Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/6132a740-bd7d-46b8-b10a-a7a703e350f2/0/3130332e38342e3131372e302f32342d3234203d3e20313334363335.roa
File:                     3130332e38342e3131372e302f32342d3234203d3e20313334363335.roa (raw, json)
Hash identifier:          tgAxo2PkCLcwRQp+/tf9sxvBS4Sl8uCrZgT8LdPuiis=
Subject key identifier:   75:0E:3F:DD:42:61:A3:17:F6:FC:96:FE:E6:4A:D9:F9:CC:91:70:88
Certificate issuer:       /CN=7701FBF4A9C9B559888F02656447A3AA1963811C
Certificate serial:       73871608A565A0B0649DF677E6595B516C276681
Authority key identifier: 77:01:FB:F4:A9:C9:B5:59:88:8F:02:65:64:47:A3:AA:19:63:81:1C
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7701FBF4A9C9B559888F02656447A3AA1963811C.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/6132a740-bd7d-46b8-b10a-a7a703e350f2/0/3130332e38342e3131372e302f32342d3234203d3e20313334363335.roa
Signing time:             Fri 25 Jul 2025 07:00:02 +0000
ROA not before:           Fri 25 Jul 2025 06:55:02 +0000
ROA not after:            Fri 24 Jul 2026 07:00:02 +0000
asID:                     134635
IP address blocks:        103.84.117.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/6132a740-bd7d-46b8-b10a-a7a703e350f2/0/7701FBF4A9C9B559888F02656447A3AA1963811C.crl
                          rsync://repo-rpki.idnic.net/repo/6132a740-bd7d-46b8-b10a-a7a703e350f2/0/7701FBF4A9C9B559888F02656447A3AA1963811C.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7701FBF4A9C9B559888F02656447A3AA1963811C.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 21:34:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:87:16:08:a5:65:a0:b0:64:9d:f6:77:e6:59:5b:51:6c:27:66:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7701FBF4A9C9B559888F02656447A3AA1963811C
        Validity
            Not Before: Jul 25 06:55:02 2025 GMT
            Not After : Jul 24 07:00:02 2026 GMT
        Subject: CN=750E3FDD4261A317F6FC96FEE64AD9F9CC917088
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:54:1d:78:b7:f4:73:2b:b4:92:10:ac:2f:1e:
                    dc:b5:15:42:6a:d3:0e:70:af:e3:a5:33:9e:b3:8a:
                    6a:f1:b4:4a:09:5d:89:a9:1d:e8:e1:a4:0d:19:6e:
                    4e:f5:e0:f7:97:c5:be:33:48:52:4c:99:39:11:5a:
                    30:44:5a:ce:8d:35:a7:1d:b2:82:62:b3:2f:4b:91:
                    8a:bc:ff:a4:56:fa:2b:e5:8f:0d:27:56:87:14:e3:
                    03:0e:19:70:b4:f0:d5:b1:56:f7:11:5e:ef:f3:63:
                    0a:20:c2:6c:20:13:09:78:0e:43:cd:8f:49:09:08:
                    5c:2d:58:97:6c:36:6d:6e:b5:51:dc:ea:64:a3:2d:
                    d8:a0:c6:22:0f:f3:87:68:6a:90:02:5a:4f:55:1c:
                    64:75:ba:43:b2:09:aa:e7:0a:e7:0e:c5:a8:d6:ae:
                    3b:95:66:ef:71:55:28:e8:0b:24:b7:69:6e:a1:62:
                    4f:3e:cc:1c:b6:24:1f:f9:92:53:52:7c:df:12:4c:
                    75:18:95:ac:3d:e6:e9:43:a2:c5:7b:21:09:ec:01:
                    41:47:8f:6d:0c:59:cd:e3:78:c4:7b:cd:c9:d4:8a:
                    62:f3:e6:49:3b:82:be:48:4d:a8:12:07:1c:1e:0b:
                    b5:cc:4d:b7:14:0f:a4:cb:0b:23:d3:09:39:3b:59:
                    eb:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:0E:3F:DD:42:61:A3:17:F6:FC:96:FE:E6:4A:D9:F9:CC:91:70:88
            X509v3 Authority Key Identifier:
