Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/5/326130393a353463333a613130313a3a2f34382d313238203d3e20323135313437.roa
File:                     326130393a353463333a613130313a3a2f34382d313238203d3e20323135313437.roa (raw, json)
Hash identifier:          90FGOeqqLptd8qlXcfjJgcF07gJvM1oxc2QmHLuTM1Y=
Subject key identifier:   5E:BA:6D:D7:32:75:05:45:F6:A9:A9:8D:91:79:BC:F1:6D:2F:7B:3D
Certificate issuer:       /CN=A912092CFA11F378852F52266C793AB678233205
Certificate serial:       270D52B2D70B7CD982BB24DAA504B9AE8648AFE1
Authority key identifier: A9:12:09:2C:FA:11:F3:78:85:2F:52:26:6C:79:3A:B6:78:23:32:05
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/A912092CFA11F378852F52266C793AB678233205.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/5/326130393a353463333a613130313a3a2f34382d313238203d3e20323135313437.roa
Signing time:             Wed 30 Jul 2025 05:56:56 +0000
ROA not before:           Wed 30 Jul 2025 05:51:56 +0000
ROA not after:            Wed 29 Jul 2026 05:56:56 +0000
asID:                     215147
IP address blocks:        2a09:54c3:a101::/48 maxlen: 128
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/5/A912092CFA11F378852F52266C793AB678233205.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/5/A912092CFA11F378852F52266C793AB678233205.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/A912092CFA11F378852F52266C793AB678233205.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 01:59:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:0d:52:b2:d7:0b:7c:d9:82:bb:24:da:a5:04:b9:ae:86:48:af:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912092CFA11F378852F52266C793AB678233205
        Validity
            Not Before: Jul 30 05:51:56 2025 GMT
            Not After : Jul 29 05:56:56 2026 GMT
        Subject: CN=5EBA6DD732750545F6A9A98D9179BCF16D2F7B3D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:5b:79:8f:e1:fa:ca:2a:fb:29:45:35:95:e0:
                    48:a3:e6:ba:f3:52:d8:4b:00:b1:97:67:30:fd:41:
                    54:75:8c:c6:bf:b5:21:32:0c:5d:2e:75:e6:bc:d2:
                    05:cb:73:b1:76:2b:b6:09:35:d9:40:7f:82:bf:90:
                    11:77:01:ed:eb:0b:dc:57:10:79:20:56:3b:6c:b9:
                    bd:81:d5:68:f5:2c:f8:c5:b5:0b:a7:a5:35:9a:15:
                    f0:bc:2c:18:48:e2:5c:ed:e0:53:fb:e2:df:36:78:
                    a0:ff:c6:9c:21:46:41:41:46:75:04:88:06:9d:2c:
                    d0:2e:9e:21:98:b6:7b:ca:9b:b3:96:b7:8a:a9:a4:
                    6d:80:a9:d7:18:39:11:29:77:c6:3a:89:b4:4b:b7:
                    a2:70:bc:3d:10:32:01:fa:89:dd:08:ec:ed:14:29:
                    fc:59:b4:91:fe:c9:14:f3:83:65:07:84:19:24:eb:
                    bb:60:a0:15:ad:47:c1:4c:ff:93:92:fe:50:ee:46:
                    c7:98:71:69:70:23:9d:91:9f:7c:4c:cc:eb:e3:52:
                    4c:3e:17:8b:cf:12:ec:3c:ef:ef:45:96:70:13:a1:
                    eb:6d:0c:f9:d2:be:f6:ef:21:cc:42:1d:7f:24:71:
                    9b:e8:cf:d1:fc:c5:0e:4f:42:7a:ab:6d:af:42:61:
                    a3:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:BA:6D:D7:32:75:05:45:F6:A9:A9:8D:91:79:BC:F1:6D:2F:7B:3D
            X509v3 Authority Key Identifier:
                keyid:A9:12:09:2C:FA:11:F3:78:85:2F:52:26:6C:79:3A:B6:78:23:32:05

