Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/e2e96bf3-d021-4d84-90d5-c24558aa495f/0/3130332e3134332e3132382e302f32342d3234203d3e20313437303837.roa
File:                     3130332e3134332e3132382e302f32342d3234203d3e20313437303837.roa (raw, json)
Hash identifier:          zdExcLPsX+gsvz8qx5ZS4VyUIFTtdq1rZbCm2g2FEBA=
Subject key identifier:   57:88:F5:0B:40:49:9C:CB:87:42:15:CA:22:72:2E:5C:5F:F8:F6:D8
Certificate issuer:       /CN=29BE771FE6D788CA509E787787F218ADFB43DDB2
Certificate serial:       6CC241463CAE8559CC553D51D6273BC948C11322
Authority key identifier: 29:BE:77:1F:E6:D7:88:CA:50:9E:78:77:87:F2:18:AD:FB:43:DD:B2
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/29BE771FE6D788CA509E787787F218ADFB43DDB2.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/e2e96bf3-d021-4d84-90d5-c24558aa495f/0/3130332e3134332e3132382e302f32342d3234203d3e20313437303837.roa
Signing time:             Tue 29 Jul 2025 04:53:01 +0000
ROA not before:           Tue 29 Jul 2025 04:48:01 +0000
ROA not after:            Tue 28 Jul 2026 04:53:01 +0000
asID:                     147087
IP address blocks:        103.143.128.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/e2e96bf3-d021-4d84-90d5-c24558aa495f/0/29BE771FE6D788CA509E787787F218ADFB43DDB2.crl
                          rsync://repo-rpki.idnic.net/repo/e2e96bf3-d021-4d84-90d5-c24558aa495f/0/29BE771FE6D788CA509E787787F218ADFB43DDB2.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/29BE771FE6D788CA509E787787F218ADFB43DDB2.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 14:16:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:c2:41:46:3c:ae:85:59:cc:55:3d:51:d6:27:3b:c9:48:c1:13:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29BE771FE6D788CA509E787787F218ADFB43DDB2
        Validity
            Not Before: Jul 29 04:48:01 2025 GMT
            Not After : Jul 28 04:53:01 2026 GMT
        Subject: CN=5788F50B40499CCB874215CA22722E5C5FF8F6D8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f9:86:84:f2:28:cf:66:3b:71:6f:43:24:f8:
                    8b:1f:b5:b1:2c:5f:1b:b8:b3:54:00:7d:3d:88:a0:
                    c6:84:83:6f:59:17:d3:dd:61:4f:60:a3:3a:e0:78:
                    7b:5b:05:c7:25:d7:6f:32:30:73:b6:ad:a0:30:2c:
                    f3:61:e5:a4:05:87:30:70:bb:bc:d7:16:19:95:4c:
                    95:2f:29:e1:70:16:91:11:b4:37:d6:42:9f:00:51:
                    a5:e1:a1:e7:65:b5:58:87:43:fd:41:d2:1b:69:82:
                    de:58:2d:8c:6c:24:ae:a3:ff:5b:8d:43:55:35:7e:
                    0e:03:5e:4c:ee:ce:32:14:43:63:94:d1:b4:5d:39:
                    a2:dd:47:1f:44:67:9f:1a:f8:08:fa:35:87:f1:5c:
                    23:2c:89:cf:8e:7a:8f:5f:e8:a8:89:10:16:9d:aa:
                    bc:b1:1c:46:58:e1:d3:6b:f8:0f:9e:1a:33:a8:d8:
                    f2:68:5b:54:00:4d:96:67:dc:92:a3:9e:fb:59:1b:
                    e3:a0:4e:da:da:de:95:64:ac:6a:99:cb:07:63:64:
                    06:e1:13:99:5a:6a:aa:45:36:c9:9b:05:9c:9e:da:
                    f7:b2:55:b0:68:64:bb:b8:74:7a:22:c4:b3:b3:dd:
                    29:7b:96:82:6c:82:75:0e:0c:d7:5b:04:ca:1e:bf:
                    0b:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:88:F5:0B:40:49:9C:CB:87:42:15:CA:22:72:2E:5C:5F:F8:F6:D8
            X509v3 Authority Key Identifier:
                keyid:29:BE:77:1F:E6:D7:88:CA:50:9E:78:77:87:F2:18:AD:FB:43:DD:B2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/e2e96bf3-d021-4d84-90d5-c24558aa495f/0/29BE771FE6D788CA509E787787F218ADFB43DDB2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/29BE771FE6D788CA509E787787F218ADFB43DDB2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e2e96bf3-d021-4d84-90d5-c24558aa495f/0/3130332e3134332e3132382e302f32342d3234203d3e20313437303837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.143.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:de:e7:9f:4d:ec:11:64:9b:fe:f6:9e:ba:69:90:80:8c:e6:
         56:96:1f:d6:3e:6b:82:d8:35:c6:7e:0d:bb:68:fc:3f:89:7a:
         40:d0:cf:3b:00:aa:3b:15:6a:ed:dc:47:00:90:e1:38:ea:80:
         77:17:53:67:c3:b5:9c:ae:9e:33:9e:45:37:b0:46:c7:e4:8d:
         f6:51:9d:43:91:53:ad:9d:64:f4:95:d7:07:00:1f:43:75:90:
         f5:11:9f:93:d2:12:7c:f4:9e:27:5d:53:75:f1:e4:9e:6c:38:
         94:ad:6a:f5:0a:fb:31:58:28:24:f7:32:19:ec:d1:8e:f2:d7:
         43:8c:8d:de:3a:41:80:f3:31:42:73:93:c7:66:03:98:84:01:
         e0:97:c6:2d:dd:d4:4e:74:eb:0c:62:fa:00:df:6e:71:d4:df:
         a0:04:b2:0c:8f:b3:3e:5a:94:ff:4c:2b:56:ce:7d:47:f2:a3:
         f9:ae:ae:9e:21:b5:03:c6:25:9d:fb:11:a1:42:91:66:9a:09:
         bb:2c:4c:6d:71:31:e3:e3:eb:ea:a5:4e:e5:1f:85:41:ff:e5:
         80:09:e3:ff:ab:8e:fb:b7:c9:37:34:4e:9a:73:ac:b9:41:33:
         13:30:23:45:57:b3:6d:e9:18:3f:d0:43:a0:ec:19:18:08:3f:
         b5:f3:18:46
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUbMJBRjyuhVnMVT1R1ic7yUjBEyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjlCRTc3MUZFNkQ3ODhDQTUwOUU3ODc3ODdGMjE4QURG
QjQzRERCMjAeFw0yNTA3MjkwNDQ4MDFaFw0yNjA3MjgwNDUzMDFaMDMxMTAvBgNV
BAMTKDU3ODhGNTBCNDA0OTlDQ0I4NzQyMTVDQTIyNzIyRTVDNUZGOEY2RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO+YaE8ijPZjtxb0Mk+IsftbEs
Xxu4s1QAfT2IoMaEg29ZF9PdYU9gozrgeHtbBccl128yMHO2raAwLPNh5aQFhzBw
u7zXFhmVTJUvKeFwFpERtDfWQp8AUaXhoedltViHQ/1B0htpgt5YLYxsJK6j/1uN
Q1U1fg4DXkzuzjIUQ2OU0bRdOaLdRx9EZ58a+Aj6NYfxXCMsic+Oeo9f6KiJEBad
qryxHEZY4dNr+A+eGjOo2PJoW1QATZZn3JKjnvtZG+OgTtra3pVkrGqZywdjZAbh
E5laaqpFNsmbBZye2veyVbBoZLu4dHoixLOz3Sl7loJsgnUODNdbBMoevwsBAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUV4j1C0BJnMuHQhXKInIuXF/49tgwHwYDVR0j
BBgwFoAUKb53H+bXiMpQnnh3h/IYrftD3bIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
MmU5NmJmMy1kMDIxLTRkODQtOTBkNS1jMjQ1NThhYTQ5NWYvMC8yOUJFNzcxRkU2
RDc4OENBNTA5RTc4Nzc4N0YyMThBREZCNDNEREIyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjlCRTc3MUZFNkQ3ODhDQTUwOUU3ODc3ODdGMjE4QURGQjQz
RERCMi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2UyZTk2YmYzLWQwMjEtNGQ4NC05
MGQ1LWMyNDU1OGFhNDk1Zi8wLzMxMzAzMzJlMzEzNDMzMmUzMTMyMzgyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzczMDM4Mzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnj4AwDQYJ
KoZIhvcNAQELBQADggEBALXe559N7BFkm/72nrppkICM5laWH9Y+a4LYNcZ+Dbto
/D+JekDQzzsAqjsVau3cRwCQ4TjqgHcXU2fDtZyunjOeRTewRsfkjfZRnUORU62d
ZPSV1wcAH0N1kPURn5PSEnz0niddU3Xx5J5sOJStavUK+zFYKCT3Mhns0Y7y10OM
jd46QYDzMUJzk8dmA5iEAeCXxi3d1E506wxi+gDfbnHU36AEsgyPsz5alP9MK1bO
fUfyo/murp4htQPGJZ37EaFCkWaaCbssTG1xMePj6+qlTuUfhUH/5YAJ4/+rjvu3
yTc0TppzrLlBMxMwI0VXs23pGD/QQ6DsGRgIP7XzGEY=
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:17:41 2025 by rpki-client