Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/97dc7ee5-ce67-45cd-9881-43489ab2b1a5/0/3130332e3136342e32322e302f32332d3234203d3e203137393935.roa
File:                     3130332e3136342e32322e302f32332d3234203d3e203137393935.roa (raw, json)
Hash identifier:          sTN/8QbT7vMBdY4lWuaimWErVYuLZoinw920451use8=
Subject key identifier:   49:C9:94:F9:23:CE:0E:0A:A9:AA:78:F5:BA:27:71:C2:44:29:F3:73
Certificate issuer:       /CN=79204255412F26FC4519CA94E35B93EF4E47BC73
Certificate serial:       6CCE92662167EBB88314B16D84A3A827E3D239
Authority key identifier: 79:20:42:55:41:2F:26:FC:45:19:CA:94:E3:5B:93:EF:4E:47:BC:73
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/79204255412F26FC4519CA94E35B93EF4E47BC73.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/97dc7ee5-ce67-45cd-9881-43489ab2b1a5/0/3130332e3136342e32322e302f32332d3234203d3e203137393935.roa
Signing time:             Fri 04 Jul 2025 09:03:48 +0000
ROA not before:           Fri 04 Jul 2025 08:58:48 +0000
ROA not after:            Fri 03 Jul 2026 09:03:48 +0000
asID:                     17995
IP address blocks:        103.164.22.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/97dc7ee5-ce67-45cd-9881-43489ab2b1a5/0/79204255412F26FC4519CA94E35B93EF4E47BC73.crl
                          rsync://repo-rpki.idnic.net/repo/97dc7ee5-ce67-45cd-9881-43489ab2b1a5/0/79204255412F26FC4519CA94E35B93EF4E47BC73.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/79204255412F26FC4519CA94E35B93EF4E47BC73.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 08:34:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:ce:92:66:21:67:eb:b8:83:14:b1:6d:84:a3:a8:27:e3:d2:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79204255412F26FC4519CA94E35B93EF4E47BC73
        Validity
            Not Before: Jul  4 08:58:48 2025 GMT
            Not After : Jul  3 09:03:48 2026 GMT
        Subject: CN=49C994F923CE0E0AA9AA78F5BA2771C24429F373
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:0a:c3:31:1f:60:ed:7e:eb:95:20:41:e6:dc:
                    0d:90:18:d1:b0:51:3b:9b:ae:32:f1:a4:5f:72:c0:
                    9e:18:2c:3c:32:73:0d:11:56:9f:5c:a8:a8:8d:4c:
                    63:5b:6e:cc:8b:b1:e1:81:5c:f1:43:3d:80:69:06:
                    20:8e:d0:69:94:60:42:fd:84:f2:e5:4e:8b:03:3f:
                    e0:25:7c:8b:73:6e:da:27:42:99:5f:0b:52:32:a0:
                    e8:2c:2a:d3:2e:50:e5:23:34:97:ef:61:b8:7e:9d:
                    c8:15:f8:7a:a5:40:bb:b0:19:b8:f2:3c:23:6d:d3:
                    7c:ab:2a:47:3a:07:15:8f:a8:5d:2e:5a:46:e2:4a:
                    82:35:b0:b5:18:61:c6:14:27:d6:85:63:a0:eb:4e:
                    74:42:01:85:87:06:d7:38:e7:81:07:47:22:77:5e:
                    53:66:ab:dc:44:fa:32:77:45:2f:9c:0a:91:b2:47:
                    22:1f:43:00:12:f2:e1:44:f6:13:a2:53:cd:80:5e:
                    f4:b0:ee:45:5b:8a:7a:58:78:ae:c9:67:b0:ca:00:
                    0d:ff:e3:bd:7b:f0:7d:af:79:b2:e9:f1:a2:75:dc:
                    eb:01:68:d3:f7:4b:80:4b:c6:e1:15:26:1d:1b:c7:
                    47:9d:0e:b9:69:83:93:66:2b:b0:6a:8d:63:7e:2f:
                    43:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:C9:94:F9:23:CE:0E:0A:A9:AA:78:F5:BA:27:71:C2:44:29:F3:73
            X509v3 Authority Key Identifier:
