Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/3139382e3137392e3232352e302f32342d3234203d3e203336323336.roa
File:                     3139382e3137392e3232352e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          1pb6iRZh2u+VRf6t/MOcNiNfWkPg0JFXwGKHzeC9LoI=
Subject key identifier:   58:CB:41:00:0F:53:1D:C2:EA:66:D3:91:75:51:1C:0A:24:4E:72:CC
Certificate issuer:       /CN=A91D85A20000/serialNumber=5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1
Certificate serial:       532585AD184CF9EAA4AA3932A4460720F73C7B38
Authority key identifier: 5E:D5:F7:92:1A:C8:65:41:D9:29:36:F6:91:CB:1C:DB:F6:D5:C2:A1
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XtX3khrIZUHZKTb2kcsc2_bVwqE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/3139382e3137392e3232352e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 06 Jul 2026 22:29:10 +0000
ROA not before:           Mon 06 Jul 2026 22:24:10 +0000
ROA not after:            Mon 05 Jul 2027 22:29:10 +0000
asID:                     36236
IP address blocks:        198.179.225.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XtX3khrIZUHZKTb2kcsc2_bVwqE.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 00:38:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:25:85:ad:18:4c:f9:ea:a4:aa:39:32:a4:46:07:20:f7:3c:7b:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D85A20000, serialNumber=5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1
        Validity
            Not Before: Jul  6 22:24:10 2026 GMT
            Not After : Jul  5 22:29:10 2027 GMT
        Subject: CN=58CB41000F531DC2EA66D39175511C0A244E72CC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:fb:97:0e:e9:cf:e6:93:27:8d:a2:65:cb:69:
                    b9:4c:53:c5:9d:10:d6:02:fb:82:ee:47:28:a1:5b:
                    99:d1:2c:6e:7d:a2:27:12:46:1a:be:75:f2:fb:9a:
                    49:95:a0:a3:8a:d9:cd:d3:ba:c5:f7:5a:f0:4c:19:
                    fe:01:bd:62:c2:6f:bd:0b:8c:b5:5e:cc:5d:f9:9e:
                    d8:8d:de:2b:85:34:61:07:de:43:85:93:2c:d3:cd:
                    cb:0e:4c:3e:19:9d:81:aa:0c:8b:9c:01:61:33:d4:
                    e5:5a:89:db:20:36:ee:d2:e5:06:d6:4d:4c:23:f3:
                    8d:6d:ad:41:48:32:1b:3b:61:b1:cf:c5:be:8b:fb:
                    fc:44:e6:86:7b:9d:0a:a6:12:71:93:52:a3:d8:ba:
                    85:44:5f:e2:12:9f:8a:de:0e:bc:88:20:a5:a3:55:
                    35:ca:04:c1:05:06:9d:fd:e3:94:fb:d1:0e:8f:f9:
                    de:44:bc:5c:6d:9b:0b:07:dd:ff:9b:66:48:30:66:
                    a1:e3:c6:6c:4f:19:c0:22:36:e1:40:24:71:54:76:
                    f1:40:82:7e:43:16:94:ca:e3:57:39:48:ca:28:f9:
                    3f:1b:2e:b8:82:b7:d0:5b:7e:89:fd:eb:6e:ee:fa:
                    6b:16:20:f9:91:84:84:ac:0c:57:28:80:39:ee:86:
                    f0:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:CB:41:00:0F:53:1D:C2:EA:66:D3:91:75:51:1C:0A:24:4E:72:CC
            X509v3 Authority Key Identifier:
                keyid:5E:D5:F7:92:1A:C8:65:41:D9:29:36:F6:91:CB:1C:DB:F6:D5:C2:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XtX3khrIZUHZKTb2kcsc2_bVwqE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/3139382e3137392e3232352e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.179.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:49:7e:5e:2a:55:5c:be:3e:fa:fc:c2:d4:7a:17:55:54:d3:
         52:cf:02:23:f8:45:da:5b:5a:d0:49:be:4d:8f:bd:57:5f:4a:
         0f:56:7c:a7:a9:4d:55:04:64:a4:4d:28:c9:41:37:75:08:c8:
         28:61:b4:7d:e9:0f:8a:63:ea:b7:f5:5d:6f:12:af:7d:4f:e4:
         c3:78:68:f2:50:7c:d9:fc:ca:b5:5f:95:01:3e:aa:55:f4:8d:
         4b:0b:af:bd:e1:43:2d:05:45:99:00:33:42:70:77:c1:25:ee:
         48:ce:c0:c6:af:ec:d1:34:d1:dd:9c:32:8d:0e:32:fa:4a:86:
         ac:67:3a:2f:83:73:cf:af:61:3f:ad:61:cb:f6:80:08:32:93:
         3f:52:93:ae:a0:92:d1:30:61:ff:64:f2:20:5e:f6:9d:d8:7a:
         b5:f3:c3:05:c1:af:ba:e2:f8:4a:ef:5f:e1:93:de:7e:97:a3:
         a7:ff:7c:f5:45:3a:c4:1d:2f:4b:fa:f1:dd:d6:65:88:b5:97:
         b4:16:76:d2:71:8e:f9:40:81:10:3a:94:d0:6b:44:6f:97:df:
         a7:43:bd:20:6e:44:8d:2c:7e:eb:37:8b:5b:8c:21:f5:da:fb:
         5d:83:d8:2e:47:22:d4:ee:12:1c:3e:9b:8f:bd:c4:cb:e0:8c:
         7f:86:73:53
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIUUyWFrRhM+eqkqjkypEYHIPc8ezgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAwwMQTkxRDg1QTIwMDAwMTEwLwYDVQQFEyg1RUQ1Rjc5MjFB
Qzg2NTQxRDkyOTM2RjY5MUNCMUNEQkY2RDVDMkExMB4XDTI2MDcwNjIyMjQxMFoX
DTI3MDcwNTIyMjkxMFowMzExMC8GA1UEAxMoNThDQjQxMDAwRjUzMURDMkVBNjZE
MzkxNzU1MTFDMEEyNDRFNzJDQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKn7lw7pz+aTJ42iZctpuUxTxZ0Q1gL7gu5HKKFbmdEsbn2iJxJGGr518vua
SZWgo4rZzdO6xfda8EwZ/gG9YsJvvQuMtV7MXfme2I3eK4U0YQfeQ4WTLNPNyw5M
PhmdgaoMi5wBYTPU5VqJ2yA27tLlBtZNTCPzjW2tQUgyGzthsc/Fvov7/ETmhnud
CqYScZNSo9i6hURf4hKfit4OvIggpaNVNcoEwQUGnf3jlPvRDo/53kS8XG2bCwfd
/5tmSDBmoePGbE8ZwCI24UAkcVR28UCCfkMWlMrjVzlIyij5PxsuuIK30Ft+if3r
bu76axYg+ZGEhKwMVyiAOe6G8PECAwEAAaOCAj4wggI6MB0GA1UdDgQWBBRYy0EA
D1Mdwupm05F1URwKJE5yzDAfBgNVHSMEGDAWgBRe1feSGshlQdkpNvaRyxzb9tXC
oTAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2
ODY2MTA4NGI4Ni8yLzVFRDVGNzkyMUFDODY1NDFEOTI5MzZGNjkxQ0IxQ0RCRjZE
NUMyQTEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3
QzcyRkQxRkYyL1h0WDNraHJJWlVIWktUYjJrY3NjMl9iVndxRS5jZXIwgaQGCCsG
AQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2ODY2MTA4NGI4
Ni8yLzMxMzkzODJlMzEzNzM5MmUzMjMyMzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzMzM2MzIzMzM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAxrPhMA0GCSqGSIb3DQEBCwUAA4IBAQAL
SX5eKlVcvj76/MLUehdVVNNSzwIj+EXaW1rQSb5Nj71XX0oPVnynqU1VBGSkTSjJ
QTd1CMgoYbR96Q+KY+q39V1vEq99T+TDeGjyUHzZ/Mq1X5UBPqpV9I1LC6+94UMt
BUWZADNCcHfBJe5IzsDGr+zRNNHdnDKNDjL6SoasZzovg3PPr2E/rWHL9oAIMpM/
UpOuoJLRMGH/ZPIgXvad2Hq188MFwa+64vhK71/hk95+l6On/3z1RTrEHS9L+vHd
1mWItZe0FnbScY75QIEQOpTQa0Rvl9+nQ70gbkSNLH7rN4tbjCH12vtdg9guRyLU
7hIcPpuPvcTL4Ix/hnNT
-----END CERTIFICATE-----
Generated at Tue Jul 7 13:33:55 2026 by rpki-client