Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/3130332e362e38362e302f32342d3234203d3e203336323336.roa
File:                     3130332e362e38362e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          02JvgskW9YRVYRU+oclYuHgEa37YNDUaxq/1J9m/0/c=
Subject key identifier:   B0:66:4E:EC:B7:64:17:B9:0D:2D:36:45:0B:BE:D6:34:6A:DF:34:E6
Certificate issuer:       /CN=A91D85A20000/serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
Certificate serial:       251372A0C0CE16B77ACCFE7E7AB8D01082BB0125
Authority key identifier: 97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/3130332e362e38362e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 06 Jul 2026 23:29:13 +0000
ROA not before:           Mon 06 Jul 2026 23:24:13 +0000
ROA not after:            Mon 05 Jul 2027 23:29:13 +0000
asID:                     36236
IP address blocks:        103.6.86.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 02:19:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:13:72:a0:c0:ce:16:b7:7a:cc:fe:7e:7a:b8:d0:10:82:bb:01:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D85A20000, serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
        Validity
            Not Before: Jul  6 23:24:13 2026 GMT
            Not After : Jul  5 23:29:13 2027 GMT
        Subject: CN=B0664EECB76417B90D2D36450BBED6346ADF34E6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:24:bd:05:16:36:24:7a:16:11:22:79:07:67:
                    61:eb:ed:ac:f7:bb:d6:52:63:d4:1e:38:af:58:48:
                    ae:46:f6:37:46:23:a5:b2:3b:a5:fd:96:c5:6a:c6:
                    e8:e5:92:80:74:07:35:5f:4b:0f:de:9a:03:46:73:
                    e4:de:17:86:b2:54:ee:a7:51:5b:1c:11:cc:af:51:
                    ef:5d:0f:d0:fd:74:7c:49:43:bc:08:e5:d4:aa:70:
                    af:46:db:0c:99:9b:c9:11:71:19:3b:20:8c:04:d8:
                    9d:0a:04:d4:16:6b:93:4c:db:54:65:5c:c1:06:3f:
                    99:e9:b2:27:f9:7a:3f:2a:2e:1b:54:b1:12:64:d3:
                    8d:03:54:78:63:72:58:6a:e4:6a:38:9c:cb:e8:23:
                    dc:95:39:6c:3e:d8:66:bb:38:35:97:bf:cf:6b:a2:
                    1b:f7:5c:4e:1d:47:35:c6:39:ec:75:7f:91:5b:58:
                    5b:b3:2a:53:1c:0f:a2:65:f8:bd:97:b0:da:3f:8e:
                    ff:68:54:f1:83:0e:89:cd:87:29:43:fe:ca:53:8d:
                    2e:b2:10:c5:fc:f9:86:bd:f6:23:31:28:4e:e8:c8:
                    ad:8f:a3:9c:10:49:48:80:ab:f9:16:4d:b2:21:2e:
                    ad:b9:07:14:69:81:84:4b:61:cd:fb:be:4a:00:dd:
                    33:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:66:4E:EC:B7:64:17:B9:0D:2D:36:45:0B:BE:D6:34:6A:DF:34:E6
            X509v3 Authority Key Identifier:
                keyid:97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/3130332e362e38362e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.6.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:cd:f3:d1:a5:6b:75:e1:bc:e9:16:6d:64:ec:e1:21:88:55:
         76:55:85:60:b6:05:33:e3:1f:5d:79:7f:fc:b1:e4:e0:5e:02:
         1b:ad:45:51:ab:10:10:d9:b0:d9:ae:a0:d7:eb:b2:8a:44:e1:
         bb:39:5e:8b:b7:82:32:0f:32:22:7b:d4:fe:e3:b2:e5:67:03:
         40:82:3f:52:a3:d4:0a:d1:a9:aa:9a:35:38:73:07:37:df:ef:
         94:48:eb:79:a1:d5:2a:c5:b3:37:96:72:2d:15:4b:4e:46:49:
         e3:5a:fd:59:a3:92:ab:69:c2:69:84:31:61:a9:34:5e:4e:cd:
         76:6e:ea:bc:c8:18:98:57:5a:56:43:81:47:2a:ef:4a:7d:8a:
         ad:00:29:a4:4e:5c:76:69:b2:93:f7:64:b3:84:b6:99:01:70:
         8e:d3:cf:51:6d:06:79:92:b6:c1:1d:05:07:e9:a8:98:24:d7:
         0e:da:82:ca:f9:19:8f:5b:17:ec:f3:ac:7a:31:dc:e8:21:d8:
         e3:d4:57:74:66:7f:ff:ad:41:28:50:d7:2f:8e:18:d2:f8:6d:
         b8:b9:7a:2c:9a:a0:90:45:b9:58:e3:ae:a4:87:e1:d9:8b:d8:
         b9:d5:44:da:99:04:af:e6:15:36:04:35:bc:ff:fd:9c:82:b0:
         92:36:4f:ae
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIUJRNyoMDOFrd6zP5+erjQEIK7ASUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRDg1QTIwMDAwMTEwLwYDVQQFEyg5N0U5QkRGNTk0
QUM3Njg3QkE0QTE2Q0E1QzE5MjMxMzVDREY3MTg2MB4XDTI2MDcwNjIzMjQxM1oX
DTI3MDcwNTIzMjkxM1owMzExMC8GA1UEAxMoQjA2NjRFRUNCNzY0MTdCOTBEMkQz
NjQ1MEJCRUQ2MzQ2QURGMzRFNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPAkvQUWNiR6FhEieQdnYevtrPe71lJj1B44r1hIrkb2N0YjpbI7pf2WxWrG
6OWSgHQHNV9LD96aA0Zz5N4XhrJU7qdRWxwRzK9R710P0P10fElDvAjl1Kpwr0bb
DJmbyRFxGTsgjATYnQoE1BZrk0zbVGVcwQY/memyJ/l6PyouG1SxEmTTjQNUeGNy
WGrkajicy+gj3JU5bD7YZrs4NZe/z2uiG/dcTh1HNcY57HV/kVtYW7MqUxwPomX4
vZew2j+O/2hU8YMOic2HKUP+ylONLrIQxfz5hr32IzEoTujIrY+jnBBJSICr+RZN
siEurbkHFGmBhEthzfu+SgDdM58CAwEAAaOCAjcwggIzMB0GA1UdDgQWBBSwZk7s
t2QXuQ0tNkULvtY0at805jAfBgNVHSMEGDAWgBSX6b31lKx2h7pKFspcGSMTXN9x
hjAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2
ODY2MTA4NGI4Ni8zLzk3RTlCREY1OTRBQzc2ODdCQTRBMTZDQTVDMTkyMzEzNUNE
RjcxODYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL2wtbTk5WlNzZG9lNlNoYktYQmtqRTF6ZmNZWS5jZXIwgZ0GCCsG
AQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzMvMzEzMDMzMmUzNjJlMzgzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzYz
MjMzMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABnBlYwDQYJKoZIhvcNAQELBQADggEBAIjN89Gla3Xh
vOkWbWTs4SGIVXZVhWC2BTPjH115f/yx5OBeAhutRVGrEBDZsNmuoNfrsopE4bs5
Xou3gjIPMiJ71P7jsuVnA0CCP1Kj1ArRqaqaNThzBzff75RI63mh1SrFszeWci0V
S05GSeNa/VmjkqtpwmmEMWGpNF5OzXZu6rzIGJhXWlZDgUcq70p9iq0AKaROXHZp
spP3ZLOEtpkBcI7Tz1FtBnmStsEdBQfpqJgk1w7agsr5GY9bF+zzrHox3Ogh2OPU
V3Rmf/+tQShQ1y+OGNL4bbi5eiyaoJBFuVjjrqSH4dmL2LnVRNqZBK/mFTYENbz/
/ZyCsJI2T64=
-----END CERTIFICATE-----
Generated at Tue Jul 7 11:48:59 2026 by rpki-client