                keyid:79:20:42:55:41:2F:26:FC:45:19:CA:94:E3:5B:93:EF:4E:47:BC:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/97dc7ee5-ce67-45cd-9881-43489ab2b1a5/0/79204255412F26FC4519CA94E35B93EF4E47BC73.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/79204255412F26FC4519CA94E35B93EF4E47BC73.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/97dc7ee5-ce67-45cd-9881-43489ab2b1a5/0/3130332e3136342e32322e302f32332d3234203d3e203137393935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.164.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9f:cb:15:4b:0f:39:92:f5:0b:32:9a:cd:24:7c:a0:94:be:05:
         e6:3c:72:f5:80:95:a2:ad:6b:3b:15:27:77:72:0e:3c:9e:22:
         e5:f1:55:e4:2f:22:03:3a:36:4e:18:e7:64:e0:55:51:3f:55:
         70:73:13:9a:62:1d:5d:85:08:64:20:de:76:7b:bb:d2:40:c1:
         ea:79:21:d0:93:57:7b:45:82:20:59:27:a6:66:f8:91:ed:34:
         fd:3c:21:6c:8f:11:01:9b:a8:bf:8a:e0:83:31:86:a9:39:86:
         19:f3:71:d7:1f:83:87:5c:fd:ba:97:9b:21:81:a7:5e:22:e9:
         33:f2:76:9c:2b:b4:90:04:87:5a:85:47:fc:92:12:4c:50:cd:
         a2:d4:74:be:8e:19:b8:b6:97:3c:1d:df:36:c9:12:3b:9b:0a:
         2c:8b:41:70:56:6f:0c:2d:84:60:8d:60:76:67:b7:b1:a6:f8:
         58:50:6c:ab:0b:d9:46:a3:cc:05:9d:f2:69:27:85:57:53:8d:
         4b:8d:66:bf:b3:92:e6:25:68:5a:74:b3:cf:76:df:e2:76:3b:
         12:b8:7c:a5:58:07:1b:c5:4a:1a:cd:8a:51:bf:e2:89:fb:f5:
         5c:b4:e0:90:eb:b9:65:d8:53:e4:ef:32:63:10:e5:d7:b7:ba:
         e0:40:48:9b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgITbM6SZiFn67iDFLFthKOoJ+PSOTANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg3OTIwNDI1NTQxMkYyNkZDNDUxOUNBOTRFMzVCOTNFRjRF
NDdCQzczMB4XDTI1MDcwNDA4NTg0OFoXDTI2MDcwMzA5MDM0OFowMzExMC8GA1UE
AxMoNDlDOTk0RjkyM0NFMEUwQUE5QUE3OEY1QkEyNzcxQzI0NDI5RjM3MzCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANkKwzEfYO1+65UgQebcDZAY0bBR
O5uuMvGkX3LAnhgsPDJzDRFWn1yoqI1MY1tuzIux4YFc8UM9gGkGII7QaZRgQv2E
8uVOiwM/4CV8i3Nu2idCmV8LUjKg6Cwq0y5Q5SM0l+9huH6dyBX4eqVAu7AZuPI8
I23TfKsqRzoHFY+oXS5aRuJKgjWwtRhhxhQn1oVjoOtOdEIBhYcG1zjngQdHInde
U2ar3ET6MndFL5wKkbJHIh9DABLy4UT2E6JTzYBe9LDuRVuKelh4rslnsMoADf/j
vXvwfa95sunxonXc6wFo0/dLgEvG4RUmHRvHR50OuWmDk2YrsGqNY34vQ08CAwEA
AaOCAjIwggIuMB0GA1UdDgQWBBRJyZT5I84OCqmqePW6J3HCRCnzczAfBgNVHSME
GDAWgBR5IEJVQS8m/EUZypTjW5PvTke8czAOBgNVHQ8BAf8EBAMCB4AwgYUGA1Ud
HwR+MHwweqB4oHaGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk3
ZGM3ZWU1LWNlNjctNDVjZC05ODgxLTQzNDg5YWIyYjFhNS8wLzc5MjA0MjU1NDEy
RjI2RkM0NTE5Q0E5NEUzNUI5M0VGNEU0N0JDNzMuY3JsMHQGCCsGAQUFBwEBBGgw
ZjBkBggrBgEFBQcwAoZYcnN5bmM6Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8v
SUROSUMtSUQvMi83OTIwNDI1NTQxMkYyNkZDNDUxOUNBOTRFMzVCOTNFRjRFNDdC
QzczLmNlcjCBogYIKwYBBQUHAQsEgZUwgZIwgY8GCCsGAQUFBzALhoGCcnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTdkYzdlZTUtY2U2Ny00NWNkLTk4
ODEtNDM0ODlhYjJiMWE1LzAvMzEzMDMzMmUzMTM2MzQyZTMyMzIyZTMwMmYzMjMz
MmQzMjM0MjAzZDNlMjAzMTM3MzkzOTM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ6QWMA0GCSqGSIb3
DQEBCwUAA4IBAQCfyxVLDzmS9Qsyms0kfKCUvgXmPHL1gJWirWs7FSd3cg48niLl
8VXkLyIDOjZOGOdk4FVRP1VwcxOaYh1dhQhkIN52e7vSQMHqeSHQk1d7RYIgWSem
ZviR7TT9PCFsjxEBm6i/iuCDMYapOYYZ83HXH4OHXP26l5shgadeIukz8nacK7SQ
BIdahUf8khJMUM2i1HS+jhm4tpc8Hd82yRI7mwosi0FwVm8MLYRgjWB2Z7expvhY
UGyrC9lGo8wFnfJpJ4VXU41LjWa/s5LmJWhadLPPdt/idjsSuHylWAcbxUoazYpR
v+KJ+/VctOCQ67ll2FPk7zJjEOXXt7rgQEib
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:15:45 2025 by rpki-client