Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/d1f4fd38-7826-4201-9f9b-1d7c76aa24dd/0/3131342e3139392e3131382e302f32342d3234203d3e2034373837.roa
File:                     3131342e3139392e3131382e302f32342d3234203d3e2034373837.roa (raw, json)
Hash identifier:          WlKSOn271+TfdT7+hEAtw6YsYCjPcNS4YnxpGYnZP0c=
Subject key identifier:   09:6E:A7:D2:87:5D:81:9F:F7:F8:AB:F9:27:71:40:CC:EC:4E:39:7B
Certificate issuer:       /CN=ADCB9F9DF56E90B39B5344118194104F46A83702
Certificate serial:       77A153C2DEA50A8555416CFDC2577FCFB2F0B011
Authority key identifier: AD:CB:9F:9D:F5:6E:90:B3:9B:53:44:11:81:94:10:4F:46:A8:37:02
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/ADCB9F9DF56E90B39B5344118194104F46A83702.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/d1f4fd38-7826-4201-9f9b-1d7c76aa24dd/0/3131342e3139392e3131382e302f32342d3234203d3e2034373837.roa
Signing time:             Tue 05 Aug 2025 02:57:16 +0000
ROA not before:           Tue 05 Aug 2025 02:52:16 +0000
ROA not after:            Tue 04 Aug 2026 02:57:16 +0000
asID:                     4787
IP address blocks:        114.199.118.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/d1f4fd38-7826-4201-9f9b-1d7c76aa24dd/0/ADCB9F9DF56E90B39B5344118194104F46A83702.crl
                          rsync://repo-rpki.idnic.net/repo/d1f4fd38-7826-4201-9f9b-1d7c76aa24dd/0/ADCB9F9DF56E90B39B5344118194104F46A83702.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/ADCB9F9DF56E90B39B5344118194104F46A83702.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 23:07:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:a1:53:c2:de:a5:0a:85:55:41:6c:fd:c2:57:7f:cf:b2:f0:b0:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ADCB9F9DF56E90B39B5344118194104F46A83702
        Validity
            Not Before: Aug  5 02:52:16 2025 GMT
            Not After : Aug  4 02:57:16 2026 GMT
        Subject: CN=096EA7D2875D819FF7F8ABF9277140CCEC4E397B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:6f:27:11:bf:9c:97:ec:9f:94:75:17:3c:a7:
                    21:9f:c0:32:76:1b:4b:6a:66:35:76:ab:39:6c:c0:
                    02:ce:2d:c7:48:03:ea:2c:e6:56:30:7f:73:a6:a7:
                    b4:68:6d:dc:77:6e:68:04:0f:6c:af:9a:9b:20:95:
                    68:eb:c5:70:0c:e7:bd:65:d3:6f:c1:01:1f:ba:6f:
                    ee:41:4a:b3:02:ab:30:63:4a:4a:06:4e:58:27:9d:
                    7d:e0:0d:f3:93:aa:c9:3b:cc:1a:31:4a:51:10:2d:
                    8b:5e:c1:1c:20:48:74:2d:aa:22:c4:0b:64:16:13:
                    1b:40:8c:c4:e8:c3:41:6c:02:5f:fb:a2:29:74:eb:
                    21:66:0b:f0:35:55:13:56:8a:b8:bb:5d:9b:dd:70:
                    1b:46:86:6e:8f:3f:eb:c5:1c:38:96:a0:45:cf:45:
                    86:2e:ca:b6:64:7c:16:dc:fc:9c:82:4f:31:70:75:
                    4c:b4:7b:8c:33:a1:65:5b:1a:40:bc:b9:2c:2c:ba:
                    cd:3a:03:94:24:d8:25:72:59:72:3d:bc:0b:4e:c0:
                    51:a8:a8:fc:ea:d1:90:f7:53:a5:5a:ed:da:4f:89:
                    d0:75:2b:7e:cd:70:1c:99:da:4f:dd:0c:d2:eb:b2:
                    3a:9a:f7:05:34:bf:90:de:fa:19:cc:0f:9b:ff:cd:
                    cc:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:6E:A7:D2:87:5D:81:9F:F7:F8:AB:F9:27:71:40:CC:EC:4E:39:7B
            X509v3 Authority Key Identifier:
