Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/323430343a326363303a32633a3a2f34362d3436203d3e20313331373336.roa
File:                     323430343a326363303a32633a3a2f34362d3436203d3e20313331373336.roa (raw, json)
Hash identifier:          t4c93T36jMt5VZmXd/bp2z8IhiNgox8OFSWiaBbxAhQ=
Subject key identifier:   84:0A:79:5C:7E:0D:13:6C:EF:DA:F7:99:6E:F3:FD:92:23:34:63:C5
Certificate issuer:       /CN=DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A
Certificate serial:       27813EC07B2B44BE7ADC22800CF849650871ADE2
Authority key identifier: DF:8E:F2:99:4C:B5:42:09:F2:C2:A3:9A:7B:CE:7D:A0:D9:C3:4E:4A
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/323430343a326363303a32633a3a2f34362d3436203d3e20313331373336.roa
Signing time:             Wed 23 Jul 2025 01:48:20 +0000
ROA not before:           Wed 23 Jul 2025 01:43:20 +0000
ROA not after:            Wed 22 Jul 2026 01:48:20 +0000
asID:                     131736
IP address blocks:        2404:2cc0:2c::/46 maxlen: 46
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.crl
                          rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 11 Aug 2025 02:30:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:81:3e:c0:7b:2b:44:be:7a:dc:22:80:0c:f8:49:65:08:71:ad:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A
        Validity
            Not Before: Jul 23 01:43:20 2025 GMT
            Not After : Jul 22 01:48:20 2026 GMT
        Subject: CN=840A795C7E0D136CEFDAF7996EF3FD92233463C5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:88:d7:be:ff:37:bb:ef:6d:f2:94:41:62:e4:
                    9b:0b:98:3f:60:65:60:f2:e3:eb:02:2c:20:39:7a:
                    ce:6d:48:e4:13:43:eb:e1:91:2c:b5:2c:88:eb:61:
                    c7:df:7f:bb:d2:e3:32:e2:44:05:78:8a:12:59:fa:
                    e7:da:3e:5c:3c:c5:6d:ea:da:59:cc:1c:74:a4:2a:
                    b5:05:4b:a1:3e:43:5e:5a:a1:db:15:f9:17:b3:ff:
                    b1:45:03:e5:57:25:4a:ba:f7:e2:14:da:8c:c0:9f:
                    09:a0:67:f5:5f:cb:da:0d:f1:8f:d8:2e:78:16:c1:
                    82:a7:ca:2b:e6:f3:80:ff:6f:69:47:05:70:16:36:
                    ca:f6:c1:7e:52:92:aa:69:ab:a5:c1:c8:59:d7:26:
                    ed:50:92:fd:73:6e:bc:aa:a0:71:79:e6:30:f0:0f:
                    55:1b:df:c0:26:c4:9f:93:c0:3a:cc:37:a8:79:29:
                    3a:d5:3a:fb:4b:76:c7:e1:99:01:2d:37:06:07:b5:
                    f2:1f:87:e7:e2:e9:30:5b:7c:70:71:d6:c2:12:29:
                    95:d4:83:d6:ea:39:79:a0:bf:9b:4f:9e:21:47:66:
                    34:6b:df:d9:d0:eb:66:99:fb:8d:c2:11:1d:ad:11:
                    1c:03:67:36:4e:75:9d:f4:5a:25:0a:36:aa:fb:29:
                    e1:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:0A:79:5C:7E:0D:13:6C:EF:DA:F7:99:6E:F3:FD:92:23:34:63:C5
            X509v3 Authority Key Identifier:
                keyid:DF:8E:F2:99:4C:B5:42:09:F2:C2:A3:9A:7B:CE:7D:A0:D9:C3:4E:4A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/323430343a326363303a32633a3a2f34362d3436203d3e20313331373336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:2cc0:2c::/46

    Signature Algorithm: sha256WithRSAEncryption
         be:f7:47:e9:d2:f2:2d:bf:7a:10:a5:34:b1:50:96:e5:65:c4:
         00:cb:28:a9:06:55:76:46:fa:0f:c2:c0:3a:98:51:5e:dc:d2:
         3c:8e:6d:0c:fc:96:09:d5:51:3a:0e:0b:e0:c8:6e:14:12:70:
         19:4e:7a:30:2f:53:f6:c2:66:cf:88:21:cc:6e:67:90:f2:a1:
         62:7e:ee:d6:d9:97:13:b9:74:e8:73:0f:66:51:c2:de:29:88:
         ff:df:fa:cc:6e:d0:01:39:c1:b3:b6:61:7d:e0:d1:a0:9b:bb:
         d0:82:46:ad:2e:ad:c8:96:b0:07:9d:73:20:bf:17:af:09:d3:
         58:72:25:44:69:fd:e8:94:67:b6:ca:34:3c:85:84:a2:6f:e9:
         e2:16:c5:df:27:6b:51:d8:1d:f8:41:c5:de:01:e9:7c:ae:8a:
         89:e3:93:b1:ee:d1:bf:b0:4b:81:40:15:7b:07:90:ae:95:ad:
         47:9f:89:42:b4:f4:f7:01:81:ff:00:5e:d6:ce:3c:00:c4:68:
         be:3c:e4:81:cb:2d:b7:a7:1b:61:c6:ad:b1:13:c3:5f:f6:0f:
         c4:6f:bb:e9:d0:03:f7:9a:6c:fb:55:13:51:08:cb:86:fd:88:
         c4:61:a3:8a:55:c4:ae:95:0c:b3:7b:28:ba:cc:bf:20:4c:1b:
         c4:aa:d1:31
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUJ4E+wHsrRL563CKADPhJZQhxreIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREY4RUYyOTk0Q0I1NDIwOUYyQzJBMzlBN0JDRTdEQTBE
OUMzNEU0QTAeFw0yNTA3MjMwMTQzMjBaFw0yNjA3MjIwMTQ4MjBaMDMxMTAvBgNV
BAMTKDg0MEE3OTVDN0UwRDEzNkNFRkRBRjc5OTZFRjNGRDkyMjMzNDYzQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkiNe+/ze7723ylEFi5JsLmD9g
ZWDy4+sCLCA5es5tSOQTQ+vhkSy1LIjrYcfff7vS4zLiRAV4ihJZ+ufaPlw8xW3q
2lnMHHSkKrUFS6E+Q15aodsV+Rez/7FFA+VXJUq69+IU2ozAnwmgZ/Vfy9oN8Y/Y
LngWwYKnyivm84D/b2lHBXAWNsr2wX5Skqppq6XByFnXJu1Qkv1zbryqoHF55jDw
D1Ub38AmxJ+TwDrMN6h5KTrVOvtLdsfhmQEtNwYHtfIfh+fi6TBbfHBx1sISKZXU
g9bqOXmgv5tPniFHZjRr39nQ62aZ+43CER2tERwDZzZOdZ30WiUKNqr7KeE3AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUhAp5XH4NE2zv2veZbvP9kiM0Y8UwHwYDVR0j
BBgwFoAU347ymUy1QgnywqOae859oNnDTkowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
MjVjZGEzNi02OTNhLTRjMWEtYmE5ZS1lMGUxNzgxMTIxNDAvMC9ERjhFRjI5OTRD
QjU0MjA5RjJDMkEzOUE3QkNFN0RBMEQ5QzM0RTRBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvREY4RUYyOTk0Q0I1NDIwOUYyQzJBMzlBN0JDRTdEQTBEOUMz
NEU0QS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkyNWNkYTM2LTY5M2EtNGMxYS1i
YTllLWUwZTE3ODExMjE0MC8wLzMyMzQzMDM0M2EzMjYzNjMzMDNhMzI2MzNhM2Ey
ZjM0MzYyZDM0MzYyMDNkM2UyMDMxMzMzMTM3MzMzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiQELMAA
LDANBgkqhkiG9w0BAQsFAAOCAQEAvvdH6dLyLb96EKU0sVCW5WXEAMsoqQZVdkb6
D8LAOphRXtzSPI5tDPyWCdVROg4L4MhuFBJwGU56MC9T9sJmz4ghzG5nkPKhYn7u
1tmXE7l06HMPZlHC3imI/9/6zG7QATnBs7ZhfeDRoJu70IJGrS6tyJawB51zIL8X
rwnTWHIlRGn96JRntso0PIWEom/p4hbF3ydrUdgd+EHF3gHpfK6KieOTse7Rv7BL
gUAVeweQrpWtR5+JQrT09wGB/wBe1s48AMRovjzkgcstt6cbYcatsRPDX/YPxG+7
6dAD95ps+1UTUQjLhv2IxGGjilXErpUMs3sousy/IEwbxKrRMQ==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:47:45 2025 by rpki-client