Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS197761.roa
File:                     AS197761.roa (raw, json)
Hash identifier:          wTLn0q2+Ceq55LoNTzvw9CHeBL2BGWw7QyM+XEzvW+Y=
Subject key identifier:   C3:B1:06:BD:42:2C:4F:E4:F6:F9:4E:3C:3A:F2:67:08:A3:23:89:AB
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       628F0B000840E9C8B43DDE8BB638B5C9DB82CF55
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS197761.roa
Signing time:             Fri 12 Jun 2026 21:45:38 +0000
ROA not before:           Fri 12 Jun 2026 21:40:38 +0000
ROA not after:            Fri 11 Jun 2027 21:45:38 +0000
asID:                     197761
IP address blocks:        144.48.81.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:8f:0b:00:08:40:e9:c8:b4:3d:de:8b:b6:38:b5:c9:db:82:cf:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jun 12 21:40:38 2026 GMT
            Not After : Jun 11 21:45:38 2027 GMT
        Subject: CN=C3B106BD422C4FE4F6F94E3C3AF26708A32389AB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:cd:e5:38:06:90:12:e7:af:97:39:37:e4:90:
                    8c:57:de:5b:97:28:46:b9:27:7b:8f:1e:d4:30:3c:
                    13:e3:17:96:c3:ce:23:3e:f0:86:9c:07:53:8c:a2:
                    f4:81:2d:61:66:d7:56:e7:71:08:1d:d7:f7:63:15:
                    95:5d:f7:d8:5b:1c:bd:e7:96:ed:48:da:ca:ab:9c:
                    d7:92:35:23:45:56:3c:25:e2:e9:13:1c:24:43:3a:
                    30:a0:37:e0:d2:a7:23:ba:c1:3c:c4:66:6e:47:81:
                    de:f6:38:93:aa:08:be:77:d2:25:43:6d:fa:14:e9:
                    5a:b1:20:12:37:ce:01:e9:aa:ca:b7:08:8a:49:92:
                    97:56:81:3b:7b:79:b6:0e:bc:92:d7:ed:c3:9e:de:
                    07:92:9f:b3:e1:ff:b5:31:e2:2e:77:6f:53:b6:d8:
                    c0:be:81:75:09:37:87:65:c6:4f:c7:45:eb:4e:a7:
                    57:22:ed:00:0f:7e:f1:41:9f:02:ad:8e:a0:4a:53:
                    5f:10:d1:de:b7:6d:46:40:1e:e3:c5:7f:a5:13:42:
                    b1:e6:82:ad:f7:82:02:d7:61:6a:4c:e9:41:6b:5e:
                    7e:90:a2:73:3e:95:7a:a2:14:62:58:30:48:e2:c9:
                    e9:c2:d9:e3:e9:35:d1:c0:9d:5e:64:17:25:d1:dd:
                    9d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:B1:06:BD:42:2C:4F:E4:F6:F9:4E:3C:3A:F2:67:08:A3:23:89:AB
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS197761.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.48.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:2b:e7:e3:d0:19:ac:26:94:8d:9b:14:5d:f5:ac:23:a1:fb:
         29:d9:3f:2c:3b:2e:a2:a8:53:13:73:7b:34:8e:c3:c4:dc:f7:
         0a:01:dd:f9:33:d9:f8:74:ba:b3:91:f9:fd:06:92:ce:b3:c3:
         97:e8:3b:b6:b9:97:7a:e0:f1:89:d1:4c:9a:3e:02:20:48:61:
         9b:e3:42:c7:7f:b2:01:57:99:c0:49:ed:12:ae:33:48:70:39:
         90:00:7e:b4:3c:7c:aa:86:b0:a1:10:65:7c:ec:5d:b4:aa:d0:
         89:6a:30:97:41:54:f9:67:a5:f7:fb:53:e8:dc:a9:62:1b:76:
         87:bb:f3:63:c5:97:6e:00:e5:d6:5b:dc:89:41:e8:bc:08:24:
         8b:cf:9b:f6:70:f9:2b:bf:df:17:6a:72:7a:63:7e:6f:05:37:
         12:bc:a9:56:a7:1f:0a:69:c4:63:3f:67:7e:43:32:6d:49:0a:
         55:e6:7f:d8:69:5c:8f:f0:78:53:f5:f9:c7:37:df:4c:66:05:
         af:63:0c:56:58:83:12:60:9c:fc:7d:64:ff:ea:9a:4e:b4:af:
         17:bc:43:26:f9:b8:33:f2:02:65:2f:26:83:7c:6e:94:e0:b9:
         e8:21:ce:79:3d:c4:2f:45:c7:b3:6b:5e:69:82:e9:73:ab:9f:
         32:a6:ad:e8
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUYo8LAAhA6ci0Pd6Ltji1yduCz1UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MTIyMTQwMzhaFw0yNzA2MTEyMTQ1MzhaMDMxMTAvBgNV
BAMTKEMzQjEwNkJENDIyQzRGRTRGNkY5NEUzQzNBRjI2NzA4QTMyMzg5QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCszeU4BpAS56+XOTfkkIxX3luX
KEa5J3uPHtQwPBPjF5bDziM+8IacB1OMovSBLWFm11bncQgd1/djFZVd99hbHL3n
lu1I2sqrnNeSNSNFVjwl4ukTHCRDOjCgN+DSpyO6wTzEZm5Hgd72OJOqCL530iVD
bfoU6VqxIBI3zgHpqsq3CIpJkpdWgTt7ebYOvJLX7cOe3geSn7Ph/7Ux4i53b1O2
2MC+gXUJN4dlxk/HRetOp1ci7QAPfvFBnwKtjqBKU18Q0d63bUZAHuPFf6UTQrHm
gq33ggLXYWpM6UFrXn6QonM+lXqiFGJYMEjiyenC2ePpNdHAnV5kFyXR3Z1RAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUw7EGvUIsT+T2+U48OvJnCKMjiaswHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MTk3NzYxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAkDBRMA0GCSqGSIb3DQEBCwUAA4IBAQApK+fj0Bms
JpSNmxRd9awjofsp2T8sOy6iqFMTc3s0jsPE3PcKAd35M9n4dLqzkfn9BpLOs8OX
6Du2uZd64PGJ0UyaPgIgSGGb40LHf7IBV5nASe0SrjNIcDmQAH60PHyqhrChEGV8
7F20qtCJajCXQVT5Z6X3+1Po3KliG3aHu/NjxZduAOXWW9yJQei8CCSLz5v2cPkr
v98XanJ6Y35vBTcSvKlWpx8KacRjP2d+QzJtSQpV5n/YaVyP8HhT9fnHN99MZgWv
YwxWWIMSYJz8fWT/6ppOtK8XvEMm+bgz8gJlLyaDfG6U4LnoIc55PcQvRceza15p
gulzq58ypq3o
-----END CERTIFICATE-----