Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/323430333a323530303a343030303a3a2f34312d3431203d3e203336323336.roa
File:                     323430333a323530303a343030303a3a2f34312d3431203d3e203336323336.roa (raw, json)
Hash identifier:          cx01G7vmTqXzQpfSLcbyVj0WvYuPdb8Wz4mAfVjqsbg=
Subject key identifier:   77:D7:1D:E7:18:D7:09:99:16:A3:EE:21:0C:66:54:0C:54:60:5A:CF
Certificate issuer:       /CN=A91D85A20000/serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
Certificate serial:       5E8B1790B7C3C34FD6EC40CAF6916E767781ED48
Authority key identifier: 97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/323430333a323530303a343030303a3a2f34312d3431203d3e203336323336.roa
Signing time:             Mon 06 Jul 2026 20:29:08 +0000
ROA not before:           Mon 06 Jul 2026 20:24:08 +0000
ROA not after:            Mon 05 Jul 2027 20:29:08 +0000
asID:                     36236
IP address blocks:        2403:2500:4000::/41 maxlen: 41
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 02:19:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:8b:17:90:b7:c3:c3:4f:d6:ec:40:ca:f6:91:6e:76:77:81:ed:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D85A20000, serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
        Validity
            Not Before: Jul  6 20:24:08 2026 GMT
            Not After : Jul  5 20:29:08 2027 GMT
        Subject: CN=77D71DE718D7099916A3EE210C66540C54605ACF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:e8:61:d7:f2:a4:d5:42:ca:d5:17:57:d0:9b:
                    46:5b:9e:a2:f4:ce:b2:16:db:a6:18:b1:fb:61:02:
                    3d:f3:1e:6e:0c:2b:3a:e4:d9:57:13:c0:99:b3:4e:
                    ad:6f:87:6f:de:35:d4:f8:46:5e:4a:0f:83:40:f6:
                    f9:ec:49:69:f6:b7:84:08:37:60:a0:3f:58:b6:b2:
                    83:47:ee:92:96:b5:84:88:bd:b8:a3:59:75:ab:d8:
                    d0:8e:f3:99:39:75:17:05:ff:b4:cf:f3:9b:14:94:
                    fc:91:14:b3:a5:99:5e:02:db:9a:52:43:70:da:97:
                    2e:61:77:68:0b:77:61:8b:5a:14:e7:a4:be:1f:40:
                    97:2d:1b:6c:10:4f:cf:d9:40:2a:43:65:49:ec:2b:
                    3c:a2:2a:06:6e:48:e6:d4:dc:30:2e:3e:36:ce:cd:
                    53:6d:eb:0d:cc:d2:f6:90:47:36:b2:5f:af:2b:8f:
                    35:1e:31:61:ed:01:c9:9e:7e:bb:5d:07:b8:96:4c:
                    db:f7:1f:91:85:7b:54:fc:79:8c:7a:c0:4b:5e:63:
                    af:b8:bb:27:1a:1a:f2:4d:59:c8:82:5a:a4:0c:7c:
                    1a:c0:00:ab:51:b9:c9:7c:b0:97:47:6e:a8:4e:01:
                    8b:02:db:a8:3e:d8:38:81:15:ab:5a:35:b8:5d:36:
                    06:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:D7:1D:E7:18:D7:09:99:16:A3:EE:21:0C:66:54:0C:54:60:5A:CF
            X509v3 Authority Key Identifier:
                keyid:97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/323430333a323530303a343030303a3a2f34312d3431203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:2500:4000::/41

    Signature Algorithm: sha256WithRSAEncryption
         34:99:89:61:af:0e:cf:2c:8a:ca:d4:7c:a6:43:2f:18:e5:70:
         90:1b:bc:7b:12:93:2e:88:22:ec:d5:9f:34:cc:a1:d8:f4:c8:
         57:e4:8a:67:e8:88:e1:34:9f:88:25:54:eb:8e:23:44:fd:84:
         9a:5a:c9:21:d7:de:67:24:a1:e3:60:dd:7e:d9:73:87:ab:f4:
         8a:d7:c4:3b:66:e7:8f:fa:1d:c4:42:60:cf:94:90:ec:7e:3a:
         4b:da:58:3f:c5:bc:87:f1:0c:56:9c:14:a0:cc:67:08:84:27:
         3e:46:c2:85:22:b7:1b:c4:88:f2:c4:50:5d:75:26:96:18:e0:
         e5:56:7e:5e:d0:7a:89:d3:10:2f:44:d7:9f:71:aa:e0:4b:d9:
         af:a4:e6:02:95:67:18:58:92:cf:2e:23:34:77:ff:57:5f:43:
         c5:be:1a:2d:3d:dc:ef:b4:8c:28:f5:87:64:1e:54:2e:68:81:
         4e:09:4f:9b:d3:ec:df:51:1d:ab:58:bd:92:eb:3c:27:6d:39:
         61:10:d3:9b:9c:69:1a:03:76:c0:1f:56:04:21:dc:21:f7:51:
         44:81:4c:80:7d:7e:f0:d1:5b:de:c8:bf:86:e1:0a:21:9c:94:
         20:55:88:74:f9:06:a9:b3:2e:bd:a5:ce:b2:6e:24:47:2c:72:
         c6:c6:28:30
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIUXosXkLfDw0/W7EDK9pFudneB7UgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRDg1QTIwMDAwMTEwLwYDVQQFEyg5N0U5QkRGNTk0
QUM3Njg3QkE0QTE2Q0E1QzE5MjMxMzVDREY3MTg2MB4XDTI2MDcwNjIwMjQwOFoX
DTI3MDcwNTIwMjkwOFowMzExMC8GA1UEAxMoNzdENzFERTcxOEQ3MDk5OTE2QTNF
RTIxMEM2NjU0MEM1NDYwNUFDRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzoYdfypNVCytUXV9CbRlueovTOshbbphix+2ECPfMebgwrOuTZVxPAmbNO
rW+Hb9411PhGXkoPg0D2+exJafa3hAg3YKA/WLayg0fukpa1hIi9uKNZdavY0I7z
mTl1FwX/tM/zmxSU/JEUs6WZXgLbmlJDcNqXLmF3aAt3YYtaFOekvh9Aly0bbBBP
z9lAKkNlSewrPKIqBm5I5tTcMC4+Ns7NU23rDczS9pBHNrJfryuPNR4xYe0ByZ5+
u10HuJZM2/cfkYV7VPx5jHrAS15jr7i7Jxoa8k1ZyIJapAx8GsAAq1G5yXywl0du
qE4BiwLbqD7YOIEVq1o1uF02Bq0CAwEAAaOCAkcwggJDMB0GA1UdDgQWBBR31x3n
GNcJmRaj7iEMZlQMVGBazzAfBgNVHSMEGDAWgBSX6b31lKx2h7pKFspcGSMTXN9x
hjAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2
ODY2MTA4NGI4Ni8zLzk3RTlCREY1OTRBQzc2ODdCQTRBMTZDQTVDMTkyMzEzNUNE
RjcxODYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL2wtbTk5WlNzZG9lNlNoYktYQmtqRTF6ZmNZWS5jZXIwgaoGCCsG
AQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2ODY2MTA4NGI4
Ni8zLzMyMzQzMDMzM2EzMjM1MzAzMDNhMzQzMDMwMzAzYTNhMmYzNDMxMmQzNDMx
MjAzZDNlMjAzMzM2MzIzMzM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcHJAMlAEAAMA0GCSqGSIb3DQEB
CwUAA4IBAQA0mYlhrw7PLIrK1HymQy8Y5XCQG7x7EpMuiCLs1Z80zKHY9MhX5Ipn
6IjhNJ+IJVTrjiNE/YSaWskh195nJKHjYN1+2XOHq/SK18Q7ZueP+h3EQmDPlJDs
fjpL2lg/xbyH8QxWnBSgzGcIhCc+RsKFIrcbxIjyxFBddSaWGODlVn5e0HqJ0xAv
RNefcargS9mvpOYClWcYWJLPLiM0d/9XX0PFvhotPdzvtIwo9YdkHlQuaIFOCU+b
0+zfUR2rWL2S6zwnbTlhENObnGkaA3bAH1YEIdwh91FEgUyAfX7w0VveyL+G4Qoh
nJQgVYh0+Qapsy69pc6ybiRHLHLGxigw
-----END CERTIFICATE-----
Generated at Tue Jul 7 11:49:48 2026 by rpki-client