Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS57429.roa
File:                     AS57429.roa (raw, json)
Hash identifier:          vP4tHzSk1bGxHsMFoDwOet95v+5Wg30QjrQZQvoKKas=
Subject key identifier:   0E:2A:2D:87:1D:B8:58:04:78:03:8E:D6:AC:2E:89:C7:D8:28:23:D2
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       42FBA43C362093F9BEEEECC88B7E1C300FA52F43
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS57429.roa
Signing time:             Thu 04 Jun 2026 15:58:50 +0000
ROA not before:           Thu 04 Jun 2026 15:53:50 +0000
ROA not after:            Thu 03 Jun 2027 15:58:50 +0000
asID:                     57429
IP address blocks:        2a06:a005:190::/44 maxlen: 48
                          2a06:a005:1a0::/44 maxlen: 48
                          2a06:a005:1b0::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:fb:a4:3c:36:20:93:f9:be:ee:ec:c8:8b:7e:1c:30:0f:a5:2f:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jun  4 15:53:50 2026 GMT
            Not After : Jun  3 15:58:50 2027 GMT
        Subject: CN=0E2A2D871DB8580478038ED6AC2E89C7D82823D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:67:06:8b:af:25:30:77:b8:f9:b7:fc:5c:fd:
                    d2:19:07:9c:4d:3c:ea:42:02:d0:f1:d8:16:0b:d0:
                    61:7d:59:71:93:0c:b2:2d:13:f3:cd:9c:21:18:f6:
                    05:a8:d0:67:84:c6:20:33:44:d0:ef:38:ee:8a:1e:
                    94:13:42:05:b0:61:be:40:56:8b:e1:a9:1e:ca:96:
                    c2:12:e3:0a:ff:c7:b4:6a:d6:50:08:e8:3b:77:ed:
                    d6:d6:56:6f:62:bc:be:8c:22:88:cf:73:2a:40:44:
                    3a:30:7f:4c:ee:30:dd:01:0c:11:47:33:0c:fa:6a:
                    ec:03:66:b3:4f:d0:fb:77:e6:f3:6f:80:ad:4a:76:
                    bf:1c:e3:b7:23:1c:27:14:79:41:78:e3:02:be:5d:
                    74:48:3a:8c:ed:f9:b1:0a:b7:e7:86:63:68:87:2f:
                    05:98:ae:08:37:46:c7:ca:06:04:ec:ce:32:d2:13:
                    bf:68:bc:d6:62:21:64:d1:a5:69:f1:0d:b6:35:61:
                    81:33:8f:be:b8:34:b7:50:4a:70:29:98:7d:53:18:
                    75:9d:f0:5f:33:41:cc:0a:2c:18:b3:9c:e0:53:29:
                    c1:cd:d3:aa:2b:2a:51:d7:93:55:5a:5d:da:ed:85:
                    73:26:a1:9b:d8:50:4b:f5:73:f8:f0:18:c3:be:37:
                    0b:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:2A:2D:87:1D:B8:58:04:78:03:8E:D6:AC:2E:89:C7:D8:28:23:D2
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS57429.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:190::-2a06:a005:1bf:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         7a:c5:f8:cf:b6:92:ef:d0:a6:63:f1:ff:ed:fc:08:37:82:a8:
         bc:88:37:ae:ef:98:be:ba:42:72:12:72:ed:5b:ec:1c:66:51:
         a7:68:be:fb:a0:52:29:28:28:46:4d:1a:b9:3c:98:92:b0:12:
         6d:cc:df:47:a5:6e:56:09:dd:a1:43:b9:c1:b2:47:7e:1c:e2:
         c7:6d:81:eb:33:6b:2d:a0:68:cc:3f:2c:a2:5f:c2:da:f8:91:
         a3:94:47:fc:2d:ed:fe:44:44:57:ad:c0:a4:fb:a2:58:3e:e4:
         39:f7:c4:6c:fa:44:eb:3c:62:4e:f8:b7:3a:06:a0:a8:32:c3:
         d5:17:2b:c7:5d:ce:05:ba:05:b0:9d:9b:df:38:7f:ca:46:c9:
         df:d9:63:3f:50:25:7d:a5:05:e8:52:54:a1:87:3f:33:d4:7a:
         71:1a:60:0a:f0:9f:75:27:5c:2a:59:54:2f:12:fa:3f:ad:66:
         25:33:b1:78:20:0c:50:b9:ae:2e:23:6b:74:f7:44:e0:b4:82:
         50:7b:54:8f:09:bf:47:4d:17:46:b7:7f:ae:a5:f2:2c:81:de:
         2f:b9:35:5d:33:e4:bd:dc:a5:28:fa:bc:02:70:86:c9:c9:f6:
         47:16:37:35:79:3a:53:00:78:4c:04:af:1d:f1:a4:a6:29:e8:
         6a:61:7a:0a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIUQvukPDYgk/m+7uzIi34cMA+lL0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNTBaFw0yNzA2MDMxNTU4NTBaMDMxMTAvBgNV
BAMTKDBFMkEyRDg3MURCODU4MDQ3ODAzOEVENkFDMkU4OUM3RDgyODIzRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrZwaLryUwd7j5t/xc/dIZB5xN
POpCAtDx2BYL0GF9WXGTDLItE/PNnCEY9gWo0GeExiAzRNDvOO6KHpQTQgWwYb5A
VovhqR7KlsIS4wr/x7Rq1lAI6Dt37dbWVm9ivL6MIojPcypARDowf0zuMN0BDBFH
Mwz6auwDZrNP0Pt35vNvgK1Kdr8c47cjHCcUeUF44wK+XXRIOozt+bEKt+eGY2iH
LwWYrgg3RsfKBgTszjLSE79ovNZiIWTRpWnxDbY1YYEzj764NLdQSnApmH1TGHWd
8F8zQcwKLBiznOBTKcHN06orKlHXk1VaXdrthXMmoZvYUEv1c/jwGMO+NwtrAgMB
AAGjggH8MIIB+DAdBgNVHQ4EFgQUDiothx24WAR4A47WrC6Jx9goI9IwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
NTc0Mjkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcB
Af8EHjAcMBoEAgACMBQwEgMHBCoGoAUBkAMHBioGoAUBgDANBgkqhkiG9w0BAQsF
AAOCAQEAesX4z7aS79CmY/H/7fwIN4KovIg3ru+YvrpCchJy7VvsHGZRp2i++6BS
KSgoRk0auTyYkrASbczfR6VuVgndoUO5wbJHfhzix22B6zNrLaBozD8sol/C2viR
o5RH/C3t/kREV63ApPuiWD7kOffEbPpE6zxiTvi3OgagqDLD1Rcrx13OBboFsJ2b
3zh/ykbJ39ljP1AlfaUF6FJUoYc/M9R6cRpgCvCfdSdcKllULxL6P61mJTOxeCAM
ULmuLiNrdPdE4LSCUHtUjwm/R00XRrd/rqXyLIHeL7k1XTPkvdylKPq8AnCGycn2
RxY3NXk6UwB4TASvHfGkpinoamF6Cg==
-----END CERTIFICATE-----