Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/6098f924-9f2e-499b-8101-02f7506932bf/0/3130332e3139312e3235342e302f32332d3233203d3e20313439393433.roa
File:                     3130332e3139312e3235342e302f32332d3233203d3e20313439393433.roa (raw, json)
Hash identifier:          874x7Ob+P1gnAjnP1blHxACfVuuuGxnGAVUEWJIVT2g=
Subject key identifier:   C9:25:4B:DA:AD:2E:F5:90:5C:44:12:E3:91:7E:C5:94:28:33:B9:82
Certificate issuer:       /CN=ADE0D4624859A4D642D8C07FD007B4EEE066EFF3
Certificate serial:       202C490DFE1E59E6938EBC0133B37630450BC529
Authority key identifier: AD:E0:D4:62:48:59:A4:D6:42:D8:C0:7F:D0:07:B4:EE:E0:66:EF:F3
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/ADE0D4624859A4D642D8C07FD007B4EEE066EFF3.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/6098f924-9f2e-499b-8101-02f7506932bf/0/3130332e3139312e3235342e302f32332d3233203d3e20313439393433.roa
Signing time:             Tue 08 Jul 2025 05:02:24 +0000
ROA not before:           Tue 08 Jul 2025 04:57:24 +0000
ROA not after:            Tue 07 Jul 2026 05:02:24 +0000
asID:                     149943
IP address blocks:        103.191.254.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/6098f924-9f2e-499b-8101-02f7506932bf/0/ADE0D4624859A4D642D8C07FD007B4EEE066EFF3.crl
                          rsync://repo-rpki.idnic.net/repo/6098f924-9f2e-499b-8101-02f7506932bf/0/ADE0D4624859A4D642D8C07FD007B4EEE066EFF3.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/ADE0D4624859A4D642D8C07FD007B4EEE066EFF3.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 21:35:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:2c:49:0d:fe:1e:59:e6:93:8e:bc:01:33:b3:76:30:45:0b:c5:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ADE0D4624859A4D642D8C07FD007B4EEE066EFF3
        Validity
            Not Before: Jul  8 04:57:24 2025 GMT
            Not After : Jul  7 05:02:24 2026 GMT
        Subject: CN=C9254BDAAD2EF5905C4412E3917EC5942833B982
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ad:b1:6a:c5:9e:25:e6:de:ce:92:c3:ce:64:
                    b3:68:30:da:1a:9a:f9:12:fe:4a:1e:41:23:27:72:
                    dd:2b:41:9f:96:2a:32:cf:23:69:c0:5d:cc:85:30:
                    96:4f:cc:c6:77:35:07:91:e1:0e:4c:f5:ad:d1:50:
                    98:16:85:2b:43:5e:78:c1:f2:e0:d1:45:74:fb:68:
                    36:19:8b:42:86:ab:ee:e6:07:03:e4:e2:6a:9e:86:
                    43:c3:4b:a1:56:33:8b:59:e6:03:09:81:9b:68:1b:
                    c0:30:e9:5b:03:11:36:3c:02:2a:7f:07:c9:08:5c:
                    69:fb:a1:0d:7f:d2:e0:67:1e:6b:21:30:ea:d6:96:
                    c2:ee:76:d6:09:48:fc:eb:ee:6e:fe:f9:51:c8:82:
                    7d:84:d8:a3:f9:11:c9:83:df:95:43:52:89:08:84:
                    02:59:d2:6f:be:fb:ab:1b:70:30:45:5a:3b:1e:41:
                    3c:8b:a8:68:22:78:f4:ef:15:27:73:fc:88:1c:94:
                    49:c1:95:b2:dd:1c:37:29:b4:79:8a:78:26:52:57:
                    bc:47:a6:ab:80:62:45:d7:00:a8:c7:7d:b0:92:70:
                    b9:3d:0a:ff:2f:bf:a9:ff:cf:9b:a9:8d:02:ce:d3:
                    35:5d:e4:b4:d2:da:a1:8e:95:93:b0:ff:65:e3:17:
                    7d:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:25:4B:DA:AD:2E:F5:90:5C:44:12:E3:91:7E:C5:94:28:33:B9:82
            X509v3 Authority Key Identifier:
                keyid:AD:E0:D4:62:48:59:A4:D6:42:D8:C0:7F:D0:07:B4:EE:E0:66:EF:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/6098f924-9f2e-499b-8101-02f7506932bf/0/ADE0D4624859A4D642D8C07FD007B4EEE066EFF3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/ADE0D4624859A4D642D8C07FD007B4EEE066EFF3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6098f924-9f2e-499b-8101-02f7506932bf/0/3130332e3139312e3235342e302f32332d3233203d3e20313439393433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.191.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         03:99:4c:9d:f6:c8:58:90:fa:b7:7d:db:30:74:77:4a:42:86:
         c8:52:40:d2:0c:c6:44:ae:12:4b:9f:e1:da:93:b7:32:d0:1d:
         b0:b1:33:00:c8:99:e3:aa:bf:e6:6b:60:db:99:e3:61:20:6e:
         5e:a4:c6:3b:38:64:fe:9b:ef:e2:a2:c9:76:d6:e4:52:f5:00:
         e5:b4:e9:06:c7:60:5b:c5:c3:34:ac:a4:60:ab:d5:8f:c9:4d:
         ee:82:4c:fe:cd:3f:12:20:7d:94:a0:f0:85:5f:e9:d7:94:b1:
         09:14:3e:62:69:e4:9d:e0:10:07:ba:9f:e3:a3:7d:8b:05:e5:
         34:e1:aa:6c:46:8b:12:31:20:c3:7a:59:6b:67:35:06:76:fa:
         12:20:7a:af:94:56:87:5a:da:a3:fb:c8:28:21:20:55:ec:18:
         c4:f2:8d:25:c1:b9:95:65:ae:41:4b:27:e5:81:f6:cd:79:22:
         82:c0:83:78:0d:0b:f7:71:82:c3:ca:48:9d:2a:ac:3f:14:8f:
         3e:88:f8:21:52:1e:68:7c:3e:2c:4f:15:73:6b:da:81:dd:ca:
         25:c0:dc:07:5b:bd:ca:af:e2:5b:ca:4b:db:bc:cb:d2:cf:3f:
         2b:96:ef:d3:cc:1e:5f:75:57:88:24:a8:f1:8a:58:63:ff:51:
         e8:07:e8:15
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUICxJDf4eWeaTjrwBM7N2MEULxSkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQURFMEQ0NjI0ODU5QTRENjQyRDhDMDdGRDAwN0I0RUVF
MDY2RUZGMzAeFw0yNTA3MDgwNDU3MjRaFw0yNjA3MDcwNTAyMjRaMDMxMTAvBgNV
BAMTKEM5MjU0QkRBQUQyRUY1OTA1QzQ0MTJFMzkxN0VDNTk0MjgzM0I5ODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCprbFqxZ4l5t7OksPOZLNoMNoa
mvkS/koeQSMnct0rQZ+WKjLPI2nAXcyFMJZPzMZ3NQeR4Q5M9a3RUJgWhStDXnjB
8uDRRXT7aDYZi0KGq+7mBwPk4mqehkPDS6FWM4tZ5gMJgZtoG8Aw6VsDETY8Aip/
B8kIXGn7oQ1/0uBnHmshMOrWlsLudtYJSPzr7m7++VHIgn2E2KP5EcmD35VDUokI
hAJZ0m+++6sbcDBFWjseQTyLqGgiePTvFSdz/IgclEnBlbLdHDcptHmKeCZSV7xH
pquAYkXXAKjHfbCScLk9Cv8vv6n/z5upjQLO0zVd5LTS2qGOlZOw/2XjF31pAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUySVL2q0u9ZBcRBLjkX7FlCgzuYIwHwYDVR0j
BBgwFoAUreDUYkhZpNZC2MB/0Ae07uBm7/MwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
MDk4ZjkyNC05ZjJlLTQ5OWItODEwMS0wMmY3NTA2OTMyYmYvMC9BREUwRDQ2MjQ4
NTlBNEQ2NDJEOEMwN0ZEMDA3QjRFRUUwNjZFRkYzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQURFMEQ0NjI0ODU5QTRENjQyRDhDMDdGRDAwN0I0RUVFMDY2
RUZGMy5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYwOThmOTI0LTlmMmUtNDk5Yi04
MTAxLTAyZjc1MDY5MzJiZi8wLzMxMzAzMzJlMzEzOTMxMmUzMjM1MzQyZTMwMmYz
MjMzMmQzMjMzMjAzZDNlMjAzMTM0MzkzOTM0MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnv/4wDQYJ
KoZIhvcNAQELBQADggEBAAOZTJ32yFiQ+rd92zB0d0pChshSQNIMxkSuEkuf4dqT
tzLQHbCxMwDImeOqv+ZrYNuZ42Egbl6kxjs4ZP6b7+KiyXbW5FL1AOW06QbHYFvF
wzSspGCr1Y/JTe6CTP7NPxIgfZSg8IVf6deUsQkUPmJp5J3gEAe6n+OjfYsF5TTh
qmxGixIxIMN6WWtnNQZ2+hIgeq+UVoda2qP7yCghIFXsGMTyjSXBuZVlrkFLJ+WB
9s15IoLAg3gNC/dxgsPKSJ0qrD8Ujz6I+CFSHmh8PixPFXNr2oHdyiXA3Adbvcqv
4lvKS9u8y9LPPyuW79PMHl91V4gkqPGKWGP/UegH6BU=
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:21:55 2025 by rpki-client