Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/fba48e4e-fc95-4acf-beac-d93a0f694421/0/3130332e3136342e3139332e302f32342d3234203d3e20313431393339.roa
File:                     3130332e3136342e3139332e302f32342d3234203d3e20313431393339.roa (raw, json)
Hash identifier:          o1EC2V3xudD67YQ4ezVJUlO4R22GwhC3UT5xp118BUc=
Subject key identifier:   8F:F5:85:97:1D:69:04:65:D1:09:EC:0E:C0:D5:37:EA:DF:0C:8F:3B
Certificate issuer:       /CN=8659BE8500DEBB314448F1412FA1E264025A4148
Certificate serial:       14F711DB44169DBBFA8D80B456095EB973DA3DE9
Authority key identifier: 86:59:BE:85:00:DE:BB:31:44:48:F1:41:2F:A1:E2:64:02:5A:41:48
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8659BE8500DEBB314448F1412FA1E264025A4148.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/fba48e4e-fc95-4acf-beac-d93a0f694421/0/3130332e3136342e3139332e302f32342d3234203d3e20313431393339.roa
Signing time:             Fri 01 Aug 2025 16:41:25 +0000
ROA not before:           Fri 01 Aug 2025 16:36:25 +0000
ROA not after:            Fri 31 Jul 2026 16:41:25 +0000
asID:                     141939
IP address blocks:        103.164.193.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/fba48e4e-fc95-4acf-beac-d93a0f694421/0/8659BE8500DEBB314448F1412FA1E264025A4148.crl
                          rsync://repo-rpki.idnic.net/repo/fba48e4e-fc95-4acf-beac-d93a0f694421/0/8659BE8500DEBB314448F1412FA1E264025A4148.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8659BE8500DEBB314448F1412FA1E264025A4148.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 09 Aug 2025 03:46:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:f7:11:db:44:16:9d:bb:fa:8d:80:b4:56:09:5e:b9:73:da:3d:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8659BE8500DEBB314448F1412FA1E264025A4148
        Validity
            Not Before: Aug  1 16:36:25 2025 GMT
            Not After : Jul 31 16:41:25 2026 GMT
        Subject: CN=8FF585971D690465D109EC0EC0D537EADF0C8F3B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a0:1f:48:34:73:69:fb:6b:5f:7e:ff:31:f9:
                    ec:78:18:a1:26:d4:50:48:d8:47:2e:dc:13:75:99:
                    14:b2:6e:4b:8c:d8:7c:48:a9:d4:33:c9:c0:de:4b:
                    e5:83:04:53:f7:cd:b9:1d:bd:9f:98:be:70:f5:e3:
                    6d:4f:bd:80:d9:b4:2d:d4:08:f0:af:e0:30:f1:05:
                    58:36:0f:82:fd:a3:3c:86:7e:3b:a5:bb:e3:dc:60:
                    f6:c4:a9:49:8e:77:9e:32:40:72:1e:6a:c7:8b:2f:
                    f8:af:da:1f:10:6b:72:43:c1:5b:73:fd:ce:88:dc:
                    27:d0:92:2e:0a:5c:32:e0:ed:af:c9:52:0e:da:b9:
                    e6:7a:bd:6c:bc:b8:85:2a:15:33:d5:05:be:39:07:
                    83:02:b9:a7:82:9a:f9:f1:f7:42:3e:66:ea:74:96:
                    ef:d2:de:e4:d2:9d:04:e7:5e:b3:ff:f0:cd:8d:6e:
                    72:cd:60:1e:3f:d3:e9:20:7d:f5:2a:0e:f1:a0:1a:
                    85:2e:f2:3e:0b:6c:62:28:5b:ba:35:25:78:eb:66:
                    34:2e:00:a7:21:6b:19:14:79:88:65:fe:7b:78:2b:
                    83:c7:e6:e1:5d:9c:7d:8b:e4:db:96:93:7d:73:43:
                    14:b3:2f:b3:f9:90:fa:a6:2a:e4:3d:29:25:db:38:
                    20:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:F5:85:97:1D:69:04:65:D1:09:EC:0E:C0:D5:37:EA:DF:0C:8F:3B
            X509v3 Authority Key Identifier:
                keyid:86:59:BE:85:00:DE:BB:31:44:48:F1:41:2F:A1:E2:64:02:5A:41:48

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/fba48e4e-fc95-4acf-beac-d93a0f694421/0/8659BE8500DEBB314448F1412FA1E264025A4148.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8659BE8500DEBB314448F1412FA1E264025A4148.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/fba48e4e-fc95-4acf-beac-d93a0f694421/0/3130332e3136342e3139332e302f32342d3234203d3e20313431393339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.164.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:c8:84:7e:21:12:04:57:ff:54:00:e8:74:b1:fd:98:66:f2:
         60:c8:5e:b7:82:32:38:c0:ad:fc:1d:9f:13:f7:76:54:63:52:
         3c:7e:68:d6:50:72:6e:97:40:0a:34:62:81:29:54:ba:5c:3b:
         f8:57:0a:39:61:d4:d4:48:04:c3:9e:fb:45:f8:53:e8:b4:38:
         41:fe:f6:be:9d:6b:d9:92:1b:5c:97:52:d4:b0:3a:1e:43:e4:
         03:88:d6:ee:57:f9:a3:49:c7:7d:5c:a3:e0:56:a9:9a:fc:f4:
         53:72:25:28:47:0b:58:29:6c:51:6a:c1:a1:89:5e:1f:20:b2:
         d2:03:2d:6b:a9:30:d2:29:1b:95:fa:35:2f:4c:64:52:fd:11:
         8c:81:3a:58:1f:ee:7b:e3:8e:df:ff:49:ba:44:67:39:ea:73:
         3a:39:77:a8:54:69:9f:69:fa:7f:79:9b:36:98:79:2b:fa:ac:
         df:9a:38:c8:e6:17:7d:1f:b3:bd:0f:a9:c3:a9:e3:83:a8:3a:
         97:5b:02:1c:12:0b:ed:11:6b:cc:23:60:a1:2a:b8:7a:51:e3:
         e2:99:1f:67:67:7e:41:de:52:ff:a9:d4:b5:9d:12:3b:8d:8f:
         19:43:70:21:6b:c5:6b:6a:a4:a4:d0:8e:ff:87:c0:4d:12:c3:
         2a:63:4b:e6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUFPcR20QWnbv6jYC0VgleuXPaPekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODY1OUJFODUwMERFQkIzMTQ0NDhGMTQxMkZBMUUyNjQw
MjVBNDE0ODAeFw0yNTA4MDExNjM2MjVaFw0yNjA3MzExNjQxMjVaMDMxMTAvBgNV
BAMTKDhGRjU4NTk3MUQ2OTA0NjVEMTA5RUMwRUMwRDUzN0VBREYwQzhGM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5oB9INHNp+2tffv8x+ex4GKEm
1FBI2Ecu3BN1mRSybkuM2HxIqdQzycDeS+WDBFP3zbkdvZ+YvnD1421PvYDZtC3U
CPCv4DDxBVg2D4L9ozyGfjulu+PcYPbEqUmOd54yQHIeaseLL/iv2h8Qa3JDwVtz
/c6I3CfQki4KXDLg7a/JUg7aueZ6vWy8uIUqFTPVBb45B4MCuaeCmvnx90I+Zup0
lu/S3uTSnQTnXrP/8M2NbnLNYB4/0+kgffUqDvGgGoUu8j4LbGIoW7o1JXjrZjQu
AKchaxkUeYhl/nt4K4PH5uFdnH2L5NuWk31zQxSzL7P5kPqmKuQ9KSXbOCBVAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUj/WFlx1pBGXRCewOwNU36t8MjzswHwYDVR0j
BBgwFoAUhlm+hQDeuzFESPFBL6HiZAJaQUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m
YmE0OGU0ZS1mYzk1LTRhY2YtYmVhYy1kOTNhMGY2OTQ0MjEvMC84NjU5QkU4NTAw
REVCQjMxNDQ0OEYxNDEyRkExRTI2NDAyNUE0MTQ4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODY1OUJFODUwMERFQkIzMTQ0NDhGMTQxMkZBMUUyNjQwMjVB
NDE0OC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ZiYTQ4ZTRlLWZjOTUtNGFjZi1i
ZWFjLWQ5M2EwZjY5NDQyMS8wLzMxMzAzMzJlMzEzNjM0MmUzMTM5MzMyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzEzOTMzMzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnpMEwDQYJ
KoZIhvcNAQELBQADggEBAJbIhH4hEgRX/1QA6HSx/Zhm8mDIXreCMjjArfwdnxP3
dlRjUjx+aNZQcm6XQAo0YoEpVLpcO/hXCjlh1NRIBMOe+0X4U+i0OEH+9r6da9mS
G1yXUtSwOh5D5AOI1u5X+aNJx31co+BWqZr89FNyJShHC1gpbFFqwaGJXh8gstID
LWupMNIpG5X6NS9MZFL9EYyBOlgf7nvjjt//SbpEZznqczo5d6hUaZ9p+n95mzaY
eSv6rN+aOMjmF30fs70PqcOp44OoOpdbAhwSC+0Ra8wjYKEquHpR4+KZH2dnfkHe
Uv+p1LWdEjuNjxlDcCFrxWtqpKTQjv+HwE0SwypjS+Y=
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:11:19 2025 by rpki-client