Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/bc072db7-0127-4564-8d20-bced525a14b8/0/323030313a6466303a336538303a3a2f34382d3438203d3e20313338383531.roa
File:                     323030313a6466303a336538303a3a2f34382d3438203d3e20313338383531.roa (raw, json)
Hash identifier:          z4oYCZWDew+XBZrkivYPBIEa8esU/2et9t2LDZPakkY=
Subject key identifier:   2D:45:FC:55:AF:5F:88:04:92:13:8D:32:33:BB:98:45:D1:AC:48:DA
Certificate issuer:       /CN=586FE8D27FF4D6BD4FA839FC58844A4B03D535DF
Certificate serial:       7543EFC560DC58B2546DAF9D77D5B227AEEC555F
Authority key identifier: 58:6F:E8:D2:7F:F4:D6:BD:4F:A8:39:FC:58:84:4A:4B:03:D5:35:DF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/586FE8D27FF4D6BD4FA839FC58844A4B03D535DF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/bc072db7-0127-4564-8d20-bced525a14b8/0/323030313a6466303a336538303a3a2f34382d3438203d3e20313338383531.roa
Signing time:             Fri 11 Jul 2025 07:02:22 +0000
ROA not before:           Fri 11 Jul 2025 06:57:22 +0000
ROA not after:            Fri 10 Jul 2026 07:02:22 +0000
asID:                     138851
IP address blocks:        2001:df0:3e80::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/bc072db7-0127-4564-8d20-bced525a14b8/0/586FE8D27FF4D6BD4FA839FC58844A4B03D535DF.crl
                          rsync://repo-rpki.idnic.net/repo/bc072db7-0127-4564-8d20-bced525a14b8/0/586FE8D27FF4D6BD4FA839FC58844A4B03D535DF.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/586FE8D27FF4D6BD4FA839FC58844A4B03D535DF.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 18:44:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:43:ef:c5:60:dc:58:b2:54:6d:af:9d:77:d5:b2:27:ae:ec:55:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=586FE8D27FF4D6BD4FA839FC58844A4B03D535DF
        Validity
            Not Before: Jul 11 06:57:22 2025 GMT
            Not After : Jul 10 07:02:22 2026 GMT
        Subject: CN=2D45FC55AF5F880492138D3233BB9845D1AC48DA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:50:96:f8:b6:67:89:f6:af:dd:e4:b8:95:5e:
                    fe:4d:3f:9e:71:13:aa:3f:c6:b3:04:ef:62:57:08:
                    54:00:56:ee:7b:0e:cd:27:33:8f:1a:d7:fa:39:db:
                    94:63:c5:e5:52:67:aa:72:81:3d:14:c9:a1:58:60:
                    1c:f1:77:ed:eb:4d:81:f1:09:cf:18:50:f5:94:a3:
                    81:1e:fd:20:8c:80:49:46:ef:a8:f8:5d:72:51:a3:
                    69:dd:c9:b4:19:75:74:0b:cf:81:e5:d4:26:d8:05:
                    76:30:cb:39:c4:7e:5a:aa:aa:b7:06:00:4c:35:2c:
                    c9:df:3d:46:a1:16:cd:f8:d7:55:63:60:82:1a:b8:
                    f8:78:4d:61:00:a6:92:05:81:ba:9e:71:0a:ab:2e:
                    c7:e3:d2:be:c8:03:0a:46:16:66:fd:57:75:00:2c:
                    6e:49:29:13:fe:af:b2:ed:99:b3:51:0c:47:71:5a:
                    9f:64:ff:28:3c:88:9a:d3:0d:6d:42:6e:af:74:68:
                    51:6d:01:15:88:9b:73:4b:5e:43:41:ea:41:34:3a:
                    0d:8d:aa:ef:9a:5f:57:fd:5b:64:53:a7:09:ce:67:
                    1d:8f:a3:1f:9a:23:53:5c:cd:53:9c:63:02:44:a5:
                    e2:b5:07:ba:73:7d:b1:1d:8c:36:4a:0e:82:b5:bc:
                    18:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:45:FC:55:AF:5F:88:04:92:13:8D:32:33:BB:98:45:D1:AC:48:DA
            X509v3 Authority Key Identifier:
                keyid:58:6F:E8:D2:7F:F4:D6:BD:4F:A8:39:FC:58:84:4A:4B:03:D5:35:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/bc072db7-0127-4564-8d20-bced525a14b8/0/586FE8D27FF4D6BD4FA839FC58844A4B03D535DF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/586FE8D27FF4D6BD4FA839FC58844A4B03D535DF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bc072db7-0127-4564-8d20-bced525a14b8/0/323030313a6466303a336538303a3a2f34382d3438203d3e20313338383531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df0:3e80::/48

    Signature Algorithm: sha256WithRSAEncryption
         20:61:3d:07:87:fe:9e:58:a8:fd:4e:61:e5:65:7a:ab:be:e6:
         b7:67:39:ab:76:1f:1e:f1:f3:a2:9a:3b:6e:b1:17:cc:70:34:
         a4:cc:d4:6a:12:49:51:a3:97:38:ca:b6:11:9f:83:6f:13:0b:
         2c:98:02:5b:c9:64:ca:24:e1:f4:de:f7:55:2e:96:8f:90:83:
         95:2b:cb:07:fb:d1:e5:b7:d0:99:4e:37:69:9e:af:11:64:b5:
         71:89:88:b2:3a:0f:0a:a6:ca:6f:79:9a:ed:ed:06:15:b2:72:
         a8:87:5a:e0:80:72:cd:b2:f9:f7:8c:35:0a:6e:c7:cc:b0:e9:
         45:9e:ab:a2:2a:11:43:2d:1b:d2:eb:db:51:9f:46:fb:32:a5:
         27:2c:37:70:44:a0:70:60:e1:99:da:d4:26:2e:1b:66:bd:a7:
         ff:8c:20:66:b3:62:8e:3d:e9:1c:ee:a2:38:25:87:63:37:ff:
         dc:9a:fe:fe:16:a9:67:02:9d:88:0f:bc:f5:03:d1:6b:ac:ce:
         47:e0:a5:e4:ce:89:52:f1:2b:35:35:3d:fa:2c:e6:80:41:1c:
         15:60:2e:76:90:1d:4d:ba:57:a6:9b:a7:c2:50:25:a1:8f:31:
         ef:69:4c:37:89:6c:f5:9e:0d:9c:c0:12:06:33:55:95:27:e5:
         c0:e2:ac:a2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdUPvxWDcWLJUba+dd9WyJ67sVV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTg2RkU4RDI3RkY0RDZCRDRGQTgzOUZDNTg4NDRBNEIw
M0Q1MzVERjAeFw0yNTA3MTEwNjU3MjJaFw0yNjA3MTAwNzAyMjJaMDMxMTAvBgNV
BAMTKDJENDVGQzU1QUY1Rjg4MDQ5MjEzOEQzMjMzQkI5ODQ1RDFBQzQ4REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlUJb4tmeJ9q/d5LiVXv5NP55x
E6o/xrME72JXCFQAVu57Ds0nM48a1/o525RjxeVSZ6pygT0UyaFYYBzxd+3rTYHx
Cc8YUPWUo4Ee/SCMgElG76j4XXJRo2ndybQZdXQLz4Hl1CbYBXYwyznEflqqqrcG
AEw1LMnfPUahFs3411VjYIIauPh4TWEAppIFgbqecQqrLsfj0r7IAwpGFmb9V3UA
LG5JKRP+r7LtmbNRDEdxWp9k/yg8iJrTDW1Cbq90aFFtARWIm3NLXkNB6kE0Og2N
qu+aX1f9W2RTpwnOZx2Pox+aI1NczVOcYwJEpeK1B7pzfbEdjDZKDoK1vBh3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQULUX8Va9fiASSE40yM7uYRdGsSNowHwYDVR0j
BBgwFoAUWG/o0n/01r1PqDn8WIRKSwPVNd8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
YzA3MmRiNy0wMTI3LTQ1NjQtOGQyMC1iY2VkNTI1YTE0YjgvMC81ODZGRThEMjdG
RjRENkJENEZBODM5RkM1ODg0NEE0QjAzRDUzNURGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNTg2RkU4RDI3RkY0RDZCRDRGQTgzOUZDNTg4NDRBNEIwM0Q1
MzVERi5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JjMDcyZGI3LTAxMjctNDU2NC04
ZDIwLWJjZWQ1MjVhMTRiOC8wLzMyMzAzMDMxM2E2NDY2MzAzYTMzNjUzODMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzM4MzgzNTMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
8D6AMA0GCSqGSIb3DQEBCwUAA4IBAQAgYT0Hh/6eWKj9TmHlZXqrvua3Zzmrdh8e
8fOimjtusRfMcDSkzNRqEklRo5c4yrYRn4NvEwssmAJbyWTKJOH03vdVLpaPkIOV
K8sH+9Hlt9CZTjdpnq8RZLVxiYiyOg8KpspveZrt7QYVsnKoh1rggHLNsvn3jDUK
bsfMsOlFnquiKhFDLRvS69tRn0b7MqUnLDdwRKBwYOGZ2tQmLhtmvaf/jCBms2KO
Pekc7qI4JYdjN//cmv7+FqlnAp2ID7z1A9FrrM5H4KXkzolS8Ss1NT36LOaAQRwV
YC52kB1Nulemm6fCUCWhjzHvaUw3iWz1ng2cwBIGM1WVJ+XA4qyi
-----END CERTIFICATE-----
Generated at Thu Aug 7 11:21:11 2025 by rpki-client