Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS40676.roa
File:                     AS40676.roa (raw, json)
Hash identifier:          QqPl1Cy2Ct3N2LxzzJbZ+hiu56f5laiL729dQST1vbA=
Subject key identifier:   8F:FF:67:9A:8F:85:AC:B7:C4:7E:FF:2A:CE:9C:AE:FC:21:F0:85:2D
Certificate issuer:       /CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9
Certificate serial:       751944F0A2A304D8EC7CFF43AC232355686C7E32
Authority key identifier: AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS40676.roa
Signing time:             Tue 23 Jun 2026 19:14:16 +0000
ROA not before:           Tue 23 Jun 2026 19:09:16 +0000
ROA not after:            Tue 22 Jun 2027 19:14:16 +0000
asID:                     40676
IP address blocks:        104.234.134.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 02 Jul 2026 04:55:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:19:44:f0:a2:a3:04:d8:ec:7c:ff:43:ac:23:23:55:68:6c:7e:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9
        Validity
            Not Before: Jun 23 19:09:16 2026 GMT
            Not After : Jun 22 19:14:16 2027 GMT
        Subject: CN=8FFF679A8F85ACB7C47EFF2ACE9CAEFC21F0852D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:b9:18:54:33:99:9f:b6:73:86:c3:7a:dd:22:
                    b0:0c:9d:87:87:70:bc:01:70:64:5c:c5:5d:84:97:
                    ae:53:2e:60:e0:6f:3b:e0:af:92:6e:02:bc:31:9a:
                    6d:36:1d:f6:b1:8f:dc:aa:d1:c1:f3:6d:92:05:f7:
                    5b:9c:5d:86:eb:4a:d6:bc:3f:51:5c:ca:da:a7:39:
                    b6:35:3f:2b:57:96:3e:fe:65:86:ae:a1:62:ad:de:
                    8c:0f:a6:ec:43:d4:bd:d8:c8:9d:e6:2f:5b:77:ad:
                    e5:13:78:f5:6e:85:bc:50:20:74:4c:39:09:40:3c:
                    28:be:87:01:62:ad:7b:c8:3a:54:8f:92:24:95:9c:
                    7d:9b:8c:98:8e:37:3d:96:4d:e5:90:4d:7e:28:5e:
                    c2:4c:0b:9d:1c:ac:cb:1e:c1:b0:78:96:a1:11:9d:
                    59:28:a9:2d:67:79:12:1f:8e:c4:49:bf:61:38:a8:
                    b4:5a:08:6f:d5:68:f3:dd:28:0a:28:15:87:0c:91:
                    cc:e0:65:83:1d:44:93:6b:98:e0:7a:eb:b5:02:a6:
                    05:63:fd:6a:50:4e:00:81:0a:c2:16:86:2e:8b:d9:
                    5a:86:7c:85:be:9a:c4:b4:db:65:35:1d:85:b4:14:
                    cd:88:81:39:dd:cc:21:89:71:6a:b1:a6:d2:b2:90:
                    91:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:FF:67:9A:8F:85:AC:B7:C4:7E:FF:2A:CE:9C:AE:FC:21:F0:85:2D
            X509v3 Authority Key Identifier:
                keyid:AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS40676.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.234.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:11:4d:42:f7:70:d8:ae:74:9a:fd:e2:db:19:d0:95:15:7f:
         ee:95:3d:ac:77:03:f8:b8:be:f7:36:dc:7b:39:e6:43:a4:6b:
         5a:69:bc:1c:0b:54:55:9c:69:73:8c:cd:12:4f:07:75:16:1e:
         b7:41:61:1a:d6:ee:7c:23:13:35:ef:ba:e0:25:dd:7d:b5:ea:
         b2:ea:7a:cb:d7:f0:16:21:d3:7a:93:c3:c9:a8:05:71:d5:d6:
         0c:02:4c:32:77:82:14:e3:a5:7e:de:b8:4a:8f:1f:5c:e5:44:
         19:45:2d:2e:2f:6b:8c:24:27:90:23:f9:d8:54:26:a3:e8:a6:
         17:07:dc:05:6a:69:8b:ee:24:75:fe:54:ff:5e:f0:5b:d8:d1:
         7f:74:39:ff:e9:cc:2e:fd:3b:35:a8:16:0e:b4:78:dd:60:25:
         43:83:77:68:3b:50:ae:68:87:24:71:3a:28:5d:73:d5:87:92:
         32:b1:f2:1c:5e:e7:21:23:d2:84:1e:0e:a7:e3:ed:56:c0:54:
         60:e4:4f:f2:35:05:bd:b8:9e:e9:5b:a3:ca:de:91:d6:fe:3e:
         94:ed:25:bf:7f:e6:fb:99:a6:fb:e3:24:da:a0:40:1a:c4:62:
         5a:ff:1a:88:63:42:b5:ce:7b:a7:5a:8b:df:fe:41:5f:15:6d:
         6e:88:74:11
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIUdRlE8KKjBNjsfP9DrCMjVWhsfjIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNzJjYzFmZDI4ZDRhMDRjODQ3M2MzYWMwYjE5OTQwMjcw
Y2JiZjEyM2YzYzBiMWY3ZjkwHhcNMjYwNjIzMTkwOTE2WhcNMjcwNjIyMTkxNDE2
WjAzMTEwLwYDVQQDEyg4RkZGNjc5QThGODVBQ0I3QzQ3RUZGMkFDRTlDQUVGQzIx
RjA4NTJEMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17kYVDOZn7Zz
hsN63SKwDJ2Hh3C8AXBkXMVdhJeuUy5g4G874K+SbgK8MZptNh32sY/cqtHB822S
BfdbnF2G60rWvD9RXMrapzm2NT8rV5Y+/mWGrqFird6MD6bsQ9S92Mid5i9bd63l
E3j1boW8UCB0TDkJQDwovocBYq17yDpUj5IklZx9m4yYjjc9lk3lkE1+KF7CTAud
HKzLHsGweJahEZ1ZKKktZ3kSH47ESb9hOKi0Wghv1Wjz3SgKKBWHDJHM4GWDHUST
a5jgeuu1AqYFY/1qUE4AgQrCFoYui9lahnyFvprEtNtlNR2FtBTNiIE53cwhiXFq
sabSspCRPwIDAQABo4ICfjCCAnowHQYDVR0OBBYEFI//Z5qPhay3xH7/Ks6crvwh
8IUtMB8GA1UdIwQYMBaAFKtcr6lXBjNzOJPZHuSwWh8OzNBrMA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODU4N2ZhMjAwMTg1YzVjYjliY2IyYmFjLzAv
QUI1Q0FGQTk1NzA2MzM3MzM4OTNEOTFFRTRCMDVBMUYwRUNDRDA2Qi5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNzZmZTExZDQtZDM1Mi00OTk0LThmNmMtZDZjOTFi
MGI4NDE1LzNmNWUyZTViLWM3MzEtNGRiOC05Yjg3LWFmOWY4ZTU4YTFjNi83MmNj
MWZkMjhkNGEwNGM4NDczYzNhYzBiMTk5NDAyNzBjYmJmMTIzZjNjMGIxZjdmOS5j
ZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NTg3ZmEyMDAxODVjNWNiOWJj
YjJiYWMvMC9BUzQwNjc2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaOqGMA0GCSqGSIb3DQEBCwUAA4IB
AQB+EU1C93DYrnSa/eLbGdCVFX/ulT2sdwP4uL73Ntx7OeZDpGtaabwcC1RVnGlz
jM0STwd1Fh63QWEa1u58IxM177rgJd19teqy6nrL1/AWIdN6k8PJqAVx1dYMAkwy
d4IU46V+3rhKjx9c5UQZRS0uL2uMJCeQI/nYVCaj6KYXB9wFammL7iR1/lT/XvBb
2NF/dDn/6cwu/Ts1qBYOtHjdYCVDg3doO1CuaIckcTooXXPVh5IysfIcXuchI9KE
Hg6n4+1WwFRg5E/yNQW9uJ7pW6PK3pHW/j6U7SW/f+b7mab74yTaoEAaxGJa/xqI
Y0K1znunWovf/kFfFW1uiHQR
-----END CERTIFICATE-----
Generated at Wed Jul 1 13:51:48 2026 by rpki-client