Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/d44ce5f4-28a9-4c1f-b029-cc35b3e3950e/40a22eee-4031-3336-8b2d-96d68d61d8a9.roa
File:                     40a22eee-4031-3336-8b2d-96d68d61d8a9.roa (raw, json)
Hash identifier:          zH1pqjledmVhe1Qxk/nepnogHM+gGU1vizg8Gh64W/w=
Subject key identifier:   7D:41:7F:5B:CC:19:C2:87:B7:8B:C1:76:F8:4B:7D:C0:B1:CE:5C:CD
Certificate issuer:       /CN=d44ce5f4-28a9-4c1f-b029-cc35b3e3950e
Certificate serial:       010D0C9F4328584E6F3A2500E8E1AE0E87DFF680
Authority key identifier: D2:70:53:AA:1E:41:4B:CD:A4:FF:3C:F8:BC:B0:DC:1C:2B:B6:0C:52
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/d44ce5f4-28a9-4c1f-b029-cc35b3e3950e.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/d44ce5f4-28a9-4c1f-b029-cc35b3e3950e/40a22eee-4031-3336-8b2d-96d68d61d8a9.roa
Signing time:             Wed 08 Jul 2026 21:00:12 +0000
ROA not before:           Wed 08 Jul 2026 21:00:12 +0000
ROA not after:            Tue 06 Oct 2026 21:00:12 +0000
asID:                     35998
IP address blocks:        67.21.152.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/d44ce5f4-28a9-4c1f-b029-cc35b3e3950e/d44ce5f4-28a9-4c1f-b029-cc35b3e3950e.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/d44ce5f4-28a9-4c1f-b029-cc35b3e3950e/d44ce5f4-28a9-4c1f-b029-cc35b3e3950e.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/d44ce5f4-28a9-4c1f-b029-cc35b3e3950e.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 12 Jul 2026 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:4e:6f:3a:25:00:e8:e1:ae:0e:87:df:f6:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d44ce5f4-28a9-4c1f-b029-cc35b3e3950e
        Validity
            Not Before: Jul  8 21:00:12 2026 GMT
            Not After : Oct  6 21:00:12 2026 GMT
        Subject: CN=2a1180a8-7fb9-42c8-aad7-3748969e16ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:73:fe:65:7a:43:2c:ff:74:2f:9d:9f:b5:d6:
                    89:51:08:83:3f:2c:10:e1:d8:49:bf:7c:28:ce:46:
                    ff:8a:eb:3c:6d:3f:ed:53:c1:56:47:a3:52:eb:27:
                    fd:82:95:63:7b:cc:41:04:08:50:52:f9:bc:ac:ce:
                    ae:d5:de:84:3f:a1:0b:ed:0c:2d:d3:80:33:3b:39:
                    dc:ba:9c:c2:08:61:61:49:23:d8:11:7b:95:b6:16:
                    5d:af:49:15:53:e3:95:1f:05:18:bf:b1:86:8c:06:
                    9a:19:ce:c1:c3:b4:90:ae:cb:7e:3e:ef:7b:bc:7a:
                    74:22:32:3d:ad:dd:0d:3e:06:82:84:62:b4:6d:98:
                    b7:ff:cd:df:6e:14:1f:d7:2d:1e:f8:d4:58:81:99:
                    44:38:c6:81:8a:e5:ac:32:4a:13:de:b5:4b:99:2a:
                    6f:56:0c:38:2a:d8:a0:5c:fc:2c:7c:15:ef:21:d3:
                    67:96:4a:dc:74:4c:67:59:b4:c6:1e:23:2c:08:60:
                    1d:29:89:6b:a5:7b:38:92:6c:09:24:bf:1a:10:31:
                    d1:13:d1:0a:a5:75:9a:1a:04:de:5c:16:dc:c6:7e:
                    e2:3f:10:cb:e5:79:7b:93:84:67:a4:0f:66:ca:dc:
                    95:9c:91:51:fb:74:43:81:56:a8:91:8a:53:e3:2f:
                    e2:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:41:7F:5B:CC:19:C2:87:B7:8B:C1:76:F8:4B:7D:C0:B1:CE:5C:CD
