Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/2f4c4963-ede1-38bf-9888-ad5fdeecbd33.roa
File:                     2f4c4963-ede1-38bf-9888-ad5fdeecbd33.roa (raw, json)
Hash identifier:          4UQrqQvdyKGX2QJ9UBGvg+685XuOMjTsuvfHuceDcbA=
Subject key identifier:   8D:39:26:DB:4E:CF:AB:8B:98:D8:D1:AB:A8:8B:4F:48:A0:E6:4D:65
Certificate issuer:       /CN=5d9c9ef5-b960-412d-af5e-2df18c21f809
Certificate serial:       010D0C9F4328584AAB2654A108FB65923C7F7C80
Authority key identifier: 86:A4:37:D4:6D:BA:92:7A:E6:8D:9D:6A:F3:35:C6:46:9A:DD:17:ED
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/2f4c4963-ede1-38bf-9888-ad5fdeecbd33.roa
Signing time:             Mon 28 Jul 2025 13:01:04 +0000
ROA not before:           Mon 28 Jul 2025 13:01:04 +0000
ROA not after:            Sun 26 Oct 2025 13:01:04 +0000
asID:                     32787
IP address blocks:        72.52.20.0/22 maxlen: 22
                          72.52.20.0/24 maxlen: 24
                          72.52.21.0/24 maxlen: 24
                          72.52.22.0/24 maxlen: 24
                          72.52.60.0/23 maxlen: 23
                          72.52.60.0/24 maxlen: 24
                          72.52.61.0/24 maxlen: 24
                          209.200.158.0/23 maxlen: 23
                          209.200.158.0/24 maxlen: 24
                          209.200.159.0/24 maxlen: 24
                          209.200.161.0/24 maxlen: 24
                          209.200.162.0/24 maxlen: 24
                          209.200.163.0/24 maxlen: 24
                          209.200.176.0/24 maxlen: 24
                          209.200.179.0/24 maxlen: 24
                          209.200.180.0/24 maxlen: 24
                          209.200.181.0/24 maxlen: 24
                          209.200.182.0/24 maxlen: 24
                          209.200.183.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/5d9c9ef5-b960-412d-af5e-2df18c21f809.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/5d9c9ef5-b960-412d-af5e-2df18c21f809.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:4a:ab:26:54:a1:08:fb:65:92:3c:7f:7c:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d9c9ef5-b960-412d-af5e-2df18c21f809
        Validity
            Not Before: Jul 28 13:01:04 2025 GMT
            Not After : Oct 26 13:01:04 2025 GMT
        Subject: CN=533e46b3-57af-45ee-a64c-692786f4a6e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:78:75:39:0c:22:67:45:e5:09:d9:a1:ed:9b:
                    dd:b7:d7:40:d9:66:a3:fc:8b:48:e6:48:37:25:f4:
                    78:1a:0e:d0:34:cf:83:c8:e0:bd:1b:99:b0:13:e3:
                    c6:e8:a7:5d:39:dc:46:af:4e:d3:6d:29:c5:ed:f9:
                    f4:46:c8:6e:61:eb:5d:4a:e1:e2:d0:47:2c:15:b3:
                    87:58:49:aa:c0:cd:cd:25:8a:e1:16:2b:83:f4:84:
                    28:df:7f:f9:00:ba:7a:21:cf:ec:a1:8c:58:45:3a:
                    92:6a:58:2a:4b:73:e7:b5:2c:e4:d6:de:6c:f7:4e:
                    98:40:11:3e:0d:5c:41:8a:e0:1f:65:38:85:86:a2:
                    26:b1:98:1a:ea:a1:59:0e:da:05:4d:21:d3:a7:23:
                    b8:6b:d7:9b:07:59:47:d7:27:91:0e:c1:0c:03:4f:
                    47:5a:c5:13:9f:f8:06:4e:06:cf:78:f0:d3:95:3f:
                    84:5d:1d:da:f5:07:1b:b9:10:b5:4a:6c:93:ed:b4:
                    4c:b9:56:d1:aa:6f:c0:2d:eb:db:67:20:f9:e1:46:
                    89:35:3a:ce:25:ff:67:b9:cd:5d:59:1d:a0:fe:85:
                    ae:c2:74:02:10:f6:f1:81:fd:0a:7f:20:a8:3e:dc:
                    0b:ae:91:e7:02:2b:61:84:7d:c4:64:4e:ad:22:b6:
