Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/34332e3234352e35302e302f32342d3234203d3e203336323336.roa
File:                     34332e3234352e35302e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          fhJoGwKJtQAh6nQePpYhApstPv4mmVovwIfAAUYB91s=
Subject key identifier:   2E:BE:A9:84:58:0A:B9:41:97:BE:B1:B4:F4:38:34:59:5C:F4:22:6D
Certificate issuer:       /CN=A91D85A20000/serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
Certificate serial:       55F28D191C3969478248F03C0FCCCF33569BD6D9
Authority key identifier: 97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/34332e3234352e35302e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 06 Jul 2026 21:29:08 +0000
ROA not before:           Mon 06 Jul 2026 21:24:08 +0000
ROA not after:            Mon 05 Jul 2027 21:29:08 +0000
asID:                     36236
IP address blocks:        43.245.50.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 02:19:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:f2:8d:19:1c:39:69:47:82:48:f0:3c:0f:cc:cf:33:56:9b:d6:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D85A20000, serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
        Validity
            Not Before: Jul  6 21:24:08 2026 GMT
            Not After : Jul  5 21:29:08 2027 GMT
        Subject: CN=2EBEA984580AB94197BEB1B4F43834595CF4226D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:a7:fc:30:9c:8b:9f:f9:4d:bf:52:31:00:8c:
                    5f:b1:d9:6f:f9:5a:29:f6:39:05:4f:ee:ae:d2:82:
                    b5:16:f8:5c:27:74:3c:af:4b:d0:bb:1f:68:6d:6a:
                    64:fc:2f:42:7b:b3:8a:b2:24:d4:33:a2:59:6b:e2:
                    a1:14:f0:bb:3b:f3:fb:35:50:dd:6b:b2:ca:2d:04:
                    68:7d:f4:c2:fc:c7:03:91:3b:f0:7a:c8:61:03:2b:
                    46:1f:14:b6:6d:3e:2a:a1:f6:27:15:c4:b3:0d:ea:
                    88:1c:43:bf:dd:36:99:d6:cd:8e:c9:ea:18:35:6b:
                    af:f1:ee:b5:f0:17:7f:08:14:2a:17:d8:43:c5:72:
                    2d:8f:69:9a:52:81:86:3f:a2:4f:49:b6:36:49:ac:
                    88:6e:24:b6:e0:25:f4:2d:3a:16:11:45:44:0c:ea:
                    42:e6:f1:da:f4:26:c1:a5:1d:17:b9:36:9e:80:96:
                    b4:09:eb:65:5f:77:11:6b:99:97:e3:f9:51:fe:c2:
                    66:ef:f9:13:09:bc:eb:12:fc:33:0c:3e:ee:2f:fc:
                    80:56:ca:ad:ea:fd:87:64:53:42:5c:1b:30:d5:aa:
                    fa:37:e2:c6:47:c6:46:ee:b9:50:c1:fd:ca:d7:44:
                    f5:2d:bc:bf:e6:19:3a:58:84:6b:3d:30:7d:8b:da:
                    43:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:BE:A9:84:58:0A:B9:41:97:BE:B1:B4:F4:38:34:59:5C:F4:22:6D
            X509v3 Authority Key Identifier:
                keyid:97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/34332e3234352e35302e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.245.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:1f:52:84:f2:a4:fa:dc:c0:bd:d1:c4:98:d1:70:5d:21:7f:
         7d:47:e5:89:b1:c1:29:ff:11:7b:35:bc:60:15:6f:d4:ce:fe:
         ed:26:7e:f0:17:34:81:0f:42:67:a5:f4:08:33:73:af:4a:7d:
         d6:a8:fc:82:ed:50:8a:e5:06:75:8e:db:2b:25:74:67:ac:75:
         5f:e3:c9:3f:1c:58:a4:e1:22:e5:16:91:50:21:2d:42:de:2f:
         ec:6e:c4:d3:48:d4:b3:d7:c5:b7:05:48:c1:94:a5:16:4a:ae:
         a0:a1:99:fc:b6:39:b6:20:b9:c2:0f:86:fe:29:27:19:98:29:
         c9:95:e5:5a:c1:04:01:9c:5f:9e:d4:ca:c9:14:53:26:d8:7b:
         a9:6c:de:3f:e7:5c:a0:3b:72:f7:d2:70:0e:b7:0d:c7:fd:da:
         97:78:98:26:26:6b:d4:2c:58:f7:5c:e5:a4:f8:7f:bc:f3:df:
         8e:16:34:9c:3b:87:41:9f:4b:1c:f4:0a:aa:59:96:c1:02:a2:
         5f:9f:3c:a9:4e:f9:8c:9e:a1:11:30:e2:cc:50:a4:8a:d7:ed:
         df:34:d8:08:5e:4e:95:d0:d1:11:71:cb:95:4b:67:16:de:d5:
         28:00:6c:a5:82:56:fc:64:1c:fc:1b:9d:02:19:75:62:6a:d7:
         92:fc:56:d4
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUVfKNGRw5aUeCSPA8D8zPM1ab1tkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRDg1QTIwMDAwMTEwLwYDVQQFEyg5N0U5QkRGNTk0
QUM3Njg3QkE0QTE2Q0E1QzE5MjMxMzVDREY3MTg2MB4XDTI2MDcwNjIxMjQwOFoX
DTI3MDcwNTIxMjkwOFowMzExMC8GA1UEAxMoMkVCRUE5ODQ1ODBBQjk0MTk3QkVC
MUI0RjQzODM0NTk1Q0Y0MjI2RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSn/DCci5/5Tb9SMQCMX7HZb/laKfY5BU/urtKCtRb4XCd0PK9L0LsfaG1q
ZPwvQnuzirIk1DOiWWvioRTwuzvz+zVQ3Wuyyi0EaH30wvzHA5E78HrIYQMrRh8U
tm0+KqH2JxXEsw3qiBxDv902mdbNjsnqGDVrr/HutfAXfwgUKhfYQ8VyLY9pmlKB
hj+iT0m2NkmsiG4ktuAl9C06FhFFRAzqQubx2vQmwaUdF7k2noCWtAnrZV93EWuZ
l+P5Uf7CZu/5Ewm86xL8Mww+7i/8gFbKrer9h2RTQlwbMNWq+jfixkfGRu65UMH9
ytdE9S28v+YZOliEaz0wfYvaQ7sCAwEAAaOCAjowggI2MB0GA1UdDgQWBBQuvqmE
WAq5QZe+sbT0ODRZXPQibTAfBgNVHSMEGDAWgBSX6b31lKx2h7pKFspcGSMTXN9x
hjAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2
ODY2MTA4NGI4Ni8zLzk3RTlCREY1OTRBQzc2ODdCQTRBMTZDQTVDMTkyMzEzNUNE
RjcxODYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL2wtbTk5WlNzZG9lNlNoYktYQmtqRTF6ZmNZWS5jZXIwgaAGCCsG
AQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2ODY2MTA4NGI4
Ni8zLzM0MzMyZTMyMzQzNTJlMzUzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMz
MzYzMjMzMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAr9TIwDQYJKoZIhvcNAQELBQADggEBAE4fUoTy
pPrcwL3RxJjRcF0hf31H5YmxwSn/EXs1vGAVb9TO/u0mfvAXNIEPQmel9Agzc69K
fdao/ILtUIrlBnWO2ysldGesdV/jyT8cWKThIuUWkVAhLULeL+xuxNNI1LPXxbcF
SMGUpRZKrqChmfy2ObYgucIPhv4pJxmYKcmV5VrBBAGcX57UyskUUybYe6ls3j/n
XKA7cvfScA63Dcf92pd4mCYma9QsWPdc5aT4f7zz344WNJw7h0GfSxz0CqpZlsEC
ol+fPKlO+YyeoREw4sxQpIrX7d802AheTpXQ0RFxy5VLZxbe1SgAbKWCVvxkHPwb
nQIZdWJq15L8VtQ=
-----END CERTIFICATE-----
Generated at Tue Jul 7 11:49:12 2026 by rpki-client