Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/3888c3b6-c488-3aa8-b8f0-84da5b5c6b8b.roa
File:                     3888c3b6-c488-3aa8-b8f0-84da5b5c6b8b.roa (raw, json)
Hash identifier:          nIiDeDktQqXHzfeQMM2Ls6cnrSbBu/s3j9SyDpMlm8I=
Subject key identifier:   09:CD:38:12:38:96:E5:67:2A:3F:60:A1:26:06:40:64:34:AC:AB:EB
Certificate issuer:       /CN=4e95a28e-27fe-479a-b086-2cc9809d54f6
Certificate serial:       010D0C9F4328584B95A8B1E6250429C18DC22300
Authority key identifier: 55:43:28:31:2B:A2:11:E9:0C:63:2A:6B:C1:7E:0D:D6:92:76:3E:61
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/3888c3b6-c488-3aa8-b8f0-84da5b5c6b8b.roa
Signing time:             Mon 20 Oct 2025 13:00:38 +0000
ROA not before:           Mon 20 Oct 2025 13:00:38 +0000
ROA not after:            Sun 18 Jan 2026 14:00:38 +0000
asID:                     33668
IP address blocks:        68.36.220.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 23 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:4b:95:a8:b1:e6:25:04:29:c1:8d:c2:23:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e95a28e-27fe-479a-b086-2cc9809d54f6
        Validity
            Not Before: Oct 20 13:00:38 2025 GMT
            Not After : Jan 18 14:00:38 2026 GMT
        Subject: CN=40806afd-e048-4ddb-b11d-f19923cedced
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:f5:18:c5:0e:e8:f8:c0:54:18:c3:06:da:c5:
                    15:e8:6f:bc:b7:da:21:c3:95:01:e8:aa:c1:a6:1f:
                    7c:49:ce:95:69:ac:c6:99:c8:2c:a7:11:fc:27:fa:
                    f3:44:ac:3f:a7:51:65:2c:21:56:a2:90:0b:74:8b:
                    30:6d:e5:2d:62:85:8c:cb:79:e3:cd:d3:93:ae:88:
                    cd:1b:36:c3:67:6b:bc:da:bc:42:5b:9a:d6:c5:11:
                    33:6c:d0:95:33:d3:55:d0:9e:f3:9b:92:ab:6f:e0:
                    a2:d9:82:73:99:c1:f3:30:d3:fd:78:71:be:d8:03:
                    c8:7e:81:06:7d:62:7b:73:36:88:fb:76:5a:78:5a:
                    7b:59:42:97:a9:33:80:9c:ee:6b:a2:50:37:d6:74:
                    9e:8a:de:17:5d:45:ea:ac:29:af:0c:d6:66:41:ff:
                    e6:19:70:f6:e8:44:54:13:25:49:4b:63:cf:fb:6a:
                    d8:fb:07:42:86:62:e5:99:ba:b3:46:45:dd:c0:bd:
                    bc:ca:9b:40:44:a8:c6:a8:76:ea:67:cb:60:87:79:
                    1a:a5:cd:f4:1b:3a:aa:23:eb:a4:20:e9:1d:37:0b:
                    8c:68:ae:1f:66:2c:f8:a6:1d:e6:df:99:8c:da:4e:
                    d0:e1:68:b9:82:eb:57:38:44:94:16:b8:d4:59:7d:
                    14:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:CD:38:12:38:96:E5:67:2A:3F:60:A1:26:06:40:64:34:AC:AB:EB
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/3888c3b6-c488-3aa8-b8f0-84da5b5c6b8b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.crl

            X509v3 Authority Key Identifier:
                keyid:55:43:28:31:2B:A2:11:E9:0C:63:2A:6B:C1:7E:0D:D6:92:76:3E:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  68.36.220.0/22

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         d9:4c:fb:75:29:83:96:c6:21:07:ee:40:c6:ec:59:1b:f5:17:
         97:d5:8d:de:5f:e3:86:c0:51:69:5b:a4:56:0c:1c:30:75:d4:
         73:34:3b:59:44:e8:da:41:d3:ee:b4:35:41:95:f3:bf:69:59:
         6e:fe:d3:77:2c:2c:d3:a1:85:5e:84:10:16:a4:73:10:2b:ce:
         a6:c4:b9:49:7b:f7:b3:9c:bf:57:28:85:fd:ab:8a:32:38:eb:
         41:00:51:87:a3:0b:c0:1c:22:7b:9b:d8:90:98:2c:65:c1:5a:
         19:cf:a4:15:58:4c:34:39:9e:f0:fe:83:49:38:00:0b:ad:3b:
         83:e5:e5:4a:be:41:05:1c:a3:28:4e:73:09:d4:e5:56:04:9a:
         d6:f5:dc:f2:d4:f3:0f:f3:a7:59:14:46:c1:8c:8b:21:bb:b7:
         cd:5f:d2:0f:54:61:6e:57:bd:e1:d4:70:ac:dd:a4:ad:ff:8d:
         e2:c9:79:4e:e4:a3:d6:e6:8b:53:f7:cb:9e:bf:41:be:8b:3c:
         c6:c6:6e:e6:b8:e7:90:31:88:bb:ae:b7:d8:93:81:9e:8c:0a:
         d6:8c:02:b5:4a:e3:3a:57:75:2b:ac:f9:f3:bd:e4:44:97:ff:
         3f:ac:b1:78:07:4a:ac:cf:e5:3f:99:62:22:b7:f0:46:96:84:
         2b:70:4a:d6
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEuVqLHmJQQpwY3CIwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNGU5NWEyOGUtMjdmZS00NzlhLWIwODYtMmNjOTgwOWQ1
NGY2MB4XDTI1MTAyMDEzMDAzOFoXDTI2MDExODE0MDAzOFowLzEtMCsGA1UEAxMk
NDA4MDZhZmQtZTA0OC00ZGRiLWIxMWQtZjE5OTIzY2VkY2VkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vUYxQ7o+MBUGMMG2sUV6G+8t9ohw5UB6KrB
ph98Sc6VaazGmcgspxH8J/rzRKw/p1FlLCFWopALdIswbeUtYoWMy3njzdOTrojN
GzbDZ2u82rxCW5rWxREzbNCVM9NV0J7zm5Krb+Ci2YJzmcHzMNP9eHG+2APIfoEG
fWJ7czaI+3ZaeFp7WUKXqTOAnO5rolA31nSeit4XXUXqrCmvDNZmQf/mGXD26ERU
EyVJS2PP+2rY+wdChmLlmbqzRkXdwL28yptARKjGqHbqZ8tgh3kapc30GzqqI+uk
IOkdNwuMaK4fZiz4ph3m35mM2k7Q4Wi5gutXOESUFrjUWX0ULQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFAnNOBI4luVnKj9goSYGQGQ0rKvrMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi80ZTk1
YTI4ZS0yN2ZlLTQ3OWEtYjA4Ni0yY2M5ODA5ZDU0ZjYvMzg4OGMzYjYtYzQ4OC0z
YWE4LWI4ZjAtODRkYTViNWM2YjhiLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNGU5NWEyOGUtMjdmZS00NzlhLWIw
ODYtMmNjOTgwOWQ1NGY2LzRlOTVhMjhlLTI3ZmUtNDc5YS1iMDg2LTJjYzk4MDlk
NTRmNi5jcmwwHwYDVR0jBBgwFoAUVUMoMSuiEekMYyprwX4N1pJ2PmEwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi80ZTk1YTI4ZS0yN2ZlLTQ3OWEtYjA4Ni0yY2M5
ODA5ZDU0ZjYuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCRCTcMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBANlM+3Upg5bGIQfuQMbsWRv1F5fVjd5f44bAUWlbpFYMHDB11HM0O1lE
6NpB0+60NUGV879pWW7+03csLNOhhV6EEBakcxArzqbEuUl797Ocv1cohf2rijI4
60EAUYejC8AcInub2JCYLGXBWhnPpBVYTDQ5nvD+g0k4AAutO4Pl5Uq+QQUcoyhO
cwnU5VYEmtb13PLU8w/zp1kURsGMiyG7t81f0g9UYW5XveHUcKzdpK3/jeLJeU7k
o9bmi1P3y56/Qb6LPMbGbua455AxiLuut9iTgZ6MCtaMArVK4zpXdSus+fO95ESX
/z+ssXgHSqzP5T+ZYiK38EaWhCtwStY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:22:40 2025 by rpki-client