Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/0d6bb559-168b-45eb-91f1-f7988760221d/433a87db-3abb-3463-985c-6b6a6686327f.roa
File:                     433a87db-3abb-3463-985c-6b6a6686327f.roa (raw, json)
Hash identifier:          QSx9TBhGPAUrFyT/yIOxZ+lx7g2Q7mhi2y+wjDu8I/M=
Subject key identifier:   1D:96:AC:63:FC:FF:C1:B8:F2:91:C2:7A:9E:06:7C:C4:07:07:7C:1D
Certificate issuer:       /CN=0d6bb559-168b-45eb-91f1-f7988760221d
Certificate serial:       010D0C9F4328584E508491426B382512E8046500
Authority key identifier: 76:05:63:64:2B:D7:BC:2E:F9:39:65:1E:FB:00:AE:3F:EC:07:CD:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/0d6bb559-168b-45eb-91f1-f7988760221d.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/0d6bb559-168b-45eb-91f1-f7988760221d/433a87db-3abb-3463-985c-6b6a6686327f.roa
Signing time:             Sat 27 Jun 2026 21:00:12 +0000
ROA not before:           Sat 27 Jun 2026 21:00:12 +0000
ROA not after:            Fri 25 Sep 2026 21:00:12 +0000
asID:                     46437
IP address blocks:        74.118.112.0/21 maxlen: 24
                          162.210.16.0/22 maxlen: 24
                          162.252.224.0/22 maxlen: 24
                          172.96.152.0/21 maxlen: 24
                          192.96.44.0/24 maxlen: 24
                          198.135.182.0/23 maxlen: 24
                          199.85.63.0/24 maxlen: 24
                          208.80.140.0/22 maxlen: 24
                          208.91.88.0/23 maxlen: 24
                          208.91.92.0/22 maxlen: 24
                          208.95.136.0/21 maxlen: 24
                          216.120.152.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/0d6bb559-168b-45eb-91f1-f7988760221d/0d6bb559-168b-45eb-91f1-f7988760221d.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/0d6bb559-168b-45eb-91f1-f7988760221d/0d6bb559-168b-45eb-91f1-f7988760221d.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/0d6bb559-168b-45eb-91f1-f7988760221d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 10 Jul 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:4e:50:84:91:42:6b:38:25:12:e8:04:65:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d6bb559-168b-45eb-91f1-f7988760221d
        Validity
            Not Before: Jun 27 21:00:12 2026 GMT
            Not After : Sep 25 21:00:12 2026 GMT
        Subject: CN=3edcd677-0acd-4201-8ff3-3b32c16df417
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:fb:94:9d:56:61:92:5c:b9:dd:84:24:c8:0f:
                    be:f7:a3:05:c2:d8:f5:6e:f1:81:c5:19:76:85:91:
                    20:88:bd:eb:2e:cb:fd:95:0d:dd:a8:4a:12:4f:28:
                    0b:bf:c3:cf:99:0e:a8:e1:56:5d:94:90:1d:55:d4:
                    87:fb:4e:d9:47:e4:86:46:d6:7d:17:48:de:02:cf:
                    6a:9e:99:e1:6f:d7:81:28:4f:96:7a:ef:ab:87:fc:
                    65:c3:e3:08:04:8f:54:b4:cd:7d:49:16:0b:b5:50:
                    52:f5:39:51:f1:16:b6:4a:62:49:2f:a9:8a:7b:bb:
                    6d:a6:24:c4:53:b5:5c:04:c2:96:da:40:f4:dc:fc:
                    37:7f:55:ae:8f:5f:48:f9:bb:45:4d:6e:e5:44:ba:
                    b6:4e:ab:17:14:be:04:b5:bc:cb:9e:6e:e2:2a:ea:
                    b7:28:8f:87:b2:e1:75:0a:03:3e:ba:90:89:f6:84:
                    b9:5a:e4:48:9d:59:75:37:f5:65:3e:20:49:d4:24:
                    6e:fb:2c:4a:11:62:d6:48:e7:17:8a:fe:34:ef:d3:
                    64:06:e7:40:07:e0:c2:c6:c2:5d:5e:46:78:f5:f2:
                    44:5a:4a:44:1b:74:7d:8c:6a:48:2d:53:6e:0a:6f:
                    33:77:af:10:97:db:c1:9d:51:b3:07:46:86:00:01:
                    e1:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:96:AC:63:FC:FF:C1:B8:F2:91:C2:7A:9E:06:7C:C4:07:07:7C:1D
