Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b/29d649ff-7028-3767-8327-8c4721bf56a8.roa
File:                     29d649ff-7028-3767-8327-8c4721bf56a8.roa (raw, json)
Hash identifier:          66mWOXVkOfhK8b4KcHH0P/EkBhyFRR8EcdVgUohYDic=
Subject key identifier:   96:6D:E2:E9:58:83:A2:B9:65:FE:ED:D8:CF:5E:42:93:28:C0:6F:DF
Certificate issuer:       /CN=ab85686b-bac3-40d2-b46e-f2593fb0bc6b
Certificate serial:       010D0C9F43285849F2E531DD190BEB777613E400
Authority key identifier: 0E:5E:F6:3E:A7:FF:42:C0:84:5C:18:ED:96:19:B7:6D:8A:D9:86:BE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b/29d649ff-7028-3767-8327-8c4721bf56a8.roa
Signing time:             Fri 23 May 2025 13:01:03 +0000
ROA not before:           Fri 23 May 2025 13:01:03 +0000
ROA not after:            Thu 21 Aug 2025 13:01:03 +0000
asID:                     399668
IP address blocks:        2620:98:a000::/48 maxlen: 64
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b/ab85686b-bac3-40d2-b46e-f2593fb0bc6b.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b/ab85686b-bac3-40d2-b46e-f2593fb0bc6b.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 13 Jun 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:f2:e5:31:dd:19:0b:eb:77:76:13:e4:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab85686b-bac3-40d2-b46e-f2593fb0bc6b
        Validity
            Not Before: May 23 13:01:03 2025 GMT
            Not After : Aug 21 13:01:03 2025 GMT
        Subject: CN=da702998-add2-422a-bd0c-aed0787d1b82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:11:d8:33:bd:7a:48:5f:68:aa:1c:08:f5:63:
                    02:bc:8d:b9:4a:95:66:0f:10:c9:ee:25:ee:9c:ca:
                    ae:a1:b7:1c:99:58:97:38:e5:9b:14:a3:8b:4e:77:
                    64:64:fc:98:1a:b2:1f:45:24:58:a8:57:2f:8f:94:
                    fc:5e:6f:f9:38:ca:12:c1:21:4d:26:50:17:dc:e7:
                    02:18:94:d7:8d:a1:5d:03:1a:02:78:60:69:8e:ea:
                    73:df:db:ab:3b:34:02:69:17:03:b3:db:7e:02:df:
                    f2:de:69:a5:1a:61:31:32:d0:99:34:6c:18:ab:e3:
                    ff:b4:9d:b5:5c:52:65:a3:fb:ac:93:82:c5:6e:25:
                    f3:6b:e0:fc:a0:bf:b2:93:27:99:09:43:5b:d5:3d:
                    87:86:aa:53:42:83:12:1d:2d:a0:1c:18:f6:f0:75:
                    20:91:8e:1c:20:f2:9b:ab:7f:17:09:9a:05:6f:e8:
                    92:7e:43:98:5b:6f:1f:78:1c:50:a2:cd:16:16:93:
                    46:d2:a6:4a:4b:9a:63:cf:2e:df:48:40:85:69:51:
                    18:f7:9f:92:cd:ee:3c:6f:a7:1d:7f:9e:c6:e6:25:
                    11:9b:a0:56:0c:00:5c:99:87:fa:25:9b:cd:30:57:
                    4e:b5:bc:1c:5d:19:b6:74:0d:54:6d:3f:4e:f8:5b:
                    4c:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:6D:E2:E9:58:83:A2:B9:65:FE:ED:D8:CF:5E:42:93:28:C0:6F:DF
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b/29d649ff-7028-3767-8327-8c4721bf56a8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b/ab85686b-bac3-40d2-b46e-f2593fb0bc6b.crl

