Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS1012.roa
File: AS1012.roa (raw, json)
Hash identifier: 1oK4qT0ruRVL1IoIj22vCvrf1pxxyJaIZeyMJ/NUD8M=
Subject key identifier: A8:F5:E2:D2:14:17:ED:2B:C8:88:E9:0F:DF:D2:77:42:25:43:9F:65
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 3719A52261E1FBE5CA5865A0028BBDD755D3A4A0
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS1012.roa
Signing time: Tue 03 Jan 2023 02:07:08 +0000
ROA not before: Tue 03 Jan 2023 02:02:08 +0000
ROA not after: Tue 02 Jan 2024 02:07:08 +0000
asID: 1012
IP address blocks: 2a06:a005:1c80::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Jul 2023 12:09:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:19:a5:22:61:e1:fb:e5:ca:58:65:a0:02:8b:bd:d7:55:d3:a4:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Jan 3 02:02:08 2023 GMT
Not After : Jan 2 02:07:08 2024 GMT
Subject: CN=A8F5E2D21417ED2BC888E90FDFD2774225439F65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:53:e8:88:77:14:e9:2b:8d:c2:04:42:85:55:
05:3c:00:1d:ef:8e:42:64:58:a9:e9:af:98:7b:d7:
e7:9a:90:65:a1:24:3c:4d:12:5e:01:cf:49:c0:f2:
95:63:f4:00:5e:7e:0e:ed:80:15:00:89:f3:a0:cc:
a0:64:da:50:b2:5a:e3:e1:2c:01:b3:71:df:24:30:
b0:b2:50:a1:f8:24:1b:d7:54:b2:f4:13:a1:9c:b7:
41:ae:b4:3d:ce:b1:c2:2b:b8:38:bd:a0:bc:69:85:
4f:3c:d4:91:13:9d:66:3e:24:e6:b8:2f:30:a8:86:
10:b1:fd:8f:d1:cd:51:36:bc:bd:25:08:1a:4f:db:
07:28:1b:3a:b8:3d:b7:8f:74:2f:77:96:86:2f:52:
14:53:3a:20:ea:cb:80:2e:cc:fd:4d:dc:54:20:c7:
03:e1:47:68:ee:dc:a9:7b:fd:6e:c5:e2:3f:c8:6b:
ea:c9:94:b6:ae:87:59:d6:3a:94:dd:bb:f2:1c:a6:
00:3e:a2:98:c1:39:70:30:e6:9b:4a:a8:ee:3f:62:
4f:16:7e:57:f3:52:c7:08:d9:45:a7:9f:84:af:ae:
54:47:10:85:86:3c:4d:95:f3:83:d9:4f:99:6e:fc:
46:fa:40:10:cd:31:db:1f:a0:e6:5b:76:b8:a2:a6:
e2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F5:E2:D2:14:17:ED:2B:C8:88:E9:0F:DF:D2:77:42:25:43:9F:65
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS1012.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1c80::/44
Signature Algorithm: sha256WithRSAEncryption
49:6a:02:ff:2c:89:99:2f:a1:da:a5:8a:5c:b1:07:2b:d1:80:
44:7a:e3:92:e8:f2:ae:67:35:0f:40:86:76:d1:67:00:c3:15:
c8:df:1c:3b:bb:e6:af:08:c8:26:1a:d6:8b:4d:aa:bf:92:b7:
f4:7c:9d:8f:c3:9d:7e:c7:9e:16:b4:82:fc:1c:ee:eb:98:c6:
7c:9c:b4:3f:99:bc:2a:6e:85:3b:ae:58:22:8b:66:27:52:a3:
0c:8f:0b:89:14:dc:c8:f2:5b:27:4a:d5:00:d3:5f:ca:27:33:
70:fd:0b:15:b7:fe:2d:ae:44:7d:36:19:dc:40:8c:57:04:3d:
6e:bc:03:81:8a:ab:0a:51:00:b5:48:43:29:c4:97:9b:4a:5e:
2a:8d:54:d9:31:61:9b:d8:33:c7:18:ab:61:4e:be:b1:f0:2e:
32:59:bc:14:cd:4e:51:04:78:bb:f4:a0:75:d2:2d:8c:4f:fa:
fb:aa:c8:e6:81:b9:bd:af:9d:66:f2:98:68:43:77:d9:14:d7:
98:69:80:74:67:66:24:75:28:9d:f7:22:be:ac:74:67:93:ce:
19:93:02:55:30:35:de:65:55:d6:f9:ea:aa:ad:b5:3f:2c:55:
bb:ef:d8:21:09:6c:f7:16:63:15:5d:e4:c3:2f:d9:95:5a:37:
7f:d8:af:9d
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUNxmlImHh++XKWGWgAou911XTpKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzAxMDMwMjAyMDhaFw0yNDAxMDIwMjA3MDhaMDMxMTAvBgNV
BAMTKEE4RjVFMkQyMTQxN0VEMkJDODg4RTkwRkRGRDI3NzQyMjU0MzlGNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEU+iIdxTpK43CBEKFVQU8AB3v
jkJkWKnpr5h71+eakGWhJDxNEl4Bz0nA8pVj9ABefg7tgBUAifOgzKBk2lCyWuPh
LAGzcd8kMLCyUKH4JBvXVLL0E6Gct0GutD3OscIruDi9oLxphU881JETnWY+JOa4
LzCohhCx/Y/RzVE2vL0lCBpP2wcoGzq4PbePdC93loYvUhRTOiDqy4AuzP1N3FQg
xwPhR2ju3Kl7/W7F4j/Ia+rJlLauh1nWOpTdu/IcpgA+opjBOXAw5ptKqO4/Yk8W
flfzUscI2UWnn4SvrlRHEIWGPE2V84PZT5lu/Eb6QBDNMdsfoOZbdriipuKTAgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQUqPXi0hQX7SvIiOkP39J3QiVDn2UwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBuBggrBgEF
BQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTAxMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB
/wQTMBEwDwQCAAIwCQMHBCoGoAUcgDANBgkqhkiG9w0BAQsFAAOCAQEASWoC/yyJ
mS+h2qWKXLEHK9GARHrjkujyrmc1D0CGdtFnAMMVyN8cO7vmrwjIJhrWi02qv5K3
9Hydj8OdfseeFrSC/Bzu65jGfJy0P5m8Km6FO65YIotmJ1KjDI8LiRTcyPJbJ0rV
ANNfyiczcP0LFbf+La5EfTYZ3ECMVwQ9brwDgYqrClEAtUhDKcSXm0peKo1U2TFh
m9gzxxirYU6+sfAuMlm8FM1OUQR4u/SgddItjE/6+6rI5oG5va+dZvKYaEN32RTX
mGmAdGdmJHUonfcivqx0Z5POGZMCVTA13mVV1vnqqq21PyxVu+/YIQls9xZjFV3k
wy/ZlVo3f9ivnQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 22:33:10 2023 by rpki-client on console-ams.rpki-client.org