Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/44791b1f-6da9-400d-8b14-992aae63746c/0/3130332e35342e39322e302f32342d3234203d3e203338353136.roa
File:                     3130332e35342e39322e302f32342d3234203d3e203338353136.roa (raw, json)
Hash identifier:          OmHs2Hv0f8cTnPoIf5TvFj4+r1fzYXa48KbgCWe5XYI=
Subject key identifier:   35:5C:31:71:7B:6E:24:34:4E:91:62:85:B2:63:39:05:23:03:C4:BE
Certificate issuer:       /CN=229F9618AE3F0667EC17C977F266B2BE74C81AB7
Certificate serial:       6490449F075FCC1BC58F721038D0ACBBE035E5E7
Authority key identifier: 22:9F:96:18:AE:3F:06:67:EC:17:C9:77:F2:66:B2:BE:74:C8:1A:B7
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229F9618AE3F0667EC17C977F266B2BE74C81AB7.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/44791b1f-6da9-400d-8b14-992aae63746c/0/3130332e35342e39322e302f32342d3234203d3e203338353136.roa
Signing time:             Fri 11 Jul 2025 07:02:23 +0000
ROA not before:           Fri 11 Jul 2025 06:57:23 +0000
ROA not after:            Fri 10 Jul 2026 07:02:23 +0000
asID:                     38516
IP address blocks:        103.54.92.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/44791b1f-6da9-400d-8b14-992aae63746c/0/229F9618AE3F0667EC17C977F266B2BE74C81AB7.crl
                          rsync://repo-rpki.idnic.net/repo/44791b1f-6da9-400d-8b14-992aae63746c/0/229F9618AE3F0667EC17C977F266B2BE74C81AB7.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229F9618AE3F0667EC17C977F266B2BE74C81AB7.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 20:43:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:90:44:9f:07:5f:cc:1b:c5:8f:72:10:38:d0:ac:bb:e0:35:e5:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229F9618AE3F0667EC17C977F266B2BE74C81AB7
        Validity
            Not Before: Jul 11 06:57:23 2025 GMT
            Not After : Jul 10 07:02:23 2026 GMT
        Subject: CN=355C31717B6E24344E916285B26339052303C4BE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:7d:63:9d:97:6a:11:4c:21:f7:4d:40:79:25:
                    13:2b:93:09:62:bf:78:97:81:dd:4a:38:26:04:1f:
                    22:9c:6d:17:0b:4d:55:79:5d:d0:bd:55:b8:e6:5a:
                    de:20:72:88:80:e5:57:1b:d4:18:0d:52:6c:c9:3a:
                    68:e2:a8:26:bf:91:f3:f4:0f:0b:38:9d:10:0c:e1:
                    f7:d6:ff:67:b6:80:61:b8:bd:a4:4e:6e:b9:b5:0e:
                    3a:dd:72:45:46:a2:d9:3b:bb:f4:61:7f:61:70:a7:
                    20:37:81:88:20:43:3a:b5:db:8e:03:0e:b7:28:91:
                    23:ab:ee:fe:1e:a8:fb:65:11:c6:e4:5e:b4:97:d2:
                    bc:b1:4d:17:1d:f9:93:6d:99:65:7d:d1:ae:ae:29:
                    40:bb:52:e1:de:64:3e:31:d8:01:ce:fc:74:03:48:
                    be:cb:27:00:87:cf:f4:69:80:e9:15:a4:e6:75:6c:
                    21:e8:46:1e:39:4c:6f:89:0d:bd:88:15:69:20:3d:
                    6f:f5:c6:64:e1:de:23:03:16:12:8b:70:fd:b0:a6:
                    72:b5:b8:d6:2a:0a:83:ec:a6:d4:9b:2c:99:08:b0:
                    4b:8b:7c:dc:75:7c:15:03:6b:7d:fb:06:ba:7c:1c:
                    4e:1c:25:6a:02:45:64:f8:d5:cb:17:2b:a1:aa:22:
                    2e:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:5C:31:71:7B:6E:24:34:4E:91:62:85:B2:63:39:05:23:03:C4:BE
            X509v3 Authority Key Identifier:
                keyid:22:9F:96:18:AE:3F:06:67:EC:17:C9:77:F2:66:B2:BE:74:C8:1A:B7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/44791b1f-6da9-400d-8b14-992aae63746c/0/229F9618AE3F0667EC17C977F266B2BE74C81AB7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229F9618AE3F0667EC17C977F266B2BE74C81AB7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/44791b1f-6da9-400d-8b14-992aae63746c/0/3130332e35342e39322e302f32342d3234203d3e203338353136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.54.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:ff:8c:0e:fb:2a:e7:be:a0:ec:af:f2:e7:d0:05:ac:64:3f:
         25:fd:4e:41:83:26:7e:bb:04:3d:e6:dd:d0:8d:63:3d:1a:cc:
         16:da:9e:2b:24:2c:75:28:23:3f:52:cd:13:f9:56:22:90:39:
         4f:17:0d:97:60:d7:98:94:ed:4a:5f:37:90:80:45:ff:5e:fb:
         2d:1f:f3:12:ea:b8:52:f4:a1:8c:73:90:42:6d:f1:9e:de:6b:
         af:47:b6:0b:fd:cb:67:24:b3:48:34:3a:a7:8f:3d:8c:fe:78:
         35:62:38:7b:d6:a8:83:12:11:76:04:4d:3c:08:64:05:95:d2:
         ef:e0:7f:67:ee:10:90:7f:01:4a:8e:b7:c3:5e:3c:bc:bb:69:
         9a:97:a8:bd:3b:19:78:d7:99:ac:70:4e:9e:12:dd:7e:0b:ac:
         d1:43:17:c4:38:50:ea:ee:2e:71:c0:03:bb:57:5d:cd:a0:50:
         a6:92:8a:c9:a4:c8:a3:e2:c7:04:0d:41:bd:94:1c:78:f5:74:
         8e:48:80:34:86:15:89:5a:7c:f2:a1:ec:84:22:b8:94:f3:ac:
         9e:32:58:20:ac:bb:76:20:48:56:ed:18:b8:e1:0d:66:30:35:
         e1:47:27:24:03:c0:55:42:62:a1:29:42:e4:97:68:8e:5a:8f:
         4e:96:1d:c9
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUZJBEnwdfzBvFj3IQONCsu+A15ecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5Rjk2MThBRTNGMDY2N0VDMTdDOTc3RjI2NkIyQkU3
NEM4MUFCNzAeFw0yNTA3MTEwNjU3MjNaFw0yNjA3MTAwNzAyMjNaMDMxMTAvBgNV
BAMTKDM1NUMzMTcxN0I2RTI0MzQ0RTkxNjI4NUIyNjMzOTA1MjMwM0M0QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9fWOdl2oRTCH3TUB5JRMrkwli
v3iXgd1KOCYEHyKcbRcLTVV5XdC9VbjmWt4gcoiA5Vcb1BgNUmzJOmjiqCa/kfP0
Dws4nRAM4ffW/2e2gGG4vaRObrm1DjrdckVGotk7u/Rhf2FwpyA3gYggQzq1244D
DrcokSOr7v4eqPtlEcbkXrSX0ryxTRcd+ZNtmWV90a6uKUC7UuHeZD4x2AHO/HQD
SL7LJwCHz/RpgOkVpOZ1bCHoRh45TG+JDb2IFWkgPW/1xmTh3iMDFhKLcP2wpnK1
uNYqCoPsptSbLJkIsEuLfNx1fBUDa337Brp8HE4cJWoCRWT41csXK6GqIi77AgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUNVwxcXtuJDROkWKFsmM5BSMDxL4wHwYDVR0j
BBgwFoAUIp+WGK4/BmfsF8l38mayvnTIGrcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
NDc5MWIxZi02ZGE5LTQwMGQtOGIxNC05OTJhYWU2Mzc0NmMvMC8yMjlGOTYxOEFF
M0YwNjY3RUMxN0M5NzdGMjY2QjJCRTc0QzgxQUI3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5Rjk2MThBRTNGMDY2N0VDMTdDOTc3RjI2NkIyQkU3NEM4
MUFCNy5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ0NzkxYjFmLTZkYTktNDAwZC04
YjE0LTk5MmFhZTYzNzQ2Yy8wLzMxMzAzMzJlMzUzNDJlMzkzMjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMzMzgzNTMxMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnNlwwDQYJKoZIhvcN
AQELBQADggEBAHT/jA77Kue+oOyv8ufQBaxkPyX9TkGDJn67BD3m3dCNYz0azBba
niskLHUoIz9SzRP5ViKQOU8XDZdg15iU7UpfN5CARf9e+y0f8xLquFL0oYxzkEJt
8Z7ea69Htgv9y2cks0g0OqePPYz+eDViOHvWqIMSEXYETTwIZAWV0u/gf2fuEJB/
AUqOt8NePLy7aZqXqL07GXjXmaxwTp4S3X4LrNFDF8Q4UOruLnHAA7tXXc2gUKaS
ismkyKPixwQNQb2UHHj1dI5IgDSGFYlafPKh7IQiuJTzrJ4yWCCsu3YgSFbtGLjh
DWYwNeFHJyQDwFVCYqEpQuSXaI5aj06WHck=
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:11:08 2025 by rpki-client