                keyid:AD:CB:9F:9D:F5:6E:90:B3:9B:53:44:11:81:94:10:4F:46:A8:37:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/d1f4fd38-7826-4201-9f9b-1d7c76aa24dd/0/ADCB9F9DF56E90B39B5344118194104F46A83702.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/ADCB9F9DF56E90B39B5344118194104F46A83702.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d1f4fd38-7826-4201-9f9b-1d7c76aa24dd/0/3131342e3139392e3131382e302f32342d3234203d3e2034373837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.199.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:c4:8e:6a:f7:be:1b:28:b4:f7:b6:d9:75:29:2b:bd:be:85:
         ff:11:2a:22:e3:18:6d:a3:1d:61:31:0f:3f:13:23:36:30:57:
         03:2a:97:6a:b2:da:11:00:b5:7d:00:c8:2c:9b:50:00:dc:8f:
         7c:06:0c:72:70:d7:3f:b2:aa:11:d2:31:2a:c2:a7:85:52:7f:
         73:87:94:3b:f0:14:3f:17:b1:78:d7:b8:86:62:59:3c:4d:a1:
         52:21:7a:8e:1a:bd:90:c6:c1:a2:78:75:11:0c:67:ea:b5:d4:
         00:b2:ec:32:c6:0e:8e:50:9a:5c:41:7b:46:c8:fe:22:84:e6:
         99:48:56:0d:12:fe:df:1c:57:68:61:68:5a:e0:19:a4:20:7c:
         4e:81:49:93:fc:0d:ae:38:fb:b6:6f:cf:12:35:fe:9f:23:ae:
         bc:2a:5e:53:41:a9:4d:91:4c:3a:ad:ac:8c:c2:5d:d0:bd:fa:
         7b:c7:a7:0d:76:d8:e9:ef:60:9d:61:fa:1e:bf:fd:e4:88:9c:
         77:d0:3d:a5:70:e9:7c:63:3c:81:03:f5:bb:95:f0:7c:56:1a:
         e1:4f:b9:a6:73:94:3f:69:09:e7:bb:75:4c:4c:dc:6f:d2:67:
         83:49:cd:a5:62:19:1e:9c:75:aa:c7:a9:3b:a0:39:12:65:54:
         0a:de:a6:5b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUd6FTwt6lCoVVQWz9wld/z7LwsBEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQURDQjlGOURGNTZFOTBCMzlCNTM0NDExODE5NDEwNEY0
NkE4MzcwMjAeFw0yNTA4MDUwMjUyMTZaFw0yNjA4MDQwMjU3MTZaMDMxMTAvBgNV
BAMTKDA5NkVBN0QyODc1RDgxOUZGN0Y4QUJGOTI3NzE0MENDRUM0RTM5N0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0bycRv5yX7J+UdRc8pyGfwDJ2
G0tqZjV2qzlswALOLcdIA+os5lYwf3Omp7Robdx3bmgED2yvmpsglWjrxXAM571l
02/BAR+6b+5BSrMCqzBjSkoGTlgnnX3gDfOTqsk7zBoxSlEQLYtewRwgSHQtqiLE
C2QWExtAjMTow0FsAl/7oil06yFmC/A1VRNWiri7XZvdcBtGhm6PP+vFHDiWoEXP
RYYuyrZkfBbc/JyCTzFwdUy0e4wzoWVbGkC8uSwsus06A5Qk2CVyWXI9vAtOwFGo
qPzq0ZD3U6Va7dpPidB1K37NcByZ2k/dDNLrsjqa9wU0v5De+hnMD5v/zcyVAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUCW6n0oddgZ/3+Kv5J3FAzOxOOXswHwYDVR0j
BBgwFoAUrcufnfVukLObU0QRgZQQT0aoNwIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
MWY0ZmQzOC03ODI2LTQyMDEtOWY5Yi0xZDdjNzZhYTI0ZGQvMC9BRENCOUY5REY1
NkU5MEIzOUI1MzQ0MTE4MTk0MTA0RjQ2QTgzNzAyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQURDQjlGOURGNTZFOTBCMzlCNTM0NDExODE5NDEwNEY0NkE4
MzcwMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QxZjRmZDM4LTc4MjYtNDIwMS05
ZjliLTFkN2M3NmFhMjRkZC8wLzMxMzEzNDJlMzEzOTM5MmUzMTMxMzgyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNDM3MzgzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHLHdjANBgkqhkiG
9w0BAQsFAAOCAQEALsSOave+Gyi097bZdSkrvb6F/xEqIuMYbaMdYTEPPxMjNjBX
AyqXarLaEQC1fQDILJtQANyPfAYMcnDXP7KqEdIxKsKnhVJ/c4eUO/AUPxexeNe4
hmJZPE2hUiF6jhq9kMbBonh1EQxn6rXUALLsMsYOjlCaXEF7Rsj+IoTmmUhWDRL+
3xxXaGFoWuAZpCB8ToFJk/wNrjj7tm/PEjX+nyOuvCpeU0GpTZFMOq2sjMJd0L36
e8enDXbY6e9gnWH6Hr/95Iicd9A9pXDpfGM8gQP1u5XwfFYa4U+5pnOUP2kJ57t1
TEzcb9Jng0nNpWIZHpx1qsepO6A5EmVUCt6mWw==
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:14:25 2025 by rpki-client