Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/d2d42a29-bd48-4ef7-af48-0aa0d35db37b/0/3130332e33352e3231392e302f32342d3234203d3e20313439393735.roa
File:                     3130332e33352e3231392e302f32342d3234203d3e20313439393735.roa (raw, json)
Hash identifier:          +5Txp9rL/wtpyru49a753Z8Sc1QIs/NyTcAJqiOVK6s=
Subject key identifier:   46:72:AC:05:16:B3:55:AE:5D:69:70:5D:3B:C3:F0:6B:3E:24:8A:5A
Certificate issuer:       /CN=994DAB84DB40175C3635F0F432BAABCF20F5E80A
Certificate serial:       14980DE5AF22829F5551126FC65174C6716ED2B0
Authority key identifier: 99:4D:AB:84:DB:40:17:5C:36:35:F0:F4:32:BA:AB:CF:20:F5:E8:0A
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/994DAB84DB40175C3635F0F432BAABCF20F5E80A.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/d2d42a29-bd48-4ef7-af48-0aa0d35db37b/0/3130332e33352e3231392e302f32342d3234203d3e20313439393735.roa
Signing time:             Fri 11 Jul 2025 02:00:01 +0000
ROA not before:           Fri 11 Jul 2025 01:55:01 +0000
ROA not after:            Fri 10 Jul 2026 02:00:01 +0000
asID:                     149975
IP address blocks:        103.35.219.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/d2d42a29-bd48-4ef7-af48-0aa0d35db37b/0/994DAB84DB40175C3635F0F432BAABCF20F5E80A.crl
                          rsync://repo-rpki.idnic.net/repo/d2d42a29-bd48-4ef7-af48-0aa0d35db37b/0/994DAB84DB40175C3635F0F432BAABCF20F5E80A.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/994DAB84DB40175C3635F0F432BAABCF20F5E80A.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 12:32:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:98:0d:e5:af:22:82:9f:55:51:12:6f:c6:51:74:c6:71:6e:d2:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=994DAB84DB40175C3635F0F432BAABCF20F5E80A
        Validity
            Not Before: Jul 11 01:55:01 2025 GMT
            Not After : Jul 10 02:00:01 2026 GMT
        Subject: CN=4672AC0516B355AE5D69705D3BC3F06B3E248A5A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:4e:98:c7:78:27:02:2f:68:4b:88:94:b5:95:
                    dc:9a:ef:86:2d:68:e8:75:ea:e0:d6:6e:3f:c8:c9:
                    ea:9d:aa:66:4f:02:19:3a:42:c4:f7:4d:46:4f:7f:
                    29:1f:8a:9d:f7:59:c0:b5:2a:2a:66:0d:ed:f9:69:
                    bc:53:4d:b4:b1:38:cc:de:7a:80:29:3b:b5:1e:30:
                    a7:35:14:b5:69:9d:2c:49:83:5c:1d:f1:6c:59:0b:
                    47:97:b2:22:d9:b9:30:27:7d:f8:f1:d3:af:6a:d0:
                    58:71:8d:a7:fc:f0:95:dc:ce:4e:29:3a:0a:b6:f3:
                    d6:c5:7a:28:ef:11:8a:41:c1:6a:09:a5:20:37:61:
                    04:61:67:a0:6e:05:7b:c5:a1:26:e7:2a:bf:7f:ea:
                    00:00:cf:f3:6b:50:de:d8:01:44:dc:df:2e:b4:8d:
                    65:7d:9b:85:ab:b4:fe:51:e4:dd:4c:ed:50:9d:b7:
                    ec:05:eb:26:02:23:5a:27:1e:5e:58:73:07:0d:20:
                    4c:c9:89:31:33:b9:0f:a8:21:90:26:bc:e1:8b:5d:
                    2f:7f:88:1d:1c:59:43:16:a9:d1:9f:70:f6:5f:b4:
                    17:66:9d:b1:02:6e:97:2a:5d:9c:61:35:19:f2:01:
                    73:b5:d7:ab:7a:6b:a1:aa:ff:a5:42:53:cb:6a:68:
                    f9:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:72:AC:05:16:B3:55:AE:5D:69:70:5D:3B:C3:F0:6B:3E:24:8A:5A
            X509v3 Authority Key Identifier:
                keyid:99:4D:AB:84:DB:40:17:5C:36:35:F0:F4:32:BA:AB:CF:20:F5:E8:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/d2d42a29-bd48-4ef7-af48-0aa0d35db37b/0/994DAB84DB40175C3635F0F432BAABCF20F5E80A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/994DAB84DB40175C3635F0F432BAABCF20F5E80A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d2d42a29-bd48-4ef7-af48-0aa0d35db37b/0/3130332e33352e3231392e302f32342d3234203d3e20313439393735.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.35.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:af:97:5d:32:7e:9a:e2:63:a5:fb:e0:fc:22:54:66:b9:94:
         15:0a:f8:b4:37:d8:3e:a8:67:c6:0d:96:f5:57:49:04:b7:9a:
         6c:8d:22:da:b0:08:a4:95:5f:5e:39:50:06:c9:2d:a6:95:43:
         21:a6:bf:33:41:1f:1e:8c:f1:6b:cb:ec:ad:ca:93:d2:5a:5a:
         f7:ae:4e:ba:0f:f4:48:f6:fd:07:c9:a0:01:9f:b3:6c:95:aa:
         76:33:6a:f4:6e:b8:b6:58:b2:b2:23:85:65:df:16:14:b5:00:
         48:2c:57:c9:b3:9d:c9:89:93:08:df:ae:69:cb:28:4e:48:82:
         a4:2e:f0:e7:3b:87:d6:11:73:c2:af:d3:cd:d9:59:b6:65:db:
         6c:ba:32:a8:73:8f:b9:af:73:aa:6f:f9:f1:1f:fe:37:46:4f:
         9b:9a:17:7a:9b:f7:ab:1d:f1:e4:0b:bc:de:58:da:76:42:3e:
         ec:c8:bf:43:4f:0f:ac:e5:ae:72:2d:4d:e1:de:a3:5c:44:2d:
         fc:96:85:99:16:b7:cc:af:4e:9d:13:dc:95:59:6c:5c:7d:29:
         45:5f:bc:60:8f:74:1b:df:d8:ac:f6:1c:6d:e6:ea:1e:35:96:
         04:56:77:3d:73:68:e9:25:e2:23:8a:ef:0a:0e:b8:fa:5f:15:
         36:8f:18:28
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUFJgN5a8igp9VURJvxlF0xnFu0rAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTk0REFCODREQjQwMTc1QzM2MzVGMEY0MzJCQUFCQ0Yy
MEY1RTgwQTAeFw0yNTA3MTEwMTU1MDFaFw0yNjA3MTAwMjAwMDFaMDMxMTAvBgNV
BAMTKDQ2NzJBQzA1MTZCMzU1QUU1RDY5NzA1RDNCQzNGMDZCM0UyNDhBNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9TpjHeCcCL2hLiJS1ldya74Yt
aOh16uDWbj/IyeqdqmZPAhk6QsT3TUZPfykfip33WcC1KipmDe35abxTTbSxOMze
eoApO7UeMKc1FLVpnSxJg1wd8WxZC0eXsiLZuTAnffjx069q0Fhxjaf88JXczk4p
Ogq289bFeijvEYpBwWoJpSA3YQRhZ6BuBXvFoSbnKr9/6gAAz/NrUN7YAUTc3y60
jWV9m4WrtP5R5N1M7VCdt+wF6yYCI1onHl5YcwcNIEzJiTEzuQ+oIZAmvOGLXS9/
iB0cWUMWqdGfcPZftBdmnbECbpcqXZxhNRnyAXO116t6a6Gq/6VCU8tqaPkdAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQURnKsBRazVa5daXBdO8Pwaz4kilowHwYDVR0j
BBgwFoAUmU2rhNtAF1w2NfD0MrqrzyD16AowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
MmQ0MmEyOS1iZDQ4LTRlZjctYWY0OC0wYWEwZDM1ZGIzN2IvMC85OTREQUI4NERC
NDAxNzVDMzYzNUYwRjQzMkJBQUJDRjIwRjVFODBBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTk0REFCODREQjQwMTc1QzM2MzVGMEY0MzJCQUFCQ0YyMEY1
RTgwQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QyZDQyYTI5LWJkNDgtNGVmNy1h
ZjQ4LTBhYTBkMzVkYjM3Yi8wLzMxMzAzMzJlMzMzNTJlMzIzMTM5MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDM5MzkzNzM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZyPbMA0GCSqG
SIb3DQEBCwUAA4IBAQAlr5ddMn6a4mOl++D8IlRmuZQVCvi0N9g+qGfGDZb1V0kE
t5psjSLasAiklV9eOVAGyS2mlUMhpr8zQR8ejPFry+ytypPSWlr3rk66D/RI9v0H
yaABn7Nslap2M2r0bri2WLKyI4Vl3xYUtQBILFfJs53JiZMI365pyyhOSIKkLvDn
O4fWEXPCr9PN2Vm2ZdtsujKoc4+5r3Oqb/nxH/43Rk+bmhd6m/erHfHkC7zeWNp2
Qj7syL9DTw+s5a5yLU3h3qNcRC38loWZFrfMr06dE9yVWWxcfSlFX7xgj3Qb39is
9hxt5uoeNZYEVnc9c2jpJeIjiu8KDrj6XxU2jxgo
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:16:16 2025 by rpki-client