Route Origin Authorization

$ rpki-client -vvf rpki.roa.net/rrdp/xTom/44/323630353a336134303a3a2f33322d3438203d3e20393439.roa
File:                     323630353a336134303a3a2f33322d3438203d3e20393439.roa (raw, json)
Hash identifier:          E+dOUgJV/OeOw4Kzbv1jw1K0JUYLUp4JHjuHfY6RlYY=
Subject key identifier:   74:D9:F3:68:9E:92:85:AD:FE:8E:C3:63:20:0D:7D:4B:BD:30:1A:C3
Certificate issuer:       /CN=73516995116535a22de5a23000d3e7814baad6490837f37731
Certificate serial:       2D8F33A19F67BF92D094DD5A2415E25D91278DD1
Authority key identifier: 0F:D3:45:FD:54:15:11:79:51:13:60:9B:A4:AF:5F:FF:60:04:1A:FC
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/a18f1ddb-2d6e-491c-bf65-f32f98dbc569/73516995116535a22de5a23000d3e7814baad6490837f37731.cer
Subject info access:      rsync://rpki.roa.net/rrdp/xTom/44/323630353a336134303a3a2f33322d3438203d3e20393439.roa
Signing time:             Sat 16 Aug 2025 01:48:18 +0000
ROA not before:           Sat 16 Aug 2025 01:43:18 +0000
ROA not after:            Sat 15 Aug 2026 01:48:18 +0000
asID:                     949
IP address blocks:        2605:3a40::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.roa.net/rrdp/xTom/44/0FD345FD541511795113609BA4AF5FFF60041AFC.crl
                          rsync://rpki.roa.net/rrdp/xTom/44/0FD345FD541511795113609BA4AF5FFF60041AFC.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/a18f1ddb-2d6e-491c-bf65-f32f98dbc569/73516995116535a22de5a23000d3e7814baad6490837f37731.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/a18f1ddb-2d6e-491c-bf65-f32f98dbc569/a18f1ddb-2d6e-491c-bf65-f32f98dbc569.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/a18f1ddb-2d6e-491c-bf65-f32f98dbc569/a18f1ddb-2d6e-491c-bf65-f32f98dbc569.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/a18f1ddb-2d6e-491c-bf65-f32f98dbc569.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/746e0111-fafb-430f-b778-d204cfcd99a8.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/746e0111-fafb-430f-b778-d204cfcd99a8.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 20:30:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:8f:33:a1:9f:67:bf:92:d0:94:dd:5a:24:15:e2:5d:91:27:8d:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73516995116535a22de5a23000d3e7814baad6490837f37731
        Validity
            Not Before: Aug 16 01:43:18 2025 GMT
            Not After : Aug 15 01:48:18 2026 GMT
        Subject: CN=74D9F3689E9285ADFE8EC363200D7D4BBD301AC3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:73:86:96:39:17:a3:86:c8:20:da:89:d5:d7:
                    6c:28:5a:9d:ad:2a:0c:a3:0b:90:f8:68:9d:6e:6f:
                    4d:2f:28:e1:1f:a6:36:7d:cf:00:29:8e:f4:1f:87:
                    45:04:7d:ae:5b:41:8f:93:49:d3:5e:6b:68:37:d2:
                    d8:4d:a5:de:55:9d:19:43:6e:b5:1d:19:56:3e:88:
                    72:d1:74:fb:50:21:6e:c0:c7:71:08:15:85:8c:d2:
                    aa:ac:c4:18:3c:81:00:05:8e:0b:e6:98:c0:14:ad:
                    10:e9:9c:29:f9:5c:1f:1e:94:b6:13:cf:fb:51:6d:
                    ac:89:51:8c:8d:ee:2d:b0:81:5f:6d:0c:ad:a8:1e:
                    f6:7c:d7:7f:83:db:ef:bc:00:d6:aa:dc:b8:69:4e:
                    07:d9:2f:89:d9:ba:8b:da:2f:f0:24:46:0d:5f:c6:
                    16:be:bf:ce:b6:31:ad:6e:0d:74:66:18:92:70:0c:
                    ac:9b:9c:91:72:4f:69:c8:fd:9f:24:80:0f:f1:84:
                    a0:04:ef:51:fd:2f:b0:26:79:1b:a2:0d:5d:07:f8:
                    8f:62:67:3c:8f:87:7d:3b:14:20:b7:0b:9a:54:28:
                    15:d3:1c:a9:b3:d0:a1:d1:3c:1e:ac:60:bb:ff:c2:
                    67:fb:58:25:09:a8:6b:9f:a7:17:7e:b0:20:3d:14:
                    77:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:D9:F3:68:9E:92:85:AD:FE:8E:C3:63:20:0D:7D:4B:BD:30:1A:C3
            X509v3 Authority Key Identifier:
                keyid:0F:D3:45:FD:54:15:11:79:51:13:60:9B:A4:AF:5F:FF:60:04:1A:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.roa.net/rrdp/xTom/44/0FD345FD541511795113609BA4AF5FFF60041AFC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/a18f1ddb-2d6e-491c-bf65-f32f98dbc569/73516995116535a22de5a23000d3e7814baad6490837f37731.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/44/323630353a336134303a3a2f33322d3438203d3e20393439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:3a40::/32

    Signature Algorithm: sha256WithRSAEncryption
         09:ad:91:f1:ce:2d:16:5d:1a:dc:c5:f8:d3:18:3d:52:b3:75:
         f2:d6:b2:5d:e9:00:2a:d2:70:c9:cd:4a:f9:be:2f:4a:2e:bd:
         85:c8:75:3d:e7:fb:0f:23:75:50:fa:26:39:14:7f:e7:d5:fc:
         8a:3b:4a:be:cc:f6:99:30:24:09:52:95:a8:4f:2c:fb:a2:73:
         1e:af:7f:65:b3:1e:ae:7a:f6:d7:f1:c9:13:cb:0f:e1:c8:27:
         94:a5:89:69:17:2d:b7:95:27:8f:cd:be:e4:91:ee:01:2a:d0:
         10:02:d5:2f:95:f0:d1:56:6f:ed:9c:94:df:08:83:41:9d:07:
         41:e7:38:8e:29:fd:a2:ab:06:1a:99:29:cd:33:69:94:29:9f:
         76:ef:60:2e:71:45:41:75:7e:22:68:cb:13:d7:c6:87:7f:01:
         9d:c3:3d:f7:70:37:67:de:c8:d0:b5:8a:30:db:1f:3e:80:81:
         a5:f5:b9:14:35:4b:a3:58:b9:79:84:aa:0a:10:65:69:ef:9d:
         02:90:4d:5d:32:82:4f:81:60:3d:f2:a0:cb:e0:cc:05:05:2d:
         b2:99:bc:e9:5a:e0:50:be:58:6c:cf:d2:8d:64:3b:03:6d:99:
         e5:80:cd:06:ff:e2:3d:16:e8:c0:d1:43:40:8f:b9:38:23:bc:
         56:9a:ac:6d
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIULY8zoZ9nv5LQlN1aJBXiXZEnjdEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNzM1MTY5OTUxMTY1MzVhMjJkZTVhMjMwMDBkM2U3ODE0
YmFhZDY0OTA4MzdmMzc3MzEwHhcNMjUwODE2MDE0MzE4WhcNMjYwODE1MDE0ODE4
WjAzMTEwLwYDVQQDEyg3NEQ5RjM2ODlFOTI4NUFERkU4RUMzNjMyMDBEN0Q0QkJE
MzAxQUMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHOGljkXo4bI
INqJ1ddsKFqdrSoMowuQ+Gidbm9NLyjhH6Y2fc8AKY70H4dFBH2uW0GPk0nTXmto
N9LYTaXeVZ0ZQ261HRlWPohy0XT7UCFuwMdxCBWFjNKqrMQYPIEABY4L5pjAFK0Q
6Zwp+VwfHpS2E8/7UW2siVGMje4tsIFfbQytqB72fNd/g9vvvADWqty4aU4H2S+J
2bqL2i/wJEYNX8YWvr/OtjGtbg10ZhiScAysm5yRck9pyP2fJIAP8YSgBO9R/S+w
Jnkbog1dB/iPYmc8j4d9OxQgtwuaVCgV0xyps9Ch0TwerGC7/8Jn+1glCahrn6cX
frAgPRR3nwIDAQABo4ICWzCCAlcwHQYDVR0OBBYEFHTZ82iekoWt/o7DYyANfUu9
MBrDMB8GA1UdIwQYMBaAFA/TRf1UFRF5URNgm6SvX/9gBBr8MA4GA1UdDwEB/wQE
AwIHgDBfBgNVHR8EWDBWMFSgUqBQhk5yc3luYzovL3Jwa2kucm9hLm5ldC9ycmRw
L3hUb20vNDQvMEZEMzQ1RkQ1NDE1MTE3OTUxMTM2MDlCQTRBRjVGRkY2MDA0MUFG
Qy5jcmwwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8v
cnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1l
ODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvNzQ2ZTAxMTEtZmFmYi00MzBmLWI3
NzgtZDIwNGNmY2Q5OWE4L2ExOGYxZGRiLTJkNmUtNDkxYy1iZjY1LWYzMmY5OGRi
YzU2OS83MzUxNjk5NTExNjUzNWEyMmRlNWEyMzAwMGQzZTc4MTRiYWFkNjQ5MDgz
N2YzNzczMS5jZXIwcgYIKwYBBQUHAQsEZjBkMGIGCCsGAQUFBzALhlZyc3luYzov
L3Jwa2kucm9hLm5ldC9ycmRwL3hUb20vNDQvMzIzNjMwMzUzYTMzNjEzNDMwM2Ez
YTJmMzMzMjJkMzQzODIwM2QzZTIwMzkzNDM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJgU6QDANBgkq
hkiG9w0BAQsFAAOCAQEACa2R8c4tFl0a3MX40xg9UrN18tayXekAKtJwyc1K+b4v
Si69hch1Pef7DyN1UPomORR/59X8ijtKvsz2mTAkCVKVqE8s+6JzHq9/ZbMernr2
1/HJE8sP4cgnlKWJaRctt5Unj82+5JHuASrQEALVL5Xw0VZv7ZyU3wiDQZ0HQec4
jin9oqsGGpkpzTNplCmfdu9gLnFFQXV+ImjLE9fGh38BncM993A3Z97I0LWKMNsf
PoCBpfW5FDVLo1i5eYSqChBlae+dApBNXTKCT4FgPfKgy+DMBQUtspm86VrgUL5Y
bM/SjWQ7A22Z5YDNBv/iPRbowNFDQI+5OCO8VpqsbQ==
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:29:26 2025 by rpki-client