Route Origin Authorization

$ rpki-client -vvf rpki.roa.net/rrdp/xTom/46/3130342e3234352e31302e302f32342d3234203d3e203336333531.roa
File:                     3130342e3234352e31302e302f32342d3234203d3e203336333531.roa (raw, json)
Hash identifier:          Y3K45zh5z8NeSvOqnRV7qo6P/UbiRD3ZVtK0iG3l2t4=
Subject key identifier:   18:AC:15:33:32:D7:E1:93:4C:4A:01:93:61:6E:A2:B3:CF:35:06:1B
Certificate issuer:       /CN=6555c74db5287d4077fbb273a5b5a5c2d28c158b65b814c524
Certificate serial:       19A2926026B75570D3C17079D089C63DF18196D9
Authority key identifier: DB:AC:61:EF:F8:0C:31:58:04:BC:FD:A2:BC:F7:3C:19:A6:24:8D:99
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/54c036c5-e20a-4ba1-8516-5ab3a356dbfd/6555c74db5287d4077fbb273a5b5a5c2d28c158b65b814c524.cer
Subject info access:      rsync://rpki.roa.net/rrdp/xTom/46/3130342e3234352e31302e302f32342d3234203d3e203336333531.roa
Signing time:             Sat 16 Aug 2025 01:48:21 +0000
ROA not before:           Sat 16 Aug 2025 01:43:21 +0000
ROA not after:            Sat 15 Aug 2026 01:48:21 +0000
asID:                     36351
IP address blocks:        104.245.10.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.roa.net/rrdp/xTom/46/DBAC61EFF80C315804BCFDA2BCF73C19A6248D99.crl
                          rsync://rpki.roa.net/rrdp/xTom/46/DBAC61EFF80C315804BCFDA2BCF73C19A6248D99.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/54c036c5-e20a-4ba1-8516-5ab3a356dbfd/6555c74db5287d4077fbb273a5b5a5c2d28c158b65b814c524.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/54c036c5-e20a-4ba1-8516-5ab3a356dbfd/54c036c5-e20a-4ba1-8516-5ab3a356dbfd.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/54c036c5-e20a-4ba1-8516-5ab3a356dbfd/54c036c5-e20a-4ba1-8516-5ab3a356dbfd.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/54c036c5-e20a-4ba1-8516-5ab3a356dbfd.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Aug 2025 09:36:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:a2:92:60:26:b7:55:70:d3:c1:70:79:d0:89:c6:3d:f1:81:96:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6555c74db5287d4077fbb273a5b5a5c2d28c158b65b814c524
        Validity
            Not Before: Aug 16 01:43:21 2025 GMT
            Not After : Aug 15 01:48:21 2026 GMT
        Subject: CN=18AC153332D7E1934C4A0193616EA2B3CF35061B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:48:2e:55:10:14:aa:68:27:f6:9e:25:66:6b:
                    46:3e:14:2b:8b:af:c2:4b:0e:0a:8f:bd:b7:ba:92:
                    f5:a6:7a:8f:79:78:5f:92:59:f3:50:ab:88:cb:b4:
                    96:d4:33:49:5b:fd:ae:cc:74:c4:b1:19:43:3b:10:
                    3f:79:2e:90:50:64:66:fb:2e:62:30:ec:04:eb:49:
                    37:ac:d2:c1:d6:99:fb:71:b7:bc:c7:ac:63:27:4b:
                    cb:2c:aa:77:a4:ed:d9:13:3e:d1:0a:05:4f:3d:dc:
                    ee:71:a0:bb:75:5d:a9:78:90:3f:ef:d3:21:e5:1c:
                    25:6d:6a:55:b6:b6:36:04:8e:c1:40:4e:1c:b8:b8:
                    77:5d:cb:1b:62:34:48:11:ae:cc:cd:f7:1c:3c:14:
                    69:dd:91:3d:b5:52:bb:84:e3:c8:37:ca:8b:c2:15:
                    25:cb:7f:5e:e4:e2:c7:14:72:0f:fa:5c:bc:b4:eb:
                    c6:08:7c:67:8a:7f:88:d9:a9:0d:cf:fe:f8:e9:ce:
                    c2:28:3c:e1:42:5e:ca:11:32:97:2b:d1:a2:14:2c:
                    e4:36:14:e8:dd:6e:e8:19:ca:3b:8b:9d:0e:16:47:
                    c7:e5:fc:20:30:11:3f:9c:61:61:b1:ef:8e:f9:ad:
                    47:a8:04:28:a4:09:34:8c:ef:a9:f1:da:84:18:6f:
                    91:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:AC:15:33:32:D7:E1:93:4C:4A:01:93:61:6E:A2:B3:CF:35:06:1B
