Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/323430333a323530303a393030303a3a2f34312d3431203d3e203336323336.roa
File:                     323430333a323530303a393030303a3a2f34312d3431203d3e203336323336.roa (raw, json)
Hash identifier:          icFVuk0vlDSJBHuKN7fIowVUhP7eLMJMXxEtupsyPvQ=
Subject key identifier:   9B:3E:01:CB:B3:E9:57:2C:96:4B:81:34:FC:77:6C:42:5B:6F:A9:D3
Certificate issuer:       /CN=A91D85A20000/serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
Certificate serial:       4BF6F3F18D2AA81E237E136282599D6479920B9D
Authority key identifier: 97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/323430333a323530303a393030303a3a2f34312d3431203d3e203336323336.roa
Signing time:             Mon 06 Jul 2026 20:29:07 +0000
ROA not before:           Mon 06 Jul 2026 20:24:07 +0000
ROA not after:            Mon 05 Jul 2027 20:29:07 +0000
asID:                     36236
IP address blocks:        2403:2500:9000::/41 maxlen: 41
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 02:19:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:f6:f3:f1:8d:2a:a8:1e:23:7e:13:62:82:59:9d:64:79:92:0b:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D85A20000, serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
        Validity
            Not Before: Jul  6 20:24:07 2026 GMT
            Not After : Jul  5 20:29:07 2027 GMT
        Subject: CN=9B3E01CBB3E9572C964B8134FC776C425B6FA9D3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:6f:8c:7c:b7:4a:6c:f4:ac:b2:51:3a:bb:2f:
                    ea:66:36:34:d1:84:dc:f8:b8:98:a7:19:21:c9:1c:
                    14:b4:ab:45:92:ad:1b:e0:15:9c:8d:f4:b8:33:f5:
                    b5:47:6c:98:59:c8:0d:1f:1d:b8:94:9e:f9:eb:25:
                    03:b7:de:66:83:32:af:cd:f7:58:f4:17:d9:8f:cc:
                    73:43:d1:72:08:96:33:9c:1e:4f:79:98:af:ae:2e:
                    a9:66:df:08:90:d9:6a:37:a9:94:4c:93:bb:2f:c3:
                    05:c4:e8:32:32:8a:0d:b6:f8:09:8b:72:ab:20:ad:
                    00:9f:c4:85:d0:3f:d7:ae:4c:f2:26:e8:69:35:1e:
                    28:cf:97:32:83:e2:59:c2:95:69:9a:6b:40:a6:77:
                    97:4d:63:dd:03:fd:a8:d8:f6:3f:fd:26:05:52:94:
                    20:6e:58:7f:44:08:66:a9:81:c7:83:5c:57:77:df:
                    f8:cd:23:95:5e:1a:78:70:6b:38:42:5c:9b:18:bd:
                    c8:d8:8e:a5:12:b6:16:45:6b:b4:5a:df:a6:8e:b4:
                    59:e9:95:9a:32:73:11:4f:1a:c8:55:fc:07:90:3a:
                    33:2e:4c:a3:a3:c7:be:d3:4d:11:83:aa:6d:95:0e:
                    a6:93:e1:d3:ea:10:55:ad:1f:c1:79:a6:3a:13:42:
                    77:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:3E:01:CB:B3:E9:57:2C:96:4B:81:34:FC:77:6C:42:5B:6F:A9:D3
            X509v3 Authority Key Identifier:
                keyid:97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/323430333a323530303a393030303a3a2f34312d3431203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:2500:9000::/41

    Signature Algorithm: sha256WithRSAEncryption
         db:11:99:c7:31:2b:04:90:77:af:72:a9:73:e5:af:4f:b8:78:
         d5:9f:f9:f5:3c:63:24:a7:33:02:09:ba:63:1e:b7:8e:20:ef:
         dc:ba:46:6c:45:c9:00:52:3a:88:05:be:55:3c:18:08:dd:4a:
         c4:31:d0:9c:4e:3a:55:2b:72:17:48:56:27:1a:96:40:23:d7:
         0d:33:7b:87:cb:c9:fe:9e:c6:a6:e4:9c:e4:b0:c7:8a:5c:0d:
         1c:9c:d1:8f:fd:19:36:de:e9:d4:b3:55:71:ce:3e:08:22:96:
         08:ed:84:77:6c:86:35:3f:52:c2:a8:a6:44:dd:d4:07:14:b0:
         b3:60:9f:d1:17:7d:e6:5f:2c:86:36:12:ce:72:d9:30:cb:88:
         cd:f6:31:a2:eb:49:fa:61:e1:9e:b0:32:02:2d:fd:6c:87:ac:
         4e:51:b4:44:eb:94:9c:23:6e:b1:92:11:cd:b5:d1:15:2e:94:
         93:f4:a5:30:05:bb:ac:49:6d:c2:f1:6a:5d:5d:ce:5d:36:33:
         b8:74:a0:b0:e7:a2:c5:de:b0:d0:16:f1:af:30:1d:ab:65:80:
         f0:a1:2f:1f:f6:e2:5d:7e:59:54:66:3f:f3:4d:44:ba:c8:91:
         ad:f8:37:5a:c7:25:50:08:34:d2:54:a8:25:39:90:d3:04:a1:
         25:85:1e:a4
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIUS/bz8Y0qqB4jfhNiglmdZHmSC50wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRDg1QTIwMDAwMTEwLwYDVQQFEyg5N0U5QkRGNTk0
QUM3Njg3QkE0QTE2Q0E1QzE5MjMxMzVDREY3MTg2MB4XDTI2MDcwNjIwMjQwN1oX
DTI3MDcwNTIwMjkwN1owMzExMC8GA1UEAxMoOUIzRTAxQ0JCM0U5NTcyQzk2NEI4
MTM0RkM3NzZDNDI1QjZGQTlEMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZvjHy3Smz0rLJROrsv6mY2NNGE3Pi4mKcZIckcFLSrRZKtG+AVnI30uDP1
tUdsmFnIDR8duJSe+eslA7feZoMyr833WPQX2Y/Mc0PRcgiWM5weT3mYr64uqWbf
CJDZajeplEyTuy/DBcToMjKKDbb4CYtyqyCtAJ/EhdA/165M8iboaTUeKM+XMoPi
WcKVaZprQKZ3l01j3QP9qNj2P/0mBVKUIG5Yf0QIZqmBx4NcV3ff+M0jlV4aeHBr
OEJcmxi9yNiOpRK2FkVrtFrfpo60WemVmjJzEU8ayFX8B5A6My5Mo6PHvtNNEYOq
bZUOppPh0+oQVa0fwXmmOhNCd/MCAwEAAaOCAkcwggJDMB0GA1UdDgQWBBSbPgHL
s+lXLJZLgTT8d2xCW2+p0zAfBgNVHSMEGDAWgBSX6b31lKx2h7pKFspcGSMTXN9x
hjAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2
ODY2MTA4NGI4Ni8zLzk3RTlCREY1OTRBQzc2ODdCQTRBMTZDQTVDMTkyMzEzNUNE
RjcxODYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL2wtbTk5WlNzZG9lNlNoYktYQmtqRTF6ZmNZWS5jZXIwgaoGCCsG
AQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2ODY2MTA4NGI4
Ni8zLzMyMzQzMDMzM2EzMjM1MzAzMDNhMzkzMDMwMzAzYTNhMmYzNDMxMmQzNDMx
MjAzZDNlMjAzMzM2MzIzMzM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcHJAMlAJAAMA0GCSqGSIb3DQEB
CwUAA4IBAQDbEZnHMSsEkHevcqlz5a9PuHjVn/n1PGMkpzMCCbpjHreOIO/cukZs
RckAUjqIBb5VPBgI3UrEMdCcTjpVK3IXSFYnGpZAI9cNM3uHy8n+nsam5JzksMeK
XA0cnNGP/Rk23unUs1Vxzj4IIpYI7YR3bIY1P1LCqKZE3dQHFLCzYJ/RF33mXyyG
NhLOctkwy4jN9jGi60n6YeGesDICLf1sh6xOUbRE65ScI26xkhHNtdEVLpST9KUw
BbusSW3C8WpdXc5dNjO4dKCw56LF3rDQFvGvMB2rZYDwoS8f9uJdfllUZj/zTUS6
yJGt+DdaxyVQCDTSVKglOZDTBKElhR6k
-----END CERTIFICATE-----
Generated at Tue Jul 7 11:49:48 2026 by rpki-client