Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5713fc17-57f1-4671-8a16-f858ddd7da43/0/3130332e3134342e35342e302f32342d3234203d3e20313339343139.roa
File:                     3130332e3134342e35342e302f32342d3234203d3e20313339343139.roa (raw, json)
Hash identifier:          MuxtLH1xVU8aMXuETWAtcXYghvJecFcLSJD0ep6gJ1w=
Subject key identifier:   10:1F:15:13:FD:54:42:4E:A9:15:03:C6:ED:E2:BC:E8:F1:1E:33:50
Certificate issuer:       /CN=48CA7719CE7CE90570E1A1B6F443947AE9CAA74E
Certificate serial:       7F5D655D0D3F574B3A6E10BDA255F0326AF6A00B
Authority key identifier: 48:CA:77:19:CE:7C:E9:05:70:E1:A1:B6:F4:43:94:7A:E9:CA:A7:4E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/48CA7719CE7CE90570E1A1B6F443947AE9CAA74E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5713fc17-57f1-4671-8a16-f858ddd7da43/0/3130332e3134342e35342e302f32342d3234203d3e20313339343139.roa
Signing time:             Sat 02 Aug 2025 09:00:00 +0000
ROA not before:           Sat 02 Aug 2025 08:55:00 +0000
ROA not after:            Sat 01 Aug 2026 09:00:00 +0000
asID:                     139419
IP address blocks:        103.144.54.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/5713fc17-57f1-4671-8a16-f858ddd7da43/0/48CA7719CE7CE90570E1A1B6F443947AE9CAA74E.crl
                          rsync://repo-rpki.idnic.net/repo/5713fc17-57f1-4671-8a16-f858ddd7da43/0/48CA7719CE7CE90570E1A1B6F443947AE9CAA74E.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/48CA7719CE7CE90570E1A1B6F443947AE9CAA74E.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 11 Aug 2025 21:23:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:5d:65:5d:0d:3f:57:4b:3a:6e:10:bd:a2:55:f0:32:6a:f6:a0:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48CA7719CE7CE90570E1A1B6F443947AE9CAA74E
        Validity
            Not Before: Aug  2 08:55:00 2025 GMT
            Not After : Aug  1 09:00:00 2026 GMT
        Subject: CN=101F1513FD54424EA91503C6EDE2BCE8F11E3350
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:92:b3:a6:e1:ca:bd:18:96:c5:35:21:ff:d4:
                    a5:df:c6:b8:85:56:ac:c2:2d:0f:d4:34:96:8c:40:
                    20:13:73:3d:7c:01:cd:26:2c:14:52:50:8e:b9:36:
                    87:50:a6:35:6e:e9:cc:be:3c:7e:f9:10:13:05:ef:
                    73:b9:c2:bf:2d:cf:ab:95:f2:54:12:ab:2a:d2:93:
                    30:05:b6:57:19:3a:6b:89:1c:9d:43:02:f5:90:f6:
                    d4:0e:0e:15:41:20:a3:85:74:42:86:36:6a:8a:7d:
                    3f:e7:f0:3c:9a:1e:36:c0:45:bf:77:3b:f2:ec:8b:
                    6a:d6:c5:da:ab:8b:a1:f7:59:aa:e8:48:b0:73:9f:
                    d1:31:61:a0:17:42:cc:4a:a6:fb:71:46:57:15:94:
                    ef:e1:9f:e5:34:ac:56:3a:5b:4b:da:fa:23:66:17:
                    eb:be:11:82:5d:cf:8c:68:77:6d:e9:c3:4a:4b:e7:
                    74:5e:73:b2:e2:57:8b:31:3f:39:c7:9f:68:8e:32:
                    b8:8a:46:f6:b6:ea:f7:e3:d9:01:81:d7:82:aa:23:
                    82:24:ac:c1:14:db:55:8e:c5:73:98:92:ae:56:a0:
                    ae:27:c4:95:dc:52:c5:79:7b:ad:9b:ed:2d:0a:95:
                    33:6a:a7:9d:6f:2e:34:65:54:f0:b8:ae:96:84:70:
                    23:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:1F:15:13:FD:54:42:4E:A9:15:03:C6:ED:E2:BC:E8:F1:1E:33:50
            X509v3 Authority Key Identifier:
                keyid:48:CA:77:19:CE:7C:E9:05:70:E1:A1:B6:F4:43:94:7A:E9:CA:A7:4E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5713fc17-57f1-4671-8a16-f858ddd7da43/0/48CA7719CE7CE90570E1A1B6F443947AE9CAA74E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/48CA7719CE7CE90570E1A1B6F443947AE9CAA74E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5713fc17-57f1-4671-8a16-f858ddd7da43/0/3130332e3134342e35342e302f32342d3234203d3e20313339343139.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.144.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:12:b2:7c:17:3f:ff:b4:14:37:f7:5d:00:93:f7:7e:e2:fc:
         46:b3:0e:41:ca:87:04:63:7d:32:fe:b1:6a:96:11:43:37:52:
         4f:6b:10:07:87:71:e0:91:c9:ae:c3:4a:fd:d7:e7:97:c5:ec:
         35:4b:30:06:2f:5c:6e:1c:bc:69:82:83:27:6b:20:5c:d8:3f:
         3a:fc:24:9e:f0:4b:73:b0:3f:2e:6a:16:e1:98:d1:bf:96:3c:
         6c:54:2f:15:ee:80:f9:1e:b9:14:7e:ea:e6:c9:6f:df:74:7f:
         61:ad:3e:f0:b9:89:3e:b0:5c:c2:fc:4c:62:a3:51:ba:86:ff:
         04:90:e6:54:79:94:0a:fd:72:a9:39:a8:82:bc:53:09:2e:52:
         91:1f:08:3e:64:24:49:50:71:28:46:cc:17:bf:b1:60:90:00:
         75:90:36:cd:b5:5a:56:25:f1:27:2e:75:0c:5d:f0:e0:93:d9:
         1c:95:81:90:b3:ed:4b:5a:d7:04:2f:91:22:5e:99:dc:bf:8e:
         6b:bd:dd:e6:59:5a:1e:d2:b3:ea:f3:52:db:62:c0:07:cd:fb:
         9b:3d:bb:d1:3d:38:b0:68:9f:1e:cb:99:45:fc:e3:c2:33:ed:
         4a:5f:71:f4:45:3f:4b:5b:ab:78:be:7e:12:1a:96:fb:b4:45:
         a1:da:79:0e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUf11lXQ0/V0s6bhC9olXwMmr2oAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDhDQTc3MTlDRTdDRTkwNTcwRTFBMUI2RjQ0Mzk0N0FF
OUNBQTc0RTAeFw0yNTA4MDIwODU1MDBaFw0yNjA4MDEwOTAwMDBaMDMxMTAvBgNV
BAMTKDEwMUYxNTEzRkQ1NDQyNEVBOTE1MDNDNkVERTJCQ0U4RjExRTMzNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxkrOm4cq9GJbFNSH/1KXfxriF
VqzCLQ/UNJaMQCATcz18Ac0mLBRSUI65NodQpjVu6cy+PH75EBMF73O5wr8tz6uV
8lQSqyrSkzAFtlcZOmuJHJ1DAvWQ9tQODhVBIKOFdEKGNmqKfT/n8DyaHjbARb93
O/Lsi2rWxdqri6H3WaroSLBzn9ExYaAXQsxKpvtxRlcVlO/hn+U0rFY6W0va+iNm
F+u+EYJdz4xod23pw0pL53Rec7LiV4sxPznHn2iOMriKRva26vfj2QGB14KqI4Ik
rMEU21WOxXOYkq5WoK4nxJXcUsV5e62b7S0KlTNqp51vLjRlVPC4rpaEcCO3AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUEB8VE/1UQk6pFQPG7eK86PEeM1AwHwYDVR0j
BBgwFoAUSMp3Gc586QVw4aG29EOUeunKp04wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
NzEzZmMxNy01N2YxLTQ2NzEtOGExNi1mODU4ZGRkN2RhNDMvMC80OENBNzcxOUNF
N0NFOTA1NzBFMUExQjZGNDQzOTQ3QUU5Q0FBNzRFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDhDQTc3MTlDRTdDRTkwNTcwRTFBMUI2RjQ0Mzk0N0FFOUNB
QTc0RS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU3MTNmYzE3LTU3ZjEtNDY3MS04
YTE2LWY4NThkZGQ3ZGE0My8wLzMxMzAzMzJlMzEzNDM0MmUzNTM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM5MzQzMTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ5A2MA0GCSqG
SIb3DQEBCwUAA4IBAQCoErJ8Fz//tBQ3910Ak/d+4vxGsw5ByocEY30y/rFqlhFD
N1JPaxAHh3Hgkcmuw0r91+eXxew1SzAGL1xuHLxpgoMnayBc2D86/CSe8EtzsD8u
ahbhmNG/ljxsVC8V7oD5HrkUfurmyW/fdH9hrT7wuYk+sFzC/Exio1G6hv8EkOZU
eZQK/XKpOaiCvFMJLlKRHwg+ZCRJUHEoRswXv7FgkAB1kDbNtVpWJfEnLnUMXfDg
k9kclYGQs+1LWtcEL5EiXpncv45rvd3mWVoe0rPq81LbYsAHzfubPbvRPTiwaJ8e
y5lF/OPCM+1KX3H0RT9LW6t4vn4SGpb7tEWh2nkO
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:52:42 2025 by rpki-client