Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/3139322e36342e3230332e302f32342d3234203d3e203336323336.roa
File:                     3139322e36342e3230332e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          UA31leNR+0mj8/zdmcjnYvU1v4hTPJ5jiqPEKStBAY4=
Subject key identifier:   34:B9:30:7A:83:5B:F3:DE:DF:40:68:EF:D0:65:FF:60:E4:15:CE:40
Certificate issuer:       /CN=A91D85A20000/serialNumber=5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1
Certificate serial:       56692EC2ADCD0B1D9CD47F378488B909E6CB602A
Authority key identifier: 5E:D5:F7:92:1A:C8:65:41:D9:29:36:F6:91:CB:1C:DB:F6:D5:C2:A1
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XtX3khrIZUHZKTb2kcsc2_bVwqE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/3139322e36342e3230332e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 06 Jul 2026 22:29:10 +0000
ROA not before:           Mon 06 Jul 2026 22:24:10 +0000
ROA not after:            Mon 05 Jul 2027 22:29:10 +0000
asID:                     36236
IP address blocks:        192.64.203.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XtX3khrIZUHZKTb2kcsc2_bVwqE.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 00:38:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:69:2e:c2:ad:cd:0b:1d:9c:d4:7f:37:84:88:b9:09:e6:cb:60:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D85A20000, serialNumber=5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1
        Validity
            Not Before: Jul  6 22:24:10 2026 GMT
            Not After : Jul  5 22:29:10 2027 GMT
        Subject: CN=34B9307A835BF3DEDF4068EFD065FF60E415CE40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:92:66:a6:92:eb:bf:a6:04:c3:35:20:60:ca:
                    22:ae:28:e6:16:a9:e9:a7:5d:86:17:8d:89:1e:e5:
                    2f:55:65:20:9d:6c:20:6f:81:99:b4:65:f0:ae:d5:
                    8d:c8:05:8e:e9:1b:06:63:d1:cb:dd:46:0b:78:09:
                    7d:94:38:d0:c3:18:07:7c:52:3c:43:e3:a2:82:97:
                    21:f6:66:50:9c:02:ea:7a:1f:22:e0:ad:26:13:10:
                    1c:82:90:8c:6d:11:20:3e:5a:fe:23:c2:99:05:55:
                    67:84:ec:cf:22:db:da:73:82:8b:61:9b:e2:5c:ad:
                    7c:dc:1d:0a:1f:b1:00:45:35:6a:4c:12:53:e4:bf:
                    f1:75:4f:61:ae:d1:ad:58:1e:4d:96:90:8c:fd:84:
                    67:b6:8e:18:f2:cb:5e:52:4b:b8:5f:2a:cd:74:a3:
                    73:f2:8a:fc:ce:fc:84:29:8c:68:49:8a:91:13:65:
                    67:85:ca:79:0d:e3:a1:c7:d5:3b:33:b2:b5:da:31:
                    5c:ef:84:b9:c4:a8:c2:ad:31:56:50:ab:65:72:79:
                    02:19:1d:44:a8:37:51:26:f2:69:a5:7e:1c:b2:a2:
                    4d:93:b3:ad:87:c2:e4:b6:a5:22:7c:ef:2e:1e:58:
                    70:14:07:86:e7:c1:ec:d1:91:ec:a5:59:40:21:1a:
                    bc:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:B9:30:7A:83:5B:F3:DE:DF:40:68:EF:D0:65:FF:60:E4:15:CE:40
            X509v3 Authority Key Identifier:
                keyid:5E:D5:F7:92:1A:C8:65:41:D9:29:36:F6:91:CB:1C:DB:F6:D5:C2:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XtX3khrIZUHZKTb2kcsc2_bVwqE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/3139322e36342e3230332e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.64.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c2:9c:bb:60:13:cc:3c:ab:5b:8b:e1:a6:1c:c2:92:79:ac:30:
         23:3a:91:5a:fc:02:74:38:1b:00:b9:05:29:a0:02:25:60:9e:
         f1:89:e0:ea:d5:de:dc:96:b1:33:1f:e7:e9:ba:ae:96:88:70:
         d1:ea:41:f7:de:b8:a5:d5:b9:ab:57:a2:b2:bb:52:89:81:d7:
         8f:4c:b0:18:46:2f:31:7b:4d:9c:ad:40:c8:cd:e5:95:f2:3c:
         55:48:b4:6b:9b:d2:58:4b:86:ec:85:df:41:b8:c3:c2:13:8e:
         10:5e:e6:2b:5e:7b:68:ba:64:af:7e:1c:ca:e7:dc:b5:11:35:
         60:42:c0:0c:81:26:1e:5d:e6:fe:b2:20:02:c9:97:3d:c2:9e:
         c0:cf:ff:00:47:e8:d5:3e:b5:ac:3e:bf:8e:58:ba:16:df:27:
         30:1b:30:87:29:66:27:83:90:96:ed:0d:fa:73:1b:d6:23:8c:
         29:3f:bb:45:27:c6:e0:0c:3d:1f:70:aa:0e:ad:81:3c:c8:5d:
         66:2b:94:ab:1b:98:ae:a1:98:91:0b:2e:89:df:29:85:59:dc:
         1b:b7:48:5c:13:73:99:c5:08:83:7a:cb:42:24:b6:94:f3:a2:
         e8:dd:7d:6d:4e:f9:44:6f:75:4f:23:b1:c4:52:75:4f:3d:27:
         82:bc:23:8b
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUVmkuwq3NCx2c1H83hIi5CebLYCowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAwwMQTkxRDg1QTIwMDAwMTEwLwYDVQQFEyg1RUQ1Rjc5MjFB
Qzg2NTQxRDkyOTM2RjY5MUNCMUNEQkY2RDVDMkExMB4XDTI2MDcwNjIyMjQxMFoX
DTI3MDcwNTIyMjkxMFowMzExMC8GA1UEAxMoMzRCOTMwN0E4MzVCRjNERURGNDA2
OEVGRDA2NUZGNjBFNDE1Q0U0MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqSZqaS67+mBMM1IGDKIq4o5hap6addhheNiR7lL1VlIJ1sIG+BmbRl8K7V
jcgFjukbBmPRy91GC3gJfZQ40MMYB3xSPEPjooKXIfZmUJwC6nofIuCtJhMQHIKQ
jG0RID5a/iPCmQVVZ4TszyLb2nOCi2Gb4lytfNwdCh+xAEU1akwSU+S/8XVPYa7R
rVgeTZaQjP2EZ7aOGPLLXlJLuF8qzXSjc/KK/M78hCmMaEmKkRNlZ4XKeQ3jocfV
OzOytdoxXO+EucSowq0xVlCrZXJ5AhkdRKg3USbyaaV+HLKiTZOzrYfC5LalInzv
Lh5YcBQHhufB7NGR7KVZQCEavFUCAwEAAaOCAjwwggI4MB0GA1UdDgQWBBQ0uTB6
g1vz3t9AaO/QZf9g5BXOQDAfBgNVHSMEGDAWgBRe1feSGshlQdkpNvaRyxzb9tXC
oTAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2
ODY2MTA4NGI4Ni8yLzVFRDVGNzkyMUFDODY1NDFEOTI5MzZGNjkxQ0IxQ0RCRjZE
NUMyQTEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3
QzcyRkQxRkYyL1h0WDNraHJJWlVIWktUYjJrY3NjMl9iVndxRS5jZXIwgaIGCCsG
AQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2ODY2MTA4NGI4
Ni8yLzMxMzkzMjJlMzYzNDJlMzIzMDMzMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIw
MzMzNjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBAyzANBgkqhkiG9w0BAQsFAAOCAQEAwpy7
YBPMPKtbi+GmHMKSeawwIzqRWvwCdDgbALkFKaACJWCe8Yng6tXe3JaxMx/n6bqu
lohw0epB9964pdW5q1eisrtSiYHXj0ywGEYvMXtNnK1AyM3llfI8VUi0a5vSWEuG
7IXfQbjDwhOOEF7mK157aLpkr34cyufctRE1YELADIEmHl3m/rIgAsmXPcKewM//
AEfo1T61rD6/jli6Ft8nMBswhylmJ4OQlu0N+nMb1iOMKT+7RSfG4Aw9H3CqDq2B
PMhdZiuUqxuYrqGYkQsuid8phVncG7dIXBNzmcUIg3rLQiS2lPOi6N19bU75RG91
TyOxxFJ1Tz0ngrwjiw==
-----END CERTIFICATE-----
Generated at Tue Jul 7 13:32:39 2026 by rpki-client