Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS60326.roa
File:                     AS60326.roa (raw, json)
Hash identifier:          fa1Zgmxpw75qD/V/ZTtzLFYQxmmf8KTzVwqnMPeBU18=
Subject key identifier:   A9:5A:88:87:50:7A:30:BC:63:C9:DE:80:D9:31:58:6D:5F:0E:1F:3F
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       4F2D55AA75E8819CF35668C04D2829A62D2389C9
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS60326.roa
Signing time:             Thu 03 Jul 2025 15:52:01 +0000
ROA not before:           Thu 03 Jul 2025 15:47:01 +0000
ROA not after:            Thu 02 Jul 2026 15:52:01 +0000
asID:                     60326
IP address blocks:        2a06:a005:8f0::/44 maxlen: 48
                          2a06:a005:1060::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:2d:55:aa:75:e8:81:9c:f3:56:68:c0:4d:28:29:a6:2d:23:89:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jul  3 15:47:01 2025 GMT
            Not After : Jul  2 15:52:01 2026 GMT
        Subject: CN=A95A8887507A30BC63C9DE80D931586D5F0E1F3F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:ff:d8:aa:90:ed:77:c7:4b:bd:83:ff:e5:2b:
                    39:39:96:fc:77:08:1b:47:55:7c:56:66:71:07:e6:
                    81:bc:f7:77:47:10:6d:66:9d:b3:b9:d2:2f:29:b7:
                    a2:88:92:e5:13:5a:b5:9f:44:a6:2b:54:97:5e:d4:
                    42:01:43:ce:4c:5a:ef:17:b6:99:6f:89:f4:89:b6:
                    30:ea:30:7e:f0:aa:78:31:d6:e1:f5:0e:08:e7:c8:
                    f5:9f:df:96:b8:9a:8a:c0:06:d2:c9:bc:fb:43:d6:
                    6d:17:b6:c7:c5:f0:83:0a:fb:43:69:93:1e:41:dd:
                    07:9f:fb:87:90:ea:38:f0:63:e1:45:e1:34:66:c1:
                    96:c5:1b:7f:3a:2d:81:4f:65:c8:44:1d:ce:48:99:
                    aa:2b:77:1f:e3:e0:b6:1b:e6:67:ec:94:b2:28:71:
                    f4:b3:8d:ff:cd:85:a6:d9:36:a7:b2:2c:95:75:a5:
                    bb:87:4a:42:6e:64:9d:12:0d:b2:e9:7b:1a:05:15:
                    fa:a1:71:a9:87:80:b0:9f:fa:29:6d:25:d1:95:6c:
                    06:bc:8e:d9:d4:4c:12:13:d7:4f:7f:81:e7:d0:aa:
                    13:93:f5:48:f9:36:fe:81:2c:39:c3:be:37:15:98:
                    66:13:1d:7a:c0:a8:f1:8a:f7:7f:0a:27:f6:aa:0f:
                    b6:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:5A:88:87:50:7A:30:BC:63:C9:DE:80:D9:31:58:6D:5F:0E:1F:3F
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS60326.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:8f0::/44
                  2a06:a005:1060::/44

    Signature Algorithm: sha256WithRSAEncryption
         3a:24:4a:69:bd:29:0e:aa:f2:a9:69:3c:d3:b3:a9:5e:36:5a:
         ae:0b:c4:d7:ec:48:06:2f:b5:14:54:da:ce:67:e2:8e:f0:a8:
         f7:d4:43:a9:74:20:9d:02:9b:4a:e4:26:29:6f:09:e6:01:2b:
         7b:07:5b:e1:11:48:ca:64:87:c1:76:f9:f5:57:57:b3:6d:d4:
         d3:14:45:d9:35:50:06:83:e5:15:85:02:ea:82:56:87:70:d7:
         2f:6a:20:74:bc:c3:51:be:3a:01:f7:4c:f2:b2:9e:d7:f4:9f:
         cb:eb:39:7d:02:91:77:1d:c4:6d:89:fe:7f:2f:1c:4f:b2:2e:
         9b:26:7d:8c:10:54:f9:51:d7:9c:92:b9:9c:d9:c9:3d:db:34:
         8e:14:0b:63:54:31:0a:74:f5:10:6e:18:aa:21:8a:61:02:8a:
         d3:77:f7:26:4e:fe:4e:b6:94:da:ad:c2:3f:f5:7d:8a:71:9b:
         77:0f:95:5c:a9:ec:ad:f7:7f:6f:b3:87:95:bd:82:88:6e:a1:
         cf:1d:7a:82:fa:63:45:09:9b:fb:68:d7:b4:06:10:0c:32:1d:
         8c:13:27:45:66:e1:9a:79:e6:a8:0e:42:5b:4d:d8:92:e2:08:
         0c:30:a9:6b:ab:4c:84:4e:6f:fb:2b:9d:7d:46:ce:dd:4f:f2:
         90:b9:11:0f
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIUTy1VqnXogZzzVmjATSgppi0jickwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MDFaFw0yNjA3MDIxNTUyMDFaMDMxMTAvBgNV
BAMTKEE5NUE4ODg3NTA3QTMwQkM2M0M5REU4MEQ5MzE1ODZENUYwRTFGM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDj/9iqkO13x0u9g//lKzk5lvx3
CBtHVXxWZnEH5oG893dHEG1mnbO50i8pt6KIkuUTWrWfRKYrVJde1EIBQ85MWu8X
tplvifSJtjDqMH7wqngx1uH1DgjnyPWf35a4morABtLJvPtD1m0XtsfF8IMK+0Np
kx5B3Qef+4eQ6jjwY+FF4TRmwZbFG386LYFPZchEHc5Imaordx/j4LYb5mfslLIo
cfSzjf/NhabZNqeyLJV1pbuHSkJuZJ0SDbLpexoFFfqhcamHgLCf+iltJdGVbAa8
jtnUTBIT109/gefQqhOT9Uj5Nv6BLDnDvjcVmGYTHXrAqPGK938KJ/aqD7ZxAgMB
AAGjggH6MIIB9jAdBgNVHQ4EFgQUqVqIh1B6MLxjyd6A2TFYbV8OHz8wHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
NjAzMjYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcB
Af8EHDAaMBgEAgACMBIDBwQqBqAFCPADBwQqBqAFEGAwDQYJKoZIhvcNAQELBQAD
ggEBADokSmm9KQ6q8qlpPNOzqV42Wq4LxNfsSAYvtRRU2s5n4o7wqPfUQ6l0IJ0C
m0rkJilvCeYBK3sHW+ERSMpkh8F2+fVXV7Nt1NMURdk1UAaD5RWFAuqCVodw1y9q
IHS8w1G+OgH3TPKyntf0n8vrOX0CkXcdxG2J/n8vHE+yLpsmfYwQVPlR15ySuZzZ
yT3bNI4UC2NUMQp09RBuGKohimECitN39yZO/k62lNqtwj/1fYpxm3cPlVyp7K33
f2+zh5W9gohuoc8deoL6Y0UJm/to17QGEAwyHYwTJ0Vm4Zp55qgOQltN2JLiCAww
qWurTIROb/srnX1Gzt1P8pC5EQ8=
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:09:59 2025 by rpki-client