            X509v3 Authority Key Identifier:
                keyid:DB:AC:61:EF:F8:0C:31:58:04:BC:FD:A2:BC:F7:3C:19:A6:24:8D:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.roa.net/rrdp/xTom/46/DBAC61EFF80C315804BCFDA2BCF73C19A6248D99.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/54c036c5-e20a-4ba1-8516-5ab3a356dbfd/6555c74db5287d4077fbb273a5b5a5c2d28c158b65b814c524.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/46/3130342e3234352e31302e302f32342d3234203d3e203336333531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.245.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:c2:fe:52:dd:9f:8b:e2:b5:13:b3:49:fb:d9:ba:56:06:c6:
         13:dc:ac:8b:03:52:05:f4:dd:bf:5b:93:79:88:a6:cf:b3:c8:
         e7:16:5b:f0:ca:b4:7e:71:19:a2:fe:63:a7:00:e0:7e:bc:8e:
         09:36:51:14:c0:2e:6c:d5:4c:bf:0f:5e:4d:4e:15:83:38:87:
         bd:11:c9:b3:8f:b7:78:47:d3:66:35:71:a2:08:ad:ea:57:f6:
         5b:e2:71:c7:de:8d:ea:72:8c:b8:5e:56:97:8a:da:96:64:88:
         05:34:4c:f4:2d:cc:0e:a0:b3:b8:3d:0e:01:95:de:af:82:61:
         a7:c6:34:f1:ba:6d:a2:40:40:e2:93:61:78:7e:e3:86:12:7c:
         c8:1e:c7:5e:b8:cf:2a:5a:5c:77:ae:47:0d:1a:5b:54:73:41:
         83:d5:4d:c2:70:70:92:2e:ee:8c:3f:2d:51:44:6e:67:c2:e1:
         22:bb:6d:61:77:eb:30:e2:35:7f:b9:49:ab:14:39:bc:c3:62:
         ec:9b:ec:ec:7a:06:75:7a:93:c6:53:55:a8:73:85:c1:9c:76:
         5f:04:2e:3e:61:df:ca:00:05:8a:64:8e:a7:5c:4f:14:c6:01:
         a1:8e:ef:27:95:02:63:1f:95:de:c4:1e:5e:a1:fe:48:c3:2b:
         f7:63:00:36
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGaKSYCa3VXDTwXB50InGPfGBltkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNjU1NWM3NGRiNTI4N2Q0MDc3ZmJiMjczYTViNWE1YzJk
MjhjMTU4YjY1YjgxNGM1MjQwHhcNMjUwODE2MDE0MzIxWhcNMjYwODE1MDE0ODIx
WjAzMTEwLwYDVQQDEygxOEFDMTUzMzMyRDdFMTkzNEM0QTAxOTM2MTZFQTJCM0NG
MzUwNjFCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0guVRAUqmgn
9p4lZmtGPhQri6/CSw4Kj723upL1pnqPeXhfklnzUKuIy7SW1DNJW/2uzHTEsRlD
OxA/eS6QUGRm+y5iMOwE60k3rNLB1pn7cbe8x6xjJ0vLLKp3pO3ZEz7RCgVPPdzu
caC7dV2peJA/79Mh5RwlbWpVtrY2BI7BQE4cuLh3XcsbYjRIEa7MzfccPBRp3ZE9
tVK7hOPIN8qLwhUly39e5OLHFHIP+ly8tOvGCHxnin+I2akNz/746c7CKDzhQl7K
ETKXK9GiFCzkNhTo3W7oGco7i50OFkfH5fwgMBE/nGFhse+O+a1HqAQopAk0jO+p
8dqEGG+RFQIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFBisFTMy1+GTTEoBk2FuorPP
NQYbMB8GA1UdIwQYMBaAFNusYe/4DDFYBLz9orz3PBmmJI2ZMA4GA1UdDwEB/wQE
AwIHgDBfBgNVHR8EWDBWMFSgUqBQhk5yc3luYzovL3Jwa2kucm9hLm5ldC9ycmRw
L3hUb20vNDYvREJBQzYxRUZGODBDMzE1ODA0QkNGREEyQkNGNzNDMTlBNjI0OEQ5
OS5jcmwwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8v
cnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1l
ODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvNzZmZTExZDQtZDM1Mi00OTk0LThm
NmMtZDZjOTFiMGI4NDE1LzU0YzAzNmM1LWUyMGEtNGJhMS04NTE2LTVhYjNhMzU2
ZGJmZC82NTU1Yzc0ZGI1Mjg3ZDQwNzdmYmIyNzNhNWI1YTVjMmQyOGMxNThiNjVi
ODE0YzUyNC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzov
L3Jwa2kucm9hLm5ldC9ycmRwL3hUb20vNDYvMzEzMDM0MmUzMjM0MzUyZTMxMzAy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM2MzMzNTMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaPUK
MA0GCSqGSIb3DQEBCwUAA4IBAQCMwv5S3Z+L4rUTs0n72bpWBsYT3KyLA1IF9N2/
W5N5iKbPs8jnFlvwyrR+cRmi/mOnAOB+vI4JNlEUwC5s1Uy/D15NThWDOIe9Ecmz
j7d4R9NmNXGiCK3qV/Zb4nHH3o3qcoy4XlaXitqWZIgFNEz0LcwOoLO4PQ4Bld6v
gmGnxjTxum2iQEDik2F4fuOGEnzIHsdeuM8qWlx3rkcNGltUc0GD1U3CcHCSLu6M
Py1RRG5nwuEiu21hd+sw4jV/uUmrFDm8w2Lsm+zsegZ1epPGU1Woc4XBnHZfBC4+
Yd/KAAWKZI6nXE8UxgGhju8nlQJjH5XexB5eof5Iwyv3YwA2
-----END CERTIFICATE-----
Generated at Sat Aug 23 00:29:07 2025 by rpki-client