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/5/A912092CFA11F378852F52266C793AB678233205.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/A912092CFA11F378852F52266C793AB678233205.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/5/326130393a353463333a613130313a3a2f34382d313238203d3e20323135313437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:54c3:a101::/48

    Signature Algorithm: sha256WithRSAEncryption
         16:ed:11:a3:b6:1c:1e:e1:85:1e:3e:8b:3f:0e:58:b2:58:d3:
         80:82:57:e5:ba:72:a8:fa:fc:85:51:78:92:d8:be:50:29:01:
         89:86:25:55:24:91:b2:1a:06:59:07:bf:be:84:02:a6:dc:0a:
         54:55:b9:64:63:19:51:4a:a4:d3:32:95:92:ba:b8:96:22:70:
         b5:b8:7e:a4:89:72:cf:3f:1f:24:b3:f9:57:2d:c4:26:49:64:
         8a:0c:1b:fb:72:18:6e:aa:0a:39:69:12:5d:55:1c:32:07:0f:
         ff:40:fe:8d:e9:21:af:8c:3b:97:4a:f7:b1:8f:5e:07:63:f8:
         99:08:52:29:6d:09:dd:32:32:a6:27:ce:ce:94:e6:70:ce:39:
         dc:c4:c3:d1:cb:a3:5a:71:8a:81:4d:85:17:9d:74:1a:d0:1a:
         01:50:bc:da:36:c6:22:13:f5:72:d8:74:9e:c6:3c:1d:2e:58:
         d4:63:e6:40:f6:67:15:be:5c:d2:b5:1a:4f:62:69:c6:f0:87:
         59:29:d2:93:0a:9b:ac:dd:3f:ba:a0:6f:90:87:16:5d:eb:e1:
         6f:fe:4b:ee:ec:dc:e1:48:45:0c:ea:75:ad:7f:e4:b7:95:6d:
         c1:34:07:94:14:0a:0a:1b:24:e7:ee:f5:79:01:48:41:35:76:
         55:59:a2:d1
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIUJw1SstcLfNmCuyTapQS5roZIr+EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTkxMjA5MkNGQTExRjM3ODg1MkY1MjI2NkM3OTNBQjY3
ODIzMzIwNTAeFw0yNTA3MzAwNTUxNTZaFw0yNjA3MjkwNTU2NTZaMDMxMTAvBgNV
BAMTKDVFQkE2REQ3MzI3NTA1NDVGNkE5QTk4RDkxNzlCQ0YxNkQyRjdCM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEW3mP4frKKvspRTWV4Eij5rrz
UthLALGXZzD9QVR1jMa/tSEyDF0udea80gXLc7F2K7YJNdlAf4K/kBF3Ae3rC9xX
EHkgVjtsub2B1Wj1LPjFtQunpTWaFfC8LBhI4lzt4FP74t82eKD/xpwhRkFBRnUE
iAadLNAuniGYtnvKm7OWt4qppG2AqdcYOREpd8Y6ibRLt6JwvD0QMgH6id0I7O0U
KfxZtJH+yRTzg2UHhBkk67tgoBWtR8FM/5OS/lDuRseYcWlwI52Rn3xMzOvjUkw+
F4vPEuw87+9FlnAToettDPnSvvbvIcxCHX8kcZvoz9H8xQ5PQnqrba9CYaPNAgMB
AAGjggJ8MIICeDAdBgNVHQ4EFgQUXrpt1zJ1BUX2qamNkXm88W0vez0wHwYDVR0j
BBgwFoAUqRIJLPoR83iFL1ImbHk6tngjMgUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjhhYmFiYmItZjA0OC00ZGUxLTkyMDYtOGQ0MGYwNzE4
MDhiLzUvQTkxMjA5MkNGQTExRjM3ODg1MkY1MjI2NkM3OTNBQjY3ODIzMzIwNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzcvQTkxMjA5MkNGQTExRjM3ODg1MkY1MjI2NkM3OTNBQjY3ODIz
MzIwNS5jZXIwgbkGCCsGAQUFBwELBIGsMIGpMIGmBggrBgEFBQcwC4aBmXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjhhYmFiYmIt
ZjA0OC00ZGUxLTkyMDYtOGQ0MGYwNzE4MDhiLzUvMzI2MTMwMzkzYTM1MzQ2MzMz
M2E2MTMxMzAzMTNhM2EyZjM0MzgyZDMxMzIzODIwM2QzZTIwMzIzMTM1MzEzNDM3
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMw
ETAPBAIAAjAJAwcAKglUw6EBMA0GCSqGSIb3DQEBCwUAA4IBAQAW7RGjthwe4YUe
Pos/DliyWNOAglflunKo+vyFUXiS2L5QKQGJhiVVJJGyGgZZB7++hAKm3ApUVblk
YxlRSqTTMpWSuriWInC1uH6kiXLPPx8ks/lXLcQmSWSKDBv7chhuqgo5aRJdVRwy
Bw//QP6N6SGvjDuXSvexj14HY/iZCFIpbQndMjKmJ87OlOZwzjncxMPRy6NacYqB
TYUXnXQa0BoBULzaNsYiE/Vy2HSexjwdLljUY+ZA9mcVvlzStRpPYmnG8IdZKdKT
Cpus3T+6oG+QhxZd6+Fv/kvu7NzhSEUM6nWtf+S3lW3BNAeUFAoKGyTn7vV5AUhB
NXZVWaLR
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:15:24 2025 by rpki-client