Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/99eebf7c-fe38-46a9-8311-e053fca50dfd/0/3130332e3134372e3234362e302f32332d3233203d3e20313339393732.roa
File:                     3130332e3134372e3234362e302f32332d3233203d3e20313339393732.roa (raw, json)
Hash identifier:          teCWdBffnsSq00HVFNB0zTbUb3mhJ+Mb1bWy4BeWvPg=
Subject key identifier:   AD:27:8F:32:81:F4:31:D0:7B:81:D5:F9:45:6D:BE:2A:F1:60:A1:3C
Certificate issuer:       /CN=6969B3009665224541D322068C9E3444C78F90F9
Certificate serial:       61EEEDF98FB0AA1C0DECDC0B6F5E4CB8126E1CA2
Authority key identifier: 69:69:B3:00:96:65:22:45:41:D3:22:06:8C:9E:34:44:C7:8F:90:F9
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6969B3009665224541D322068C9E3444C78F90F9.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/99eebf7c-fe38-46a9-8311-e053fca50dfd/0/3130332e3134372e3234362e302f32332d3233203d3e20313339393732.roa
Signing time:             Sat 12 Jul 2025 08:00:00 +0000
ROA not before:           Sat 12 Jul 2025 07:55:00 +0000
ROA not after:            Sat 11 Jul 2026 08:00:00 +0000
asID:                     139972
IP address blocks:        103.147.246.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/99eebf7c-fe38-46a9-8311-e053fca50dfd/0/6969B3009665224541D322068C9E3444C78F90F9.crl
                          rsync://repo-rpki.idnic.net/repo/99eebf7c-fe38-46a9-8311-e053fca50dfd/0/6969B3009665224541D322068C9E3444C78F90F9.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6969B3009665224541D322068C9E3444C78F90F9.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 21:58:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:ee:ed:f9:8f:b0:aa:1c:0d:ec:dc:0b:6f:5e:4c:b8:12:6e:1c:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6969B3009665224541D322068C9E3444C78F90F9
        Validity
            Not Before: Jul 12 07:55:00 2025 GMT
            Not After : Jul 11 08:00:00 2026 GMT
        Subject: CN=AD278F3281F431D07B81D5F9456DBE2AF160A13C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b6:7d:9e:43:2b:05:ef:e4:52:1e:be:3d:9d:
                    86:75:b1:30:a5:e8:de:d3:46:3f:c4:01:25:22:d2:
                    38:5d:bb:9a:55:88:72:f6:97:c1:18:76:69:91:89:
                    87:dc:5f:05:c9:80:84:9f:d3:ec:84:4e:a5:97:4b:
                    91:b2:6b:53:02:c1:d6:cf:d1:cc:ac:81:40:d2:5b:
                    cd:ad:f3:64:8d:b3:ed:62:40:07:20:c2:2f:64:e4:
                    d9:9b:10:80:80:cf:db:b8:d0:46:78:b7:c6:5a:cc:
                    60:e3:ae:d6:4e:b0:29:9a:3b:fc:3d:2a:8d:ac:95:
                    be:53:bd:e5:cd:54:e7:25:5b:cc:43:c8:44:50:d0:
                    f0:89:9f:29:91:ee:3d:48:ef:27:f5:8c:88:bd:ba:
                    dc:97:b9:c1:c5:f0:33:a6:8b:20:46:73:6f:4f:9c:
                    10:38:5a:82:3b:aa:81:b0:43:3a:16:6b:45:54:06:
                    fc:a1:ad:12:f6:04:82:c9:ed:3c:65:c8:bf:8d:60:
                    e2:19:4b:8d:c9:6f:e2:9a:6b:69:a4:95:4c:94:e4:
                    d1:32:7f:4c:57:77:da:c4:19:32:69:1a:57:2a:d4:
                    49:f0:a8:60:44:30:80:e6:93:bc:25:a1:44:15:dd:
                    df:ca:93:04:2d:b1:94:ce:25:f8:d5:ef:fb:00:9d:
                    61:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:27:8F:32:81:F4:31:D0:7B:81:D5:F9:45:6D:BE:2A:F1:60:A1:3C
            X509v3 Authority Key Identifier:
                keyid:69:69:B3:00:96:65:22:45:41:D3:22:06:8C:9E:34:44:C7:8F:90:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/99eebf7c-fe38-46a9-8311-e053fca50dfd/0/6969B3009665224541D322068C9E3444C78F90F9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6969B3009665224541D322068C9E3444C78F90F9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/99eebf7c-fe38-46a9-8311-e053fca50dfd/0/3130332e3134372e3234362e302f32332d3233203d3e20313339393732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.147.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4f:e1:cd:7d:8d:e2:04:1e:54:15:26:ff:50:d5:47:00:68:c0:
         58:dc:53:9c:62:e9:09:ec:69:de:18:a5:8f:98:03:69:54:d8:
         91:57:98:7f:96:cc:4a:02:ef:4c:0e:90:ac:7c:71:46:ae:05:
         64:b6:b2:3a:0d:c1:8b:6b:c2:f4:0a:c9:34:47:44:ff:9c:9b:
         a7:48:3f:0b:98:ad:b2:5a:d2:83:0d:42:df:9c:4f:f5:4e:cc:
         a7:07:70:2a:8f:69:98:19:a5:84:8d:66:df:3d:9f:c5:a8:df:
         3c:b4:b6:09:dc:23:5d:0a:18:26:d8:48:7c:07:5b:4c:b3:e1:
         a8:06:e7:05:8e:a2:63:e2:64:ea:57:1c:c9:d2:0a:c3:e4:e9:
         26:f9:14:96:50:02:b4:ce:00:f3:eb:79:a6:ce:4b:0e:48:da:
         63:29:85:a8:e8:c3:d7:15:20:e1:f0:fa:ea:ed:58:ac:97:14:
         20:c2:a2:45:3f:45:30:59:08:a5:37:2e:32:a0:20:be:c5:4d:
         f4:f2:a7:73:2e:96:12:0c:b2:c4:34:ab:4e:79:98:a8:d5:8e:
         50:82:ab:ad:8b:1d:b3:81:3c:da:df:6b:7b:50:20:c9:0c:fa:
         0f:8c:4d:bc:b5:55:25:09:1a:75:f0:73:8f:27:25:b8:bc:a5:
         cd:fb:bb:a6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUYe7t+Y+wqhwN7NwLb15MuBJuHKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjk2OUIzMDA5NjY1MjI0NTQxRDMyMjA2OEM5RTM0NDRD
NzhGOTBGOTAeFw0yNTA3MTIwNzU1MDBaFw0yNjA3MTEwODAwMDBaMDMxMTAvBgNV
BAMTKEFEMjc4RjMyODFGNDMxRDA3QjgxRDVGOTQ1NkRCRTJBRjE2MEExM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/tn2eQysF7+RSHr49nYZ1sTCl
6N7TRj/EASUi0jhdu5pViHL2l8EYdmmRiYfcXwXJgISf0+yETqWXS5Gya1MCwdbP
0cysgUDSW82t82SNs+1iQAcgwi9k5NmbEICAz9u40EZ4t8ZazGDjrtZOsCmaO/w9
Ko2slb5TveXNVOclW8xDyERQ0PCJnymR7j1I7yf1jIi9utyXucHF8DOmiyBGc29P
nBA4WoI7qoGwQzoWa0VUBvyhrRL2BILJ7TxlyL+NYOIZS43Jb+Kaa2mklUyU5NEy
f0xXd9rEGTJpGlcq1EnwqGBEMIDmk7wloUQV3d/KkwQtsZTOJfjV7/sAnWFvAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUrSePMoH0MdB7gdX5RW2+KvFgoTwwHwYDVR0j
BBgwFoAUaWmzAJZlIkVB0yIGjJ40RMePkPkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
OWVlYmY3Yy1mZTM4LTQ2YTktODMxMS1lMDUzZmNhNTBkZmQvMC82OTY5QjMwMDk2
NjUyMjQ1NDFEMzIyMDY4QzlFMzQ0NEM3OEY5MEY5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjk2OUIzMDA5NjY1MjI0NTQxRDMyMjA2OEM5RTM0NDRDNzhG
OTBGOS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk5ZWViZjdjLWZlMzgtNDZhOS04
MzExLWUwNTNmY2E1MGRmZC8wLzMxMzAzMzJlMzEzNDM3MmUzMjM0MzYyZTMwMmYz
MjMzMmQzMjMzMjAzZDNlMjAzMTMzMzkzOTM3MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnk/YwDQYJ
KoZIhvcNAQELBQADggEBAE/hzX2N4gQeVBUm/1DVRwBowFjcU5xi6Qnsad4YpY+Y
A2lU2JFXmH+WzEoC70wOkKx8cUauBWS2sjoNwYtrwvQKyTRHRP+cm6dIPwuYrbJa
0oMNQt+cT/VOzKcHcCqPaZgZpYSNZt89n8Wo3zy0tgncI10KGCbYSHwHW0yz4agG
5wWOomPiZOpXHMnSCsPk6Sb5FJZQArTOAPPreabOSw5I2mMphajow9cVIOHw+urt
WKyXFCDCokU/RTBZCKU3LjKgIL7FTfTyp3MulhIMssQ0q055mKjVjlCCq62LHbOB
PNrfa3tQIMkM+g+MTby1VSUJGnXwc48nJbi8pc37u6Y=
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:50:02 2025 by rpki-client