Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/cabeebcc-a247-4fde-aa86-c6669eabcd82/0/3130332e33382e3131302e302f32342d3234203d3e20313531353639.roa
File:                     3130332e33382e3131302e302f32342d3234203d3e20313531353639.roa (raw, json)
Hash identifier:          J0htEBbJtg13KY4rKcx5Rasf7tnVHbIZzu6sYSNQaxY=
Subject key identifier:   25:39:85:24:06:D0:71:27:8C:E2:FA:53:22:58:38:9D:EF:5B:95:53
Certificate issuer:       /CN=8AF24BA6BB2F67CD548BD08B64D97B9A2468ED80
Certificate serial:       5776373D169D0FEAFB018C458AE7CE4E06BAFDD7
Authority key identifier: 8A:F2:4B:A6:BB:2F:67:CD:54:8B:D0:8B:64:D9:7B:9A:24:68:ED:80
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8AF24BA6BB2F67CD548BD08B64D97B9A2468ED80.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/cabeebcc-a247-4fde-aa86-c6669eabcd82/0/3130332e33382e3131302e302f32342d3234203d3e20313531353639.roa
Signing time:             Fri 01 Aug 2025 04:47:12 +0000
ROA not before:           Fri 01 Aug 2025 04:42:12 +0000
ROA not after:            Fri 31 Jul 2026 04:47:12 +0000
asID:                     151569
IP address blocks:        103.38.110.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/cabeebcc-a247-4fde-aa86-c6669eabcd82/0/8AF24BA6BB2F67CD548BD08B64D97B9A2468ED80.crl
                          rsync://repo-rpki.idnic.net/repo/cabeebcc-a247-4fde-aa86-c6669eabcd82/0/8AF24BA6BB2F67CD548BD08B64D97B9A2468ED80.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8AF24BA6BB2F67CD548BD08B64D97B9A2468ED80.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 09:02:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:76:37:3d:16:9d:0f:ea:fb:01:8c:45:8a:e7:ce:4e:06:ba:fd:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8AF24BA6BB2F67CD548BD08B64D97B9A2468ED80
        Validity
            Not Before: Aug  1 04:42:12 2025 GMT
            Not After : Jul 31 04:47:12 2026 GMT
        Subject: CN=2539852406D071278CE2FA532258389DEF5B9553
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:a5:1c:9c:be:86:88:2d:08:5f:41:4a:5b:35:
                    2d:79:86:72:f6:03:22:64:df:8d:2e:13:3c:99:b5:
                    bc:58:31:50:e2:b5:dc:d6:cb:6f:12:b7:da:32:35:
                    8f:67:0b:f9:bc:c4:43:35:3d:30:9c:4e:c1:ea:d2:
                    cb:5d:14:34:d3:db:40:f5:a1:29:59:1a:82:81:40:
                    0a:d5:16:d2:52:8a:c2:3c:59:c5:91:29:b8:8e:d8:
                    57:12:ca:25:77:3e:f1:dd:93:07:9d:6d:3e:cd:47:
                    e1:c0:12:29:7c:fe:e1:ea:a8:76:83:f3:bd:ec:f3:
                    23:e7:5c:21:a9:e3:aa:c4:1a:0b:d5:e1:5c:84:0c:
                    30:e6:9b:b6:09:ad:e1:9e:d6:df:11:d4:82:09:68:
                    28:6c:7d:a2:4f:37:56:d0:fe:3c:e4:7b:ff:49:0f:
                    34:10:bd:c1:71:bd:c4:f0:a8:ca:f2:85:fb:5a:44:
                    21:71:77:7b:0a:a1:3b:28:a7:24:92:af:75:6d:8d:
                    a5:ea:fa:27:24:79:82:99:7b:2c:54:5f:29:b6:40:
                    36:15:3e:8e:7a:aa:de:4c:1b:67:3b:f0:34:bb:21:
                    d9:0a:82:d4:42:8c:34:e5:f2:c2:d6:ef:58:41:2f:
                    21:94:40:4c:4a:69:0a:ea:1d:74:ab:e4:8f:39:3f:
                    a1:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:39:85:24:06:D0:71:27:8C:E2:FA:53:22:58:38:9D:EF:5B:95:53
            X509v3 Authority Key Identifier:
                keyid:8A:F2:4B:A6:BB:2F:67:CD:54:8B:D0:8B:64:D9:7B:9A:24:68:ED:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/cabeebcc-a247-4fde-aa86-c6669eabcd82/0/8AF24BA6BB2F67CD548BD08B64D97B9A2468ED80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8AF24BA6BB2F67CD548BD08B64D97B9A2468ED80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cabeebcc-a247-4fde-aa86-c6669eabcd82/0/3130332e33382e3131302e302f32342d3234203d3e20313531353639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.38.110.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:fb:4b:bb:53:7f:c2:e8:d7:d4:e4:82:bc:78:ba:c0:00:ee:
         c6:87:3c:4c:85:73:81:30:f1:ca:76:b8:7a:bd:8d:0d:6a:8d:
         a2:c4:b6:26:2e:ef:84:95:21:5d:50:19:4f:14:26:97:4d:63:
         f2:51:8e:d0:a3:10:4f:5c:18:e2:4f:fd:88:db:51:24:97:2d:
         8f:8c:3c:1d:a7:8b:e8:cf:4e:75:a6:fa:6b:d8:99:eb:5e:71:
         0a:37:f6:83:fe:47:a9:af:56:a3:cf:8e:ab:42:c9:28:02:e2:
         79:35:e8:b1:93:26:18:bd:9a:53:a0:9f:b4:8e:49:9b:94:16:
         9f:00:57:64:d1:f5:33:4c:a9:96:b4:81:4c:d6:77:91:56:c7:
         0b:b1:00:b6:e7:ce:40:2c:7a:79:58:27:88:f1:5e:61:70:b9:
         53:41:14:80:23:78:69:57:a3:d8:6c:b2:cb:28:bb:fe:18:5e:
         d9:09:4d:00:a1:e7:6e:cb:10:d3:dc:90:e8:de:5c:2e:fc:bd:
         85:1f:04:b2:98:c5:46:7a:83:f8:c1:17:26:37:15:c2:8f:61:
         4f:38:14:91:8d:31:e1:34:12:b7:ad:57:9f:a6:87:18:a6:71:
         11:11:09:a4:e6:8e:51:a9:e4:2d:75:61:a4:6b:eb:24:ca:24:
         6c:66:1a:3c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUV3Y3PRadD+r7AYxFiufOTga6/dcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEFGMjRCQTZCQjJGNjdDRDU0OEJEMDhCNjREOTdCOUEy
NDY4RUQ4MDAeFw0yNTA4MDEwNDQyMTJaFw0yNjA3MzEwNDQ3MTJaMDMxMTAvBgNV
BAMTKDI1Mzk4NTI0MDZEMDcxMjc4Q0UyRkE1MzIyNTgzODlERUY1Qjk1NTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNpRycvoaILQhfQUpbNS15hnL2
AyJk340uEzyZtbxYMVDitdzWy28St9oyNY9nC/m8xEM1PTCcTsHq0stdFDTT20D1
oSlZGoKBQArVFtJSisI8WcWRKbiO2FcSyiV3PvHdkwedbT7NR+HAEil8/uHqqHaD
873s8yPnXCGp46rEGgvV4VyEDDDmm7YJreGe1t8R1IIJaChsfaJPN1bQ/jzke/9J
DzQQvcFxvcTwqMryhftaRCFxd3sKoTsopySSr3VtjaXq+ickeYKZeyxUXym2QDYV
Po56qt5MG2c78DS7IdkKgtRCjDTl8sLW71hBLyGUQExKaQrqHXSr5I85P6EPAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUJTmFJAbQcSeM4vpTIlg4ne9blVMwHwYDVR0j
BBgwFoAUivJLprsvZ81Ui9CLZNl7miRo7YAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
YWJlZWJjYy1hMjQ3LTRmZGUtYWE4Ni1jNjY2OWVhYmNkODIvMC84QUYyNEJBNkJC
MkY2N0NENTQ4QkQwOEI2NEQ5N0I5QTI0NjhFRDgwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOEFGMjRCQTZCQjJGNjdDRDU0OEJEMDhCNjREOTdCOUEyNDY4
RUQ4MC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NhYmVlYmNjLWEyNDctNGZkZS1h
YTg2LWM2NjY5ZWFiY2Q4Mi8wLzMxMzAzMzJlMzMzODJlMzEzMTMwMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNTMxMzUzNjM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZyZuMA0GCSqG
SIb3DQEBCwUAA4IBAQCo+0u7U3/C6NfU5IK8eLrAAO7GhzxMhXOBMPHKdrh6vY0N
ao2ixLYmLu+ElSFdUBlPFCaXTWPyUY7QoxBPXBjiT/2I21Ekly2PjDwdp4voz051
pvpr2JnrXnEKN/aD/kepr1ajz46rQskoAuJ5NeixkyYYvZpToJ+0jkmblBafAFdk
0fUzTKmWtIFM1neRVscLsQC2585ALHp5WCeI8V5hcLlTQRSAI3hpV6PYbLLLKLv+
GF7ZCU0AoeduyxDT3JDo3lwu/L2FHwSymMVGeoP4wRcmNxXCj2FPOBSRjTHhNBK3
rVefpocYpnEREQmk5o5RqeQtdWGka+skyiRsZho8
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:27:21 2025 by rpki-client