Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/323430333a323530303a3330303a3a2f34382d3438203d3e203336323336.roa
File:                     323430333a323530303a3330303a3a2f34382d3438203d3e203336323336.roa (raw, json)
Hash identifier:          QO2laEQ8RekI5RVFg8gKoZ9dLQeONWhzHp1qtrHHwiE=
Subject key identifier:   9A:3C:A0:69:32:94:3B:2B:42:D8:89:81:0A:A5:E4:9F:FD:06:47:B3
Certificate issuer:       /CN=A91D85A20000/serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
Certificate serial:       48C3CA42A1E0128ABEACE195AA42AC8A850F4776
Authority key identifier: 97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/323430333a323530303a3330303a3a2f34382d3438203d3e203336323336.roa
Signing time:             Mon 06 Jul 2026 20:29:08 +0000
ROA not before:           Mon 06 Jul 2026 20:24:08 +0000
ROA not after:            Mon 05 Jul 2027 20:29:08 +0000
asID:                     36236
IP address blocks:        2403:2500:300::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 02:19:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:c3:ca:42:a1:e0:12:8a:be:ac:e1:95:aa:42:ac:8a:85:0f:47:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D85A20000, serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
        Validity
            Not Before: Jul  6 20:24:08 2026 GMT
            Not After : Jul  5 20:29:08 2027 GMT
        Subject: CN=9A3CA06932943B2B42D889810AA5E49FFD0647B3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:a6:3b:ec:5b:b5:f5:0d:4a:b0:9f:ec:6f:e2:
                    d7:17:b7:b0:4d:2a:84:5b:dd:ee:e4:84:13:a2:83:
                    64:ec:e1:2f:73:f0:ae:3c:c0:29:ab:7c:6f:9a:99:
                    9a:3c:45:ec:b5:dc:9b:6f:12:4c:38:e4:49:a7:af:
                    68:e4:dc:85:a6:ea:92:ba:ce:c5:a7:04:4c:b2:96:
                    81:89:f0:60:ba:db:43:08:11:1d:9a:77:0a:bb:80:
                    6a:0a:d0:ab:cf:37:70:29:97:23:7d:3d:9c:bb:94:
                    be:28:29:1b:41:00:5a:0e:8f:26:4b:ab:69:e4:61:
                    be:57:88:b9:d2:3e:b5:9a:82:d9:88:4c:e2:0f:cd:
                    9c:77:27:4b:ba:1b:2b:35:3a:87:70:72:db:fb:e3:
                    91:80:9d:28:be:db:da:fa:fa:d4:ee:fe:3a:95:9d:
                    4a:20:3a:42:ec:3b:22:f1:1a:6f:1d:cf:dc:87:34:
                    a5:b8:fb:66:d0:2f:eb:31:bb:d6:c0:c6:fb:2d:ae:
                    86:dc:6b:79:77:9d:bd:02:71:f8:55:8a:7b:bc:f6:
                    81:c4:56:10:4b:da:d5:ee:cd:2e:13:05:7a:3f:93:
                    4c:e1:a9:5c:95:7f:77:13:37:07:b6:67:bf:f2:0e:
                    65:f2:32:bb:f7:e9:2c:51:2b:0f:32:1b:47:2b:b4:
                    8f:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:3C:A0:69:32:94:3B:2B:42:D8:89:81:0A:A5:E4:9F:FD:06:47:B3
            X509v3 Authority Key Identifier:
                keyid:97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/323430333a323530303a3330303a3a2f34382d3438203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:2500:300::/48

    Signature Algorithm: sha256WithRSAEncryption
         6a:7a:71:cc:7e:fe:c4:ef:35:15:89:0d:c4:35:71:34:e9:05:
         76:44:21:6d:f7:5e:4a:36:5f:74:03:c3:9a:71:d7:6a:19:6c:
         d8:f0:2e:1f:3f:dc:cc:e2:1b:6b:16:27:00:0f:4f:16:aa:d5:
         0c:6f:8c:1a:b9:3a:79:25:4b:a3:23:bc:0b:25:57:d9:a4:3f:
         75:3e:e1:af:2c:1c:2b:c5:1e:71:cf:9b:26:3d:c9:e9:4a:04:
         6d:6c:86:88:75:cd:27:c6:8c:a6:79:2f:5e:7c:7c:e8:4f:1e:
         ab:05:45:e1:b1:4a:97:00:9f:36:20:5b:95:2e:2b:10:34:89:
         c5:34:3e:0c:da:60:a2:33:a9:7e:db:4e:84:8f:a6:8e:ce:72:
         67:b2:ec:57:be:26:ea:28:6d:1c:43:a3:54:41:af:7b:b6:54:
         75:20:55:65:4d:39:c9:8b:7d:27:cb:fe:d5:a2:18:8f:11:3f:
         e1:a3:2b:76:6b:63:e1:dd:9d:60:9d:f3:eb:d5:15:8f:74:0f:
         d1:7f:2a:48:3b:5c:43:51:04:de:33:92:b4:cd:df:0f:ed:b6:
         8b:77:15:65:b4:3c:43:52:9f:c0:67:1c:29:6f:97:28:1a:95:
         d5:c6:27:6c:1d:48:95:ba:58:19:a6:c0:ae:0d:7e:43:0c:46:
         a2:73:be:44
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIUSMPKQqHgEoq+rOGVqkKsioUPR3YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRDg1QTIwMDAwMTEwLwYDVQQFEyg5N0U5QkRGNTk0
QUM3Njg3QkE0QTE2Q0E1QzE5MjMxMzVDREY3MTg2MB4XDTI2MDcwNjIwMjQwOFoX
DTI3MDcwNTIwMjkwOFowMzExMC8GA1UEAxMoOUEzQ0EwNjkzMjk0M0IyQjQyRDg4
OTgxMEFBNUU0OUZGRDA2NDdCMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMimO+xbtfUNSrCf7G/i1xe3sE0qhFvd7uSEE6KDZOzhL3PwrjzAKat8b5qZ
mjxF7LXcm28STDjkSaevaOTchabqkrrOxacETLKWgYnwYLrbQwgRHZp3CruAagrQ
q883cCmXI309nLuUvigpG0EAWg6PJkuraeRhvleIudI+tZqC2YhM4g/NnHcnS7ob
KzU6h3By2/vjkYCdKL7b2vr61O7+OpWdSiA6Quw7IvEabx3P3Ic0pbj7ZtAv6zG7
1sDG+y2uhtxreXedvQJx+FWKe7z2gcRWEEva1e7NLhMFej+TTOGpXJV/dxM3B7Zn
v/IOZfIyu/fpLFErDzIbRyu0j3MCAwEAAaOCAkUwggJBMB0GA1UdDgQWBBSaPKBp
MpQ7K0LYiYEKpeSf/QZHszAfBgNVHSMEGDAWgBSX6b31lKx2h7pKFspcGSMTXN9x
hjAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2
ODY2MTA4NGI4Ni8zLzk3RTlCREY1OTRBQzc2ODdCQTRBMTZDQTVDMTkyMzEzNUNE
RjcxODYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL2wtbTk5WlNzZG9lNlNoYktYQmtqRTF6ZmNZWS5jZXIwgagGCCsG
AQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2ODY2MTA4NGI4
Ni8zLzMyMzQzMDMzM2EzMjM1MzAzMDNhMzMzMDMwM2EzYTJmMzQzODJkMzQzODIw
M2QzZTIwMzMzNjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQDJQADADANBgkqhkiG9w0BAQsF
AAOCAQEAanpxzH7+xO81FYkNxDVxNOkFdkQhbfdeSjZfdAPDmnHXahls2PAuHz/c
zOIbaxYnAA9PFqrVDG+MGrk6eSVLoyO8CyVX2aQ/dT7hrywcK8Uecc+bJj3J6UoE
bWyGiHXNJ8aMpnkvXnx86E8eqwVF4bFKlwCfNiBblS4rEDSJxTQ+DNpgojOpfttO
hI+mjs5yZ7LsV74m6ihtHEOjVEGve7ZUdSBVZU05yYt9J8v+1aIYjxE/4aMrdmtj
4d2dYJ3z69UVj3QP0X8qSDtcQ1EE3jOStM3fD+22i3cVZbQ8Q1KfwGccKW+XKBqV
1cYnbB1IlbpYGabArg1+QwxGonO+RA==
-----END CERTIFICATE-----
Generated at Tue Jul 7 11:49:49 2026 by rpki-client