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/0d6bb559-168b-45eb-91f1-f7988760221d/433a87db-3abb-3463-985c-6b6a6686327f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/0d6bb559-168b-45eb-91f1-f7988760221d/0d6bb559-168b-45eb-91f1-f7988760221d.crl

            X509v3 Authority Key Identifier:
                keyid:76:05:63:64:2B:D7:BC:2E:F9:39:65:1E:FB:00:AE:3F:EC:07:CD:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/0d6bb559-168b-45eb-91f1-f7988760221d.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  74.118.112.0/21
                  162.210.16.0/22
                  162.252.224.0/22
                  172.96.152.0/21
                  192.96.44.0/24
                  198.135.182.0/23
                  199.85.63.0/24
                  208.80.140.0/22
                  208.91.88.0/23
                  208.91.92.0/22
                  208.95.136.0/21
                  216.120.152.0/22

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         2b:23:11:4f:9e:92:cc:d1:e7:cd:aa:5b:1e:1b:f9:ab:c1:59:
         d0:e1:9e:2a:7e:77:fb:5a:d9:fb:24:98:fb:d4:f9:e1:01:34:
         a0:1a:b7:bd:4a:78:29:c4:cf:c7:ca:6e:f6:03:c7:87:58:c4:
         2a:17:d2:93:dc:ff:cd:23:e5:3b:fc:2a:e5:d6:dd:06:2c:7f:
         13:1a:d2:fb:72:54:cf:b4:6b:df:f4:69:d3:97:57:a0:bb:06:
         c7:2a:88:7f:79:e0:7c:39:ef:70:b5:d9:f5:b5:67:8b:f5:26:
         a8:d7:5b:f6:7d:16:1d:ee:2d:01:05:4e:89:e7:25:c2:08:74:
         ae:3c:9c:e8:b1:b1:44:d3:e9:ca:98:5a:e7:91:f3:5f:fc:37:
         3c:ce:3c:82:be:8d:32:f5:39:3d:f2:43:0d:d0:ae:ce:ac:7e:
         9b:67:c0:9d:0f:92:22:05:be:45:e1:70:b5:42:c8:6a:ab:53:
         1f:a8:a9:80:7d:60:75:62:7e:80:c2:ac:41:3b:e7:20:ee:a3:
         14:2a:e7:40:de:e6:37:59:90:4f:f9:db:b3:27:c8:7a:f9:94:
         39:34:f9:7d:1d:1e:c1:c9:fe:55:27:4d:f7:7c:f9:1c:25:d3:
         db:54:95:30:12:b1:88:85:ca:f0:06:ce:5b:55:77:f8:ef:4e:
         8d:31:b4:80
-----BEGIN CERTIFICATE-----
MIIGhTCCBW2gAwIBAgIUAQ0Mn0MoWE5QhJFCazglEugEZQAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMGQ2YmI1NTktMTY4Yi00NWViLTkxZjEtZjc5ODg3NjAy
MjFkMB4XDTI2MDYyNzIxMDAxMloXDTI2MDkyNTIxMDAxMlowLzEtMCsGA1UEAxMk
M2VkY2Q2NzctMGFjZC00MjAxLThmZjMtM2IzMmMxNmRmNDE3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPuUnVZhkly53YQkyA++96MFwtj1bvGBxRl2
hZEgiL3rLsv9lQ3dqEoSTygLv8PPmQ6o4VZdlJAdVdSH+07ZR+SGRtZ9F0jeAs9q
npnhb9eBKE+Weu+rh/xlw+MIBI9UtM19SRYLtVBS9TlR8Ra2SmJJL6mKe7ttpiTE
U7VcBMKW2kD03Pw3f1Wuj19I+btFTW7lRLq2TqsXFL4EtbzLnm7iKuq3KI+HsuF1
CgM+upCJ9oS5WuRInVl1N/VlPiBJ1CRu+yxKEWLWSOcXiv4079NkBudAB+DCxsJd
XkZ49fJEWkpEG3R9jGpILVNuCm8zd68Ql9vBnVGzB0aGAAHhSQIDAQABo4IDlzCC
A5MwHQYDVR0OBBYEFB2WrGP8/8G48pHCep4GfMQHB3wdMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8wZDZi
YjU1OS0xNjhiLTQ1ZWItOTFmMS1mNzk4ODc2MDIyMWQvNDMzYTg3ZGItM2FiYi0z
NDYzLTk4NWMtNmI2YTY2ODYzMjdmLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvMGQ2YmI1NTktMTY4Yi00NWViLTkx
ZjEtZjc5ODg3NjAyMjFkLzBkNmJiNTU5LTE2OGItNDVlYi05MWYxLWY3OTg4NzYw
MjIxZC5jcmwwHwYDVR0jBBgwFoAUdgVjZCvXvC75OWUe+wCuP+wHzckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi8wZDZiYjU1OS0xNjhiLTQ1ZWItOTFmMS1mNzk4
ODc2MDIyMWQuY2VyMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQDSnZwAwQC
otIQAwQCovzgAwQDrGCYAwQAwGAsAwQBxoe2AwQAx1U/AwQC0FCMAwQB0FtYAwQC
0FtcAwQD0F+IAwQC2HiYMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4Bggr
BgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3Bz
Lmh0bWwwDQYJKoZIhvcNAQELBQADggEBACsjEU+ekszR582qWx4b+avBWdDhnip+
d/ta2fskmPvU+eEBNKAat71KeCnEz8fKbvYDx4dYxCoX0pPc/80j5Tv8KuXW3QYs
fxMa0vtyVM+0a9/0adOXV6C7BscqiH954Hw573C12fW1Z4v1JqjXW/Z9Fh3uLQEF
TonnJcIIdK48nOixsUTT6cqYWueR81/8NzzOPIK+jTL1OT3yQw3Qrs6sfptnwJ0P
kiIFvkXhcLVCyGqrUx+oqYB9YHVifoDCrEE75yDuoxQq50De5jdZkE/527MnyHr5
lDk0+X0dHsHJ/lUnTfd8+Rwl09tUlTASsYiFyvAGzltVd/jvTo0xtIA=
-----END CERTIFICATE-----
Generated at Tue Jul 7 20:10:02 2026 by rpki-client