Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/3139322e36342e3230342e302f32342d3234203d3e203336323336.roa
File:                     3139322e36342e3230342e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          jbMUD8UxhBCZnxEMR5BRGXYMTKz3FSqJjbwVaWABIzA=
Subject key identifier:   EB:ED:10:9D:2F:B2:D8:DF:8B:96:DE:1D:CD:0A:3E:30:40:44:DE:CA
Certificate issuer:       /CN=A91D85A20000/serialNumber=5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1
Certificate serial:       2DE0FB86963AFD118567B5B878BEF5D1B80EAA4E
Authority key identifier: 5E:D5:F7:92:1A:C8:65:41:D9:29:36:F6:91:CB:1C:DB:F6:D5:C2:A1
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XtX3khrIZUHZKTb2kcsc2_bVwqE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/3139322e36342e3230342e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 06 Jul 2026 22:29:10 +0000
ROA not before:           Mon 06 Jul 2026 22:24:10 +0000
ROA not after:            Mon 05 Jul 2027 22:29:10 +0000
asID:                     36236
IP address blocks:        192.64.204.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XtX3khrIZUHZKTb2kcsc2_bVwqE.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 00:38:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:e0:fb:86:96:3a:fd:11:85:67:b5:b8:78:be:f5:d1:b8:0e:aa:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D85A20000, serialNumber=5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1
        Validity
            Not Before: Jul  6 22:24:10 2026 GMT
            Not After : Jul  5 22:29:10 2027 GMT
        Subject: CN=EBED109D2FB2D8DF8B96DE1DCD0A3E304044DECA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:8f:4c:7c:3f:0a:7f:58:7c:19:58:73:8b:fa:
                    4d:82:da:9c:f3:ee:03:64:55:11:38:4b:9b:0f:9a:
                    c5:e3:21:71:e0:1c:d3:fc:58:dc:ad:f2:a8:68:c2:
                    37:31:a6:03:c1:00:b0:b0:7a:21:31:66:ee:ef:d9:
                    72:88:a9:42:10:ec:11:33:48:8c:39:05:82:3a:45:
                    ca:93:6d:e5:4f:78:1a:9d:ad:1b:bb:63:f4:6d:a7:
                    b1:c7:8f:5e:94:1c:58:b6:cf:9e:4a:7f:c4:26:ed:
                    d4:62:eb:79:99:80:fd:74:b4:7d:32:2a:3e:7e:0f:
                    5a:89:05:86:bd:1c:46:c7:e2:e6:57:13:f7:74:30:
                    e2:61:b8:1c:4c:a9:64:0e:e4:8c:68:ec:a6:24:1e:
                    ac:73:6a:32:ae:2a:18:61:3d:8c:16:f0:86:30:f3:
                    5f:1a:c8:c0:84:f4:8b:ef:71:a1:10:a3:a2:7a:b1:
                    c1:61:8e:6c:b3:92:7d:bd:eb:cf:58:ce:93:41:51:
                    c7:d4:27:63:c7:b3:6c:41:06:c7:55:22:fa:36:fd:
                    0e:ec:6c:2c:74:bf:19:c4:ed:78:41:4c:66:13:54:
                    1a:04:d4:53:e6:62:2a:b6:fd:21:bd:a1:51:f5:b2:
                    ad:26:79:5d:28:80:30:77:00:d3:04:97:87:8f:65:
                    7e:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:ED:10:9D:2F:B2:D8:DF:8B:96:DE:1D:CD:0A:3E:30:40:44:DE:CA
            X509v3 Authority Key Identifier:
                keyid:5E:D5:F7:92:1A:C8:65:41:D9:29:36:F6:91:CB:1C:DB:F6:D5:C2:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XtX3khrIZUHZKTb2kcsc2_bVwqE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/3139322e36342e3230342e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.64.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:42:6f:44:dd:0a:fd:81:a8:03:73:db:51:77:b4:af:e5:0e:
         b6:b1:16:e4:ae:67:aa:d6:d7:4e:c6:23:a6:fb:ac:74:f7:b6:
         6b:9b:23:5a:49:c0:b1:85:98:51:3a:9f:62:0f:a6:02:03:cf:
         91:09:76:8a:a1:5a:b4:55:5f:85:80:8e:5e:95:22:51:94:4f:
         b6:79:2c:21:2c:1c:b0:b1:b5:42:79:03:38:d9:bd:b3:10:aa:
         52:d9:32:70:e2:e9:c6:19:0d:5d:a4:96:3b:83:40:2d:fe:de:
         80:dc:3e:3e:50:b0:ca:68:2c:a9:d8:5c:4b:15:85:db:ff:97:
         53:8a:1c:f6:56:8d:57:f3:3b:69:1b:86:74:d8:df:71:1f:58:
         c4:33:a1:37:44:d6:f2:77:35:ad:ad:7b:88:a3:3d:46:0a:23:
         c2:11:74:6a:dd:49:73:7b:0e:2c:21:ce:65:87:03:55:15:58:
         f7:13:07:05:2b:d1:16:a8:70:3c:cb:b3:c1:73:c4:5c:14:bd:
         52:5f:d8:aa:82:33:a5:c0:35:6c:ee:00:33:b4:5f:7f:8e:40:
         d1:7d:13:da:a4:df:94:d6:0b:45:e6:05:7d:bb:a7:bf:4f:5a:
         c6:92:21:22:59:35:05:5e:d7:15:78:33:52:74:67:71:5f:c6:
         5d:df:a7:3e
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIULeD7hpY6/RGFZ7W4eL710bgOqk4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAwwMQTkxRDg1QTIwMDAwMTEwLwYDVQQFEyg1RUQ1Rjc5MjFB
Qzg2NTQxRDkyOTM2RjY5MUNCMUNEQkY2RDVDMkExMB4XDTI2MDcwNjIyMjQxMFoX
DTI3MDcwNTIyMjkxMFowMzExMC8GA1UEAxMoRUJFRDEwOUQyRkIyRDhERjhCOTZE
RTFEQ0QwQTNFMzA0MDQ0REVDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyPTHw/Cn9YfBlYc4v6TYLanPPuA2RVEThLmw+axeMhceAc0/xY3K3yqGjC
NzGmA8EAsLB6ITFm7u/ZcoipQhDsETNIjDkFgjpFypNt5U94Gp2tG7tj9G2nsceP
XpQcWLbPnkp/xCbt1GLreZmA/XS0fTIqPn4PWokFhr0cRsfi5lcT93Qw4mG4HEyp
ZA7kjGjspiQerHNqMq4qGGE9jBbwhjDzXxrIwIT0i+9xoRCjonqxwWGObLOSfb3r
z1jOk0FRx9QnY8ezbEEGx1Ui+jb9DuxsLHS/GcTteEFMZhNUGgTUU+ZiKrb9Ib2h
UfWyrSZ5XSiAMHcA0wSXh49lfskCAwEAAaOCAjwwggI4MB0GA1UdDgQWBBTr7RCd
L7LY34uW3h3NCj4wQETeyjAfBgNVHSMEGDAWgBRe1feSGshlQdkpNvaRyxzb9tXC
oTAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2
ODY2MTA4NGI4Ni8yLzVFRDVGNzkyMUFDODY1NDFEOTI5MzZGNjkxQ0IxQ0RCRjZE
NUMyQTEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3
QzcyRkQxRkYyL1h0WDNraHJJWlVIWktUYjJrY3NjMl9iVndxRS5jZXIwgaIGCCsG
AQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2ODY2MTA4NGI4
Ni8yLzMxMzkzMjJlMzYzNDJlMzIzMDM0MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIw
MzMzNjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBAzDANBgkqhkiG9w0BAQsFAAOCAQEAb0Jv
RN0K/YGoA3PbUXe0r+UOtrEW5K5nqtbXTsYjpvusdPe2a5sjWknAsYWYUTqfYg+m
AgPPkQl2iqFatFVfhYCOXpUiUZRPtnksISwcsLG1QnkDONm9sxCqUtkycOLpxhkN
XaSWO4NALf7egNw+PlCwymgsqdhcSxWF2/+XU4oc9laNV/M7aRuGdNjfcR9YxDOh
N0TW8nc1ra17iKM9RgojwhF0at1Jc3sOLCHOZYcDVRVY9xMHBSvRFqhwPMuzwXPE
XBS9Ul/YqoIzpcA1bO4AM7Rff45A0X0T2qTflNYLReYFfbunv09axpIhIlk1BV7X
FXgzUnRncV/GXd+nPg==
-----END CERTIFICATE-----
Generated at Tue Jul 7 13:32:10 2026 by rpki-client