Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/62daa95f-2f59-439a-834f-a721c372a74c/0/3130332e3134372e3135362e302f32342d3234203d3e20313432333630.roa
File:                     3130332e3134372e3135362e302f32342d3234203d3e20313432333630.roa (raw, json)
Hash identifier:          PA1MZra2kgeTlH2OybXWdKE8fFAmRO6cgL0fnUFICrM=
Subject key identifier:   8D:C9:17:D0:13:5F:B5:C3:3F:6D:CD:02:93:72:74:CE:F2:E8:7F:DF
Certificate issuer:       /CN=0D3926ADFB47314F1E7D5B92769131D429FC13A9
Certificate serial:       646B848E38A88BB86D773488636D388BB2CF4EDA
Authority key identifier: 0D:39:26:AD:FB:47:31:4F:1E:7D:5B:92:76:91:31:D4:29:FC:13:A9
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0D3926ADFB47314F1E7D5B92769131D429FC13A9.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/62daa95f-2f59-439a-834f-a721c372a74c/0/3130332e3134372e3135362e302f32342d3234203d3e20313432333630.roa
Signing time:             Wed 30 Jul 2025 02:01:52 +0000
ROA not before:           Wed 30 Jul 2025 01:56:52 +0000
ROA not after:            Wed 29 Jul 2026 02:01:52 +0000
asID:                     142360
IP address blocks:        103.147.156.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/62daa95f-2f59-439a-834f-a721c372a74c/0/0D3926ADFB47314F1E7D5B92769131D429FC13A9.crl
                          rsync://repo-rpki.idnic.net/repo/62daa95f-2f59-439a-834f-a721c372a74c/0/0D3926ADFB47314F1E7D5B92769131D429FC13A9.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0D3926ADFB47314F1E7D5B92769131D429FC13A9.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 00:49:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:6b:84:8e:38:a8:8b:b8:6d:77:34:88:63:6d:38:8b:b2:cf:4e:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0D3926ADFB47314F1E7D5B92769131D429FC13A9
        Validity
            Not Before: Jul 30 01:56:52 2025 GMT
            Not After : Jul 29 02:01:52 2026 GMT
        Subject: CN=8DC917D0135FB5C33F6DCD02937274CEF2E87FDF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:55:30:12:3b:f8:7b:52:4a:2c:fc:b4:73:ee:
                    d7:fe:aa:54:e6:0d:fd:20:ab:af:7d:7c:9b:fa:0e:
                    12:a9:e1:57:53:9a:ff:5d:79:e7:57:d1:b0:b7:7f:
                    33:0f:be:6e:e0:e3:e5:4b:59:ff:29:50:8a:26:58:
                    b9:d0:34:17:21:7d:08:93:37:b8:89:bc:b3:cf:a3:
                    aa:0f:d8:fe:e7:8c:1c:70:06:62:a6:95:17:6e:c0:
                    5b:bc:9e:c4:29:3e:22:fa:fc:e0:ed:2e:d8:02:37:
                    25:74:7f:47:b9:e4:f0:88:4e:b4:5b:e1:a4:4c:56:
                    96:4d:54:1e:03:59:67:98:c4:c5:e0:34:4c:4d:f0:
                    2c:44:e3:32:81:fe:a9:08:d1:3c:15:5a:7b:f6:62:
                    1b:c5:bf:3d:16:f6:49:14:f8:e3:3b:03:d4:de:47:
                    df:90:53:08:05:20:ed:18:59:28:5f:79:45:c3:5b:
                    93:9f:49:88:bc:94:1c:6f:fa:16:3e:b8:81:3b:8e:
                    ab:66:39:63:f2:ba:06:ac:50:a7:b6:2f:e9:93:de:
                    86:de:bb:54:d8:bb:40:52:e6:e5:d6:c2:c5:4e:ea:
                    81:8e:66:94:9e:42:ec:f7:16:ea:2d:45:06:d9:01:
                    65:ca:c8:ba:b9:60:d9:f7:73:6e:e1:21:83:53:d9:
                    74:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:C9:17:D0:13:5F:B5:C3:3F:6D:CD:02:93:72:74:CE:F2:E8:7F:DF
            X509v3 Authority Key Identifier:
                keyid:0D:39:26:AD:FB:47:31:4F:1E:7D:5B:92:76:91:31:D4:29:FC:13:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/62daa95f-2f59-439a-834f-a721c372a74c/0/0D3926ADFB47314F1E7D5B92769131D429FC13A9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0D3926ADFB47314F1E7D5B92769131D429FC13A9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/62daa95f-2f59-439a-834f-a721c372a74c/0/3130332e3134372e3135362e302f32342d3234203d3e20313432333630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.147.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:48:ac:96:25:99:4f:28:10:72:fa:07:e2:d4:62:74:67:f5:
         56:91:57:2f:23:55:77:2c:d3:f5:b3:bf:b0:83:e8:dc:d9:12:
         42:51:41:b7:70:9e:43:19:c1:bb:1e:24:40:ea:b3:1a:01:93:
         09:32:87:24:5d:cb:9c:61:3e:1a:57:93:db:58:5d:20:ba:8b:
         7f:97:18:8a:2c:3d:f3:5a:4a:19:5d:e6:69:3c:e5:90:d6:00:
         05:73:c3:c6:62:80:8a:60:0e:2c:0c:df:c3:54:32:f0:e5:37:
         48:68:65:4d:64:09:ed:f8:64:e3:9c:75:6d:43:7a:c3:eb:5e:
         b6:b5:6a:56:a0:e5:7a:3c:be:ec:f8:67:3e:c8:c3:30:4a:ad:
         80:0b:21:9e:cd:5d:f2:ce:76:f5:77:8a:fe:ec:b1:51:7f:40:
         bd:79:86:51:24:ba:14:df:cf:ce:15:9e:a9:73:5c:69:59:70:
         c2:df:c3:2e:ff:4d:2c:ec:66:97:11:50:86:21:fd:cf:5d:32:
         ab:1d:a4:6b:6c:eb:ff:65:fe:a9:cb:b2:ad:3c:85:ee:a6:72:
         8e:a5:a9:b5:6b:4d:05:cd:8b:a9:20:20:e3:ed:c4:80:11:24:
         50:7f:51:85:3c:23:a9:71:dc:73:7e:a0:cb:5f:10:50:2f:d5:
         28:42:6f:b6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUZGuEjjioi7htdzSIY204i7LPTtowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEQzOTI2QURGQjQ3MzE0RjFFN0Q1QjkyNzY5MTMxRDQy
OUZDMTNBOTAeFw0yNTA3MzAwMTU2NTJaFw0yNjA3MjkwMjAxNTJaMDMxMTAvBgNV
BAMTKDhEQzkxN0QwMTM1RkI1QzMzRjZEQ0QwMjkzNzI3NENFRjJFODdGREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhVTASO/h7Ukos/LRz7tf+qlTm
Df0gq699fJv6DhKp4VdTmv9deedX0bC3fzMPvm7g4+VLWf8pUIomWLnQNBchfQiT
N7iJvLPPo6oP2P7njBxwBmKmlRduwFu8nsQpPiL6/ODtLtgCNyV0f0e55PCITrRb
4aRMVpZNVB4DWWeYxMXgNExN8CxE4zKB/qkI0TwVWnv2YhvFvz0W9kkU+OM7A9Te
R9+QUwgFIO0YWShfeUXDW5OfSYi8lBxv+hY+uIE7jqtmOWPyugasUKe2L+mT3obe
u1TYu0BS5uXWwsVO6oGOZpSeQuz3FuotRQbZAWXKyLq5YNn3c27hIYNT2XSXAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUjckX0BNftcM/bc0Ck3J0zvLof98wHwYDVR0j
BBgwFoAUDTkmrftHMU8efVuSdpEx1Cn8E6kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
MmRhYTk1Zi0yZjU5LTQzOWEtODM0Zi1hNzIxYzM3MmE3NGMvMC8wRDM5MjZBREZC
NDczMTRGMUU3RDVCOTI3NjkxMzFENDI5RkMxM0E5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMEQzOTI2QURGQjQ3MzE0RjFFN0Q1QjkyNzY5MTMxRDQyOUZD
MTNBOS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYyZGFhOTVmLTJmNTktNDM5YS04
MzRmLWE3MjFjMzcyYTc0Yy8wLzMxMzAzMzJlMzEzNDM3MmUzMTM1MzYyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzIzMzM2MzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnk5wwDQYJ
KoZIhvcNAQELBQADggEBABhIrJYlmU8oEHL6B+LUYnRn9VaRVy8jVXcs0/Wzv7CD
6NzZEkJRQbdwnkMZwbseJEDqsxoBkwkyhyRdy5xhPhpXk9tYXSC6i3+XGIosPfNa
Shld5mk85ZDWAAVzw8ZigIpgDiwM38NUMvDlN0hoZU1kCe34ZOOcdW1DesPrXra1
alag5Xo8vuz4Zz7IwzBKrYALIZ7NXfLOdvV3iv7ssVF/QL15hlEkuhTfz84Vnqlz
XGlZcMLfwy7/TSzsZpcRUIYh/c9dMqsdpGts6/9l/qnLsq08he6mco6lqbVrTQXN
i6kgIOPtxIARJFB/UYU8I6lx3HN+oMtfEFAv1ShCb7Y=
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:16:14 2025 by rpki-client