Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5711aa46-f28e-4c55-b9ba-7d5bdc95b4f6/0/3130332e36302e38382e302f32332d3233203d3e20313531353732.roa
File:                     3130332e36302e38382e302f32332d3233203d3e20313531353732.roa (raw, json)
Hash identifier:          ZC6TgLNk0lzol6BMmLGccC1JZhUEJfXYzEcHnys8G1o=
Subject key identifier:   F8:C9:6C:DA:6C:98:9E:FD:81:49:CB:59:3A:40:42:B2:63:0F:3B:F4
Certificate issuer:       /CN=E7C9E4E5C8EA989F0FF7D6FE6DBD6A4FE8212DDE
Certificate serial:       59427C14CC9D22A701E0309ED01A0F0393197925
Authority key identifier: E7:C9:E4:E5:C8:EA:98:9F:0F:F7:D6:FE:6D:BD:6A:4F:E8:21:2D:DE
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E7C9E4E5C8EA989F0FF7D6FE6DBD6A4FE8212DDE.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5711aa46-f28e-4c55-b9ba-7d5bdc95b4f6/0/3130332e36302e38382e302f32332d3233203d3e20313531353732.roa
Signing time:             Sat 02 Aug 2025 01:00:01 +0000
ROA not before:           Sat 02 Aug 2025 00:55:01 +0000
ROA not after:            Sat 01 Aug 2026 01:00:01 +0000
asID:                     151572
IP address blocks:        103.60.88.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/5711aa46-f28e-4c55-b9ba-7d5bdc95b4f6/0/E7C9E4E5C8EA989F0FF7D6FE6DBD6A4FE8212DDE.crl
                          rsync://repo-rpki.idnic.net/repo/5711aa46-f28e-4c55-b9ba-7d5bdc95b4f6/0/E7C9E4E5C8EA989F0FF7D6FE6DBD6A4FE8212DDE.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E7C9E4E5C8EA989F0FF7D6FE6DBD6A4FE8212DDE.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 10:32:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:42:7c:14:cc:9d:22:a7:01:e0:30:9e:d0:1a:0f:03:93:19:79:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E7C9E4E5C8EA989F0FF7D6FE6DBD6A4FE8212DDE
        Validity
            Not Before: Aug  2 00:55:01 2025 GMT
            Not After : Aug  1 01:00:01 2026 GMT
        Subject: CN=F8C96CDA6C989EFD8149CB593A4042B2630F3BF4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:6e:e3:62:38:fb:48:4f:c7:67:06:6d:4e:a3:
                    58:64:2e:6d:89:b9:09:5a:f4:a9:cb:14:bc:29:c2:
                    6f:2f:fc:0d:08:6f:1e:e0:fa:73:2e:e9:06:95:20:
                    32:5a:21:f4:b8:93:b0:12:09:dd:bc:33:83:9a:98:
                    0e:c4:0c:99:e7:59:57:4b:5a:b1:7d:c4:6b:2c:eb:
                    bc:9f:4f:79:1f:20:28:4e:13:9d:a5:58:d1:1d:39:
                    d8:9e:23:8c:cd:f0:9c:40:eb:23:bd:60:da:1b:ee:
                    ed:0a:2d:fa:f3:06:9c:92:e3:3f:58:2c:15:22:48:
                    19:ce:1a:b8:6e:14:f7:59:8d:4c:2a:40:b9:85:30:
                    73:79:d2:7b:95:4b:e4:41:2d:08:e7:f5:97:79:13:
                    fe:a3:84:f9:81:d8:f2:52:c4:d2:2b:b8:15:a2:7d:
                    a5:f8:5a:e9:cb:35:49:15:15:e7:37:dc:2a:7a:ef:
                    77:bf:3d:70:dd:62:34:f7:29:21:1a:85:b9:92:79:
                    40:0d:62:63:21:0e:e2:5a:60:f8:78:41:fb:b0:41:
                    3a:3a:22:b8:28:a4:97:d3:15:b4:65:91:73:8e:64:
                    d8:e6:1f:5a:36:08:0f:4e:5a:cd:e2:42:bc:01:3d:
                    6a:a3:61:33:f5:4c:e1:53:7a:40:4e:70:79:64:3e:
                    f2:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:C9:6C:DA:6C:98:9E:FD:81:49:CB:59:3A:40:42:B2:63:0F:3B:F4
            X509v3 Authority Key Identifier:
