Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/bfa59443-3b9f-31c6-8c69-1f4266aa3e47.roa
File:                     bfa59443-3b9f-31c6-8c69-1f4266aa3e47.roa (raw, json)
Hash identifier:          ZCYHe92iV/1/BJqXGvVenmoclM9p35tPOaH2D90VdCY=
Subject key identifier:   0E:78:B2:CD:C7:CE:9C:BC:F1:97:DA:7A:5D:F5:05:C0:AA:40:70:BE
Certificate issuer:       /CN=4e95a28e-27fe-479a-b086-2cc9809d54f6
Certificate serial:       010D0C9F4328584B95A8D133FE9C248912E3FA70
Authority key identifier: 55:43:28:31:2B:A2:11:E9:0C:63:2A:6B:C1:7E:0D:D6:92:76:3E:61
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/bfa59443-3b9f-31c6-8c69-1f4266aa3e47.roa
Signing time:             Mon 20 Oct 2025 13:00:38 +0000
ROA not before:           Mon 20 Oct 2025 13:00:38 +0000
ROA not after:            Sun 18 Jan 2026 14:00:38 +0000
asID:                     33668
IP address blocks:        68.59.2.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 23 Oct 2025 10:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:4b:95:a8:d1:33:fe:9c:24:89:12:e3:fa:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e95a28e-27fe-479a-b086-2cc9809d54f6
        Validity
            Not Before: Oct 20 13:00:38 2025 GMT
            Not After : Jan 18 14:00:38 2026 GMT
        Subject: CN=78ad9cae-e376-4d36-a0bf-198f2675a3a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:0b:5e:f3:df:7c:1b:67:be:81:61:0b:98:16:
                    38:37:50:d7:cc:0a:a1:fb:39:ac:cb:43:9d:63:60:
                    b2:11:6d:ea:68:70:0a:40:31:c1:10:68:57:f7:cc:
                    0f:ba:2a:f6:38:54:5e:3d:b5:b3:8c:10:53:a2:77:
                    5b:c8:48:96:cb:52:34:66:ca:f1:e4:ae:cf:f6:23:
                    aa:63:e8:19:b7:48:7b:d2:29:05:56:e8:56:00:f3:
                    c9:60:52:b9:cd:ad:03:10:a8:c0:f9:eb:24:aa:e8:
                    ef:87:eb:6f:c5:91:09:1e:6e:86:f2:69:f5:c0:07:
                    3b:f3:82:f3:fb:8c:12:47:09:db:84:5e:4c:f9:5d:
                    92:d6:f9:27:1f:89:3a:8b:26:c5:d7:50:74:c3:67:
                    7f:67:64:36:c9:09:bb:d9:5b:18:76:d2:38:b9:d8:
                    35:8d:f2:0c:97:16:39:b5:07:c7:c6:e6:55:67:00:
                    07:5f:73:a1:26:f0:4e:25:4b:39:be:45:ac:7f:42:
                    a9:36:89:5c:91:c3:fd:b9:ac:01:b8:37:5f:e6:d4:
                    91:71:51:93:2e:73:eb:68:ff:9b:1d:46:66:5f:55:
                    fe:30:4c:7f:5c:6c:20:7b:15:69:ad:64:67:f1:47:
                    44:4d:df:7f:b9:48:0e:75:a4:0c:b5:d3:a5:78:6b:
                    70:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:78:B2:CD:C7:CE:9C:BC:F1:97:DA:7A:5D:F5:05:C0:AA:40:70:BE
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/bfa59443-3b9f-31c6-8c69-1f4266aa3e47.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.crl

            X509v3 Authority Key Identifier:
                keyid:55:43:28:31:2B:A2:11:E9:0C:63:2A:6B:C1:7E:0D:D6:92:76:3E:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  68.59.2.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         55:1c:d5:6b:0b:25:9a:28:f0:e7:77:51:a7:a6:9e:aa:4c:c5:
         72:28:ad:cc:87:66:d0:5f:a4:e7:8d:a9:bf:32:ce:1d:e5:fc:
         55:4e:b1:81:4b:13:9d:c4:48:21:39:65:bf:1f:44:c6:13:d1:
         8b:a7:5c:35:c4:63:de:64:2a:94:71:81:53:cc:b8:af:06:6e:
         85:d1:57:79:19:71:04:19:37:be:f6:c1:41:ca:e3:f6:60:bc:
         44:cd:e8:bc:d6:37:d4:92:d9:2c:2f:90:04:21:ce:a0:35:27:
         07:c8:ee:c6:ba:49:cf:90:7a:cd:7d:c3:34:b4:8c:25:6c:f2:
         1c:08:77:3a:0f:6e:59:93:5f:d7:d1:11:08:d3:0b:35:00:56:
         68:96:52:d5:61:0e:90:d0:fe:ea:74:17:da:65:df:12:96:d9:
         78:06:70:64:b6:e9:73:2f:5b:27:a5:1c:bb:a1:34:48:11:00:
         6d:f5:c9:c4:f4:a6:eb:0d:45:b3:85:d6:1a:35:1d:6a:40:3a:
         8f:ab:27:d9:3c:67:fa:67:77:93:ba:ae:ec:6e:33:ff:c3:b8:
         40:b3:82:6c:4a:ec:b6:7a:c7:84:28:36:1e:22:e5:69:98:df:
         48:7a:2a:81:c0:17:70:c2:d0:c6:f1:25:12:f4:5c:ac:cb:4f:
         7a:50:60:ec
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEuVqNEz/pwkiRLj+nAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNGU5NWEyOGUtMjdmZS00NzlhLWIwODYtMmNjOTgwOWQ1
NGY2MB4XDTI1MTAyMDEzMDAzOFoXDTI2MDExODE0MDAzOFowLzEtMCsGA1UEAxMk
NzhhZDljYWUtZTM3Ni00ZDM2LWEwYmYtMTk4ZjI2NzVhM2EwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQte8998G2e+gWELmBY4N1DXzAqh+zmsy0Od
Y2CyEW3qaHAKQDHBEGhX98wPuir2OFRePbWzjBBTondbyEiWy1I0Zsrx5K7P9iOq
Y+gZt0h70ikFVuhWAPPJYFK5za0DEKjA+eskqujvh+tvxZEJHm6G8mn1wAc784Lz
+4wSRwnbhF5M+V2S1vknH4k6iybF11B0w2d/Z2Q2yQm72VsYdtI4udg1jfIMlxY5
tQfHxuZVZwAHX3OhJvBOJUs5vkWsf0KpNolckcP9uawBuDdf5tSRcVGTLnPraP+b
HUZmX1X+MEx/XGwgexVprWRn8UdETd9/uUgOdaQMtdOleGtwFwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFA54ss3Hzpy88Zfael31BcCqQHC+MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi80ZTk1
YTI4ZS0yN2ZlLTQ3OWEtYjA4Ni0yY2M5ODA5ZDU0ZjYvYmZhNTk0NDMtM2I5Zi0z
MWM2LThjNjktMWY0MjY2YWEzZTQ3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNGU5NWEyOGUtMjdmZS00NzlhLWIw
ODYtMmNjOTgwOWQ1NGY2LzRlOTVhMjhlLTI3ZmUtNDc5YS1iMDg2LTJjYzk4MDlk
NTRmNi5jcmwwHwYDVR0jBBgwFoAUVUMoMSuiEekMYyprwX4N1pJ2PmEwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi80ZTk1YTI4ZS0yN2ZlLTQ3OWEtYjA4Ni0yY2M5
ODA5ZDU0ZjYuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBRDsCMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAFUc1WsLJZoo8Od3UaemnqpMxXIorcyHZtBfpOeNqb8yzh3l/FVOsYFL
E53ESCE5Zb8fRMYT0YunXDXEY95kKpRxgVPMuK8GboXRV3kZcQQZN772wUHK4/Zg
vETN6LzWN9SS2SwvkAQhzqA1JwfI7sa6Sc+Qes19wzS0jCVs8hwIdzoPblmTX9fR
EQjTCzUAVmiWUtVhDpDQ/up0F9pl3xKW2XgGcGS26XMvWyelHLuhNEgRAG31ycT0
pusNRbOF1ho1HWpAOo+rJ9k8Z/pnd5O6ruxuM//DuECzgmxK7LZ6x4QoNh4i5WmY
30h6KoHAF3DC0MbxJRL0XKzLT3pQYOw=
-----END CERTIFICATE-----
Generated at Wed Oct 22 02:27:10 2025 by rpki-client