Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/ce505319-c33d-434a-abc5-6a61ce853e95/0/3130332e3135342e37342e302f32342d3234203d3e20313430343830.roa
File:                     3130332e3135342e37342e302f32342d3234203d3e20313430343830.roa (raw, json)
Hash identifier:          9yEpf7UptHKPtJGMSNZGjTG/u5N0H8I6F7MGckJB2CA=
Subject key identifier:   B1:CD:87:66:BB:A8:D8:D1:84:A2:37:29:CB:47:3B:FF:CC:18:06:E4
Certificate issuer:       /CN=6AC58D24855E7FE24AC452B7D0FDDB9BD9003A8B
Certificate serial:       374114AD68DCAB23078664B3F3149DC736CDF332
Authority key identifier: 6A:C5:8D:24:85:5E:7F:E2:4A:C4:52:B7:D0:FD:DB:9B:D9:00:3A:8B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6AC58D24855E7FE24AC452B7D0FDDB9BD9003A8B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/ce505319-c33d-434a-abc5-6a61ce853e95/0/3130332e3135342e37342e302f32342d3234203d3e20313430343830.roa
Signing time:             Thu 03 Jul 2025 11:02:47 +0000
ROA not before:           Thu 03 Jul 2025 10:57:47 +0000
ROA not after:            Thu 02 Jul 2026 11:02:47 +0000
asID:                     140480
IP address blocks:        103.154.74.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/ce505319-c33d-434a-abc5-6a61ce853e95/0/6AC58D24855E7FE24AC452B7D0FDDB9BD9003A8B.crl
                          rsync://repo-rpki.idnic.net/repo/ce505319-c33d-434a-abc5-6a61ce853e95/0/6AC58D24855E7FE24AC452B7D0FDDB9BD9003A8B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6AC58D24855E7FE24AC452B7D0FDDB9BD9003A8B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 13:42:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:41:14:ad:68:dc:ab:23:07:86:64:b3:f3:14:9d:c7:36:cd:f3:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6AC58D24855E7FE24AC452B7D0FDDB9BD9003A8B
        Validity
            Not Before: Jul  3 10:57:47 2025 GMT
            Not After : Jul  2 11:02:47 2026 GMT
        Subject: CN=B1CD8766BBA8D8D184A23729CB473BFFCC1806E4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:d2:a8:a6:40:25:3b:8f:b1:06:a0:e0:97:aa:
                    93:0e:c6:a3:7b:87:e3:97:86:73:99:8d:f3:28:ff:
                    c3:f6:cb:72:2f:20:44:d9:1e:ad:74:c7:a9:e9:78:
                    a1:0e:e3:3f:99:9d:d1:37:e1:3c:87:2a:ca:17:15:
                    f3:07:a9:38:a4:65:6a:2d:de:e4:52:a9:ad:fc:36:
                    9b:37:af:11:69:ae:82:08:1e:2c:dd:eb:d3:85:4c:
                    8a:1d:49:f2:bc:e4:2b:30:53:cb:b4:c4:2d:d8:e1:
                    9e:18:33:66:c8:04:dc:0d:46:79:48:c3:2a:09:71:
                    d0:89:e1:05:fe:2f:b0:96:44:81:39:8c:0a:ee:73:
                    43:14:86:8a:d5:2d:1b:37:df:fd:ee:f7:41:ce:21:
                    f9:e8:2c:51:2e:4e:e2:53:42:9f:19:a8:3f:4a:d3:
                    ab:8e:ba:05:84:6f:9e:8d:a0:53:a0:2a:0a:14:b6:
                    5a:13:74:6d:cb:6c:52:5b:2e:9a:ec:e6:ff:8c:7f:
                    93:28:8c:71:13:41:27:8b:73:8b:5b:65:8b:a9:1f:
                    d0:2e:bb:f5:7f:ce:24:22:89:b2:22:c3:80:f6:01:
                    75:e3:a8:21:7c:24:7d:a3:be:53:9b:7d:16:b4:5a:
                    c0:e2:b1:3a:80:88:5f:47:40:2a:01:9f:50:82:3e:
                    2e:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:CD:87:66:BB:A8:D8:D1:84:A2:37:29:CB:47:3B:FF:CC:18:06:E4
            X509v3 Authority Key Identifier:
                keyid:6A:C5:8D:24:85:5E:7F:E2:4A:C4:52:B7:D0:FD:DB:9B:D9:00:3A:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/ce505319-c33d-434a-abc5-6a61ce853e95/0/6AC58D24855E7FE24AC452B7D0FDDB9BD9003A8B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6AC58D24855E7FE24AC452B7D0FDDB9BD9003A8B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ce505319-c33d-434a-abc5-6a61ce853e95/0/3130332e3135342e37342e302f32342d3234203d3e20313430343830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.154.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:cb:6c:28:c2:3d:f3:bb:51:64:85:17:9c:50:d9:4d:15:b6:
         15:4e:72:aa:7d:9d:8e:21:08:de:95:a6:aa:b6:40:74:f7:da:
         0a:28:af:0c:06:17:c0:5a:8b:7a:f5:27:19:b1:6b:12:ef:c4:
         78:75:cd:e2:a0:3c:1c:1a:22:1e:cc:b7:7d:c9:c8:a1:ef:ab:
         8a:ac:fa:00:73:cf:47:b5:ba:ba:90:08:e1:4c:2a:03:a4:21:
         84:d7:6f:14:f4:03:4f:79:b5:f5:f2:36:71:b6:a3:24:ed:33:
         14:0d:3d:95:a4:81:e0:ec:45:64:68:56:3b:54:4e:8d:bb:36:
         60:43:38:70:da:1c:4a:40:44:f4:21:5a:3a:fe:8a:82:19:f1:
         c3:ca:d7:2f:64:56:9f:5e:f3:36:e6:c3:1b:33:41:b8:f4:44:
         d4:8f:ad:f2:bc:0c:f7:a9:8a:17:e3:86:3d:b2:3e:0a:c1:14:
         cb:5d:81:f8:90:a4:62:fb:1a:53:19:ad:7f:35:17:da:23:1f:
         af:26:94:e4:5e:64:a6:1c:83:03:14:6a:be:82:00:9d:1c:9f:
         d6:ef:ba:7d:67:86:39:ed:d8:9e:da:8b:c9:5c:f4:75:19:a8:
         9b:b7:2e:ba:cc:d5:d6:51:cb:da:a0:ad:85:18:cb:f4:dc:c1:
         2f:8e:db:0d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUN0EUrWjcqyMHhmSz8xSdxzbN8zIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkFDNThEMjQ4NTVFN0ZFMjRBQzQ1MkI3RDBGRERCOUJE
OTAwM0E4QjAeFw0yNTA3MDMxMDU3NDdaFw0yNjA3MDIxMTAyNDdaMDMxMTAvBgNV
BAMTKEIxQ0Q4NzY2QkJBOEQ4RDE4NEEyMzcyOUNCNDczQkZGQ0MxODA2RTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR0qimQCU7j7EGoOCXqpMOxqN7
h+OXhnOZjfMo/8P2y3IvIETZHq10x6npeKEO4z+ZndE34TyHKsoXFfMHqTikZWot
3uRSqa38Nps3rxFproIIHizd69OFTIodSfK85CswU8u0xC3Y4Z4YM2bIBNwNRnlI
wyoJcdCJ4QX+L7CWRIE5jAruc0MUhorVLRs33/3u90HOIfnoLFEuTuJTQp8ZqD9K
06uOugWEb56NoFOgKgoUtloTdG3LbFJbLprs5v+Mf5MojHETQSeLc4tbZYupH9Au
u/V/ziQiibIiw4D2AXXjqCF8JH2jvlObfRa0WsDisTqAiF9HQCoBn1CCPi6TAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUsc2HZruo2NGEojcpy0c7/8wYBuQwHwYDVR0j
BBgwFoAUasWNJIVef+JKxFK30P3bm9kAOoswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
ZTUwNTMxOS1jMzNkLTQzNGEtYWJjNS02YTYxY2U4NTNlOTUvMC82QUM1OEQyNDg1
NUU3RkUyNEFDNDUyQjdEMEZEREI5QkQ5MDAzQThCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNkFDNThEMjQ4NTVFN0ZFMjRBQzQ1MkI3RDBGRERCOUJEOTAw
M0E4Qi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NlNTA1MzE5LWMzM2QtNDM0YS1h
YmM1LTZhNjFjZTg1M2U5NS8wLzMxMzAzMzJlMzEzNTM0MmUzNzM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDMwMzQzODMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ5pKMA0GCSqG
SIb3DQEBCwUAA4IBAQAcy2wowj3zu1FkhRecUNlNFbYVTnKqfZ2OIQjelaaqtkB0
99oKKK8MBhfAWot69ScZsWsS78R4dc3ioDwcGiIezLd9ycih76uKrPoAc89Htbq6
kAjhTCoDpCGE128U9ANPebX18jZxtqMk7TMUDT2VpIHg7EVkaFY7VE6NuzZgQzhw
2hxKQET0IVo6/oqCGfHDytcvZFafXvM25sMbM0G49ETUj63yvAz3qYoX44Y9sj4K
wRTLXYH4kKRi+xpTGa1/NRfaIx+vJpTkXmSmHIMDFGq+ggCdHJ/W77p9Z4Y57die
2ovJXPR1Gaibty66zNXWUcvaoK2FGMv03MEvjtsN
-----END CERTIFICATE-----
Generated at Thu Aug 7 07:21:02 2025 by rpki-client