Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/3130332e3235342e3136302e302f32342d3234203d3e203336323336.roa
File:                     3130332e3235342e3136302e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          qVmCRc3QPMwUA++zGBEValIMGtTCSE7AByPuEZFu4DU=
Subject key identifier:   8C:52:3D:4E:BC:25:3D:5C:95:27:AA:4C:1F:F6:1F:21:B9:0B:DF:61
Certificate issuer:       /CN=A91D85A20000/serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
Certificate serial:       6F22028C6CAE71E6CCE52DFF1030F4DBB2F708A1
Authority key identifier: 97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/3130332e3235342e3136302e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 04 Aug 2025 23:14:01 +0000
ROA not before:           Mon 04 Aug 2025 23:09:01 +0000
ROA not after:            Mon 03 Aug 2026 23:14:01 +0000
asID:                     36236
IP address blocks:        103.254.160.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 06 Aug 2025 18:31:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:22:02:8c:6c:ae:71:e6:cc:e5:2d:ff:10:30:f4:db:b2:f7:08:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D85A20000, serialNumber=97E9BDF594AC7687BA4A16CA5C1923135CDF7186
        Validity
            Not Before: Aug  4 23:09:01 2025 GMT
            Not After : Aug  3 23:14:01 2026 GMT
        Subject: CN=8C523D4EBC253D5C9527AA4C1FF61F21B90BDF61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:a3:54:aa:0b:a8:94:e9:00:e5:f9:ac:dc:5f:
                    da:84:f8:be:3c:75:83:5c:66:ea:23:70:30:d2:34:
                    f4:61:72:c5:25:4f:fc:6a:4a:53:18:b7:8a:f8:f3:
                    e8:2c:e6:05:4e:bb:0e:75:32:7f:db:bf:3a:cb:42:
                    b8:50:f4:32:cc:a0:5e:5e:bc:a3:3c:fc:27:42:d5:
                    72:20:e8:e5:2b:34:0a:3e:a4:2f:a5:b1:12:19:8c:
                    07:6b:3b:97:5b:1b:4e:c2:2c:54:91:20:24:e2:e8:
                    6d:44:5c:4a:3e:95:10:51:e6:d1:55:a4:b9:79:f7:
                    20:ab:42:10:97:8d:89:22:a2:06:7d:b1:3c:35:9b:
                    15:6a:6a:f1:47:70:13:45:e0:ab:85:29:c8:c8:30:
                    5e:54:a9:4c:c6:d2:4c:af:bb:1c:3d:f7:ad:46:fb:
                    38:4d:98:97:ef:a8:2c:25:74:1a:8e:7c:08:62:42:
                    4a:94:11:c5:e8:e9:d3:29:ff:3f:0d:8e:35:c4:69:
                    82:9d:e6:fc:be:2e:c1:8e:ba:04:66:dd:d5:46:26:
                    14:c2:d5:7f:72:41:02:15:33:8f:36:08:37:a2:1f:
                    6e:cc:60:63:98:22:70:b2:8e:d5:06:12:5f:b3:38:
                    8d:2b:da:cc:e8:e6:5a:ba:ac:f2:1a:0f:7f:f1:db:
                    8e:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:52:3D:4E:BC:25:3D:5C:95:27:AA:4C:1F:F6:1F:21:B9:0B:DF:61
            X509v3 Authority Key Identifier:
                keyid:97:E9:BD:F5:94:AC:76:87:BA:4A:16:CA:5C:19:23:13:5C:DF:71:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/97E9BDF594AC7687BA4A16CA5C1923135CDF7186.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-m99ZSsdoe6ShbKXBkjE1zfcYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/3/3130332e3235342e3136302e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.254.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:29:c6:eb:0e:7f:f5:dd:fd:1e:e1:c9:18:17:63:11:cf:d0:
         27:e9:e9:51:9e:7e:04:34:98:27:5c:4b:ba:e4:fb:fe:62:22:
         dc:b6:ff:f8:f1:9a:62:e9:f2:bd:2f:bd:e0:05:44:b9:db:ce:
         03:91:53:44:4d:ba:40:df:00:f5:81:0a:72:2f:99:b2:de:e1:
         b8:a6:51:c8:af:8d:22:fc:d1:b4:fc:31:f6:45:05:9e:a8:54:
         d3:70:88:1b:42:84:71:b4:8b:44:10:48:57:90:c7:53:9d:88:
         86:b8:1a:01:47:f1:92:46:4b:fc:bd:41:e1:a3:b4:48:1c:9d:
         24:e2:48:f5:79:35:31:de:50:ab:01:0f:2f:57:cb:b6:ed:0f:
         50:ba:88:e3:4a:37:ff:4a:aa:7e:76:6a:81:5b:90:ff:d5:35:
         16:dd:23:04:c0:fd:4c:94:27:3d:d0:1a:c6:3e:ac:39:72:3b:
         82:df:41:d8:79:ab:49:2f:72:f7:7a:bc:c6:ce:10:7d:eb:fd:
         ee:82:50:32:bd:53:06:50:18:f3:47:e6:61:1c:32:e4:4d:a5:
         90:78:b2:2b:f1:2c:fa:96:e0:ef:78:d3:8c:6e:53:35:03:11:
         ad:99:f9:c5:cd:66:ff:be:69:fc:d9:a6:38:11:59:7d:6e:3e:
         16:05:09:89
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIUbyICjGyucebM5S3/EDD027L3CKEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRDg1QTIwMDAwMTEwLwYDVQQFEyg5N0U5QkRGNTk0
QUM3Njg3QkE0QTE2Q0E1QzE5MjMxMzVDREY3MTg2MB4XDTI1MDgwNDIzMDkwMVoX
DTI2MDgwMzIzMTQwMVowMzExMC8GA1UEAxMoOEM1MjNENEVCQzI1M0Q1Qzk1MjdB
QTRDMUZGNjFGMjFCOTBCREY2MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM6jVKoLqJTpAOX5rNxf2oT4vjx1g1xm6iNwMNI09GFyxSVP/GpKUxi3ivjz
6CzmBU67DnUyf9u/OstCuFD0MsygXl68ozz8J0LVciDo5Ss0Cj6kL6WxEhmMB2s7
l1sbTsIsVJEgJOLobURcSj6VEFHm0VWkuXn3IKtCEJeNiSKiBn2xPDWbFWpq8Udw
E0Xgq4UpyMgwXlSpTMbSTK+7HD33rUb7OE2Yl++oLCV0Go58CGJCSpQRxejp0yn/
Pw2ONcRpgp3m/L4uwY66BGbd1UYmFMLVf3JBAhUzjzYIN6IfbsxgY5gicLKO1QYS
X7M4jSvazOjmWrqs8hoPf/HbjuMCAwEAAaOCAj4wggI6MB0GA1UdDgQWBBSMUj1O
vCU9XJUnqkwf9h8huQvfYTAfBgNVHSMEGDAWgBSX6b31lKx2h7pKFspcGSMTXN9x
hjAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2
ODY2MTA4NGI4Ni8zLzk3RTlCREY1OTRBQzc2ODdCQTRBMTZDQTVDMTkyMzEzNUNE
RjcxODYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL2wtbTk5WlNzZG9lNlNoYktYQmtqRTF6ZmNZWS5jZXIwgaQGCCsG
AQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZTgyZDVkZTQxMDE4M2Y2ODY2MTA4NGI4
Ni8zLzMxMzAzMzJlMzIzNTM0MmUzMTM2MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzMzM2MzIzMzM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ/6gMA0GCSqGSIb3DQEBCwUAA4IBAQAk
KcbrDn/13f0e4ckYF2MRz9An6elRnn4ENJgnXEu65Pv+YiLctv/48Zpi6fK9L73g
BUS5284DkVNETbpA3wD1gQpyL5my3uG4plHIr40i/NG0/DH2RQWeqFTTcIgbQoRx
tItEEEhXkMdTnYiGuBoBR/GSRkv8vUHho7RIHJ0k4kj1eTUx3lCrAQ8vV8u27Q9Q
uojjSjf/Sqp+dmqBW5D/1TUW3SMEwP1MlCc90BrGPqw5cjuC30HYeatJL3L3erzG
zhB96/3uglAyvVMGUBjzR+ZhHDLkTaWQeLIr8Sz6luDveNOMblM1AxGtmfnFzWb/
vmn82aY4EVl9bj4WBQmJ
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:25:27 2025 by rpki-client