Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/34332e3234352e34392e302f32342d3234203d3e203336323336.roa
File:                     34332e3234352e34392e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          LcpX/N6UAGb6EeEBooNedgejcMRHbnnHuixUvWzXPmI=
Subject key identifier:   1C:96:53:F0:1C:D1:CC:46:88:F2:FD:68:2F:43:01:76:50:F3:2D:2F
Certificate issuer:       /CN=A91D85A20000/serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
Certificate serial:       4839E3B8240F26B48416107EC8B8CBDF1A01AE10
Authority key identifier: 97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/34332e3234352e34392e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 06 Jul 2026 21:29:08 +0000
ROA not before:           Mon 06 Jul 2026 21:24:08 +0000
ROA not after:            Mon 05 Jul 2027 21:29:08 +0000
asID:                     36236
IP address blocks:        43.245.49.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 02:19:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:39:e3:b8:24:0f:26:b4:84:16:10:7e:c8:b8:cb:df:1a:01:ae:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D85A20000, serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
        Validity
            Not Before: Jul  6 21:24:08 2026 GMT
            Not After : Jul  5 21:29:08 2027 GMT
        Subject: CN=1C9653F01CD1CC4688F2FD682F43017650F32D2F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:e7:8d:9a:d1:0c:ab:97:38:f4:44:e6:47:22:
                    11:b4:5c:b7:80:09:64:ce:2a:36:4b:5c:dc:f5:57:
                    4e:6b:d0:3d:72:cf:a8:61:52:39:ca:1e:7a:30:d4:
                    61:99:0b:9b:e2:06:cf:de:90:a8:5e:96:d8:1a:40:
                    f4:d7:f3:06:2d:a3:4c:8c:21:0c:2c:13:d7:2d:a9:
                    b5:93:a3:fa:ab:cd:2a:84:e4:34:d8:8e:91:f3:e0:
                    ea:4d:c4:c7:93:c8:9a:e5:8a:fc:3c:b5:18:7d:da:
                    18:82:d1:e8:12:76:3e:59:06:0f:13:b4:c1:e7:55:
                    2e:08:e4:f6:bb:2f:b4:b1:29:58:71:84:53:a5:34:
                    ef:a2:42:fb:7c:70:3b:04:1d:2c:e2:25:2d:a5:b1:
                    43:c0:0e:9a:93:4e:e8:7b:27:dd:40:37:b4:9d:ca:
                    5c:3f:16:c4:07:4c:07:45:ac:57:19:54:fb:c9:71:
                    d0:4f:82:bb:47:cc:ee:16:fb:21:79:88:0a:2e:ba:
                    80:ad:fd:75:e6:ef:21:4d:34:f1:05:45:c4:27:09:
                    79:26:eb:e9:77:10:71:3a:9e:9f:2b:39:66:b8:31:
                    4e:95:91:a8:65:de:5d:e0:7d:4b:e4:54:7f:61:84:
                    21:e6:24:a3:f1:f7:15:9d:e4:84:ff:71:47:69:19:
                    41:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:96:53:F0:1C:D1:CC:46:88:F2:FD:68:2F:43:01:76:50:F3:2D:2F
            X509v3 Authority Key Identifier:
                keyid:97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/34332e3234352e34392e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.245.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:ca:4a:f7:30:a3:35:be:ad:be:b0:bb:c8:b9:f3:98:fb:a9:
         68:6f:39:71:2a:99:3e:a8:65:e2:f2:9f:8e:a7:d2:b3:22:98:
         80:69:91:a4:ec:f2:53:cf:ac:b1:56:d6:bd:46:28:ad:1a:b5:
         41:65:47:dc:80:b1:8d:65:d2:86:65:48:aa:0a:ca:2c:e8:d9:
         dc:51:e4:c5:80:8f:4c:dc:a8:a4:78:37:0a:8f:d1:89:60:f7:
         ff:f5:12:e0:85:66:08:61:68:8d:27:46:d6:b8:08:17:be:5b:
         b9:f9:60:96:4e:a5:b2:46:2f:a1:15:d3:59:43:59:bc:1f:11:
         c7:77:e8:35:bb:96:de:37:10:36:ef:a9:0e:9e:1c:5e:fc:66:
         b3:c1:a9:ae:00:ff:bd:87:ac:93:ef:cf:41:ca:a7:34:8e:d9:
         1a:d8:40:7a:ef:68:06:fb:9b:f9:49:fd:6f:19:25:a3:a9:80:
         3a:78:7d:b4:a4:59:f2:98:47:95:9b:76:3d:1b:30:51:65:87:
         e7:3d:11:79:f0:96:e7:da:3b:ee:5d:d3:8a:2f:9a:2f:26:72:
         71:d9:ab:e0:2b:7a:62:53:f2:34:10:a5:6e:77:dc:40:7d:39:
         e6:06:89:b4:bc:bc:dc:be:f4:5d:d7:d0:f7:50:74:fe:27:60:
         57:7f:bb:2d
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUSDnjuCQPJrSEFhB+yLjL3xoBrhAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRDg1QTIwMDAwMTEwLwYDVQQFEyg5N0U5QkRGNTk0
QUM3Njg3QkE0QTE2Q0E1QzE5MjMxMzVDREY3MTg2MB4XDTI2MDcwNjIxMjQwOFoX
DTI3MDcwNTIxMjkwOFowMzExMC8GA1UEAxMoMUM5NjUzRjAxQ0QxQ0M0Njg4RjJG
RDY4MkY0MzAxNzY1MEYzMkQyRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXnjZrRDKuXOPRE5kciEbRct4AJZM4qNktc3PVXTmvQPXLPqGFSOcoeejDU
YZkLm+IGz96QqF6W2BpA9NfzBi2jTIwhDCwT1y2ptZOj+qvNKoTkNNiOkfPg6k3E
x5PImuWK/Dy1GH3aGILR6BJ2PlkGDxO0wedVLgjk9rsvtLEpWHGEU6U076JC+3xw
OwQdLOIlLaWxQ8AOmpNO6Hsn3UA3tJ3KXD8WxAdMB0WsVxlU+8lx0E+Cu0fM7hb7
IXmICi66gK39debvIU008QVFxCcJeSbr6XcQcTqenys5ZrgxTpWRqGXeXeB9S+RU
f2GEIeYko/H3FZ3khP9xR2kZQdUCAwEAAaOCAjowggI2MB0GA1UdDgQWBBQcllPw
HNHMRojy/WgvQwF2UPMtLzAfBgNVHSMEGDAWgBSX6b31lKx2h7pKFspcGSMTXN9x
hjAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2
ODY2MTA4NGI4Ni8zLzk3RTlCREY1OTRBQzc2ODdCQTRBMTZDQTVDMTkyMzEzNUNE
RjcxODYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL2wtbTk5WlNzZG9lNlNoYktYQmtqRTF6ZmNZWS5jZXIwgaAGCCsG
AQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2ODY2MTA4NGI4
Ni8zLzM0MzMyZTMyMzQzNTJlMzQzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMz
MzYzMjMzMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAr9TEwDQYJKoZIhvcNAQELBQADggEBAHPKSvcw
ozW+rb6wu8i585j7qWhvOXEqmT6oZeLyn46n0rMimIBpkaTs8lPPrLFW1r1GKK0a
tUFlR9yAsY1l0oZlSKoKyizo2dxR5MWAj0zcqKR4NwqP0Ylg9//1EuCFZghhaI0n
Rta4CBe+W7n5YJZOpbJGL6EV01lDWbwfEcd36DW7lt43EDbvqQ6eHF78ZrPBqa4A
/72HrJPvz0HKpzSO2RrYQHrvaAb7m/lJ/W8ZJaOpgDp4fbSkWfKYR5Wbdj0bMFFl
h+c9EXnwlufaO+5d04ovmi8mcnHZq+AremJT8jQQpW533EB9OeYGibS8vNy+9F3X
0PdQdP4nYFd/uy0=
-----END CERTIFICATE-----
Generated at Tue Jul 7 11:49:21 2026 by rpki-client