                keyid:E7:C9:E4:E5:C8:EA:98:9F:0F:F7:D6:FE:6D:BD:6A:4F:E8:21:2D:DE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5711aa46-f28e-4c55-b9ba-7d5bdc95b4f6/0/E7C9E4E5C8EA989F0FF7D6FE6DBD6A4FE8212DDE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E7C9E4E5C8EA989F0FF7D6FE6DBD6A4FE8212DDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5711aa46-f28e-4c55-b9ba-7d5bdc95b4f6/0/3130332e36302e38382e302f32332d3233203d3e20313531353732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.60.88.0/23

    Signature Algorithm: sha256WithRSAEncryption
         60:b8:14:7e:db:3c:bb:88:57:46:80:ae:f4:6b:21:1f:95:d9:
         17:5b:2b:6b:ac:c4:04:e1:d3:13:83:57:8b:dd:ae:2f:ba:7b:
         68:e2:67:c2:ac:3f:15:bc:83:75:9f:cb:58:f0:f3:ce:02:51:
         51:2d:f0:86:38:e7:1a:12:2d:40:d2:60:b1:92:2b:cb:0c:e6:
         c9:5a:eb:9b:4c:24:81:da:08:cf:16:a0:3b:0d:ca:da:49:e0:
         ab:e1:15:3e:bf:bd:55:d6:d0:eb:b8:f2:26:09:62:75:9f:67:
         d1:a9:9f:ff:df:a7:4e:77:fd:4c:55:22:8f:b9:0c:a4:d5:e7:
         ea:2a:b7:33:08:ad:80:ea:a9:e9:5f:b0:f7:34:ab:7e:ef:9f:
         89:49:11:da:2e:a7:3b:2f:24:65:f8:76:87:93:ad:d3:cc:a5:
         d3:74:8d:8a:99:8c:74:c5:c7:fa:69:81:bc:4b:51:66:cb:c7:
         34:a5:05:d8:6c:14:f0:fc:c6:ca:78:f2:65:b4:ad:35:62:80:
         88:8c:ec:fd:de:ad:9c:b4:cc:6c:90:ac:ef:40:81:0d:5c:c6:
         a5:3a:ef:67:d5:48:c4:cb:1c:3d:ce:e4:a7:0a:72:f5:41:40:
         75:24:23:e5:af:a9:bc:8c:9b:64:15:80:31:e9:59:ca:58:d6:
         4d:86:56:86
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUWUJ8FMydIqcB4DCe0BoPA5MZeSUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTdDOUU0RTVDOEVBOTg5RjBGRjdENkZFNkRCRDZBNEZF
ODIxMkRERTAeFw0yNTA4MDIwMDU1MDFaFw0yNjA4MDEwMTAwMDFaMDMxMTAvBgNV
BAMTKEY4Qzk2Q0RBNkM5ODlFRkQ4MTQ5Q0I1OTNBNDA0MkIyNjMwRjNCRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcbuNiOPtIT8dnBm1Oo1hkLm2J
uQla9KnLFLwpwm8v/A0Ibx7g+nMu6QaVIDJaIfS4k7ASCd28M4OamA7EDJnnWVdL
WrF9xGss67yfT3kfIChOE52lWNEdOdieI4zN8JxA6yO9YNob7u0KLfrzBpyS4z9Y
LBUiSBnOGrhuFPdZjUwqQLmFMHN50nuVS+RBLQjn9Zd5E/6jhPmB2PJSxNIruBWi
faX4WunLNUkVFec33Cp673e/PXDdYjT3KSEahbmSeUANYmMhDuJaYPh4QfuwQTo6
IrgopJfTFbRlkXOOZNjmH1o2CA9OWs3iQrwBPWqjYTP1TOFTekBOcHlkPvJtAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU+Mls2myYnv2BSctZOkBCsmMPO/QwHwYDVR0j
BBgwFoAU58nk5cjqmJ8P99b+bb1qT+ghLd4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
NzExYWE0Ni1mMjhlLTRjNTUtYjliYS03ZDViZGM5NWI0ZjYvMC9FN0M5RTRFNUM4
RUE5ODlGMEZGN0Q2RkU2REJENkE0RkU4MjEyRERFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRTdDOUU0RTVDOEVBOTg5RjBGRjdENkZFNkRCRDZBNEZFODIx
MkRERS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU3MTFhYTQ2LWYyOGUtNGM1NS1i
OWJhLTdkNWJkYzk1YjRmNi8wLzMxMzAzMzJlMzYzMDJlMzgzODJlMzAyZjMyMzMy
ZDMyMzMyMDNkM2UyMDMxMzUzMTM1MzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWc8WDANBgkqhkiG
9w0BAQsFAAOCAQEAYLgUfts8u4hXRoCu9GshH5XZF1sra6zEBOHTE4NXi92uL7p7
aOJnwqw/FbyDdZ/LWPDzzgJRUS3whjjnGhItQNJgsZIrywzmyVrrm0wkgdoIzxag
Ow3K2kngq+EVPr+9VdbQ67jyJglidZ9n0amf/9+nTnf9TFUij7kMpNXn6iq3Mwit
gOqp6V+w9zSrfu+fiUkR2i6nOy8kZfh2h5Ot08yl03SNipmMdMXH+mmBvEtRZsvH
NKUF2GwU8PzGynjyZbStNWKAiIzs/d6tnLTMbJCs70CBDVzGpTrvZ9VIxMscPc7k
pwpy9UFAdSQj5a+pvIybZBWAMelZyljWTYZWhg==
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:16:11 2025 by rpki-client