Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/323430333a323530303a343030303a3a2f34382d3438203d3e203336323336.roa
File:                     323430333a323530303a343030303a3a2f34382d3438203d3e203336323336.roa (raw, json)
Hash identifier:          fx7pg2VS6/98ojFgKikWbw6+r18NH7V5xEAoeImo8NA=
Subject key identifier:   FD:21:E2:93:46:80:58:BD:D0:D0:72:F9:E7:88:C5:3D:C3:9A:C2:81
Certificate issuer:       /CN=A91D85A20000/serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
Certificate serial:       2A42AD20A21A972BD78465C525364B553BBE40F3
Authority key identifier: 97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/323430333a323530303a343030303a3a2f34382d3438203d3e203336323336.roa
Signing time:             Mon 06 Jul 2026 20:29:07 +0000
ROA not before:           Mon 06 Jul 2026 20:24:07 +0000
ROA not after:            Mon 05 Jul 2027 20:29:07 +0000
asID:                     36236
IP address blocks:        2403:2500:4000::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 02:19:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:42:ad:20:a2:1a:97:2b:d7:84:65:c5:25:36:4b:55:3b:be:40:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D85A20000, serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
        Validity
            Not Before: Jul  6 20:24:07 2026 GMT
            Not After : Jul  5 20:29:07 2027 GMT
        Subject: CN=FD21E293468058BDD0D072F9E788C53DC39AC281
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:ad:b4:73:3f:95:1a:c3:d9:4f:0a:f1:c0:92:
                    ea:16:a9:c1:5a:81:eb:55:af:21:e6:a0:67:24:07:
                    f6:8d:2d:4c:08:e7:16:5a:ce:77:67:34:9e:8d:15:
                    32:08:2d:6f:b9:1f:a1:52:ae:b7:3d:ce:26:ce:17:
                    0b:f0:06:9a:3d:08:d9:1d:fd:ad:64:a3:46:12:e3:
                    9d:44:ee:6a:6e:91:12:4c:49:44:e9:28:5a:8e:72:
                    c4:6a:01:f6:b6:cc:94:50:c8:1f:5e:0e:7e:56:50:
                    25:68:df:2e:d7:b0:a1:36:81:48:65:5a:e0:36:d6:
                    27:51:bd:45:f4:d1:d0:89:8c:e4:95:a2:f7:33:29:
                    27:95:5d:4f:b3:d7:ff:be:93:1b:5d:97:d6:23:88:
                    93:1b:7b:5d:cd:53:07:ad:3c:ac:50:b3:e0:71:cf:
                    ec:a0:2d:bc:85:d0:dd:04:34:b7:d3:ce:17:c0:9d:
                    48:cb:36:aa:84:82:31:c3:3a:26:76:db:dc:44:c9:
                    c1:b5:34:91:5b:45:3f:f4:da:c9:14:1c:45:0c:66:
                    24:20:c4:da:1f:7b:91:ee:2f:43:14:f2:72:18:74:
                    68:ac:e3:ab:0d:06:dc:bd:9f:73:23:73:85:8e:00:
                    f6:56:90:c6:41:63:6f:66:69:26:c7:72:55:c9:2e:
                    d8:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:21:E2:93:46:80:58:BD:D0:D0:72:F9:E7:88:C5:3D:C3:9A:C2:81
            X509v3 Authority Key Identifier:
                keyid:97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/323430333a323530303a343030303a3a2f34382d3438203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:2500:4000::/48

    Signature Algorithm: sha256WithRSAEncryption
         26:de:19:6c:0d:6c:06:47:82:51:16:66:03:68:3f:a5:c7:75:
         ee:16:bf:85:b2:a9:7a:de:c8:63:78:bf:7a:05:a8:d9:69:3f:
         dc:4c:06:9a:de:4f:f0:2f:60:d9:52:3a:a7:42:36:30:d6:cf:
         09:00:79:47:f4:5b:79:f4:99:a3:d8:b9:2c:a0:c5:3d:7b:31:
         e3:15:d3:a0:49:24:eb:39:48:6e:7f:05:0b:c6:b8:27:e9:d2:
         9b:e7:6c:c9:80:ed:d3:d9:f2:b6:65:b1:1f:ba:d8:f1:21:e2:
         c9:9f:c7:e7:45:5c:44:b5:f6:8c:e9:fc:83:0d:7e:9b:d3:2e:
         82:fd:ad:cb:f0:58:62:9c:dc:ce:75:34:79:e8:0b:a0:2d:dd:
         78:81:82:fa:27:32:10:23:fb:19:20:1d:4b:e1:c9:8e:69:65:
         9d:b8:eb:70:34:c0:58:b6:57:7e:0e:4a:fd:fd:55:84:28:e6:
         bd:e3:e4:eb:98:bb:71:8f:70:01:e2:79:26:55:45:1a:64:44:
         02:11:c8:a0:57:93:dd:b1:fd:6f:c0:4f:20:c4:71:46:bf:79:
         b3:51:9e:55:f0:9c:db:89:7f:68:33:86:e7:42:4c:85:58:f5:
         4f:67:4e:fe:2a:29:26:16:7b:30:c0:f5:f2:73:0e:7c:77:45:
         fa:48:26:c7
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIUKkKtIKIalyvXhGXFJTZLVTu+QPMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRDg1QTIwMDAwMTEwLwYDVQQFEyg5N0U5QkRGNTk0
QUM3Njg3QkE0QTE2Q0E1QzE5MjMxMzVDREY3MTg2MB4XDTI2MDcwNjIwMjQwN1oX
DTI3MDcwNTIwMjkwN1owMzExMC8GA1UEAxMoRkQyMUUyOTM0NjgwNThCREQwRDA3
MkY5RTc4OEM1M0RDMzlBQzI4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6ttHM/lRrD2U8K8cCS6hapwVqB61WvIeagZyQH9o0tTAjnFlrOd2c0no0V
Mggtb7kfoVKutz3OJs4XC/AGmj0I2R39rWSjRhLjnUTuam6REkxJROkoWo5yxGoB
9rbMlFDIH14OflZQJWjfLtewoTaBSGVa4DbWJ1G9RfTR0ImM5JWi9zMpJ5VdT7PX
/76TG12X1iOIkxt7Xc1TB608rFCz4HHP7KAtvIXQ3QQ0t9POF8CdSMs2qoSCMcM6
Jnbb3ETJwbU0kVtFP/TayRQcRQxmJCDE2h97ke4vQxTychh0aKzjqw0G3L2fcyNz
hY4A9laQxkFjb2ZpJsdyVcku2IsCAwEAAaOCAkcwggJDMB0GA1UdDgQWBBT9IeKT
RoBYvdDQcvnniMU9w5rCgTAfBgNVHSMEGDAWgBSX6b31lKx2h7pKFspcGSMTXN9x
hjAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2
ODY2MTA4NGI4Ni8zLzk3RTlCREY1OTRBQzc2ODdCQTRBMTZDQTVDMTkyMzEzNUNE
RjcxODYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL2wtbTk5WlNzZG9lNlNoYktYQmtqRTF6ZmNZWS5jZXIwgaoGCCsG
AQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2ODY2MTA4NGI4
Ni8zLzMyMzQzMDMzM2EzMjM1MzAzMDNhMzQzMDMwMzAzYTNhMmYzNDM4MmQzNDM4
MjAzZDNlMjAzMzM2MzIzMzM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAMlAEAAMA0GCSqGSIb3DQEB
CwUAA4IBAQAm3hlsDWwGR4JRFmYDaD+lx3XuFr+Fsql63shjeL96BajZaT/cTAaa
3k/wL2DZUjqnQjYw1s8JAHlH9Ft59Jmj2LksoMU9ezHjFdOgSSTrOUhufwULxrgn
6dKb52zJgO3T2fK2ZbEfutjxIeLJn8fnRVxEtfaM6fyDDX6b0y6C/a3L8FhinNzO
dTR56AugLd14gYL6JzIQI/sZIB1L4cmOaWWduOtwNMBYtld+Dkr9/VWEKOa94+Tr
mLtxj3AB4nkmVUUaZEQCEcigV5Pdsf1vwE8gxHFGv3mzUZ5V8JzbiX9oM4bnQkyF
WPVPZ07+KikmFnswwPXycw58d0X6SCbH
-----END CERTIFICATE-----
Generated at Tue Jul 7 11:49:47 2026 by rpki-client