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/d44ce5f4-28a9-4c1f-b029-cc35b3e3950e/40a22eee-4031-3336-8b2d-96d68d61d8a9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/d44ce5f4-28a9-4c1f-b029-cc35b3e3950e/d44ce5f4-28a9-4c1f-b029-cc35b3e3950e.crl

            X509v3 Authority Key Identifier:
                keyid:D2:70:53:AA:1E:41:4B:CD:A4:FF:3C:F8:BC:B0:DC:1C:2B:B6:0C:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/d44ce5f4-28a9-4c1f-b029-cc35b3e3950e.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  67.21.152.0/22

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         41:70:62:ed:89:a2:75:96:2d:ca:0c:d1:06:6f:b7:c5:10:7b:
         91:1a:69:5f:0b:09:35:f6:2a:f5:d8:e8:51:6b:38:1e:a3:e5:
         e6:e6:c3:8d:6c:20:a0:d7:1b:57:48:37:cf:96:c1:b7:7a:73:
         26:0e:30:ca:d7:5d:08:fe:58:19:15:d4:e5:76:09:9d:b7:d4:
         dc:55:2a:2b:95:ee:47:15:65:66:1f:e0:c9:87:7a:3f:d2:99:
         2f:98:83:ec:cf:fb:15:72:ba:ff:66:9a:65:1a:f1:49:b8:ae:
         be:86:a8:71:ed:0a:e6:05:3b:3a:df:a7:1c:0d:dd:a5:d2:05:
         fc:85:92:d0:fb:1f:64:3c:8c:1b:17:7a:5a:a9:98:fc:46:a2:
         eb:fa:c6:45:2b:e5:d7:5e:c6:8a:30:a4:de:79:29:ad:66:3f:
         68:a7:e9:94:79:54:86:5b:10:b6:39:13:a7:77:2d:0d:ea:4e:
         b0:1a:93:91:9d:69:4c:77:2b:45:39:04:82:ee:4a:f7:05:cc:
         4b:6d:ad:c0:96:33:c7:cb:35:aa:eb:a9:6e:f7:04:4a:18:ec:
         89:26:2c:ad:7c:a1:60:87:5c:ce:65:17:d4:9e:ae:c4:6d:15:
         f7:69:7f:e7:dd:f8:b1:77:eb:e8:80:18:de:a4:c2:d0:07:7a:
         e4:5b:92:86
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWE5vOiUA6OGuDoff9oAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZDQ0Y2U1ZjQtMjhhOS00YzFmLWIwMjktY2MzNWIzZTM5
NTBlMB4XDTI2MDcwODIxMDAxMloXDTI2MTAwNjIxMDAxMlowLzEtMCsGA1UEAxMk
MmExMTgwYTgtN2ZiOS00MmM4LWFhZDctMzc0ODk2OWUxNmVlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXP+ZXpDLP90L52ftdaJUQiDPywQ4dhJv3wo
zkb/ius8bT/tU8FWR6NS6yf9gpVje8xBBAhQUvm8rM6u1d6EP6EL7Qwt04AzOznc
upzCCGFhSSPYEXuVthZdr0kVU+OVHwUYv7GGjAaaGc7Bw7SQrst+Pu97vHp0IjI9
rd0NPgaChGK0bZi3/83fbhQf1y0e+NRYgZlEOMaBiuWsMkoT3rVLmSpvVgw4Ktig
XPwsfBXvIdNnlkrcdExnWbTGHiMsCGAdKYlrpXs4kmwJJL8aEDHRE9EKpXWaGgTe
XBbcxn7iPxDL5Xl7k4RnpA9mytyVnJFR+3RDgVaokYpT4y/iCQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFH1Bf1vMGcKHt4vBdvhLfcCxzlzNMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9kNDRj
ZTVmNC0yOGE5LTRjMWYtYjAyOS1jYzM1YjNlMzk1MGUvNDBhMjJlZWUtNDAzMS0z
MzM2LThiMmQtOTZkNjhkNjFkOGE5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZDQ0Y2U1ZjQtMjhhOS00YzFmLWIw
MjktY2MzNWIzZTM5NTBlL2Q0NGNlNWY0LTI4YTktNGMxZi1iMDI5LWNjMzViM2Uz
OTUwZS5jcmwwHwYDVR0jBBgwFoAU0nBTqh5BS82k/zz4vLDcHCu2DFIwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9kNDRjZTVmNC0yOGE5LTRjMWYtYjAyOS1jYzM1
YjNlMzk1MGUuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCQxWYMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAEFwYu2JonWWLcoM0QZvt8UQe5EaaV8LCTX2KvXY6FFrOB6j5ebmw41s
IKDXG1dIN8+Wwbd6cyYOMMrXXQj+WBkV1OV2CZ231NxVKiuV7kcVZWYf4MmHej/S
mS+Yg+zP+xVyuv9mmmUa8Um4rr6GqHHtCuYFOzrfpxwN3aXSBfyFktD7H2Q8jBsX
elqpmPxGouv6xkUr5ddexoowpN55Ka1mP2in6ZR5VIZbELY5E6d3LQ3qTrAak5Gd
aUx3K0U5BILuSvcFzEttrcCWM8fLNarrqW73BEoY7IkmLK18oWCHXM5lF9SersRt
Ffdpf+fd+LF36+iAGN6kwtAHeuRbkoY=
-----END CERTIFICATE-----
Generated at Sat Jul 11 04:34:47 2026 by rpki-client