Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS7018.roa
File:                     AS7018.roa (raw, json)
Hash identifier:          /fHYUgQJo8NHEC4pvB82Z1Csl9UcOR6Q9XXitK5S3+w=
Subject key identifier:   2D:C8:3F:19:F6:A6:03:1E:A8:0D:1F:C5:17:ED:F3:CA:32:37:5B:BF
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       45093C1A5C8A932682B8A8B533767D6A45A5942E
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS7018.roa
Signing time:             Thu 03 Jul 2025 15:52:12 +0000
ROA not before:           Thu 03 Jul 2025 15:47:12 +0000
ROA not after:            Thu 02 Jul 2026 15:52:12 +0000
asID:                     7018
IP address blocks:        2a06:9f45::/32 maxlen: 48
                          2a06:9f46::/32 maxlen: 48
                          2a06:a005:3070::/44 maxlen: 48
                          2a0d:d903::/32 maxlen: 48
                          2a0d:d906::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:09:3c:1a:5c:8a:93:26:82:b8:a8:b5:33:76:7d:6a:45:a5:94:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jul  3 15:47:12 2025 GMT
            Not After : Jul  2 15:52:12 2026 GMT
        Subject: CN=2DC83F19F6A6031EA80D1FC517EDF3CA32375BBF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:2f:51:58:b6:e2:74:97:67:79:12:61:d5:af:
                    c7:e2:15:30:35:8a:81:e7:c8:aa:95:17:9b:0d:2c:
                    9e:58:e2:04:9f:4b:b7:49:bc:24:90:d1:a6:28:55:
                    fb:a1:1e:f6:ab:78:fc:73:ce:e5:74:92:ce:e6:ec:
                    38:ff:ba:e4:e4:35:f4:84:9e:94:93:30:f1:7c:75:
                    07:fb:fc:b3:a9:51:3a:36:d3:90:9c:89:7a:a3:1f:
                    0e:01:e8:f9:5d:6a:c1:b4:b2:a6:d5:cb:19:6d:4a:
                    f5:39:99:db:ea:d9:2a:c5:f8:37:20:f0:3c:a2:5d:
                    e5:71:c3:e3:6f:11:1f:6a:4d:7b:cf:60:7b:3d:5b:
                    89:9c:ee:77:d4:ed:76:e7:6b:c0:a9:68:26:f6:3f:
                    2d:11:f0:45:80:a6:e9:da:d3:36:ad:b5:ca:b5:5d:
                    75:46:fa:82:d4:e3:c1:d1:bf:10:0f:fd:1d:ab:df:
                    64:30:02:86:8d:b7:46:43:66:3a:84:31:8c:48:ed:
                    50:2f:58:4d:df:ea:c4:f5:44:a3:17:b6:83:94:8d:
                    7f:7a:11:8a:93:4a:9a:f3:29:84:b9:b1:82:77:ef:
                    42:56:91:c1:ac:b4:dd:6f:18:f3:2b:f9:99:f0:c5:
                    72:09:e8:b4:87:16:3f:04:2d:c3:e4:0d:93:15:47:
                    76:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:C8:3F:19:F6:A6:03:1E:A8:0D:1F:C5:17:ED:F3:CA:32:37:5B:BF
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS7018.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:9f45::-2a06:9f46:ffff:ffff:ffff:ffff:ffff:ffff
                  2a06:a005:3070::/44
                  2a0d:d903::/32
                  2a0d:d906::/32

    Signature Algorithm: sha256WithRSAEncryption
         9a:74:2b:36:8a:df:77:4f:95:9e:fe:1c:36:1e:79:9b:ab:37:
         79:a5:79:0c:4d:3c:06:4e:ca:7d:da:ae:87:24:52:a3:b0:f4:
         86:9e:3b:e4:1b:9c:5b:b2:fa:a6:43:d5:bc:ff:8e:7c:b7:c4:
         50:a6:5d:b0:37:ed:bb:62:e1:e3:28:67:b1:89:fa:f6:d1:57:
         73:4f:b9:b3:3b:7f:60:9f:e3:e4:7b:a9:cb:3f:cd:06:6e:d8:
         04:c4:82:53:8f:62:ec:bd:6a:e4:db:f7:34:b8:e1:a4:0c:b5:
         a4:8d:7e:8a:5a:72:ba:16:17:39:03:30:43:c1:1d:68:48:0b:
         a0:f3:ad:92:9c:58:ec:dd:cb:9b:f2:b3:82:68:c1:2c:ab:80:
         70:d2:4c:d1:13:3a:ee:01:74:a0:0e:30:45:47:f7:2f:46:02:
         b2:af:54:07:60:cd:93:8d:50:43:bd:ee:2f:23:33:f1:39:9e:
         eb:a6:7c:5a:2f:a6:78:63:24:3a:8e:88:76:83:80:d3:37:29:
         0e:33:5e:ab:d8:0e:34:47:bf:53:41:f0:79:2b:b1:ae:55:b9:
         24:59:c0:ec:1c:45:d6:0d:82:89:ed:95:b7:be:a5:12:dd:fd:
         ca:b7:3f:a8:70:2b:a3:f2:ce:18:77:0f:01:d1:84:06:71:f0:
         96:15:5a:51
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIURQk8GlyKkyaCuKi1M3Z9akWllC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MTJaFw0yNjA3MDIxNTUyMTJaMDMxMTAvBgNV
BAMTKDJEQzgzRjE5RjZBNjAzMUVBODBEMUZDNTE3RURGM0NBMzIzNzVCQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmL1FYtuJ0l2d5EmHVr8fiFTA1
ioHnyKqVF5sNLJ5Y4gSfS7dJvCSQ0aYoVfuhHvarePxzzuV0ks7m7Dj/uuTkNfSE
npSTMPF8dQf7/LOpUTo205CciXqjHw4B6PldasG0sqbVyxltSvU5mdvq2SrF+Dcg
8DyiXeVxw+NvER9qTXvPYHs9W4mc7nfU7Xbna8CpaCb2Py0R8EWApuna0zattcq1
XXVG+oLU48HRvxAP/R2r32QwAoaNt0ZDZjqEMYxI7VAvWE3f6sT1RKMXtoOUjX96
EYqTSprzKYS5sYJ370JWkcGstN1vGPMr+ZnwxXIJ6LSHFj8ELcPkDZMVR3YrAgMB
AAGjggIOMIICCjAdBgNVHQ4EFgQULcg/GfamAx6oDR/FF+3zyjI3W78wHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBuBggrBgEF
BQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
NzAxOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB
/wQxMC8wLQQCAAIwJzAOAwUAKgafRQMFACoGn0YDBwQqBqAFMHADBQAqDdkDAwUA
Kg3ZBjANBgkqhkiG9w0BAQsFAAOCAQEAmnQrNorfd0+Vnv4cNh55m6s3eaV5DE08
Bk7KfdquhyRSo7D0hp475BucW7L6pkPVvP+OfLfEUKZdsDftu2Lh4yhnsYn69tFX
c0+5szt/YJ/j5Hupyz/NBm7YBMSCU49i7L1q5Nv3NLjhpAy1pI1+ilpyuhYXOQMw
Q8EdaEgLoPOtkpxY7N3Lm/KzgmjBLKuAcNJM0RM67gF0oA4wRUf3L0YCsq9UB2DN
k41QQ73uLyMz8Tme66Z8Wi+meGMkOo6IdoOA0zcpDjNeq9gONEe/U0HweSuxrlW5
JFnA7BxF1g2Cie2Vt76lEt39yrc/qHAro/LOGHcPAdGEBnHwlhVaUQ==
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:09:59 2025 by rpki-client