Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/40d34e77-6cf6-4187-9083-1c7a8819e965/0/3130332e3134392e3233382e302f32332d3233203d3e20313430333834.roa
File:                     3130332e3134392e3233382e302f32332d3233203d3e20313430333834.roa (raw, json)
Hash identifier:          n/ZxzBzZ2gRpYTiml4oQKNkriGvajLH2YwRAWcXMQ3M=
Subject key identifier:   E0:91:FE:C4:2D:3A:6E:97:9B:5F:AA:69:FD:1E:88:4B:FC:AF:C1:9A
Certificate issuer:       /CN=B62E442C8D2C70D0F5AB5E2A3A1F11B2D0B4D8BD
Certificate serial:       55A82E75EDB6BA55384B65DFDEFF0D64314216A2
Authority key identifier: B6:2E:44:2C:8D:2C:70:D0:F5:AB:5E:2A:3A:1F:11:B2:D0:B4:D8:BD
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B62E442C8D2C70D0F5AB5E2A3A1F11B2D0B4D8BD.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/40d34e77-6cf6-4187-9083-1c7a8819e965/0/3130332e3134392e3233382e302f32332d3233203d3e20313430333834.roa
Signing time:             Fri 25 Jul 2025 14:26:18 +0000
ROA not before:           Fri 25 Jul 2025 14:21:18 +0000
ROA not after:            Fri 24 Jul 2026 14:26:18 +0000
asID:                     140384
IP address blocks:        103.149.238.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/40d34e77-6cf6-4187-9083-1c7a8819e965/0/B62E442C8D2C70D0F5AB5E2A3A1F11B2D0B4D8BD.crl
                          rsync://repo-rpki.idnic.net/repo/40d34e77-6cf6-4187-9083-1c7a8819e965/0/B62E442C8D2C70D0F5AB5E2A3A1F11B2D0B4D8BD.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B62E442C8D2C70D0F5AB5E2A3A1F11B2D0B4D8BD.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 23:57:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:a8:2e:75:ed:b6:ba:55:38:4b:65:df:de:ff:0d:64:31:42:16:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B62E442C8D2C70D0F5AB5E2A3A1F11B2D0B4D8BD
        Validity
            Not Before: Jul 25 14:21:18 2025 GMT
            Not After : Jul 24 14:26:18 2026 GMT
        Subject: CN=E091FEC42D3A6E979B5FAA69FD1E884BFCAFC19A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d4:e1:fd:69:c2:91:37:e7:3f:eb:85:dc:51:
                    9b:50:99:a4:89:79:8c:16:fa:e4:cc:cc:4f:c4:ba:
                    4a:a2:4b:33:25:1d:2d:cb:71:af:09:a7:77:b6:a9:
                    8f:6e:f9:32:78:d9:60:64:14:20:a5:8c:f3:0b:9c:
                    64:e2:0e:7d:35:61:9c:28:c7:a8:df:ad:ad:cb:8f:
                    88:90:d2:fc:5f:e9:ba:2d:bf:23:5f:aa:1c:c5:ec:
                    b6:5e:c2:cc:b0:21:6d:29:18:0d:ce:9f:77:68:24:
                    82:c2:63:22:b4:67:14:53:a7:38:25:77:57:a4:80:
                    64:6d:7c:d5:72:0e:08:b5:ec:a1:25:30:04:9d:62:
                    2c:b6:b0:8c:50:38:ff:7f:64:4b:17:71:95:4b:0d:
                    0b:46:d2:61:6a:33:71:2e:9e:e1:02:f5:5a:39:f9:
                    4d:a6:49:a8:5d:01:c7:a8:a8:09:a5:31:bb:89:7e:
                    25:ee:75:7d:12:59:30:85:2e:2d:38:e6:64:84:7f:
                    3f:dc:3c:54:2b:f4:e8:e5:4c:e6:c8:c5:a6:14:16:
                    46:e0:53:99:85:f1:f3:0b:b9:88:a8:f8:3c:60:0d:
                    7d:c3:ee:0e:0a:18:86:33:c1:4a:8e:22:fd:46:bd:
                    8d:c8:06:b9:3d:c1:b1:8b:92:7e:bb:69:c8:8d:f9:
                    48:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:91:FE:C4:2D:3A:6E:97:9B:5F:AA:69:FD:1E:88:4B:FC:AF:C1:9A
            X509v3 Authority Key Identifier:
