Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39332e302f32342d3234203d3e203336323336.roa
File:                     3137362e35382e39332e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          9yUTDzYKXoTvttNKBwXvWF29o/QE/01ixLy8rIy0jQc=
Subject key identifier:   A8:12:13:8B:47:C1:3F:ED:80:28:A7:55:E5:6F:32:38:EC:FB:3A:15
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       50075C9DE184FB203C384EF0869F29D76CF75AF6
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39332e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 06 Jul 2026 23:29:12 +0000
ROA not before:           Mon 06 Jul 2026 23:24:12 +0000
ROA not after:            Mon 05 Jul 2027 23:29:12 +0000
asID:                     36236
IP address blocks:        176.58.93.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 08 Jul 2026 02:56:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:07:5c:9d:e1:84:fb:20:3c:38:4e:f0:86:9f:29:d7:6c:f7:5a:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Jul  6 23:24:12 2026 GMT
            Not After : Jul  5 23:29:12 2027 GMT
        Subject: CN=A812138B47C13FED8028A755E56F3238ECFB3A15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:5c:29:19:9c:cc:58:f9:ec:5f:c4:a5:a5:a7:
                    f3:1a:4a:2b:24:db:f3:31:b7:90:63:06:09:99:d6:
                    5a:9c:55:ae:f4:df:d8:04:d0:16:f6:16:5a:c5:7d:
                    f5:f5:35:a4:1a:91:68:97:ef:4f:cf:43:21:a3:0f:
                    c7:39:dd:1c:9d:e5:2c:c8:8b:58:d9:28:78:d4:42:
                    e9:93:8c:08:8f:9a:47:70:7e:1a:8a:13:d2:b9:84:
                    5c:8e:ca:97:04:05:0a:34:37:37:4f:63:e8:22:0a:
                    bf:47:29:18:c3:30:e7:a0:8b:1f:ff:11:e5:5d:f0:
                    6a:e8:3f:1b:06:ad:fd:36:d0:81:3a:ea:06:d0:90:
                    7b:8b:d9:84:4b:97:a9:05:ad:1a:1b:63:3c:9d:cd:
                    f6:62:f5:5c:62:66:85:f9:51:72:31:f2:84:4e:03:
                    2e:5a:52:98:46:8b:98:e3:47:1e:d5:5c:cf:b6:70:
                    de:7b:f0:a7:ac:29:bd:7d:0d:72:76:29:83:76:0d:
                    d7:13:a8:9e:c7:7b:d7:a5:d7:8f:25:70:9b:31:bf:
                    a3:93:78:e7:24:73:8d:38:dd:8e:dc:f6:c8:1c:fe:
                    a5:ba:93:ce:5d:19:bf:fa:ab:ba:e7:aa:05:62:d0:
                    1b:55:41:8f:ac:2c:35:8c:a2:3a:ee:54:82:87:c4:
                    27:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:12:13:8B:47:C1:3F:ED:80:28:A7:55:E5:6F:32:38:EC:FB:3A:15
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39332e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.58.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:70:7e:dd:57:01:c6:7f:a4:1a:cb:c3:eb:b6:af:2e:ca:bf:
         e1:66:08:d5:00:25:58:3d:94:f9:93:1b:4e:16:65:07:fa:3b:
         52:d0:65:0f:4b:d2:c8:e7:cb:27:fb:83:ce:ea:7c:4a:a2:a4:
         e6:3e:28:e9:db:88:33:48:86:60:68:52:ff:0d:46:f5:8b:e8:
         ab:94:05:11:33:0c:3d:3d:86:35:19:64:f8:52:89:0d:dc:63:
         a3:5c:44:d6:d1:92:e6:95:68:8d:61:59:88:2a:26:09:58:51:
         37:0c:be:d1:0f:5d:7d:ed:eb:67:73:a5:75:65:80:b9:3f:2f:
         d9:d6:57:fd:10:ea:de:f1:d3:42:62:4b:7d:06:93:e8:27:b7:
         71:35:3d:b7:22:d7:2f:07:73:31:e4:43:69:a7:7c:55:15:99:
         9a:c4:71:55:49:c8:a8:79:ce:04:89:01:a3:e7:c0:c3:8e:d6:
         8c:8d:e7:3b:66:0d:d8:d6:cc:f0:99:4a:ab:f3:40:23:8b:e4:
         44:b5:36:fc:f6:15:6c:22:92:f3:6e:75:de:fc:e4:6a:96:14:
         42:c6:38:f0:ca:61:e1:52:81:a4:c3:cf:f1:e2:ef:45:01:d5:
         f2:05:13:c8:1d:50:99:97:33:f6:be:93:8e:3b:27:7b:70:06:
         19:ad:d6:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUUAdcneGE+yA8OE7whp8p12z3WvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNjA3MDYyMzI0MTJaFw0yNzA3MDUyMzI5MTJaMDMxMTAvBgNV
BAMTKEE4MTIxMzhCNDdDMTNGRUQ4MDI4QTc1NUU1NkYzMjM4RUNGQjNBMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNXCkZnMxY+exfxKWlp/MaSisk
2/Mxt5BjBgmZ1lqcVa7039gE0Bb2FlrFffX1NaQakWiX70/PQyGjD8c53Ryd5SzI
i1jZKHjUQumTjAiPmkdwfhqKE9K5hFyOypcEBQo0NzdPY+giCr9HKRjDMOegix//
EeVd8GroPxsGrf020IE66gbQkHuL2YRLl6kFrRobYzydzfZi9VxiZoX5UXIx8oRO
Ay5aUphGi5jjRx7VXM+2cN578KesKb19DXJ2KYN2DdcTqJ7He9el148lcJsxv6OT
eOckc4043Y7c9sgc/qW6k85dGb/6q7rnqgVi0BtVQY+sLDWMojruVIKHxCeRAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUqBITi0fBP+2AKKdV5W8yOOz7OhUwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBoAYIKwYB
BQUHAQsEgZMwgZAwgY0GCCsGAQUFBzALhoGAcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzEzNzM2MmUzNTM4MmUzOTMzMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMz
NjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALA6XTANBgkqhkiG9w0BAQsFAAOCAQEAqnB+3VcB
xn+kGsvD67avLsq/4WYI1QAlWD2U+ZMbThZlB/o7UtBlD0vSyOfLJ/uDzup8SqKk
5j4o6duIM0iGYGhS/w1G9Yvoq5QFETMMPT2GNRlk+FKJDdxjo1xE1tGS5pVojWFZ
iComCVhRNwy+0Q9dfe3rZ3OldWWAuT8v2dZX/RDq3vHTQmJLfQaT6Ce3cTU9tyLX
LwdzMeRDaad8VRWZmsRxVUnIqHnOBIkBo+fAw47WjI3nO2YN2NbM8JlKq/NAI4vk
RLU2/PYVbCKS82513vzkapYUQsY48Mph4VKBpMPP8eLvRQHV8gUTyB1QmZcz9r6T
jjsne3AGGa3Wdw==
-----END CERTIFICATE-----
Generated at Tue Jul 7 13:32:45 2026 by rpki-client