                    55:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:39:26:DB:4E:CF:AB:8B:98:D8:D1:AB:A8:8B:4F:48:A0:E6:4D:65
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/2f4c4963-ede1-38bf-9888-ad5fdeecbd33.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/5d9c9ef5-b960-412d-af5e-2df18c21f809.crl

            X509v3 Authority Key Identifier:
                keyid:86:A4:37:D4:6D:BA:92:7A:E6:8D:9D:6A:F3:35:C6:46:9A:DD:17:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.52.20.0/22
                  72.52.60.0/23
                  209.200.158.0/23
                  209.200.161.0-209.200.163.255
                  209.200.176.0/24
                  209.200.179.0-209.200.183.255

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         41:ce:4d:37:c4:9c:99:c1:30:6a:b9:64:d8:3f:7c:b8:e1:91:
         86:d8:73:44:14:32:e9:03:68:d9:26:3c:95:de:22:8b:e4:84:
         2c:b5:d1:29:d0:91:02:bf:cc:25:00:9a:33:cc:13:61:c0:00:
         11:b0:90:42:6d:14:29:e7:15:16:ab:d6:d9:e0:12:e9:3f:7c:
         04:e0:e2:85:8f:b4:ea:cc:85:3e:97:d2:4d:9e:5a:c3:ab:fe:
         52:dc:5b:48:bd:b1:05:46:31:48:2b:fd:3a:88:90:53:66:87:
         b4:37:64:1b:99:23:cf:15:e5:12:f1:35:8c:f2:7e:3e:8e:45:
         16:92:04:4c:58:f6:4e:7d:f4:3b:a6:ec:d7:ca:f8:9b:66:98:
         2e:78:f6:9d:45:b3:43:bd:8a:df:3f:c9:c4:fd:66:f4:e9:cd:
         67:61:94:4c:0a:bc:a1:b7:6c:a4:00:df:a4:1f:f9:e9:34:fc:
         11:ae:f1:af:d0:bf:10:82:4a:90:7e:ad:c0:fc:02:de:15:66:
         1b:e3:b7:18:08:ab:35:08:94:42:f5:fc:71:17:de:fc:0c:92:
         52:50:90:88:4e:a1:55:d7:9b:8a:ed:ce:37:bc:08:74:9c:5c:
         d9:69:42:6a:c0:7c:6e:fd:04:16:df:44:10:f8:28:46:99:e5:
         84:39:d7:63
-----BEGIN CERTIFICATE-----
MIIGcTCCBVmgAwIBAgIUAQ0Mn0MoWEqrJlShCPtlkjx/fIAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNWQ5YzllZjUtYjk2MC00MTJkLWFmNWUtMmRmMThjMjFm
ODA5MB4XDTI1MDcyODEzMDEwNFoXDTI1MTAyNjEzMDEwNFowLzEtMCsGA1UEAxMk
NTMzZTQ2YjMtNTdhZi00NWVlLWE2NGMtNjkyNzg2ZjRhNmU0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXh1OQwiZ0XlCdmh7Zvdt9dA2Waj/ItI5kg3
JfR4Gg7QNM+DyOC9G5mwE+PG6KddOdxGr07TbSnF7fn0RshuYetdSuHi0EcsFbOH
WEmqwM3NJYrhFiuD9IQo33/5ALp6Ic/soYxYRTqSalgqS3PntSzk1t5s906YQBE+
DVxBiuAfZTiFhqImsZga6qFZDtoFTSHTpyO4a9ebB1lH1yeRDsEMA09HWsUTn/gG
TgbPePDTlT+EXR3a9QcbuRC1SmyT7bRMuVbRqm/ALevbZyD54UaJNTrOJf9nuc1d
WR2g/oWuwnQCEPbxgf0KfyCoPtwLrpHnAithhH3EZE6tIrZV3QIDAQABo4IDgzCC
A38wHQYDVR0OBBYEFI05JttOz6uLmNjRq6iLT0ig5k1lMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS81ZDlj
OWVmNS1iOTYwLTQxMmQtYWY1ZS0yZGYxOGMyMWY4MDkvMmY0YzQ5NjMtZWRlMS0z
OGJmLTk4ODgtYWQ1ZmRlZWNiZDMzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNWQ5YzllZjUtYjk2MC00MTJkLWFm
NWUtMmRmMThjMjFmODA5LzVkOWM5ZWY1LWI5NjAtNDEyZC1hZjVlLTJkZjE4YzIx
ZjgwOS5jcmwwHwYDVR0jBBgwFoAUhqQ31G26knrmjZ1q8zXGRprdF+0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS81ZDljOWVmNS1iOTYwLTQxMmQtYWY1ZS0yZGYx
OGMyMWY4MDkuY2VyME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQCSDQUAwQB
SDQ8AwQB0cieMAwDBADRyKEDBALRyKADBADRyLAwDAMEANHIswMEA9HIsDBUBgNV
HSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3
LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUA
A4IBAQBBzk03xJyZwTBquWTYP3y44ZGG2HNEFDLpA2jZJjyV3iKL5IQstdEp0JEC
v8wlAJozzBNhwAARsJBCbRQp5xUWq9bZ4BLpP3wE4OKFj7TqzIU+l9JNnlrDq/5S
3FtIvbEFRjFIK/06iJBTZoe0N2QbmSPPFeUS8TWM8n4+jkUWkgRMWPZOffQ7puzX
yvibZpguePadRbNDvYrfP8nE/Wb06c1nYZRMCryht2ykAN+kH/npNPwRrvGv0L8Q
gkqQfq3A/ALeFWYb47cYCKs1CJRC9fxxF978DJJSUJCITqFV15uK7c43vAh0nFzZ
aUJqwHxu/QQW30QQ+ChGmeWEOddj
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:30:04 2025 by rpki-client