                keyid:77:01:FB:F4:A9:C9:B5:59:88:8F:02:65:64:47:A3:AA:19:63:81:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/6132a740-bd7d-46b8-b10a-a7a703e350f2/0/7701FBF4A9C9B559888F02656447A3AA1963811C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7701FBF4A9C9B559888F02656447A3AA1963811C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6132a740-bd7d-46b8-b10a-a7a703e350f2/0/3130332e38342e3131372e302f32342d3234203d3e20313334363335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.84.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:4e:e4:7f:5d:38:b6:e9:b0:3f:67:0f:a9:1e:d3:88:d3:ff:
         b4:1f:9b:9e:64:3a:aa:85:e8:55:98:29:34:d6:18:c4:9f:d0:
         70:aa:e1:f5:02:57:a3:79:5d:1d:7e:b1:49:d0:27:ef:61:c7:
         a1:11:e8:8a:94:c2:bd:cd:06:94:21:69:91:14:de:dd:ff:61:
         00:ed:da:2e:f9:64:bb:f8:83:41:eb:a5:75:05:66:74:f8:e7:
         e6:36:1a:a1:5e:e7:e1:20:2d:36:4c:0d:bd:1a:87:97:4c:fc:
         cd:bb:33:64:de:d3:6a:35:0f:27:d8:b1:f4:dc:cf:84:0a:04:
         70:a8:d2:e3:aa:a0:c1:0a:f2:16:71:eb:ad:c4:63:c0:e1:2c:
         71:ba:d1:6f:eb:4c:1c:86:a0:44:30:b8:96:c7:41:a7:94:c6:
         bf:1d:68:0a:de:da:75:84:bc:f0:87:01:34:6f:45:34:05:1d:
         13:a7:5e:b7:bb:94:c6:e8:c7:38:9b:d1:a6:57:71:88:6b:e9:
         ed:38:09:13:a8:80:75:2d:2d:f7:e4:df:6a:f5:2b:bf:10:06:
         1c:db:92:2d:af:b2:7c:b4:02:4b:d9:c3:0b:b0:56:5f:7e:7d:
         d9:eb:40:6a:84:57:d5:53:2e:2a:33:11:f5:85:b7:b2:06:e4:
         0e:91:a9:c4
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUc4cWCKVloLBknfZ35llbUWwnZoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzcwMUZCRjRBOUM5QjU1OTg4OEYwMjY1NjQ0N0EzQUEx
OTYzODExQzAeFw0yNTA3MjUwNjU1MDJaFw0yNjA3MjQwNzAwMDJaMDMxMTAvBgNV
BAMTKDc1MEUzRkRENDI2MUEzMTdGNkZDOTZGRUU2NEFEOUY5Q0M5MTcwODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCVB14t/RzK7SSEKwvHty1FUJq
0w5wr+OlM56zimrxtEoJXYmpHejhpA0Zbk714PeXxb4zSFJMmTkRWjBEWs6NNacd
soJisy9LkYq8/6RW+ivljw0nVocU4wMOGXC08NWxVvcRXu/zYwogwmwgEwl4DkPN
j0kJCFwtWJdsNm1utVHc6mSjLdigxiIP84doapACWk9VHGR1ukOyCarnCucOxajW
rjuVZu9xVSjoCyS3aW6hYk8+zBy2JB/5klNSfN8STHUYlaw95ulDosV7IQnsAUFH
j20MWc3jeMR7zcnUimLz5kk7gr5ITagSBxweC7XMTbcUD6TLCyPTCTk7WevZAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUdQ4/3UJhoxf2/Jb+5krZ+cyRcIgwHwYDVR0j
BBgwFoAUdwH79KnJtVmIjwJlZEejqhljgRwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
MTMyYTc0MC1iZDdkLTQ2YjgtYjEwYS1hN2E3MDNlMzUwZjIvMC83NzAxRkJGNEE5
QzlCNTU5ODg4RjAyNjU2NDQ3QTNBQTE5NjM4MTFDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNzcwMUZCRjRBOUM5QjU1OTg4OEYwMjY1NjQ0N0EzQUExOTYz
ODExQy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYxMzJhNzQwLWJkN2QtNDZiOC1i
MTBhLWE3YTcwM2UzNTBmMi8wLzMxMzAzMzJlMzgzNDJlMzEzMTM3MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM0MzYzMzM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ1R1MA0GCSqG
SIb3DQEBCwUAA4IBAQCvTuR/XTi26bA/Zw+pHtOI0/+0H5ueZDqqhehVmCk01hjE
n9BwquH1AlejeV0dfrFJ0CfvYcehEeiKlMK9zQaUIWmRFN7d/2EA7dou+WS7+INB
66V1BWZ0+OfmNhqhXufhIC02TA29GoeXTPzNuzNk3tNqNQ8n2LH03M+ECgRwqNLj
qqDBCvIWceutxGPA4SxxutFv60wchqBEMLiWx0GnlMa/HWgK3tp1hLzwhwE0b0U0
BR0Tp163u5TG6Mc4m9GmV3GIa+ntOAkTqIB1LS335N9q9Su/EAYc25Itr7J8tAJL
2cMLsFZffn3Z60BqhFfVUy4qMxH1hbeyBuQOkanE
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:13:56 2025 by rpki-client