Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/657e89e8-53aa-44f6-b6d8-5879078bf664/0/3130332e3135372e37382e302f32332d3234203d3e20313431313134.roa
File:                     3130332e3135372e37382e302f32332d3234203d3e20313431313134.roa (raw, json)
Hash identifier:          ejH4Jptb2+nXxwdyhxr2eLVcxmTdzu5eDGJeQynArtM=
Subject key identifier:   F0:FF:CE:47:6D:C3:13:9F:B9:8D:41:AF:66:4E:4F:68:41:E8:E3:24
Certificate issuer:       /CN=52145183B5BE1A663FBC5C228102541AC61F9F86
Certificate serial:       4964B386422C07B0922AB75A3607EC5D0FF3CCE2
Authority key identifier: 52:14:51:83:B5:BE:1A:66:3F:BC:5C:22:81:02:54:1A:C6:1F:9F:86
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/52145183B5BE1A663FBC5C228102541AC61F9F86.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/657e89e8-53aa-44f6-b6d8-5879078bf664/0/3130332e3135372e37382e302f32332d3234203d3e20313431313134.roa
Signing time:             Wed 23 Jul 2025 11:02:26 +0000
ROA not before:           Wed 23 Jul 2025 10:57:26 +0000
ROA not after:            Wed 22 Jul 2026 11:02:26 +0000
asID:                     141114
IP address blocks:        103.157.78.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/657e89e8-53aa-44f6-b6d8-5879078bf664/0/52145183B5BE1A663FBC5C228102541AC61F9F86.crl
                          rsync://repo-rpki.idnic.net/repo/657e89e8-53aa-44f6-b6d8-5879078bf664/0/52145183B5BE1A663FBC5C228102541AC61F9F86.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/52145183B5BE1A663FBC5C228102541AC61F9F86.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 08 Aug 2025 19:37:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:64:b3:86:42:2c:07:b0:92:2a:b7:5a:36:07:ec:5d:0f:f3:cc:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52145183B5BE1A663FBC5C228102541AC61F9F86
        Validity
            Not Before: Jul 23 10:57:26 2025 GMT
            Not After : Jul 22 11:02:26 2026 GMT
        Subject: CN=F0FFCE476DC3139FB98D41AF664E4F6841E8E324
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:b2:d6:60:7a:5a:dd:8c:8c:75:15:49:11:f2:
                    c1:0b:a9:3a:6c:d0:75:26:6f:a2:19:c5:65:04:05:
                    a2:e3:16:06:18:ae:17:33:72:f6:6f:4c:1b:a6:72:
                    7d:ad:22:cb:e2:2c:ee:24:8b:aa:a2:d1:45:0f:de:
                    5b:d9:6b:29:56:47:3e:96:df:3b:bf:e7:9e:72:10:
                    fa:ce:f4:a3:74:83:08:9d:21:dc:5f:8c:70:4d:f5:
                    a3:ff:39:0e:2e:68:fe:11:fe:96:80:40:09:2e:be:
                    13:4f:1b:d1:77:4c:38:b1:1e:1a:0b:b0:1b:fd:c1:
                    88:3c:02:4e:a2:84:60:9f:bd:da:7a:b1:61:a7:ee:
                    1b:e4:c7:aa:67:9b:42:99:48:e1:3d:f2:ed:f9:8d:
                    93:e6:89:19:f2:53:80:74:5f:1f:23:d3:55:cf:7c:
                    8a:19:fb:b9:f6:5f:34:c4:6b:0b:bb:6d:b7:0a:18:
                    16:b0:50:eb:d9:70:15:68:a5:93:78:6c:31:08:0e:
                    09:fe:7d:12:86:59:2a:fc:93:6e:70:af:5e:e5:33:
                    7a:03:55:f1:26:ec:5f:10:83:b0:5b:da:f9:40:88:
                    2e:99:e5:0f:d6:92:73:ee:35:99:61:ac:31:75:6f:
                    63:ad:c3:d1:a9:ba:2e:81:b8:61:d4:d8:67:b7:25:
                    2b:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:FF:CE:47:6D:C3:13:9F:B9:8D:41:AF:66:4E:4F:68:41:E8:E3:24
            X509v3 Authority Key Identifier:
                keyid:52:14:51:83:B5:BE:1A:66:3F:BC:5C:22:81:02:54:1A:C6:1F:9F:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/657e89e8-53aa-44f6-b6d8-5879078bf664/0/52145183B5BE1A663FBC5C228102541AC61F9F86.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/52145183B5BE1A663FBC5C228102541AC61F9F86.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/657e89e8-53aa-44f6-b6d8-5879078bf664/0/3130332e3135372e37382e302f32332d3234203d3e20313431313134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.157.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         76:4d:9f:bf:dd:64:37:5a:c7:e8:3e:a2:a2:b2:38:03:49:b1:
         9d:80:33:d8:ea:5c:60:d5:25:2a:f3:f0:55:73:6e:92:b1:b0:
         16:c6:c8:a5:16:ec:93:b2:95:f1:b6:96:3e:cd:5b:1e:ac:95:
         e1:50:52:cb:b8:3e:f0:ee:70:d4:7b:6d:f3:8d:47:3c:bb:81:
         b9:13:03:57:c8:4a:68:cf:17:9a:24:fc:ed:a7:96:09:aa:8d:
         2f:58:23:58:7d:11:95:50:54:27:cf:18:cf:db:83:5a:ca:d1:
         20:b2:35:47:2f:c4:8c:4f:53:4d:25:1e:d7:eb:e5:8f:7f:13:
         f3:35:62:39:b8:68:c5:e2:eb:04:10:ea:d8:6d:e4:ff:fe:0b:
         90:00:ec:cd:90:00:b6:4c:f4:e7:d9:5b:e2:3a:97:dd:46:7f:
         b1:62:8c:b3:bd:2a:b6:27:89:63:c5:22:66:ae:38:6c:ee:55:
         83:b7:95:92:c6:b8:b1:4f:d1:f9:60:89:df:48:b4:b2:b5:15:
         e4:fc:99:a1:fa:2f:a2:88:1c:5f:23:b1:39:1e:58:bb:bf:0c:
         0e:78:bb:ba:2e:43:44:36:5c:20:37:15:89:f3:df:99:94:f0:
         69:9e:4e:a9:71:6e:60:7f:1d:54:bf:10:08:28:19:65:37:56:
         f1:da:0e:b3
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUSWSzhkIsB7CSKrdaNgfsXQ/zzOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTIxNDUxODNCNUJFMUE2NjNGQkM1QzIyODEwMjU0MUFD
NjFGOUY4NjAeFw0yNTA3MjMxMDU3MjZaFw0yNjA3MjIxMTAyMjZaMDMxMTAvBgNV
BAMTKEYwRkZDRTQ3NkRDMzEzOUZCOThENDFBRjY2NEU0RjY4NDFFOEUzMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKstZgelrdjIx1FUkR8sELqTps
0HUmb6IZxWUEBaLjFgYYrhczcvZvTBumcn2tIsviLO4ki6qi0UUP3lvZaylWRz6W
3zu/555yEPrO9KN0gwidIdxfjHBN9aP/OQ4uaP4R/paAQAkuvhNPG9F3TDixHhoL
sBv9wYg8Ak6ihGCfvdp6sWGn7hvkx6pnm0KZSOE98u35jZPmiRnyU4B0Xx8j01XP
fIoZ+7n2XzTEawu7bbcKGBawUOvZcBVopZN4bDEIDgn+fRKGWSr8k25wr17lM3oD
VfEm7F8Qg7Bb2vlAiC6Z5Q/WknPuNZlhrDF1b2Otw9Gpui6BuGHU2Ge3JSsVAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU8P/OR23DE5+5jUGvZk5PaEHo4yQwHwYDVR0j
BBgwFoAUUhRRg7W+GmY/vFwigQJUGsYfn4YwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
NTdlODllOC01M2FhLTQ0ZjYtYjZkOC01ODc5MDc4YmY2NjQvMC81MjE0NTE4M0I1
QkUxQTY2M0ZCQzVDMjI4MTAyNTQxQUM2MUY5Rjg2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNTIxNDUxODNCNUJFMUE2NjNGQkM1QzIyODEwMjU0MUFDNjFG
OUY4Ni5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY1N2U4OWU4LTUzYWEtNDRmNi1i
NmQ4LTU4NzkwNzhiZjY2NC8wLzMxMzAzMzJlMzEzNTM3MmUzNzM4MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzNDMxMzEzMTM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ51OMA0GCSqG
SIb3DQEBCwUAA4IBAQB2TZ+/3WQ3WsfoPqKisjgDSbGdgDPY6lxg1SUq8/BVc26S
sbAWxsilFuyTspXxtpY+zVserJXhUFLLuD7w7nDUe23zjUc8u4G5EwNXyEpozxea
JPztp5YJqo0vWCNYfRGVUFQnzxjP24NaytEgsjVHL8SMT1NNJR7X6+WPfxPzNWI5
uGjF4usEEOrYbeT//guQAOzNkAC2TPTn2VviOpfdRn+xYoyzvSq2J4ljxSJmrjhs
7lWDt5WSxrixT9H5YInfSLSytRXk/Jmh+i+iiBxfI7E5Hli7vwwOeLu6LkNENlwg
NxWJ89+ZlPBpnk6pcW5gfx1UvxAIKBllN1bx2g6z
-----END CERTIFICATE-----
Generated at Thu Aug 7 11:20:31 2025 by rpki-client