Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/bad5af20-8385-44d4-815f-bb83497d4a0e/8db1943e-17fa-375d-aa4b-b018e52e3c40.roa
File:                     8db1943e-17fa-375d-aa4b-b018e52e3c40.roa (raw, json)
Hash identifier:          E0joBvTUF5tmyl36ovY4W5bnVSk2Rt1FgS5a0ufyAQk=
Subject key identifier:   DC:AF:65:FF:28:D2:AC:F2:A4:90:F4:AA:8C:37:60:B9:05:8C:2A:32
Certificate issuer:       /CN=bad5af20-8385-44d4-815f-bb83497d4a0e
Certificate serial:       010D0C9F4328584CEA5CDA504C9203543CB3C080
Authority key identifier: 11:AA:70:F3:04:50:A3:AC:82:39:73:14:B6:AD:D6:35:D1:DD:39:94
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/bad5af20-8385-44d4-815f-bb83497d4a0e.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/bad5af20-8385-44d4-815f-bb83497d4a0e/8db1943e-17fa-375d-aa4b-b018e52e3c40.roa
Signing time:             Thu 19 Feb 2026 14:00:40 +0000
ROA not before:           Thu 19 Feb 2026 14:00:40 +0000
ROA not after:            Wed 20 May 2026 13:00:40 +0000
asID:                     21777
IP address blocks:        199.45.152.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:4c:ea:5c:da:50:4c:92:03:54:3c:b3:c0:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bad5af20-8385-44d4-815f-bb83497d4a0e
        Validity
            Not Before: Feb 19 14:00:40 2026 GMT
            Not After : May 20 13:00:40 2026 GMT
        Subject: CN=e4f07b11-f11d-4869-9441-6b004b2e8baa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:3f:4e:8c:db:0b:3e:60:6a:1a:1f:42:3f:3f:
                    01:fa:69:0d:a8:25:ad:25:c5:cf:95:dc:0d:64:bb:
                    bc:a7:04:85:b6:32:90:7d:1a:60:80:5e:28:1e:ee:
                    1b:46:0c:6a:b0:33:c1:5e:71:d4:ee:d1:be:42:cb:
                    df:b6:6e:c9:e6:00:37:93:38:20:2d:c5:9d:69:15:
                    67:57:f7:25:91:79:9c:6d:da:3a:77:e7:f5:9a:b4:
                    6b:35:44:11:56:74:86:c5:4e:ed:73:2f:8c:e7:85:
                    15:3d:54:a9:a7:2b:db:4a:8d:4b:ca:cd:bd:aa:81:
                    8c:8c:46:7f:35:1e:94:06:ba:ee:20:1b:f7:fc:4e:
                    de:83:51:85:92:ed:1c:97:bf:af:29:69:22:10:1d:
                    84:3c:57:a6:04:3b:e9:1f:dd:ce:4d:75:50:3f:6a:
                    7d:93:00:59:fe:7d:3c:52:a1:ce:57:7b:7d:66:3f:
                    35:d1:fa:dc:d3:b5:11:54:8a:78:cf:ed:17:f1:4e:
                    23:67:7a:2d:16:58:c0:e6:7b:03:72:b2:c0:13:3b:
                    7e:dc:9b:b3:f5:72:32:b2:89:39:b1:88:bd:fb:4f:
                    cd:36:a6:5e:73:9e:ab:db:58:7e:6c:41:31:5e:51:
                    25:22:5c:c4:56:46:6c:72:eb:1c:94:68:1a:f7:4f:
                    71:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:AF:65:FF:28:D2:AC:F2:A4:90:F4:AA:8C:37:60:B9:05:8C:2A:32
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/bad5af20-8385-44d4-815f-bb83497d4a0e/8db1943e-17fa-375d-aa4b-b018e52e3c40.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/bad5af20-8385-44d4-815f-bb83497d4a0e/bad5af20-8385-44d4-815f-bb83497d4a0e.crl

            X509v3 Authority Key Identifier:
                keyid:11:AA:70:F3:04:50:A3:AC:82:39:73:14:B6:AD:D6:35:D1:DD:39:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/bad5af20-8385-44d4-815f-bb83497d4a0e.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.45.152.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         2c:25:1c:f9:af:8f:77:fa:bc:12:0f:19:2b:8a:ff:e4:a4:22:
         0d:50:af:4b:b8:bd:d6:f8:05:62:71:d8:ec:41:9a:06:3e:6b:
         7d:2f:05:d2:ac:9a:b1:47:6c:c6:0a:d7:7d:9c:38:eb:c4:48:
         5c:9c:40:48:e0:4b:ab:5a:1a:ec:b0:e1:7f:d4:04:bf:e7:d2:
         77:ab:f1:66:61:a0:9e:2b:50:f5:70:14:2c:3e:c0:83:2a:e4:
         11:7e:b2:f9:92:a3:1b:fb:1b:ee:62:4b:e3:62:17:52:5f:e4:
         c4:fa:ae:78:dc:07:d8:79:6b:34:51:49:0e:3e:e0:db:80:4e:
         e7:f0:93:e8:72:b6:ee:58:05:47:32:a5:7e:ea:b4:a3:28:aa:
         8e:66:89:cf:d0:31:48:0a:8f:89:78:5e:48:83:52:fd:1f:79:
         7a:0b:c8:2d:7e:e4:0f:a1:75:a3:3a:42:c8:fa:71:1b:53:f7:
         c8:88:25:79:5f:6b:37:74:b0:91:c3:4e:ef:48:fa:74:a3:92:
         17:6c:34:0d:fd:5c:bc:15:06:54:f5:1e:ae:06:8a:4b:3f:eb:
         3b:57:bb:72:b3:d6:a5:d2:63:34:5d:e6:68:70:a6:27:07:d8:
         46:d0:00:ec:c5:da:e3:b4:f4:b2:ac:09:9b:f6:eb:50:c4:ed:
         89:67:2f:1a
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEzqXNpQTJIDVDyzwIAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYmFkNWFmMjAtODM4NS00NGQ0LTgxNWYtYmI4MzQ5N2Q0
YTBlMB4XDTI2MDIxOTE0MDA0MFoXDTI2MDUyMDEzMDA0MFowLzEtMCsGA1UEAxMk
ZTRmMDdiMTEtZjExZC00ODY5LTk0NDEtNmIwMDRiMmU4YmFhMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjD9OjNsLPmBqGh9CPz8B+mkNqCWtJcXPldwN
ZLu8pwSFtjKQfRpggF4oHu4bRgxqsDPBXnHU7tG+Qsvftm7J5gA3kzggLcWdaRVn
V/clkXmcbdo6d+f1mrRrNUQRVnSGxU7tcy+M54UVPVSppyvbSo1Lys29qoGMjEZ/
NR6UBrruIBv3/E7eg1GFku0cl7+vKWkiEB2EPFemBDvpH93OTXVQP2p9kwBZ/n08
UqHOV3t9Zj810frc07URVIp4z+0X8U4jZ3otFljA5nsDcrLAEzt+3Juz9XIysok5
sYi9+0/NNqZec56r21h+bEExXlElIlzEVkZscusclGga909xRQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFNyvZf8o0qzypJD0qow3YLkFjCoyMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9iYWQ1
YWYyMC04Mzg1LTQ0ZDQtODE1Zi1iYjgzNDk3ZDRhMGUvOGRiMTk0M2UtMTdmYS0z
NzVkLWFhNGItYjAxOGU1MmUzYzQwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8wMzU3MjcyYy1h
NzlhLTQ1YmYtOTU4Ni05MmRkNDllZjMyMjMvYmFkNWFmMjAtODM4NS00NGQ0LTgx
NWYtYmI4MzQ5N2Q0YTBlL2JhZDVhZjIwLTgzODUtNDRkNC04MTVmLWJiODM0OTdk
NGEwZS5jcmwwHwYDVR0jBBgwFoAUEapw8wRQo6yCOXMUtq3WNdHdOZQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEtNDVi
Zi05NTg2LTkyZGQ0OWVmMzIyMy9iYWQ1YWYyMC04Mzg1LTQ0ZDQtODE1Zi1iYjgz
NDk3ZDRhMGUuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAxy2YMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBACwlHPmvj3f6vBIPGSuK/+SkIg1Qr0u4vdb4BWJx2OxBmgY+a30vBdKs
mrFHbMYK132cOOvESFycQEjgS6taGuyw4X/UBL/n0ner8WZhoJ4rUPVwFCw+wIMq
5BF+svmSoxv7G+5iS+NiF1Jf5MT6rnjcB9h5azRRSQ4+4NuATufwk+hytu5YBUcy
pX7qtKMoqo5mic/QMUgKj4l4XkiDUv0feXoLyC1+5A+hdaM6Qsj6cRtT98iIJXlf
azd0sJHDTu9I+nSjkhdsNA39XLwVBlT1Hq4Giks/6ztXu3Kz1qXSYzRd5mhwpicH
2EbQAOzF2uO09LKsCZv261DE7YlnLxo=
-----END CERTIFICATE-----
Generated at Thu Mar 5 03:37:12 2026 by rpki-client