Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a57e5b0e-5964-463f-8041-337f8055643c/0/3130332e3136362e36362e302f32332d3234203d3e203137393935.roa
File:                     3130332e3136362e36362e302f32332d3234203d3e203137393935.roa (raw, json)
Hash identifier:          LeAX921PuFORgks79ePG8mv8iLwlKYZRHuQBuRA29no=
Subject key identifier:   FA:AB:B5:AF:03:AD:16:8C:15:A6:F7:D4:85:AB:E6:14:51:27:61:01
Certificate issuer:       /CN=03EF4149C5DB07AC348E58E4DA39BDDD971426FE
Certificate serial:       55C76EB54CAEF464695C2C147CDD0702911B825D
Authority key identifier: 03:EF:41:49:C5:DB:07:AC:34:8E:58:E4:DA:39:BD:DD:97:14:26:FE
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/03EF4149C5DB07AC348E58E4DA39BDDD971426FE.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a57e5b0e-5964-463f-8041-337f8055643c/0/3130332e3136362e36362e302f32332d3234203d3e203137393935.roa
Signing time:             Fri 04 Jul 2025 11:02:21 +0000
ROA not before:           Fri 04 Jul 2025 10:57:21 +0000
ROA not after:            Fri 03 Jul 2026 11:02:21 +0000
asID:                     17995
IP address blocks:        103.166.66.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/a57e5b0e-5964-463f-8041-337f8055643c/0/03EF4149C5DB07AC348E58E4DA39BDDD971426FE.crl
                          rsync://repo-rpki.idnic.net/repo/a57e5b0e-5964-463f-8041-337f8055643c/0/03EF4149C5DB07AC348E58E4DA39BDDD971426FE.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/03EF4149C5DB07AC348E58E4DA39BDDD971426FE.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 07:39:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:c7:6e:b5:4c:ae:f4:64:69:5c:2c:14:7c:dd:07:02:91:1b:82:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03EF4149C5DB07AC348E58E4DA39BDDD971426FE
        Validity
            Not Before: Jul  4 10:57:21 2025 GMT
            Not After : Jul  3 11:02:21 2026 GMT
        Subject: CN=FAABB5AF03AD168C15A6F7D485ABE61451276101
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:95:01:a1:bc:44:64:23:41:66:a7:64:7f:db:
                    f2:7f:02:e3:8b:28:be:94:f8:4a:79:7a:3b:6c:61:
                    5d:31:ce:51:6a:b7:4b:4b:4b:0f:2b:8a:5b:8b:29:
                    6d:ad:ef:50:bb:f9:75:51:60:79:bd:f7:15:16:0e:
                    f2:f6:5c:cd:e9:7e:57:96:d1:02:9e:08:81:82:fe:
                    3d:59:83:4e:8f:16:46:dc:30:67:f2:6c:3f:04:ca:
                    79:9b:ec:59:48:b6:b7:90:95:00:5c:a0:c2:58:71:
                    e7:5b:70:b3:46:17:3f:de:e0:1c:d3:7a:70:0d:a7:
                    cf:90:a6:ea:b7:03:5c:18:6d:a3:18:33:6d:43:d7:
                    82:4e:53:50:78:69:86:65:9a:62:60:72:e5:8f:9c:
                    bf:f8:2d:22:3c:6e:83:86:c5:50:87:3c:cd:2f:1a:
                    33:04:2b:29:bc:e0:3a:c3:4b:99:1e:35:5e:43:01:
                    10:98:5b:b4:17:6f:8b:9c:d3:0c:fb:7b:da:54:3f:
                    f5:63:c2:b9:f6:1b:76:8f:94:93:06:12:08:77:34:
                    bb:7d:f8:17:ff:56:37:e9:b5:6e:ec:0d:ff:ef:3e:
                    23:eb:79:a6:18:e0:26:37:8e:05:93:82:21:14:3f:
                    ec:67:44:8e:ae:0f:c0:5e:0d:9e:23:2f:4b:99:a8:
                    52:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:AB:B5:AF:03:AD:16:8C:15:A6:F7:D4:85:AB:E6:14:51:27:61:01
            X509v3 Authority Key Identifier:
                keyid:03:EF:41:49:C5:DB:07:AC:34:8E:58:E4:DA:39:BD:DD:97:14:26:FE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a57e5b0e-5964-463f-8041-337f8055643c/0/03EF4149C5DB07AC348E58E4DA39BDDD971426FE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/03EF4149C5DB07AC348E58E4DA39BDDD971426FE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a57e5b0e-5964-463f-8041-337f8055643c/0/3130332e3136362e36362e302f32332d3234203d3e203137393935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.166.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a4:42:c2:34:a6:b7:0f:f8:0a:b7:79:07:5c:33:9b:60:f8:f4:
         ad:f8:fb:5e:2b:b8:14:da:5e:b6:07:09:ad:36:84:e2:10:7b:
         3c:2a:17:42:bc:ba:be:5b:eb:4e:64:78:13:33:b9:cc:b5:a0:
         33:33:54:2e:1b:d8:c1:e6:a5:f2:d7:03:ba:33:49:5a:aa:40:
         5e:0a:9a:35:de:27:61:a7:b6:1f:2b:1e:76:8a:e0:a3:c1:fb:
         18:6e:86:63:21:dc:82:06:e4:2d:cd:4a:4c:36:be:82:5d:c0:
         95:08:c0:86:eb:91:46:b5:ec:09:4c:88:04:d8:79:df:89:c4:
         6d:67:5f:0e:ff:c8:d7:93:a8:c2:22:0d:de:3f:6f:a2:9a:98:
         63:6b:a3:04:fc:3e:e1:cd:0e:44:30:7d:b5:04:59:bc:11:2a:
         92:2e:2f:c4:76:0c:09:cc:53:39:12:61:f5:a5:6b:bc:23:ff:
         32:15:ca:be:ba:cc:bd:24:d5:21:b4:cb:76:4f:a8:c7:6a:5d:
         97:30:b6:c3:82:8b:fe:c8:74:2b:3b:1f:ae:98:3a:28:0d:bc:
         40:2e:60:e4:e2:d7:86:57:3f:ec:60:37:30:f0:26:22:6a:1a:
         76:3e:57:33:2a:74:1b:a3:7c:4e:e9:26:13:c2:db:1c:a5:39:
         4f:55:11:f2
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUVcdutUyu9GRpXCwUfN0HApEbgl0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNFRjQxNDlDNURCMDdBQzM0OEU1OEU0REEzOUJEREQ5
NzE0MjZGRTAeFw0yNTA3MDQxMDU3MjFaFw0yNjA3MDMxMTAyMjFaMDMxMTAvBgNV
BAMTKEZBQUJCNUFGMDNBRDE2OEMxNUE2RjdENDg1QUJFNjE0NTEyNzYxMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOlQGhvERkI0Fmp2R/2/J/AuOL
KL6U+Ep5ejtsYV0xzlFqt0tLSw8riluLKW2t71C7+XVRYHm99xUWDvL2XM3pfleW
0QKeCIGC/j1Zg06PFkbcMGfybD8Eynmb7FlItreQlQBcoMJYcedbcLNGFz/e4BzT
enANp8+Qpuq3A1wYbaMYM21D14JOU1B4aYZlmmJgcuWPnL/4LSI8boOGxVCHPM0v
GjMEKym84DrDS5keNV5DARCYW7QXb4uc0wz7e9pUP/Vjwrn2G3aPlJMGEgh3NLt9
+Bf/VjfptW7sDf/vPiPreaYY4CY3jgWTgiEUP+xnRI6uD8BeDZ4jL0uZqFLrAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU+qu1rwOtFowVpvfUhavmFFEnYQEwHwYDVR0j
BBgwFoAUA+9BScXbB6w0jljk2jm93ZcUJv4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
NTdlNWIwZS01OTY0LTQ2M2YtODA0MS0zMzdmODA1NTY0M2MvMC8wM0VGNDE0OUM1
REIwN0FDMzQ4RTU4RTREQTM5QkRERDk3MTQyNkZFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDNFRjQxNDlDNURCMDdBQzM0OEU1OEU0REEzOUJEREQ5NzE0
MjZGRS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E1N2U1YjBlLTU5NjQtNDYzZi04
MDQxLTMzN2Y4MDU1NjQzYy8wLzMxMzAzMzJlMzEzNjM2MmUzNjM2MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzNzM5MzkzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWemQjANBgkqhkiG
9w0BAQsFAAOCAQEApELCNKa3D/gKt3kHXDObYPj0rfj7Xiu4FNpetgcJrTaE4hB7
PCoXQry6vlvrTmR4EzO5zLWgMzNULhvYweal8tcDujNJWqpAXgqaNd4nYae2Hyse
dorgo8H7GG6GYyHcggbkLc1KTDa+gl3AlQjAhuuRRrXsCUyIBNh534nEbWdfDv/I
15OowiIN3j9vopqYY2ujBPw+4c0ORDB9tQRZvBEqki4vxHYMCcxTORJh9aVrvCP/
MhXKvrrMvSTVIbTLdk+ox2pdlzC2w4KL/sh0Kzsfrpg6KA28QC5g5OLXhlc/7GA3
MPAmImoadj5XMyp0G6N8TukmE8LbHKU5T1UR8g==
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:16:14 2025 by rpki-client