Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/323430343a666230303a3a2f33322d3332203d3e203538343734.roa
File:                     323430343a666230303a3a2f33322d3332203d3e203538343734.roa (raw, json)
Hash identifier:          T0GxcffUorQqKvKWvoQBmwT56g/pt1WC0GNCeIbnIXI=
Subject key identifier:   B5:89:FB:70:9D:25:85:60:CD:94:5A:0F:E2:84:CC:6E:08:3C:1E:6B
Certificate issuer:       /CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
Certificate serial:       1626EFCC2F7D221D4A37EC1581DA377FE4DBF111
Authority key identifier: 95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/323430343a666230303a3a2f33322d3332203d3e203538343734.roa
Signing time:             Sun 27 Jul 2025 05:00:03 +0000
ROA not before:           Sun 27 Jul 2025 04:55:03 +0000
ROA not after:            Sun 26 Jul 2026 05:00:03 +0000
asID:                     58474
IP address blocks:        2404:fb00::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl
                          rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 13 Aug 2025 06:25:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:26:ef:cc:2f:7d:22:1d:4a:37:ec:15:81:da:37:7f:e4:db:f1:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
        Validity
            Not Before: Jul 27 04:55:03 2025 GMT
            Not After : Jul 26 05:00:03 2026 GMT
        Subject: CN=B589FB709D258560CD945A0FE284CC6E083C1E6B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:54:c8:47:94:21:6b:05:b1:48:22:24:26:fa:
                    2f:32:30:3f:24:9a:1c:39:1c:f3:93:65:a2:63:3b:
                    25:76:7f:06:b7:cb:0f:05:f9:69:e4:15:0d:7b:b7:
                    1c:9c:56:2e:8b:d7:c3:91:5d:14:68:d9:4d:d8:39:
                    83:00:2c:79:e6:3a:f4:ec:ba:c0:8d:45:e9:f3:66:
                    20:28:fb:b7:94:8e:c6:13:c5:99:f5:a7:d0:60:76:
                    e7:dd:94:7d:8e:ea:2f:13:30:e9:a2:18:a5:fd:99:
                    15:f6:2b:dc:ce:85:ae:e8:3f:cd:93:3b:90:8a:83:
                    bf:2d:2b:42:92:c7:fe:b6:1a:57:7e:83:9c:94:c9:
                    3c:cf:f6:5b:ee:10:a6:89:9e:ba:7d:cc:4a:56:d9:
                    39:df:49:c0:a5:b2:65:7f:ff:a0:c1:f8:df:0b:29:
                    41:d8:f9:5e:17:65:48:74:44:a3:d7:93:73:82:0b:
                    97:64:e9:72:8f:ac:83:03:dd:90:02:c2:20:78:9f:
                    4f:19:70:ff:48:b6:3a:40:a3:36:f0:84:7f:d5:5f:
                    6e:86:cd:a6:12:fb:e2:aa:91:be:52:3b:18:9a:86:
                    33:e2:0a:bd:a3:78:36:c9:c6:bc:7a:62:37:b2:06:
                    88:f0:5e:95:33:fb:fb:8d:d9:14:79:c8:5e:6a:cf:
                    03:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:89:FB:70:9D:25:85:60:CD:94:5A:0F:E2:84:CC:6E:08:3C:1E:6B
            X509v3 Authority Key Identifier:
                keyid:95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/323430343a666230303a3a2f33322d3332203d3e203538343734.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:fb00::/32

    Signature Algorithm: sha256WithRSAEncryption
         2e:a0:02:c1:af:67:b3:a8:d0:29:88:3c:2d:a2:38:7c:4d:ab:
         81:07:06:9f:3f:ca:da:c3:e0:aa:04:d9:1f:26:fb:1b:3c:91:
         92:10:6c:ad:90:7b:38:c3:d0:80:f6:23:9d:97:24:71:e7:81:
         b4:92:95:a8:3c:7a:c7:25:ca:dc:b2:4d:3a:1a:a3:80:96:27:
         db:8e:9f:c3:09:8d:55:e7:55:6d:a2:e2:db:e6:74:62:c2:ee:
         48:b9:11:03:bb:36:bd:dc:f6:47:d0:95:57:de:4c:ef:41:28:
         11:d5:73:56:5e:59:72:71:f5:f2:44:46:99:c1:95:65:2c:b2:
         b0:8f:cc:5f:03:ae:a4:ee:d3:b7:ba:82:72:9a:d4:38:38:42:
         6e:33:b1:57:ff:8b:7c:9f:37:86:c0:dc:4a:de:cb:11:e9:3f:
         f0:bb:53:3d:c4:ad:5d:24:56:10:38:29:2d:2b:56:b7:57:bf:
         df:52:59:66:8c:bc:5c:07:32:e1:05:e1:85:03:ac:e0:08:26:
         4e:e0:62:17:09:0e:4c:38:5e:a7:33:d5:1b:c9:28:7b:f1:e5:
         13:83:a4:ef:8a:c0:c3:34:b9:76:22:81:74:4a:8a:86:8d:2c:
         ca:3b:97:a1:cc:ae:f3:59:22:f6:13:8c:c3:10:5e:54:20:98:
         c5:32:30:05
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIUFibvzC99Ih1KN+wVgdo3f+Tb8REwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQz
REEyRjA5ODAeFw0yNTA3MjcwNDU1MDNaFw0yNjA3MjYwNTAwMDNaMDMxMTAvBgNV
BAMTKEI1ODlGQjcwOUQyNTg1NjBDRDk0NUEwRkUyODRDQzZFMDgzQzFFNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfVMhHlCFrBbFIIiQm+i8yMD8k
mhw5HPOTZaJjOyV2fwa3yw8F+WnkFQ17txycVi6L18ORXRRo2U3YOYMALHnmOvTs
usCNRenzZiAo+7eUjsYTxZn1p9BgdufdlH2O6i8TMOmiGKX9mRX2K9zOha7oP82T
O5CKg78tK0KSx/62Gld+g5yUyTzP9lvuEKaJnrp9zEpW2TnfScClsmV//6DB+N8L
KUHY+V4XZUh0RKPXk3OCC5dk6XKPrIMD3ZACwiB4n08ZcP9ItjpAozbwhH/VX26G
zaYS++Kqkb5SOxiahjPiCr2jeDbJxrx6YjeyBojwXpUz+/uN2RR5yF5qzwNNAgMB
AAGjggIxMIICLTAdBgNVHQ4EFgQUtYn7cJ0lhWDNlFoP4oTMbgg8HmswHwYDVR0j
BBgwFoAUlfxgcqSmkKYaC18Us2iCtD2i8JgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzA1MTc3YS1hNTAwLTQ5OTYtYjNmZi03MGMxNDRlZGZlY2UvMC85NUZDNjA3MkE0
QTY5MEE2MUEwQjVGMTRCMzY4ODJCNDNEQTJGMDk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQzREEy
RjA5OC5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMzMDUxNzdhLWE1MDAtNDk5Ni1i
M2ZmLTcwYzE0NGVkZmVjZS8wLzMyMzQzMDM0M2E2NjYyMzAzMDNhM2EyZjMzMzIy
ZDMzMzIyMDNkM2UyMDM1MzgzNDM3MzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBPsAMA0GCSqGSIb3
DQEBCwUAA4IBAQAuoALBr2ezqNApiDwtojh8TauBBwafP8raw+CqBNkfJvsbPJGS
EGytkHs4w9CA9iOdlyRx54G0kpWoPHrHJcrcsk06GqOAlifbjp/DCY1V51VtouLb
5nRiwu5IuREDuza93PZH0JVX3kzvQSgR1XNWXllycfXyREaZwZVlLLKwj8xfA66k
7tO3uoJymtQ4OEJuM7FX/4t8nzeGwNxK3ssR6T/wu1M9xK1dJFYQOCktK1a3V7/f
UllmjLxcBzLhBeGFA6zgCCZO4GIXCQ5MOF6nM9UbySh78eUTg6TvisDDNLl2IoF0
SoqGjSzKO5ehzK7zWSL2E4zDEF5UIJjFMjAF
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:06:22 2025 by rpki-client