Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee/4e8a6a60-1d92-37f6-9990-fdedce5dd603.roa
File:                     4e8a6a60-1d92-37f6-9990-fdedce5dd603.roa (raw, json)
Hash identifier:          ZTZ1/9nLsG2kiJhY++5dGZEiD1FKyNRwNclCTSVoZ4E=
Subject key identifier:   C0:40:8F:64:45:EC:C3:85:67:02:02:F0:B3:19:9A:0E:0D:95:0D:A0
Certificate issuer:       /CN=72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee
Certificate serial:       010D0C9F4328584E482489F0CA70CF66E35F7480
Authority key identifier: 27:B8:A3:DD:49:F5:D9:F3:10:53:B6:43:5A:C2:38:B8:25:A7:D7:7D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee/4e8a6a60-1d92-37f6-9990-fdedce5dd603.roa
Signing time:             Wed 24 Jun 2026 21:00:12 +0000
ROA not before:           Wed 24 Jun 2026 21:00:12 +0000
ROA not after:            Tue 22 Sep 2026 21:00:12 +0000
asID:                     26946
IP address blocks:        207.28.238.0/24 maxlen: 24
                          207.165.60.0/24 maxlen: 24
                          207.165.200.0/24 maxlen: 24
                          207.165.223.0/24 maxlen: 24
                          207.165.224.0/23 maxlen: 24
                          209.56.112.0/23 maxlen: 24
                          209.56.158.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/871da40f-793a-4a45-a0a9-978148321a07.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/871da40f-793a-4a45-a0a9-978148321a07.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 08 Jul 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:4e:48:24:89:f0:ca:70:cf:66:e3:5f:74:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee
        Validity
            Not Before: Jun 24 21:00:12 2026 GMT
            Not After : Sep 22 21:00:12 2026 GMT
        Subject: CN=e3fd9096-def8-4d26-a16f-250a70a5b0fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:58:bc:ab:c0:75:66:fc:c0:c3:7f:f4:eb:a3:
                    b8:d1:28:31:93:0f:c8:9a:11:cb:41:75:68:9c:b7:
                    fb:59:30:75:6e:e2:49:75:4b:7f:e5:75:11:77:bc:
                    84:fa:1d:a4:9c:d6:c4:2d:d2:eb:a0:cf:af:0d:80:
                    81:bc:7e:6c:ef:f8:d3:c3:2a:76:ac:b7:bf:b5:19:
                    8a:ee:80:67:17:c7:ec:64:87:8f:1b:c0:e9:01:3c:
                    67:16:21:70:7b:79:00:20:79:41:6d:75:d8:d0:9d:
                    65:fc:ed:c3:7d:55:21:12:4e:99:d8:31:32:cc:22:
                    d9:26:0b:14:5d:a2:b3:a7:f1:9d:3f:1d:89:5e:78:
                    ae:b2:d1:a6:cc:89:93:62:d7:70:fa:a4:84:cd:a8:
                    9a:41:59:d0:20:fe:33:ba:31:9f:87:06:88:d9:43:
                    ed:f4:ff:ad:6e:84:b5:f9:58:c0:fb:62:cc:81:b3:
                    1a:73:31:af:9b:99:53:c9:8d:bd:49:ff:77:6b:25:
                    c9:d7:91:64:2a:6b:17:0f:46:67:77:83:4e:93:33:
                    b1:90:90:00:3d:f2:33:82:42:f1:ea:36:6b:a0:f2:
                    1a:d2:35:88:5f:1e:d3:cf:56:20:e4:58:ba:9d:36:
                    be:dc:29:ce:d6:77:72:92:7e:0b:8d:08:99:ac:d1:
                    2c:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:40:8F:64:45:EC:C3:85:67:02:02:F0:B3:19:9A:0E:0D:95:0D:A0
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee/4e8a6a60-1d92-37f6-9990-fdedce5dd603.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee.crl

            X509v3 Authority Key Identifier:
                keyid:27:B8:A3:DD:49:F5:D9:F3:10:53:B6:43:5A:C2:38:B8:25:A7:D7:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.28.238.0/24
                  207.165.60.0/24
                  207.165.200.0/24
                  207.165.223.0-207.165.225.255
                  209.56.112.0/23
                  209.56.158.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         75:f2:69:db:59:64:70:a1:73:63:c9:e5:d5:b7:08:c8:df:4a:
         44:a6:02:0a:c0:7a:7e:29:81:53:3a:12:ac:ef:ad:b9:70:d0:
         3f:c5:26:b8:76:9b:33:1d:fd:90:69:5b:6f:b6:0e:9f:f9:ae:
         2c:e5:15:4c:10:34:b4:57:71:67:0e:25:08:11:39:ff:68:ed:
         0b:3d:f2:7f:07:8b:ec:76:0a:0e:8d:1b:38:22:90:57:b4:16:
         9c:27:58:c0:d7:00:92:0f:e5:0c:1f:27:c3:c2:63:b4:ad:ee:
         29:6d:86:69:0b:c7:32:5e:1b:3d:66:70:ab:f3:65:96:6f:dd:
         e0:94:9e:0c:d1:f4:01:ac:a4:f4:c4:7c:ae:1e:2a:a6:57:ff:
         db:61:a1:65:0c:2a:28:16:e1:b9:72:1e:96:63:10:db:6d:20:
         58:70:9d:45:84:8c:15:fe:d7:8b:59:37:bf:3f:cd:1b:11:50:
         17:06:6c:3e:34:6e:e1:7c:c7:9d:88:2c:28:3a:5a:26:d1:38:
         d5:10:2f:b9:b0:c5:a2:c5:78:64:72:0e:31:c8:5b:a2:ba:c1:
         14:1a:ca:2b:4d:ef:90:a3:a3:24:e2:6e:b0:31:ac:16:e7:c2:
         dc:e9:93:86:05:6f:44:99:0f:8e:47:9e:bc:6e:dc:da:a5:88:
         8b:75:67:1e
-----BEGIN CERTIFICATE-----
MIIGaTCCBVGgAwIBAgIUAQ0Mn0MoWE5IJInwynDPZuNfdIAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNzJlZjdjOWItYzc1Ni00MzlhLWFjNTktMGZiNWU1ZThj
MWVlMB4XDTI2MDYyNDIxMDAxMloXDTI2MDkyMjIxMDAxMlowLzEtMCsGA1UEAxMk
ZTNmZDkwOTYtZGVmOC00ZDI2LWExNmYtMjUwYTcwYTViMGZlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFi8q8B1ZvzAw3/066O40Sgxkw/ImhHLQXVo
nLf7WTB1buJJdUt/5XURd7yE+h2knNbELdLroM+vDYCBvH5s7/jTwyp2rLe/tRmK
7oBnF8fsZIePG8DpATxnFiFwe3kAIHlBbXXY0J1l/O3DfVUhEk6Z2DEyzCLZJgsU
XaKzp/GdPx2JXniustGmzImTYtdw+qSEzaiaQVnQIP4zujGfhwaI2UPt9P+tboS1
+VjA+2LMgbMaczGvm5lTyY29Sf93ayXJ15FkKmsXD0Znd4NOkzOxkJAAPfIzgkLx
6jZroPIa0jWIXx7Tz1Yg5Fi6nTa+3CnO1ndykn4LjQiZrNEs+QIDAQABo4IDezCC
A3cwHQYDVR0OBBYEFMBAj2RF7MOFZwIC8LMZmg4NlQ2gMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzg3MWRhNDBmLTc5M2EtNGE0NS1hMGE5LTk3ODE0ODMyMWEwNy83MmVm
N2M5Yi1jNzU2LTQzOWEtYWM1OS0wZmI1ZTVlOGMxZWUvNGU4YTZhNjAtMWQ5Mi0z
N2Y2LTk5OTAtZmRlZGNlNWRkNjAzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy84NzFkYTQwZi03
OTNhLTRhNDUtYTBhOS05NzgxNDgzMjFhMDcvNzJlZjdjOWItYzc1Ni00MzlhLWFj
NTktMGZiNWU1ZThjMWVlLzcyZWY3YzliLWM3NTYtNDM5YS1hYzU5LTBmYjVlNWU4
YzFlZS5jcmwwHwYDVR0jBBgwFoAUJ7ij3Un12fMQU7ZDWsI4uCWn130wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2EtNGE0
NS1hMGE5LTk3ODE0ODMyMWEwNy83MmVmN2M5Yi1jNzU2LTQzOWEtYWM1OS0wZmI1
ZTVlOGMxZWUuY2VyMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAzxzuAwQA
z6U8AwQAz6XIMAwDBADPpd8DBAHPpeADBAHROHADBAHROJ4wVAYDVR0gAQH/BEow
SDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5l
dC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEAdfJp
21lkcKFzY8nl1bcIyN9KRKYCCsB6fimBUzoSrO+tuXDQP8UmuHabMx39kGlbb7YO
n/muLOUVTBA0tFdxZw4lCBE5/2jtCz3yfweL7HYKDo0bOCKQV7QWnCdYwNcAkg/l
DB8nw8JjtK3uKW2GaQvHMl4bPWZwq/Nllm/d4JSeDNH0Aayk9MR8rh4qplf/22Gh
ZQwqKBbhuXIelmMQ220gWHCdRYSMFf7Xi1k3vz/NGxFQFwZsPjRu4XzHnYgsKDpa
JtE41RAvubDFosV4ZHIOMchborrBFBrKK03vkKOjJOJusDGsFufC3OmThgVvRJkP
jkeevG7c2qWIi3VnHg==
-----END CERTIFICATE-----
Generated at Mon Jul 6 22:16:18 2026 by rpki-client