Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200766.roa
File:                     AS200766.roa (raw, json)
Hash identifier:          XXK3nXO1LENDC3Cy8YQa2julaNPwqqS+vTki75aQlOw=
Subject key identifier:   0D:AF:57:42:3A:9B:3B:32:BD:C9:47:43:52:57:40:A9:2B:5E:FB:D3
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       2ED5F28AE9B0B464E7F099E1CBE387FCEC3042C6
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200766.roa
Signing time:             Thu 04 Jun 2026 15:58:50 +0000
ROA not before:           Thu 04 Jun 2026 15:53:50 +0000
ROA not after:            Thu 03 Jun 2027 15:58:50 +0000
asID:                     200766
IP address blocks:        2a06:a005:116b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:d5:f2:8a:e9:b0:b4:64:e7:f0:99:e1:cb:e3:87:fc:ec:30:42:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jun  4 15:53:50 2026 GMT
            Not After : Jun  3 15:58:50 2027 GMT
        Subject: CN=0DAF57423A9B3B32BDC94743525740A92B5EFBD3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:56:30:4f:1a:ca:4e:19:9a:03:20:70:f9:58:
                    82:d6:b9:ac:09:2a:32:ac:c2:1f:35:ec:f5:ab:a9:
                    69:16:18:89:68:5e:9f:3b:33:99:12:5f:41:84:66:
                    b8:c6:a1:e6:94:2f:be:1a:02:ae:a3:41:18:a8:a6:
                    df:8e:83:89:48:b7:86:1f:c2:10:a8:8e:b2:ed:69:
                    a9:ff:92:79:83:a4:4d:af:8b:c5:7d:2b:a0:03:9d:
                    0c:ef:a1:30:5b:72:17:00:aa:a4:34:1f:d8:57:e9:
                    fc:51:b0:64:2c:bb:13:fb:db:2d:4a:44:65:54:a6:
                    8f:55:3a:5d:b1:b7:c0:04:49:f1:b7:ac:7b:b0:cc:
                    4d:e3:77:f2:1f:f5:4a:2b:46:4f:c2:18:e8:fb:a3:
                    5c:f6:1d:07:ae:a4:ae:30:40:ca:25:e7:fd:ed:e1:
                    27:9a:85:27:bb:89:b0:87:4d:05:14:02:65:72:b2:
                    70:63:0c:e9:d3:f9:0f:d4:a8:ed:df:da:03:c1:72:
                    39:23:b1:82:70:e7:d3:2b:fc:fc:60:95:4a:12:f8:
                    f4:a4:bd:89:6c:79:f5:34:2d:9a:16:82:1e:af:ae:
                    da:d1:62:f0:c1:8d:35:ea:3d:04:0d:4b:35:62:ec:
                    14:42:d8:ea:49:1f:1c:d0:1d:fd:ba:e4:a2:81:1c:
                    ea:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:AF:57:42:3A:9B:3B:32:BD:C9:47:43:52:57:40:A9:2B:5E:FB:D3
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200766.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:116b::/48

    Signature Algorithm: sha256WithRSAEncryption
         57:f9:ef:04:c5:d5:d2:16:46:2a:86:b1:85:8c:a3:8a:76:ed:
         23:6a:3a:5f:07:88:77:ad:88:21:4a:70:2c:af:56:e7:23:d4:
         eb:07:a6:5c:a3:f8:93:58:89:22:5f:2f:c4:02:77:9b:07:6a:
         72:dc:c0:d5:ea:70:ed:78:e7:1d:50:c6:a9:f1:ce:f3:2d:ed:
         8e:db:4a:7c:a5:50:83:f4:e4:9a:12:e0:b8:9b:58:44:e1:0f:
         82:72:48:63:a9:ce:0b:e2:03:1d:07:17:bc:c1:62:b8:7e:dd:
         79:6c:62:cd:65:d9:af:d6:12:45:c7:cf:bf:8c:14:e6:e5:11:
         49:be:d1:39:35:57:d2:cb:bd:e1:ff:42:fa:3b:e7:a3:59:65:
         07:e4:f4:ec:4c:fe:66:fa:18:6e:c7:8f:d2:f8:e7:b3:db:2a:
         7c:ef:d3:2b:69:7e:1d:f8:4d:2e:c2:a7:a0:83:9b:9d:86:89:
         a9:82:71:e7:70:07:43:26:d8:e1:dc:7b:26:35:71:cf:a3:ca:
         11:59:e5:07:59:b3:3d:9a:37:bb:fd:ac:7b:fd:38:89:76:11:
         a5:9a:36:f7:7c:49:1c:b1:ab:6b:4b:37:af:73:56:e9:cb:1a:
         e1:cb:b5:6c:72:bc:23:13:2c:82:60:e6:96:58:8a:ba:9a:25:
         59:16:e1:c9
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIULtXyiumwtGTn8Jnhy+OH/OwwQsYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNTBaFw0yNzA2MDMxNTU4NTBaMDMxMTAvBgNV
BAMTKDBEQUY1NzQyM0E5QjNCMzJCREM5NDc0MzUyNTc0MEE5MkI1RUZCRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEVjBPGspOGZoDIHD5WILWuawJ
KjKswh817PWrqWkWGIloXp87M5kSX0GEZrjGoeaUL74aAq6jQRiopt+Og4lIt4Yf
whCojrLtaan/knmDpE2vi8V9K6ADnQzvoTBbchcAqqQ0H9hX6fxRsGQsuxP72y1K
RGVUpo9VOl2xt8AESfG3rHuwzE3jd/If9UorRk/CGOj7o1z2HQeupK4wQMol5/3t
4SeahSe7ibCHTQUUAmVysnBjDOnT+Q/UqO3f2gPBcjkjsYJw59Mr/PxglUoS+PSk
vYlsefU0LZoWgh6vrtrRYvDBjTXqPQQNSzVi7BRC2OpJHxzQHf265KKBHOoPAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUDa9XQjqbOzK9yUdDUldAqSte+9MwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjAwNzY2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBRFrMA0GCSqGSIb3DQEBCwUAA4IBAQBX+e8E
xdXSFkYqhrGFjKOKdu0jajpfB4h3rYghSnAsr1bnI9TrB6Zco/iTWIkiXy/EAneb
B2py3MDV6nDteOcdUMap8c7zLe2O20p8pVCD9OSaEuC4m1hE4Q+Cckhjqc4L4gMd
Bxe8wWK4ft15bGLNZdmv1hJFx8+/jBTm5RFJvtE5NVfSy73h/0L6O+ejWWUH5PTs
TP5m+hhux4/S+Oez2yp879MraX4d+E0uwqegg5udhompgnHncAdDJtjh3HsmNXHP
o8oRWeUHWbM9mje7/ax7/TiJdhGlmjb3fEkcsatrSzevc1bpyxrhy7VscrwjEyyC
YOaWWIq6miVZFuHJ
-----END CERTIFICATE-----