Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/477bc3d2-4ab3-4cfb-9222-66c6ea9447e3/0/3130332e3130352e37362e302f32332d3234203d3e20313336383734.roa
File:                     3130332e3130352e37362e302f32332d3234203d3e20313336383734.roa (raw, json)
Hash identifier:          JCzAZhJKrjcnXPRUzXNAKrf8B2XJvFX+OCG60Nl0Dgk=
Subject key identifier:   31:BA:DF:0A:44:B6:D8:43:86:E9:11:BD:E7:66:31:B0:F5:27:BF:3A
Certificate issuer:       /CN=2993EFF92300988A33773DD8C4B502F74B907112
Certificate serial:       2248A97E9A6779F84C1EABDDF63B5C89BE3988A2
Authority key identifier: 29:93:EF:F9:23:00:98:8A:33:77:3D:D8:C4:B5:02:F7:4B:90:71:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2993EFF92300988A33773DD8C4B502F74B907112.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/477bc3d2-4ab3-4cfb-9222-66c6ea9447e3/0/3130332e3130352e37362e302f32332d3234203d3e20313336383734.roa
Signing time:             Tue 15 Jul 2025 15:00:00 +0000
ROA not before:           Tue 15 Jul 2025 14:55:00 +0000
ROA not after:            Tue 14 Jul 2026 15:00:00 +0000
asID:                     136874
IP address blocks:        103.105.76.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/477bc3d2-4ab3-4cfb-9222-66c6ea9447e3/0/2993EFF92300988A33773DD8C4B502F74B907112.crl
                          rsync://repo-rpki.idnic.net/repo/477bc3d2-4ab3-4cfb-9222-66c6ea9447e3/0/2993EFF92300988A33773DD8C4B502F74B907112.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2993EFF92300988A33773DD8C4B502F74B907112.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 17:33:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:48:a9:7e:9a:67:79:f8:4c:1e:ab:dd:f6:3b:5c:89:be:39:88:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2993EFF92300988A33773DD8C4B502F74B907112
        Validity
            Not Before: Jul 15 14:55:00 2025 GMT
            Not After : Jul 14 15:00:00 2026 GMT
        Subject: CN=31BADF0A44B6D84386E911BDE76631B0F527BF3A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:56:43:de:2d:28:80:9c:9e:24:75:0c:11:41:
                    91:79:e8:de:0a:a4:6a:c7:b6:d1:0b:ba:11:0d:2c:
                    0d:f3:db:8d:4b:cd:48:b9:de:0f:3e:b1:b2:bd:5b:
                    17:bb:81:e9:b2:06:84:67:bd:5c:2c:30:5e:bc:c4:
                    d9:fd:70:40:5a:72:3c:8a:60:c7:c9:bf:86:f9:e3:
                    d0:55:41:62:e8:b5:10:4e:be:08:af:4f:23:7b:98:
                    3a:b8:75:b3:64:65:fd:3a:b3:5e:9f:40:19:28:75:
                    2c:81:8e:bb:71:de:9b:b4:c1:e5:8b:ad:25:b8:77:
                    26:53:c0:82:28:4a:07:47:9c:93:44:70:39:e8:54:
                    b8:50:2d:87:b5:37:15:cd:42:59:75:85:7d:05:d9:
                    f0:5d:37:a3:d1:65:d2:d0:d9:fa:f5:5f:38:2a:30:
                    97:a3:b6:df:d2:cd:bc:85:f5:92:6b:08:04:86:d6:
                    63:21:bd:19:e4:93:83:d8:28:1d:bb:49:5a:39:84:
                    4b:db:d6:d2:ee:e1:cd:62:74:b4:4a:18:38:a1:c1:
                    9b:28:c1:3d:5d:20:11:4a:ab:d8:f0:d1:b2:d9:bb:
                    87:fc:37:a9:3e:0a:e1:46:a6:4a:e8:63:fb:d3:c3:
                    ef:2e:d1:df:d1:19:db:a1:59:e0:d9:a4:c3:81:3c:
                    79:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:BA:DF:0A:44:B6:D8:43:86:E9:11:BD:E7:66:31:B0:F5:27:BF:3A
            X509v3 Authority Key Identifier:
                keyid:29:93:EF:F9:23:00:98:8A:33:77:3D:D8:C4:B5:02:F7:4B:90:71:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/477bc3d2-4ab3-4cfb-9222-66c6ea9447e3/0/2993EFF92300988A33773DD8C4B502F74B907112.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2993EFF92300988A33773DD8C4B502F74B907112.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/477bc3d2-4ab3-4cfb-9222-66c6ea9447e3/0/3130332e3130352e37362e302f32332d3234203d3e20313336383734.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.105.76.0/23

    Signature Algorithm: sha256WithRSAEncryption
         25:81:8d:66:0c:f5:27:76:ed:86:a1:59:ae:e9:f4:9e:3a:c3:
         0a:d6:41:36:f8:2c:38:2b:c6:94:75:e1:60:04:d3:73:cc:1d:
         08:fa:4e:c9:62:51:ee:47:a3:44:e5:44:88:9e:26:4d:42:1e:
         96:7b:89:73:d2:d9:fd:96:1e:52:04:98:c7:94:93:81:65:b6:
         05:0c:18:91:3f:b3:be:8c:12:c6:26:a2:42:34:96:f6:fc:7a:
         96:d8:5a:4f:0b:56:ef:e8:8c:34:7a:5b:4f:b6:8e:70:04:df:
         8e:75:be:83:3a:17:f4:8f:03:85:96:7b:a7:d5:17:53:f3:d6:
         11:66:3a:95:21:98:47:3a:ab:b2:d5:59:8f:91:6b:50:de:e0:
         24:3c:f8:5a:fd:d4:e3:6b:44:1b:5c:c7:6e:f1:8f:61:e5:a2:
         8b:54:5f:16:74:30:32:de:f8:53:22:9e:bc:43:3d:8f:66:aa:
         de:00:20:62:a8:1c:12:ea:92:55:48:cb:7a:e0:f3:1b:92:82:
         14:b3:20:c9:08:45:76:f6:5a:fc:46:70:92:fe:56:9e:86:62:
         12:dc:bc:e8:4b:70:6a:e1:1b:bc:d8:5e:3d:0f:dd:75:68:3d:
         19:a4:43:7a:fd:11:5a:67:9e:c3:ba:08:97:9f:56:bd:4b:30:
         d5:29:9c:6c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUIkipfppnefhMHqvd9jtcib45iKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjk5M0VGRjkyMzAwOTg4QTMzNzczREQ4QzRCNTAyRjc0
QjkwNzExMjAeFw0yNTA3MTUxNDU1MDBaFw0yNjA3MTQxNTAwMDBaMDMxMTAvBgNV
BAMTKDMxQkFERjBBNDRCNkQ4NDM4NkU5MTFCREU3NjYzMUIwRjUyN0JGM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCVkPeLSiAnJ4kdQwRQZF56N4K
pGrHttELuhENLA3z241LzUi53g8+sbK9Wxe7gemyBoRnvVwsMF68xNn9cEBacjyK
YMfJv4b549BVQWLotRBOvgivTyN7mDq4dbNkZf06s16fQBkodSyBjrtx3pu0weWL
rSW4dyZTwIIoSgdHnJNEcDnoVLhQLYe1NxXNQll1hX0F2fBdN6PRZdLQ2fr1Xzgq
MJejtt/SzbyF9ZJrCASG1mMhvRnkk4PYKB27SVo5hEvb1tLu4c1idLRKGDihwZso
wT1dIBFKq9jw0bLZu4f8N6k+CuFGpkroY/vTw+8u0d/RGduhWeDZpMOBPHkxAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUMbrfCkS22EOG6RG952YxsPUnvzowHwYDVR0j
BBgwFoAUKZPv+SMAmIozdz3YxLUC90uQcRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
NzdiYzNkMi00YWIzLTRjZmItOTIyMi02NmM2ZWE5NDQ3ZTMvMC8yOTkzRUZGOTIz
MDA5ODhBMzM3NzNERDhDNEI1MDJGNzRCOTA3MTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjk5M0VGRjkyMzAwOTg4QTMzNzczREQ4QzRCNTAyRjc0Qjkw
NzExMi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ3N2JjM2QyLTRhYjMtNGNmYi05
MjIyLTY2YzZlYTk0NDdlMy8wLzMxMzAzMzJlMzEzMDM1MmUzNzM2MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzMzM2MzgzNzM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ2lMMA0GCSqG
SIb3DQEBCwUAA4IBAQAlgY1mDPUndu2GoVmu6fSeOsMK1kE2+Cw4K8aUdeFgBNNz
zB0I+k7JYlHuR6NE5USIniZNQh6We4lz0tn9lh5SBJjHlJOBZbYFDBiRP7O+jBLG
JqJCNJb2/HqW2FpPC1bv6Iw0eltPto5wBN+Odb6DOhf0jwOFlnun1RdT89YRZjqV
IZhHOquy1VmPkWtQ3uAkPPha/dTja0QbXMdu8Y9h5aKLVF8WdDAy3vhTIp68Qz2P
ZqreACBiqBwS6pJVSMt64PMbkoIUsyDJCEV29lr8RnCS/laehmIS3LzoS3Bq4Ru8
2F49D911aD0ZpEN6/RFaZ57DugiXn1a9SzDVKZxs
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:14:10 2025 by rpki-client