSms/D7MiQj4
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:17:33 2025 by rpki-client