Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/dec2a1ac-5ae4-47ad-8db1-652c7f3f7e8f/0/3136302e32352e3233362e302f32332d3234203d3e20313533313035.roa
File:                     3136302e32352e3233362e302f32332d3234203d3e20313533313035.roa (raw, json)
Hash identifier:          ugFHgJ4jVtmoNRHFYzSQ9xdBRfhWtLtZAJwWKuo4XXg=
Subject key identifier:   FF:60:8C:0D:4A:DC:64:68:74:DD:57:41:60:AE:9E:41:B3:E0:FB:0D
Certificate issuer:       /CN=469F8799C9283F6AFAB227A7A8E070D32DC1E876
Certificate serial:       69690FB1AF4797E0C600DF4C2DEC9DEE30CC0C82
Authority key identifier: 46:9F:87:99:C9:28:3F:6A:FA:B2:27:A7:A8:E0:70:D3:2D:C1:E8:76
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/469F8799C9283F6AFAB227A7A8E070D32DC1E876.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/dec2a1ac-5ae4-47ad-8db1-652c7f3f7e8f/0/3136302e32352e3233362e302f32332d3234203d3e20313533313035.roa
Signing time:             Fri 18 Jul 2025 08:02:25 +0000
ROA not before:           Fri 18 Jul 2025 07:57:25 +0000
ROA not after:            Fri 17 Jul 2026 08:02:25 +0000
asID:                     153105
IP address blocks:        160.25.236.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/dec2a1ac-5ae4-47ad-8db1-652c7f3f7e8f/0/469F8799C9283F6AFAB227A7A8E070D32DC1E876.crl
                          rsync://repo-rpki.idnic.net/repo/dec2a1ac-5ae4-47ad-8db1-652c7f3f7e8f/0/469F8799C9283F6AFAB227A7A8E070D32DC1E876.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/469F8799C9283F6AFAB227A7A8E070D32DC1E876.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 08:19:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:69:0f:b1:af:47:97:e0:c6:00:df:4c:2d:ec:9d:ee:30:cc:0c:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=469F8799C9283F6AFAB227A7A8E070D32DC1E876
        Validity
            Not Before: Jul 18 07:57:25 2025 GMT
            Not After : Jul 17 08:02:25 2026 GMT
        Subject: CN=FF608C0D4ADC646874DD574160AE9E41B3E0FB0D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:11:ea:02:ff:2e:e1:05:09:0c:e9:33:85:c1:
                    97:00:59:39:60:b5:83:d3:47:d2:88:f2:7a:c6:6d:
                    6a:a7:ef:12:38:c2:10:e8:20:b2:e0:78:f4:1a:d9:
                    3e:f3:89:3c:a1:3c:c3:0c:f7:52:86:62:02:9b:7f:
                    4b:be:b9:0e:a5:ec:29:5f:6b:6e:cd:c1:1a:49:c1:
                    61:10:bf:99:87:0d:77:10:c5:23:51:65:04:19:91:
                    df:fb:71:28:62:45:71:3d:c3:f6:22:13:cf:de:7d:
                    54:86:9e:e0:f8:8f:e6:0e:4e:52:73:80:e6:f3:8c:
                    8d:37:d5:17:21:b2:86:09:0b:26:25:ed:a7:4c:26:
                    9f:08:73:bf:e5:4e:36:58:c5:bb:37:fd:49:68:96:
                    df:7c:fa:e1:dc:61:b6:8e:4c:a4:d1:45:20:9c:43:
                    f6:2c:37:a8:db:07:f4:a3:6c:59:e4:bd:78:09:7e:
                    25:04:78:63:d8:c3:0a:cc:b3:a7:ab:b8:f3:44:cc:
                    1b:c0:1e:d2:a8:bd:42:17:3e:ab:18:4d:ff:f6:7c:
                    15:32:e3:3a:3e:49:40:81:b2:94:56:d3:c3:8b:ab:
                    da:ee:f1:bf:85:38:17:61:cc:1c:94:60:05:c2:62:
                    a0:a2:ec:1d:92:59:4c:db:77:eb:94:14:a5:7e:5d:
                    cc:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:60:8C:0D:4A:DC:64:68:74:DD:57:41:60:AE:9E:41:B3:E0:FB:0D
            X509v3 Authority Key Identifier:
                keyid:46:9F:87:99:C9:28:3F:6A:FA:B2:27:A7:A8:E0:70:D3:2D:C1:E8:76

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/dec2a1ac-5ae4-47ad-8db1-652c7f3f7e8f/0/469F8799C9283F6AFAB227A7A8E070D32DC1E876.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/469F8799C9283F6AFAB227A7A8E070D32DC1E876.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dec2a1ac-5ae4-47ad-8db1-652c7f3f7e8f/0/3136302e32352e3233362e302f32332d3234203d3e20313533313035.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.25.236.0/23

    Signature Algorithm: sha256WithRSAEncryption
         93:36:87:d8:fd:60:c6:77:44:ab:3e:8a:d8:fc:aa:77:a0:98:
         b5:19:68:21:8a:61:a8:3b:f2:7b:96:3c:6c:af:26:44:ea:1d:
         f3:b0:7f:fe:ba:6b:63:5e:bd:c4:4c:69:f3:c2:50:ea:64:21:
         bf:20:34:8c:a2:4e:f0:f4:2f:55:f3:43:bd:5f:a3:c6:f1:1f:
         f5:a4:45:b6:3f:9b:06:4a:40:df:1f:f4:1d:d6:56:29:42:20:
         36:c2:44:72:6c:03:7b:67:80:ed:9a:07:fe:a2:a2:ca:31:99:
         06:f8:a3:52:b0:1e:3c:81:3f:12:e6:1b:26:cd:ff:72:ae:cc:
         1e:6a:c1:d0:8f:ff:ff:e2:d0:8d:ef:e6:3d:af:76:e0:90:f4:
         8c:c1:df:a9:9c:0a:09:5a:33:fb:af:0b:a1:01:1b:d5:44:87:
         4a:df:33:48:73:c9:1a:12:86:8e:30:29:02:5d:30:07:7b:85:
         7e:ed:ef:1f:f3:f7:92:17:4f:71:72:b3:61:ac:b4:7d:d2:a4:
         06:2c:53:4b:a9:a9:33:7b:93:51:85:cc:62:c3:cd:9f:b6:a6:
         36:4f:66:f3:7d:c4:77:90:1a:e5:0f:dd:0c:74:0c:e1:74:ab:
         f4:c8:31:61:30:cd:86:96:72:6a:89:4a:8c:b7:75:70:a6:cc:
         cd:05:b3:fd
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUaWkPsa9Hl+DGAN9MLeyd7jDMDIIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDY5Rjg3OTlDOTI4M0Y2QUZBQjIyN0E3QThFMDcwRDMy
REMxRTg3NjAeFw0yNTA3MTgwNzU3MjVaFw0yNjA3MTcwODAyMjVaMDMxMTAvBgNV
BAMTKEZGNjA4QzBENEFEQzY0Njg3NERENTc0MTYwQUU5RTQxQjNFMEZCMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDREeoC/y7hBQkM6TOFwZcAWTlg
tYPTR9KI8nrGbWqn7xI4whDoILLgePQa2T7ziTyhPMMM91KGYgKbf0u+uQ6l7Clf
a27NwRpJwWEQv5mHDXcQxSNRZQQZkd/7cShiRXE9w/YiE8/efVSGnuD4j+YOTlJz
gObzjI031RchsoYJCyYl7adMJp8Ic7/lTjZYxbs3/Ulolt98+uHcYbaOTKTRRSCc
Q/YsN6jbB/SjbFnkvXgJfiUEeGPYwwrMs6eruPNEzBvAHtKovUIXPqsYTf/2fBUy
4zo+SUCBspRW08OLq9ru8b+FOBdhzByUYAXCYqCi7B2SWUzbd+uUFKV+XcxrAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU/2CMDUrcZGh03VdBYK6eQbPg+w0wHwYDVR0j
BBgwFoAURp+HmckoP2r6sienqOBw0y3B6HYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
ZWMyYTFhYy01YWU0LTQ3YWQtOGRiMS02NTJjN2YzZjdlOGYvMC80NjlGODc5OUM5
MjgzRjZBRkFCMjI3QTdBOEUwNzBEMzJEQzFFODc2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvNDY5Rjg3OTlDOTI4M0Y2QUZBQjIyN0E3QThFMDcwRDMyREMx
RTg3Ni5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2RlYzJhMWFjLTVhZTQtNDdhZC04
ZGIxLTY1MmM3ZjNmN2U4Zi8wLzMxMzYzMDJlMzIzNTJlMzIzMzM2MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzNTMzMzEzMDM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBoBnsMA0GCSqG
SIb3DQEBCwUAA4IBAQCTNofY/WDGd0SrPorY/Kp3oJi1GWghimGoO/J7ljxsryZE
6h3zsH/+umtjXr3ETGnzwlDqZCG/IDSMok7w9C9V80O9X6PG8R/1pEW2P5sGSkDf
H/Qd1lYpQiA2wkRybAN7Z4Dtmgf+oqLKMZkG+KNSsB48gT8S5hsmzf9yrsweasHQ
j///4tCN7+Y9r3bgkPSMwd+pnAoJWjP7rwuhARvVRIdK3zNIc8kaEoaOMCkCXTAH
e4V+7e8f8/eSF09xcrNhrLR90qQGLFNLqakze5NRhcxiw82ftqY2T2bzfcR3kBrl
D90MdAzhdKv0yDFhMM2GlnJqiUqMt3VwpszNBbP9
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:15:59 2025 by rpki-client