Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/d044f918-9332-4257-b510-381c8590ff54/0/3130332e3136362e33342e302f32332d3234203d3e203137393935.roa
File:                     3130332e3136362e33342e302f32332d3234203d3e203137393935.roa (raw, json)
Hash identifier:          Nmtn3LlfweyxwcAEh/9aYsa4vVfStr8hvIJSQMmS8CI=
Subject key identifier:   83:B7:AD:1B:EF:EC:25:EC:31:4B:4B:47:BF:05:98:1A:EC:3D:0D:1C
Certificate issuer:       /CN=B126A372835801BBB738696C56DCF255D032D42F
Certificate serial:       63F6E82B76DA9F02F317EB31224F0A792EF45C55
Authority key identifier: B1:26:A3:72:83:58:01:BB:B7:38:69:6C:56:DC:F2:55:D0:32:D4:2F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B126A372835801BBB738696C56DCF255D032D42F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/d044f918-9332-4257-b510-381c8590ff54/0/3130332e3136362e33342e302f32332d3234203d3e203137393935.roa
Signing time:             Fri 04 Jul 2025 12:00:00 +0000
ROA not before:           Fri 04 Jul 2025 11:55:00 +0000
ROA not after:            Fri 03 Jul 2026 12:00:00 +0000
asID:                     17995
IP address blocks:        103.166.34.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/d044f918-9332-4257-b510-381c8590ff54/0/B126A372835801BBB738696C56DCF255D032D42F.crl
                          rsync://repo-rpki.idnic.net/repo/d044f918-9332-4257-b510-381c8590ff54/0/B126A372835801BBB738696C56DCF255D032D42F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B126A372835801BBB738696C56DCF255D032D42F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 23:41:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:f6:e8:2b:76:da:9f:02:f3:17:eb:31:22:4f:0a:79:2e:f4:5c:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B126A372835801BBB738696C56DCF255D032D42F
        Validity
            Not Before: Jul  4 11:55:00 2025 GMT
            Not After : Jul  3 12:00:00 2026 GMT
        Subject: CN=83B7AD1BEFEC25EC314B4B47BF05981AEC3D0D1C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:0d:dc:57:b8:0d:33:3f:63:6b:0c:8d:e3:be:
                    f9:cb:9d:27:97:9d:f3:da:72:95:07:c1:0f:89:99:
                    a9:2e:de:f4:0f:ab:90:ae:89:eb:2e:ea:b8:16:4a:
                    ce:b2:07:cc:55:84:e4:a3:d1:6e:fc:ff:e6:a7:bd:
                    a2:ba:f8:e8:df:7c:64:9e:d5:43:c4:4c:8b:3a:f5:
                    ad:1d:34:a3:06:85:35:dc:26:83:d2:cb:c0:f0:81:
                    5c:03:4b:a8:87:8c:02:4f:35:b6:d2:7a:7b:f7:91:
                    71:ad:37:f0:13:71:f6:3b:16:6f:84:0d:54:e3:10:
                    de:0e:80:6a:7d:41:c5:57:f7:06:6e:0a:de:8b:f0:
                    21:b8:48:2e:aa:f6:b2:a0:aa:51:15:03:47:6f:bf:
                    3e:6d:42:1e:9c:60:9c:17:c3:62:6e:d3:1d:75:a3:
                    71:6c:b5:44:83:20:3a:5f:60:b9:9f:45:08:70:ba:
                    e2:9e:cc:78:01:eb:a1:39:6c:62:4e:3e:4d:30:0c:
                    7b:93:63:21:3a:fa:2c:42:39:45:72:48:34:e7:2b:
                    28:19:3b:cd:96:85:23:2e:87:a6:51:d2:7c:8a:07:
                    21:e3:22:92:1f:25:a5:af:69:ad:09:88:82:f1:14:
                    f6:e4:c0:85:b8:8a:c0:e9:8b:1f:ad:df:9b:c8:83:
                    2c:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:B7:AD:1B:EF:EC:25:EC:31:4B:4B:47:BF:05:98:1A:EC:3D:0D:1C
            X509v3 Authority Key Identifier:
                keyid:B1:26:A3:72:83:58:01:BB:B7:38:69:6C:56:DC:F2:55:D0:32:D4:2F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/d044f918-9332-4257-b510-381c8590ff54/0/B126A372835801BBB738696C56DCF255D032D42F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B126A372835801BBB738696C56DCF255D032D42F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d044f918-9332-4257-b510-381c8590ff54/0/3130332e3136362e33342e302f32332d3234203d3e203137393935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.166.34.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3a:86:37:85:fb:17:81:1e:a1:16:d2:c7:46:8e:49:fa:1b:4e:
         cd:a2:ed:61:be:2a:6a:02:7b:56:44:92:4a:11:1d:40:78:52:
         a6:5c:12:51:42:89:64:fa:58:c5:6f:ae:ba:6c:ab:98:a1:1e:
         a3:ac:9b:b7:58:7f:91:4a:84:d2:44:e6:8c:98:b4:69:09:47:
         0c:6f:ea:0f:b0:d6:31:5d:e9:a8:0b:82:5e:e2:88:e9:7e:36:
         24:ee:96:79:19:70:f7:ad:16:a1:96:61:7c:61:bc:0e:b3:49:
         e0:01:5f:74:5a:02:95:15:b3:93:e5:b2:ef:da:81:48:40:74:
         99:93:f6:a5:29:94:dd:95:57:bc:ba:3a:6c:ce:46:c6:8d:4c:
         74:71:7c:0e:45:b1:dc:b4:27:fe:b3:bd:b2:96:59:66:05:94:
         3d:b6:40:d8:5a:fe:70:78:48:6f:d8:fb:db:74:41:5d:72:5f:
         4f:b5:ea:1b:bd:f0:00:69:2c:d1:46:b9:04:17:84:4e:0e:6b:
         82:9c:22:e7:4c:7e:20:cd:d5:de:ab:58:9f:41:b6:f8:8b:45:
         ba:d9:b6:dd:31:a9:93:d2:8f:90:21:09:ba:f9:21:c0:a0:28:
         59:62:7a:8d:d4:d7:3c:96:61:34:47:99:45:52:cc:a1:e1:7d:
         8f:27:53:e1
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUY/boK3banwLzF+sxIk8KeS70XFUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjEyNkEzNzI4MzU4MDFCQkI3Mzg2OTZDNTZEQ0YyNTVE
MDMyRDQyRjAeFw0yNTA3MDQxMTU1MDBaFw0yNjA3MDMxMjAwMDBaMDMxMTAvBgNV
BAMTKDgzQjdBRDFCRUZFQzI1RUMzMTRCNEI0N0JGMDU5ODFBRUMzRDBEMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/DdxXuA0zP2NrDI3jvvnLnSeX
nfPacpUHwQ+Jmaku3vQPq5Cuiesu6rgWSs6yB8xVhOSj0W78/+anvaK6+OjffGSe
1UPETIs69a0dNKMGhTXcJoPSy8DwgVwDS6iHjAJPNbbSenv3kXGtN/ATcfY7Fm+E
DVTjEN4OgGp9QcVX9wZuCt6L8CG4SC6q9rKgqlEVA0dvvz5tQh6cYJwXw2Ju0x11
o3FstUSDIDpfYLmfRQhwuuKezHgB66E5bGJOPk0wDHuTYyE6+ixCOUVySDTnKygZ
O82WhSMuh6ZR0nyKByHjIpIfJaWvaa0JiILxFPbkwIW4isDpix+t35vIgyyFAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUg7etG+/sJewxS0tHvwWYGuw9DRwwHwYDVR0j
BBgwFoAUsSajcoNYAbu3OGlsVtzyVdAy1C8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
MDQ0ZjkxOC05MzMyLTQyNTctYjUxMC0zODFjODU5MGZmNTQvMC9CMTI2QTM3Mjgz
NTgwMUJCQjczODY5NkM1NkRDRjI1NUQwMzJENDJGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjEyNkEzNzI4MzU4MDFCQkI3Mzg2OTZDNTZEQ0YyNTVEMDMy
RDQyRi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QwNDRmOTE4LTkzMzItNDI1Ny1i
NTEwLTM4MWM4NTkwZmY1NC8wLzMxMzAzMzJlMzEzNjM2MmUzMzM0MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzNzM5MzkzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWemIjANBgkqhkiG
9w0BAQsFAAOCAQEAOoY3hfsXgR6hFtLHRo5J+htOzaLtYb4qagJ7VkSSShEdQHhS
plwSUUKJZPpYxW+uumyrmKEeo6ybt1h/kUqE0kTmjJi0aQlHDG/qD7DWMV3pqAuC
XuKI6X42JO6WeRlw960WoZZhfGG8DrNJ4AFfdFoClRWzk+Wy79qBSEB0mZP2pSmU
3ZVXvLo6bM5Gxo1MdHF8DkWx3LQn/rO9spZZZgWUPbZA2Fr+cHhIb9j723RBXXJf
T7XqG73wAGks0Ua5BBeETg5rgpwi50x+IM3V3qtYn0G2+ItFutm23TGpk9KPkCEJ
uvkhwKAoWWJ6jdTXPJZhNEeZRVLMoeF9jydT4Q==
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:27:14 2025 by rpki-client