Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/3230322e3135342e34302e302f32332d3234203d3e2034343334.roa
File:                     3230322e3135342e34302e302f32332d3234203d3e2034343334.roa (raw, json)
Hash identifier:          079mJlZrMuzPvRxbYY/XHaN6hL2KXO61c1yJFwg9zWU=
Subject key identifier:   79:E4:9E:33:A0:3C:FE:A5:88:D9:F3:3D:FC:11:80:5F:76:A5:A6:CF
Certificate issuer:       /CN=10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6
Certificate serial:       7F25A5C5A54DE04B065B15FE8D711FFE346A62D4
Authority key identifier: 10:F0:0F:AE:6F:0B:93:AB:DC:95:62:8A:CE:3C:3C:18:9A:E9:27:F6
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/3230322e3135342e34302e302f32332d3234203d3e2034343334.roa
Signing time:             Wed 23 Jul 2025 11:02:23 +0000
ROA not before:           Wed 23 Jul 2025 10:57:23 +0000
ROA not after:            Wed 22 Jul 2026 11:02:23 +0000
asID:                     4434
IP address blocks:        202.154.40.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.crl
                          rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 01:40:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:25:a5:c5:a5:4d:e0:4b:06:5b:15:fe:8d:71:1f:fe:34:6a:62:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6
        Validity
            Not Before: Jul 23 10:57:23 2025 GMT
            Not After : Jul 22 11:02:23 2026 GMT
        Subject: CN=79E49E33A03CFEA588D9F33DFC11805F76A5A6CF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ff:70:94:5d:fe:91:a8:29:88:4c:66:6a:bb:
                    da:f7:a5:ab:84:3d:20:46:d9:08:e8:12:17:b5:a1:
                    2b:91:27:8a:3a:df:c8:e7:b8:d1:5c:cd:7d:be:a4:
                    50:11:d5:9e:b9:68:c7:9b:c5:7d:80:bf:dd:99:8e:
                    bf:d2:a6:a2:57:e7:47:eb:c7:81:9e:b1:d6:05:98:
                    38:e8:d0:e9:88:02:e1:b5:76:82:75:af:0a:e5:88:
                    90:a2:e9:2a:93:1f:f5:00:c5:63:23:4d:51:bc:80:
                    14:3b:1c:16:ac:4c:cd:84:37:09:b3:26:41:c1:3e:
                    fa:61:57:a9:dc:f1:67:3e:1d:80:46:81:65:28:d5:
                    9e:2c:fe:da:51:20:21:ef:39:15:50:1a:36:01:dd:
                    18:86:a8:53:5a:ae:4d:e7:90:5c:75:5c:34:2b:fc:
                    c9:8c:38:28:0d:31:25:71:7b:da:c0:1e:e0:ff:02:
                    b5:a3:4b:9a:0b:85:5f:6b:77:10:b7:85:22:f5:68:
                    8b:02:e5:e1:a9:f1:0c:b8:6d:fd:1f:28:8d:8f:bd:
                    fe:22:ef:dd:5a:4a:b9:13:7f:53:b0:00:46:00:27:
                    6f:8b:c6:20:84:ad:38:24:16:df:f2:31:d8:ef:e1:
                    6f:f7:6a:69:be:80:b1:50:df:f4:35:c3:5d:82:7a:
                    38:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:E4:9E:33:A0:3C:FE:A5:88:D9:F3:3D:FC:11:80:5F:76:A5:A6:CF
            X509v3 Authority Key Identifier:
                keyid:10:F0:0F:AE:6F:0B:93:AB:DC:95:62:8A:CE:3C:3C:18:9A:E9:27:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/3230322e3135342e34302e302f32332d3234203d3e2034343334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.154.40.0/23