            X509v3 Authority Key Identifier:
                keyid:0E:5E:F6:3E:A7:FF:42:C0:84:5C:18:ED:96:19:B7:6D:8A:D9:86:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:98:a000::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         65:0e:a9:8b:7a:65:52:9d:9d:19:bf:9b:a2:f3:88:ed:d0:62:
         bc:22:9f:a3:e0:52:4e:18:eb:f9:52:5b:64:3e:f1:3d:02:e0:
         d7:03:b6:92:c5:90:7f:25:8c:2c:70:32:b0:40:dd:ed:05:fb:
         84:ac:e4:51:55:f4:59:8e:1f:09:01:7b:88:04:9b:d3:7a:94:
         58:57:99:d5:ba:7d:2a:96:a1:d4:c5:12:21:87:b7:ec:70:29:
         e9:6b:50:9f:c3:fd:96:de:99:b0:6c:b8:fe:55:a3:2a:e9:0b:
         87:8f:5c:a8:49:2d:c8:93:63:57:99:7f:33:8d:5a:cd:32:a6:
         56:2c:74:15:df:e6:01:19:7d:d3:84:59:20:31:65:5d:5e:73:
         25:91:a7:6b:2d:61:b5:b1:0a:65:9d:81:d5:45:af:f6:21:97:
         2b:dd:a3:7f:a0:74:50:7b:8e:5d:c9:04:e3:0c:e6:a9:9c:63:
         f0:70:5c:93:18:5b:ed:c4:49:6c:90:ba:86:79:a9:11:05:11:
         16:74:9e:17:c0:6a:64:0f:e7:ee:1b:ae:03:0c:83:94:9d:5c:
         8a:ba:42:e7:b0:d8:70:a3:52:ee:82:bb:b6:09:ad:47:f4:0d:
         65:46:85:85:a6:b3:d4:49:e3:8a:77:04:ee:e6:34:56:89:6c:
         19:1f:99:f4
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWEny5THdGQvrd3YT5AAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYWI4NTY4NmItYmFjMy00MGQyLWI0NmUtZjI1OTNmYjBi
YzZiMB4XDTI1MDUyMzEzMDEwM1oXDTI1MDgyMTEzMDEwM1owLzEtMCsGA1UEAxMk
ZGE3MDI5OTgtYWRkMi00MjJhLWJkMGMtYWVkMDc4N2QxYjgyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BHYM716SF9oqhwI9WMCvI25SpVmDxDJ7iXu
nMquobccmViXOOWbFKOLTndkZPyYGrIfRSRYqFcvj5T8Xm/5OMoSwSFNJlAX3OcC
GJTXjaFdAxoCeGBpjupz39urOzQCaRcDs9t+At/y3mmlGmExMtCZNGwYq+P/tJ21
XFJlo/usk4LFbiXza+D8oL+ykyeZCUNb1T2HhqpTQoMSHS2gHBj28HUgkY4cIPKb
q38XCZoFb+iSfkOYW28feBxQos0WFpNG0qZKS5pjzy7fSECFaVEY95+Sze48b6cd
f57G5iURm6BWDABcmYf6JZvNMFdOtbwcXRm2dA1UbT9O+FtM/wIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFJZt4ulYg6K5Zf7t2M9eQpMowG/fMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9hYjg1
Njg2Yi1iYWMzLTQwZDItYjQ2ZS1mMjU5M2ZiMGJjNmIvMjlkNjQ5ZmYtNzAyOC0z
NzY3LTgzMjctOGM0NzIxYmY1NmE4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvYWI4NTY4NmItYmFjMy00MGQyLWI0
NmUtZjI1OTNmYjBiYzZiL2FiODU2ODZiLWJhYzMtNDBkMi1iNDZlLWYyNTkzZmIw
YmM2Yi5jcmwwHwYDVR0jBBgwFoAUDl72Pqf/QsCEXBjtlhm3bYrZhr4wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9hYjg1Njg2Yi1iYWMzLTQwZDItYjQ2ZS1mMjU5
M2ZiMGJjNmIuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJiAAmKAA
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBAGUOqYt6ZVKdnRm/m6LziO3QYrwin6PgUk4Y6/lSW2Q+8T0C4NcD
tpLFkH8ljCxwMrBA3e0F+4Ss5FFV9FmOHwkBe4gEm9N6lFhXmdW6fSqWodTFEiGH
t+xwKelrUJ/D/ZbembBsuP5VoyrpC4ePXKhJLciTY1eZfzONWs0yplYsdBXf5gEZ
fdOEWSAxZV1ecyWRp2stYbWxCmWdgdVFr/Yhlyvdo3+gdFB7jl3JBOMM5qmcY/Bw
XJMYW+3ESWyQuoZ5qREFERZ0nhfAamQP5+4brgMMg5SdXIq6Quew2HCjUu6Cu7YJ
rUf0DWVGhYWms9RJ44p3BO7mNFaJbBkfmfQ=
-----END CERTIFICATE-----
Generated at Wed Jun 11 04:30:41 2025 by rpki-client