                keyid:B6:2E:44:2C:8D:2C:70:D0:F5:AB:5E:2A:3A:1F:11:B2:D0:B4:D8:BD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/40d34e77-6cf6-4187-9083-1c7a8819e965/0/B62E442C8D2C70D0F5AB5E2A3A1F11B2D0B4D8BD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B62E442C8D2C70D0F5AB5E2A3A1F11B2D0B4D8BD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/40d34e77-6cf6-4187-9083-1c7a8819e965/0/3130332e3134392e3233382e302f32332d3233203d3e20313430333834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.149.238.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5e:97:8d:de:12:9f:3a:cf:bd:b3:fe:65:6f:68:07:b7:f4:ac:
         ad:5c:ca:3e:c3:88:db:95:35:10:fc:1a:c4:54:c4:13:61:41:
         c6:6a:b8:ea:8a:12:9f:40:a3:bb:30:c5:28:85:69:fb:f6:97:
         ea:f1:f1:20:6d:7a:c8:c3:61:12:00:c5:1d:c6:e6:ba:de:f4:
         14:a1:22:e9:01:49:e7:83:2a:18:3a:cf:92:ba:33:5b:44:58:
         b3:f5:83:77:f5:4c:af:56:93:ef:de:fe:34:42:0b:00:2e:d5:
         f4:ef:a9:a1:82:ae:5c:65:98:37:8a:69:4c:c0:e0:6d:32:e9:
         ae:f8:cd:d1:87:86:42:ef:34:3d:bb:8e:fe:84:1a:d7:83:34:
         ec:50:c2:96:7b:16:11:e5:c1:ee:ea:d7:04:2d:7b:62:c8:18:
         21:28:8f:7a:45:30:a5:f7:87:84:66:c2:25:c9:e2:11:64:16:
         00:c0:5b:6a:81:43:db:0c:e1:e5:3c:8e:d9:db:48:04:3d:47:
         b1:6f:ff:07:7b:85:4e:18:bd:c0:a9:18:91:e0:1c:13:ab:91:
         e9:13:b0:6a:e0:45:a2:1b:a6:cf:19:42:26:29:41:d4:d3:5a:
         fb:7c:44:60:d4:53:45:93:62:d7:08:08:c3:6e:09:46:44:26:
         47:dc:d0:03
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUVagude22ulU4S2Xf3v8NZDFCFqIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjYyRTQ0MkM4RDJDNzBEMEY1QUI1RTJBM0ExRjExQjJE
MEI0RDhCRDAeFw0yNTA3MjUxNDIxMThaFw0yNjA3MjQxNDI2MThaMDMxMTAvBgNV
BAMTKEUwOTFGRUM0MkQzQTZFOTc5QjVGQUE2OUZEMUU4ODRCRkNBRkMxOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC31OH9acKRN+c/64XcUZtQmaSJ
eYwW+uTMzE/EukqiSzMlHS3Lca8Jp3e2qY9u+TJ42WBkFCCljPMLnGTiDn01YZwo
x6jfra3Lj4iQ0vxf6botvyNfqhzF7LZewsywIW0pGA3On3doJILCYyK0ZxRTpzgl
d1ekgGRtfNVyDgi17KElMASdYiy2sIxQOP9/ZEsXcZVLDQtG0mFqM3EunuEC9Vo5
+U2mSahdAceoqAmlMbuJfiXudX0SWTCFLi045mSEfz/cPFQr9OjlTObIxaYUFkbg
U5mF8fMLuYio+DxgDX3D7g4KGIYzwUqOIv1GvY3IBrk9wbGLkn67aciN+UiLAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQU4JH+xC06bpebX6pp/R6IS/yvwZowHwYDVR0j
BBgwFoAUti5ELI0scND1q14qOh8RstC02L0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
MGQzNGU3Ny02Y2Y2LTQxODctOTA4My0xYzdhODgxOWU5NjUvMC9CNjJFNDQyQzhE
MkM3MEQwRjVBQjVFMkEzQTFGMTFCMkQwQjREOEJELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjYyRTQ0MkM4RDJDNzBEMEY1QUI1RTJBM0ExRjExQjJEMEI0
RDhCRC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQwZDM0ZTc3LTZjZjYtNDE4Ny05
MDgzLTFjN2E4ODE5ZTk2NS8wLzMxMzAzMzJlMzEzNDM5MmUzMjMzMzgyZTMwMmYz
MjMzMmQzMjMzMjAzZDNlMjAzMTM0MzAzMzM4MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnle4wDQYJ
KoZIhvcNAQELBQADggEBAF6Xjd4SnzrPvbP+ZW9oB7f0rK1cyj7DiNuVNRD8GsRU
xBNhQcZquOqKEp9Ao7swxSiFafv2l+rx8SBtesjDYRIAxR3G5rre9BShIukBSeeD
Khg6z5K6M1tEWLP1g3f1TK9Wk+/e/jRCCwAu1fTvqaGCrlxlmDeKaUzA4G0y6a74
zdGHhkLvND27jv6EGteDNOxQwpZ7FhHlwe7q1wQte2LIGCEoj3pFMKX3h4RmwiXJ
4hFkFgDAW2qBQ9sM4eU8jtnbSAQ9R7Fv/wd7hU4YvcCpGJHgHBOrkekTsGrgRaIb
ps8ZQiYpQdTTWvt8RGDUU0WTYtcICMNuCUZEJkfc0AM=
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:16:26 2025 by rpki-client