    Signature Algorithm: sha256WithRSAEncryption
         89:b9:54:83:bb:9a:b2:ed:09:81:c5:b1:90:d9:c9:8c:23:ed:
         68:99:b0:fe:19:46:e0:40:88:7c:e4:01:c1:a8:17:ed:c6:99:
         89:d1:ef:fe:6e:53:3f:7b:05:96:2f:27:11:ff:b9:45:e4:e0:
         18:7d:bb:69:24:e7:2a:60:b9:48:7f:37:50:a7:91:e6:30:c6:
         8c:0d:22:d0:28:31:b7:a9:6b:bb:6e:de:bc:df:b2:dd:15:76:
         13:5e:b7:39:3a:ca:1b:a1:dc:94:82:6d:98:20:93:bd:58:cb:
         f7:19:38:23:1c:1b:16:cb:b0:53:c7:6a:33:78:91:76:ab:16:
         18:10:a4:04:5c:36:3a:6b:9a:18:fe:b6:e5:21:a5:90:9f:1c:
         6e:7c:2b:bc:3f:58:14:99:70:4e:cb:e7:7d:6e:66:dd:2b:68:
         6c:0d:6b:cc:8e:44:dc:ae:f8:13:4a:56:b0:dd:92:e3:25:96:
         83:23:9a:43:43:99:bb:82:6c:ba:3c:b8:06:c5:28:68:d7:69:
         72:51:3f:cf:a8:a2:c1:4f:96:7c:af:54:00:50:1c:f0:e5:16:
         12:dc:5e:e4:f5:4f:40:80:6b:6e:ea:03:68:60:34:48:55:fb:
         5e:42:8c:d3:ad:d4:18:64:7d:3e:f1:88:79:41:59:c4:c9:77:
         5c:c5:89:f7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUfyWlxaVN4EsGWxX+jXEf/jRqYtQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTBGMDBGQUU2RjBCOTNBQkRDOTU2MjhBQ0UzQzNDMTg5
QUU5MjdGNjAeFw0yNTA3MjMxMDU3MjNaFw0yNjA3MjIxMTAyMjNaMDMxMTAvBgNV
BAMTKDc5RTQ5RTMzQTAzQ0ZFQTU4OEQ5RjMzREZDMTE4MDVGNzZBNUE2Q0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6/3CUXf6RqCmITGZqu9r3pauE
PSBG2QjoEhe1oSuRJ4o638jnuNFczX2+pFAR1Z65aMebxX2Av92Zjr/SpqJX50fr
x4GesdYFmDjo0OmIAuG1doJ1rwrliJCi6SqTH/UAxWMjTVG8gBQ7HBasTM2ENwmz
JkHBPvphV6nc8Wc+HYBGgWUo1Z4s/tpRICHvORVQGjYB3RiGqFNark3nkFx1XDQr
/MmMOCgNMSVxe9rAHuD/ArWjS5oLhV9rdxC3hSL1aIsC5eGp8Qy4bf0fKI2Pvf4i
791aSrkTf1OwAEYAJ2+LxiCErTgkFt/yMdjv4W/3amm+gLFQ3/Q1w12CejhfAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUeeSeM6A8/qWI2fM9/BGAX3alps8wHwYDVR0j
BBgwFoAUEPAPrm8Lk6vclWKKzjw8GJrpJ/YwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
YzBjMTRhOS0zYTc3LTQ5ZTItOTE5NC00OGQwOTEzNDU4YjIvMC8xMEYwMEZBRTZG
MEI5M0FCREM5NTYyOEFDRTNDM0MxODlBRTkyN0Y2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTBGMDBGQUU2RjBCOTNBQkRDOTU2MjhBQ0UzQzNDMTg5QUU5
MjdGNi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVjMGMxNGE5LTNhNzctNDllMi05
MTk0LTQ4ZDA5MTM0NThiMi8wLzMyMzAzMjJlMzEzNTM0MmUzNDMwMmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzQzNDMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHKmigwDQYJKoZIhvcN
AQELBQADggEBAIm5VIO7mrLtCYHFsZDZyYwj7WiZsP4ZRuBAiHzkAcGoF+3GmYnR
7/5uUz97BZYvJxH/uUXk4Bh9u2kk5ypguUh/N1CnkeYwxowNItAoMbepa7tu3rzf
st0VdhNetzk6yhuh3JSCbZggk71Yy/cZOCMcGxbLsFPHajN4kXarFhgQpARcNjpr
mhj+tuUhpZCfHG58K7w/WBSZcE7L531uZt0raGwNa8yORNyu+BNKVrDdkuMlloMj
mkNDmbuCbLo8uAbFKGjXaXJRP8+oosFPlnyvVABQHPDlFhLcXuT1T0CAa27qA2hg
NEhV+15CjNOt1BhkfT7xiHlBWcTJd1zFifc=
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:13:58 2025 by rpki-client