Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/43e4177d-8093-447c-87b5-c79c8cb4c733/0/3130332e35382e3131312e302f32342d3234203d3e20313333383332.roa
File:                     3130332e35382e3131312e302f32342d3234203d3e20313333383332.roa (raw, json)
Hash identifier:          KQUN/mjgI9NAwHO1H2+jS+2KNmkSKgxnmq0NRk0bNGg=
Subject key identifier:   12:99:12:90:66:06:D2:63:14:3F:EA:B4:BD:A2:0C:B2:B7:11:A0:91
Certificate issuer:       /CN=C710954C7B301C60B82BA6372CACEB81DA08F190
Certificate serial:       7FDBED97E209D909FE98B8DEC16CAC23E4B52444
Authority key identifier: C7:10:95:4C:7B:30:1C:60:B8:2B:A6:37:2C:AC:EB:81:DA:08:F1:90
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C710954C7B301C60B82BA6372CACEB81DA08F190.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/43e4177d-8093-447c-87b5-c79c8cb4c733/0/3130332e35382e3131312e302f32342d3234203d3e20313333383332.roa
Signing time:             Sat 12 Jul 2025 09:02:21 +0000
ROA not before:           Sat 12 Jul 2025 08:57:21 +0000
ROA not after:            Sat 11 Jul 2026 09:02:21 +0000
asID:                     133832
IP address blocks:        103.58.111.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/43e4177d-8093-447c-87b5-c79c8cb4c733/0/C710954C7B301C60B82BA6372CACEB81DA08F190.crl
                          rsync://repo-rpki.idnic.net/repo/43e4177d-8093-447c-87b5-c79c8cb4c733/0/C710954C7B301C60B82BA6372CACEB81DA08F190.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C710954C7B301C60B82BA6372CACEB81DA08F190.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 02:29:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:db:ed:97:e2:09:d9:09:fe:98:b8:de:c1:6c:ac:23:e4:b5:24:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C710954C7B301C60B82BA6372CACEB81DA08F190
        Validity
            Not Before: Jul 12 08:57:21 2025 GMT
            Not After : Jul 11 09:02:21 2026 GMT
        Subject: CN=129912906606D263143FEAB4BDA20CB2B711A091
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:c9:13:4f:2b:5f:13:21:c1:97:8c:f0:36:1e:
                    39:2a:89:7c:bc:e3:c1:2e:37:98:7b:7e:ec:a4:c9:
                    72:99:69:33:8e:e5:76:6d:3a:7d:44:23:37:68:e9:
                    ab:35:4a:e1:6d:cf:9a:4b:19:ea:8f:31:a0:ba:2d:
                    02:1a:99:61:d2:0d:1c:96:28:53:ab:6b:80:38:60:
                    6e:ca:14:3a:6d:f6:bf:26:df:4c:a1:fe:a5:5e:71:
                    f8:da:9d:20:9f:08:23:cf:8c:41:8c:74:ac:28:bb:
                    22:6c:b3:cd:ff:60:d0:06:33:02:da:5d:c2:85:cc:
                    07:de:35:ef:e5:9e:6b:4e:a4:62:f8:dd:81:1a:ce:
                    8f:66:8b:4d:61:09:30:24:07:d9:e4:9f:dd:24:1b:
                    41:11:4d:10:c8:d9:78:b1:61:42:64:1f:6b:de:64:
                    56:76:89:a8:07:64:05:78:84:7d:ba:f6:3d:1b:63:
                    2b:04:5c:26:e7:1a:49:95:35:08:4d:d9:66:60:05:
                    98:cb:f7:b0:5d:36:74:3b:db:e2:f6:31:e8:7b:18:
                    8c:81:55:65:f3:29:6c:14:01:e8:2d:98:bc:c7:a7:
                    60:2b:9a:68:1d:1c:7c:67:d5:ff:ad:0d:72:09:b4:
                    9a:85:96:b7:ee:2b:9c:33:5f:71:f4:61:f6:cb:87:
                    98:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:99:12:90:66:06:D2:63:14:3F:EA:B4:BD:A2:0C:B2:B7:11:A0:91
            X509v3 Authority Key Identifier:
                keyid:C7:10:95:4C:7B:30:1C:60:B8:2B:A6:37:2C:AC:EB:81:DA:08:F1:90

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/43e4177d-8093-447c-87b5-c79c8cb4c733/0/C710954C7B301C60B82BA6372CACEB81DA08F190.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C710954C7B301C60B82BA6372CACEB81DA08F190.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/43e4177d-8093-447c-87b5-c79c8cb4c733/0/3130332e35382e3131312e302f32342d3234203d3e20313333383332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.58.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:35:8d:33:42:d4:fa:1e:2f:0f:49:df:51:3b:84:f1:55:02:
         82:33:56:d6:8b:cc:2e:d5:9e:9d:26:2d:5c:5e:3c:d7:7d:47:
         7f:b6:e5:ac:14:5e:2a:33:47:47:82:be:d1:61:10:3b:6b:23:
         b6:63:f8:c5:7b:ab:86:95:57:15:0e:eb:00:87:fd:d4:35:8c:
         ae:05:4e:18:1f:7a:f1:d7:c3:a9:e0:93:49:16:08:90:b4:76:
         c0:6b:3e:11:39:87:f8:9b:f1:c1:a8:8e:25:d4:58:84:64:8d:
         2b:52:11:8b:dd:61:1f:80:9d:07:09:c2:06:81:2f:c1:f4:98:
         03:69:67:5b:e2:d7:ec:e9:61:9b:1c:4a:47:a9:ea:c7:fe:be:
         5f:f9:02:16:1c:b7:2e:36:bd:2b:47:5a:bd:e4:72:bd:52:a2:
         11:97:a3:fa:61:b8:d4:1f:06:04:7a:42:52:cf:1a:1f:03:27:
         ad:51:1e:1e:0e:db:41:a5:94:84:bd:06:22:00:77:83:97:ef:
         5b:74:99:8d:4a:94:d2:a6:66:4e:18:fa:cb:39:f8:09:43:fc:
         2a:d3:30:66:8f:eb:af:8f:f5:26:bb:9a:2e:91:33:8d:db:31:
         f2:f7:9d:9a:3b:a9:ce:e9:33:a2:df:19:ef:7d:77:ae:d9:bd:
         4f:88:44:f1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUf9vtl+IJ2Qn+mLjewWysI+S1JEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzcxMDk1NEM3QjMwMUM2MEI4MkJBNjM3MkNBQ0VCODFE
QTA4RjE5MDAeFw0yNTA3MTIwODU3MjFaFw0yNjA3MTEwOTAyMjFaMDMxMTAvBgNV
BAMTKDEyOTkxMjkwNjYwNkQyNjMxNDNGRUFCNEJEQTIwQ0IyQjcxMUEwOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiyRNPK18TIcGXjPA2HjkqiXy8
48EuN5h7fuykyXKZaTOO5XZtOn1EIzdo6as1SuFtz5pLGeqPMaC6LQIamWHSDRyW
KFOra4A4YG7KFDpt9r8m30yh/qVecfjanSCfCCPPjEGMdKwouyJss83/YNAGMwLa
XcKFzAfeNe/lnmtOpGL43YEazo9mi01hCTAkB9nkn90kG0ERTRDI2XixYUJkH2ve
ZFZ2iagHZAV4hH269j0bYysEXCbnGkmVNQhN2WZgBZjL97BdNnQ72+L2Meh7GIyB
VWXzKWwUAegtmLzHp2ArmmgdHHxn1f+tDXIJtJqFlrfuK5wzX3H0YfbLh5ilAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUEpkSkGYG0mMUP+q0vaIMsrcRoJEwHwYDVR0j
BBgwFoAUxxCVTHswHGC4K6Y3LKzrgdoI8ZAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
M2U0MTc3ZC04MDkzLTQ0N2MtODdiNS1jNzljOGNiNGM3MzMvMC9DNzEwOTU0QzdC
MzAxQzYwQjgyQkE2MzcyQ0FDRUI4MURBMDhGMTkwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzcxMDk1NEM3QjMwMUM2MEI4MkJBNjM3MkNBQ0VCODFEQTA4
RjE5MC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQzZTQxNzdkLTgwOTMtNDQ3Yy04
N2I1LWM3OWM4Y2I0YzczMy8wLzMxMzAzMzJlMzUzODJlMzEzMTMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzMzMzgzMzMyLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZzpvMA0GCSqG
SIb3DQEBCwUAA4IBAQALNY0zQtT6Hi8PSd9RO4TxVQKCM1bWi8wu1Z6dJi1cXjzX
fUd/tuWsFF4qM0dHgr7RYRA7ayO2Y/jFe6uGlVcVDusAh/3UNYyuBU4YH3rx18Op
4JNJFgiQtHbAaz4ROYf4m/HBqI4l1FiEZI0rUhGL3WEfgJ0HCcIGgS/B9JgDaWdb
4tfs6WGbHEpHqerH/r5f+QIWHLcuNr0rR1q95HK9UqIRl6P6YbjUHwYEekJSzxof
AyetUR4eDttBpZSEvQYiAHeDl+9bdJmNSpTSpmZOGPrLOfgJQ/wq0zBmj+uvj/Um
u5oukTON2zHy952aO6nO6TOi3xnvfXeu2b1PiETx
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:13:56 2025 by rpki-client