Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/c07c88da-2b56-487e-9efe-571170b10286/0/3130332e3134312e32302e302f32332d3233203d3e20313338383837.roa
File:                     3130332e3134312e32302e302f32332d3233203d3e20313338383837.roa (raw, json)
Hash identifier:          lmx0XZquBskC7D+0GLv2mO10TyL75yCcIcmOAKJbJoQ=
Subject key identifier:   49:CA:A7:0D:5F:9D:7C:AD:A9:C9:54:36:B9:63:D9:82:CE:39:7E:C6
Certificate issuer:       /CN=80F9ED59290AD77DE2856ECFD8340E28FF858E3D
Certificate serial:       147835FB2446A89E1743AB6BDD6858ACFBBFECA1
Authority key identifier: 80:F9:ED:59:29:0A:D7:7D:E2:85:6E:CF:D8:34:0E:28:FF:85:8E:3D
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/80F9ED59290AD77DE2856ECFD8340E28FF858E3D.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c07c88da-2b56-487e-9efe-571170b10286/0/3130332e3134312e32302e302f32332d3233203d3e20313338383837.roa
Signing time:             Fri 01 Aug 2025 16:02:30 +0000
ROA not before:           Fri 01 Aug 2025 15:57:30 +0000
ROA not after:            Fri 31 Jul 2026 16:02:30 +0000
asID:                     138887
IP address blocks:        103.141.20.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/c07c88da-2b56-487e-9efe-571170b10286/0/80F9ED59290AD77DE2856ECFD8340E28FF858E3D.crl
                          rsync://repo-rpki.idnic.net/repo/c07c88da-2b56-487e-9efe-571170b10286/0/80F9ED59290AD77DE2856ECFD8340E28FF858E3D.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/80F9ED59290AD77DE2856ECFD8340E28FF858E3D.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 12 Aug 2025 07:23:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:78:35:fb:24:46:a8:9e:17:43:ab:6b:dd:68:58:ac:fb:bf:ec:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80F9ED59290AD77DE2856ECFD8340E28FF858E3D
        Validity
            Not Before: Aug  1 15:57:30 2025 GMT
            Not After : Jul 31 16:02:30 2026 GMT
        Subject: CN=49CAA70D5F9D7CADA9C95436B963D982CE397EC6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:1d:2f:6b:39:be:23:3b:f6:8e:3b:3e:a3:ee:
                    ac:d3:99:e0:77:d6:2b:3b:92:9c:21:d4:3e:a8:7e:
                    72:cb:1f:9c:0b:1e:6b:e3:55:88:a9:50:e8:0e:a5:
                    a2:ac:28:95:4f:45:68:3c:6a:ca:f3:f2:17:8d:b8:
                    d9:5b:c8:8a:69:c5:ee:2c:d4:f9:99:6e:f6:d1:bb:
                    eb:2c:9d:e1:d0:2e:17:61:73:0c:fa:77:5b:dc:8b:
                    e5:ee:5c:b0:b3:75:ab:7b:70:30:31:3b:0f:50:81:
                    5c:19:63:29:3d:b6:f2:65:c6:c5:86:fb:e0:5f:89:
                    59:2c:bf:a1:d4:65:d6:93:79:49:7d:8a:9c:b8:6f:
                    b1:5d:b8:d7:7a:8a:73:41:f6:05:28:52:74:58:5d:
                    05:21:73:38:e0:02:62:d6:bf:a8:db:44:04:93:66:
                    2c:99:80:03:a5:32:7a:36:5e:31:0b:32:84:31:20:
                    78:47:88:2e:79:1a:c5:fb:50:ea:8c:98:94:ae:9e:
                    1d:e9:42:1f:ce:92:3f:19:db:33:83:0c:7d:3b:a4:
                    b0:af:ca:12:c2:44:c7:8b:79:99:26:d4:a6:ae:62:
                    54:3b:c8:d6:40:f2:da:c0:3e:95:83:03:9d:c7:78:
                    f9:a0:50:a6:6a:74:fd:26:ee:47:5d:30:55:67:1e:
                    d9:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:CA:A7:0D:5F:9D:7C:AD:A9:C9:54:36:B9:63:D9:82:CE:39:7E:C6
            X509v3 Authority Key Identifier:
                keyid:80:F9:ED:59:29:0A:D7:7D:E2:85:6E:CF:D8:34:0E:28:FF:85:8E:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c07c88da-2b56-487e-9efe-571170b10286/0/80F9ED59290AD77DE2856ECFD8340E28FF858E3D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/80F9ED59290AD77DE2856ECFD8340E28FF858E3D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c07c88da-2b56-487e-9efe-571170b10286/0/3130332e3134312e32302e302f32332d3233203d3e20313338383837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.141.20.0/23

    Signature Algorithm: sha256WithRSAEncryption
         98:5d:5a:ea:0f:f9:8a:c6:a5:7b:eb:e8:23:92:cb:52:46:e7:
         93:d9:e0:27:cc:d0:55:35:69:3f:39:e0:98:10:cf:67:8a:43:
         d9:92:9b:6d:92:ab:d7:b0:5c:3a:43:5f:64:f6:9f:4c:8f:41:
         26:0a:03:e9:d0:15:60:a8:03:41:4d:9b:52:06:c0:6d:ff:be:
         84:bf:a9:a9:3b:65:3b:cf:93:58:1d:44:ad:6a:22:0e:40:5b:
         3a:47:71:0d:20:8b:f4:cd:80:00:0f:6b:cc:f5:d5:39:ec:95:
         ff:d2:f9:96:60:94:3e:b0:d7:e1:38:b1:d3:4e:0b:bf:d6:9e:
         9e:64:a3:97:c2:ae:ba:a3:a6:9f:ab:f5:72:78:dc:1b:93:6c:
         68:0c:10:0a:8d:75:18:27:63:dc:28:e3:7d:f2:54:76:2a:05:
         a6:e2:74:d4:e7:b1:8f:32:c2:b6:9d:71:62:59:a9:37:11:51:
         49:7d:96:cc:69:1e:1b:50:57:fe:d7:d0:f4:c1:d9:a1:c1:55:
         c1:82:ba:1d:8c:49:be:16:a0:55:b5:8f:f3:b8:bd:4f:24:1b:
         ce:14:23:6d:04:4d:46:10:9b:16:2f:7a:9d:13:88:69:73:66:
         49:57:29:76:75:bb:f4:fa:3a:61:0b:c8:b7:44:c0:d8:6b:74:
         a6:c6:45:11
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUFHg1+yRGqJ4XQ6tr3WhYrPu/7KEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODBGOUVENTkyOTBBRDc3REUyODU2RUNGRDgzNDBFMjhG
Rjg1OEUzRDAeFw0yNTA4MDExNTU3MzBaFw0yNjA3MzExNjAyMzBaMDMxMTAvBgNV
BAMTKDQ5Q0FBNzBENUY5RDdDQURBOUM5NTQzNkI5NjNEOTgyQ0UzOTdFQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDHS9rOb4jO/aOOz6j7qzTmeB3
1is7kpwh1D6ofnLLH5wLHmvjVYipUOgOpaKsKJVPRWg8asrz8heNuNlbyIppxe4s
1PmZbvbRu+ssneHQLhdhcwz6d1vci+XuXLCzdat7cDAxOw9QgVwZYyk9tvJlxsWG
++BfiVksv6HUZdaTeUl9ipy4b7FduNd6inNB9gUoUnRYXQUhczjgAmLWv6jbRAST
ZiyZgAOlMno2XjELMoQxIHhHiC55GsX7UOqMmJSunh3pQh/Okj8Z2zODDH07pLCv
yhLCRMeLeZkm1KauYlQ7yNZA8trAPpWDA53HePmgUKZqdP0m7kddMFVnHtmfAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUScqnDV+dfK2pyVQ2uWPZgs45fsYwHwYDVR0j
BBgwFoAUgPntWSkK133ihW7P2DQOKP+Fjj0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
MDdjODhkYS0yYjU2LTQ4N2UtOWVmZS01NzExNzBiMTAyODYvMC84MEY5RUQ1OTI5
MEFENzdERTI4NTZFQ0ZEODM0MEUyOEZGODU4RTNELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODBGOUVENTkyOTBBRDc3REUyODU2RUNGRDgzNDBFMjhGRjg1
OEUzRC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2MwN2M4OGRhLTJiNTYtNDg3ZS05
ZWZlLTU3MTE3MGIxMDI4Ni8wLzMxMzAzMzJlMzEzNDMxMmUzMjMwMmUzMDJmMzIz
MzJkMzIzMzIwM2QzZTIwMzEzMzM4MzgzODM3LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ40UMA0GCSqG
SIb3DQEBCwUAA4IBAQCYXVrqD/mKxqV76+gjkstSRueT2eAnzNBVNWk/OeCYEM9n
ikPZkpttkqvXsFw6Q19k9p9Mj0EmCgPp0BVgqANBTZtSBsBt/76Ev6mpO2U7z5NY
HUStaiIOQFs6R3ENIIv0zYAAD2vM9dU57JX/0vmWYJQ+sNfhOLHTTgu/1p6eZKOX
wq66o6afq/VyeNwbk2xoDBAKjXUYJ2PcKON98lR2KgWm4nTU57GPMsK2nXFiWak3
EVFJfZbMaR4bUFf+19D0wdmhwVXBgrodjEm+FqBVtY/zuL1PJBvOFCNtBE1GEJsW
L3qdE4hpc2ZJVyl2dbv0+jphC8i3RMDYa3SmxkUR
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:36:54 2025 by rpki-client