Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS206290.roa
File:                     AS206290.roa (raw, json)
Hash identifier:          GoVwXVJ3I/7SKGufoXERPC7f9Ab7780+ccSYQSjL3K4=
Subject key identifier:   E5:36:72:93:50:3A:F6:8E:B4:A4:4D:80:1E:C0:D9:E8:14:1C:41:74
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       1A82D480A2268FD70EB4EC26DD2D12583AE204BC
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS206290.roa
Signing time:             Thu 04 Jun 2026 15:58:49 +0000
ROA not before:           Thu 04 Jun 2026 15:53:49 +0000
ROA not after:            Thu 03 Jun 2027 15:58:49 +0000
asID:                     206290
IP address blocks:        2a06:a005:1276::/47 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:82:d4:80:a2:26:8f:d7:0e:b4:ec:26:dd:2d:12:58:3a:e2:04:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jun  4 15:53:49 2026 GMT
            Not After : Jun  3 15:58:49 2027 GMT
        Subject: CN=E5367293503AF68EB4A44D801EC0D9E8141C4174
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:43:aa:e6:07:1a:af:fc:dc:96:4e:a1:fd:00:
                    d6:37:68:29:49:99:7a:d5:85:1f:da:d7:58:5e:e3:
                    97:27:00:21:c9:a0:71:0d:dd:10:bd:59:52:58:8d:
                    db:13:4a:33:0b:4b:f8:1a:19:0e:47:97:13:8b:17:
                    ca:46:6a:07:44:bc:8b:2a:c7:88:11:fb:8c:5c:37:
                    f2:8f:8d:d3:13:ce:d4:52:b5:43:95:7c:0f:cf:eb:
                    61:f4:0a:2c:f2:40:74:d3:d2:be:6e:ad:0b:10:1b:
                    cd:89:d4:b1:c8:a4:51:f9:0d:97:96:72:dd:41:06:
                    02:98:13:b7:4e:92:a5:2c:4d:88:95:34:12:6f:fa:
                    0f:23:fd:a3:91:ba:6a:4e:26:40:01:28:c2:1c:26:
                    8c:5a:69:35:11:25:e3:67:e4:57:98:5d:08:8b:5e:
                    b9:95:28:99:bb:40:52:1d:ad:0b:32:32:5f:cc:d1:
                    18:62:ae:23:5f:52:13:1a:d9:ed:df:64:83:ae:6e:
                    ee:d0:c6:f0:e9:48:c8:59:5c:ba:97:44:5a:2a:9d:
                    4c:a5:72:c5:4b:ac:63:72:43:55:9f:17:ee:b7:d7:
                    73:c5:d8:ef:65:f5:00:6e:a8:8f:04:1b:f6:c4:c5:
                    a0:c0:9d:e6:0f:dd:7e:20:58:9f:aa:ac:16:cb:29:
                    f2:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:36:72:93:50:3A:F6:8E:B4:A4:4D:80:1E:C0:D9:E8:14:1C:41:74
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS206290.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1276::/47

    Signature Algorithm: sha256WithRSAEncryption
         65:c0:63:12:65:2e:72:53:36:e6:57:63:ea:b6:51:96:c0:d7:
         97:51:db:37:96:c2:bf:24:55:07:05:86:67:81:cc:27:b6:66:
         de:6a:84:5c:85:97:3b:db:87:66:45:84:4d:b2:d8:e2:02:78:
         ed:d0:49:67:a9:a6:29:94:3e:49:59:9a:41:3d:f3:11:c2:25:
         19:f6:ac:dd:74:53:9f:7e:84:8c:07:f3:45:4a:65:57:fc:87:
         99:54:5d:af:d4:8e:17:b8:06:a2:66:f4:db:cd:2b:d0:67:9e:
         38:44:00:f2:96:dd:99:93:f1:f4:61:d8:cc:be:27:6a:95:39:
         13:a6:d1:8d:7c:f4:80:73:d9:aa:48:15:8b:7f:a8:08:f2:cb:
         3f:1b:1a:36:1b:6e:e4:bb:05:87:6c:ac:86:91:db:f3:a9:a9:
         fc:ec:09:6a:e3:2d:a2:76:47:e6:59:c5:c0:86:88:03:f6:90:
         d3:d4:91:bc:15:27:99:5e:7b:93:1e:7c:e4:fd:c6:c1:24:d1:
         88:55:35:84:ff:18:44:70:46:e4:ed:af:d1:77:1e:02:b7:78:
         02:d5:e8:68:56:f3:a3:a5:d8:8c:a9:4b:dd:0c:ef:45:1a:d3:
         77:9b:6a:c8:75:10:ee:a5:e0:65:5e:f4:33:e7:29:6d:9d:6c:
         b8:3a:33:22
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUGoLUgKImj9cOtOwm3S0SWDriBLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNDlaFw0yNzA2MDMxNTU4NDlaMDMxMTAvBgNV
BAMTKEU1MzY3MjkzNTAzQUY2OEVCNEE0NEQ4MDFFQzBEOUU4MTQxQzQxNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoQ6rmBxqv/NyWTqH9ANY3aClJ
mXrVhR/a11he45cnACHJoHEN3RC9WVJYjdsTSjMLS/gaGQ5HlxOLF8pGagdEvIsq
x4gR+4xcN/KPjdMTztRStUOVfA/P62H0CizyQHTT0r5urQsQG82J1LHIpFH5DZeW
ct1BBgKYE7dOkqUsTYiVNBJv+g8j/aORumpOJkABKMIcJoxaaTURJeNn5FeYXQiL
XrmVKJm7QFIdrQsyMl/M0RhiriNfUhMa2e3fZIOubu7QxvDpSMhZXLqXRFoqnUyl
csVLrGNyQ1WfF+6313PF2O9l9QBuqI8EG/bExaDAneYP3X4gWJ+qrBbLKfJ5AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU5TZyk1A69o60pE2AHsDZ6BQcQXQwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjA2MjkwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcBKgagBRJ2MA0GCSqGSIb3DQEBCwUAA4IBAQBlwGMS
ZS5yUzbmV2PqtlGWwNeXUds3lsK/JFUHBYZngcwntmbeaoRchZc724dmRYRNstji
Anjt0ElnqaYplD5JWZpBPfMRwiUZ9qzddFOffoSMB/NFSmVX/IeZVF2v1I4XuAai
ZvTbzSvQZ544RADylt2Zk/H0YdjMvidqlTkTptGNfPSAc9mqSBWLf6gI8ss/Gxo2
G27kuwWHbKyGkdvzqan87Alq4y2idkfmWcXAhogD9pDT1JG8FSeZXnuTHnzk/cbB
JNGIVTWE/xhEcEbk7a/Rdx4Ct3gC1ehoVvOjpdiMqUvdDO9FGtN3m2rIdRDupeBl
XvQz5yltnWy4OjMi
-----END CERTIFICATE-----