Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: /IN/sco7XpLGBTTQ51du3sQ1YGvZhVVsuWoR07LC7aA=
Subject key identifier: D4:89:46:3F:71:EE:92:A5:B5:7F:D9:AA:3B:30:68:5D:66:D7:A5:B8
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 4E3AF299D04AA1701A9DA4616FF00981754E57D8
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS14618.roa
Signing time: Sun 22 Sep 2024 03:39:59 +0000
ROA not before: Sun 22 Sep 2024 03:34:59 +0000
ROA not after: Sun 21 Sep 2025 03:39:59 +0000
asID: 14618
IP address blocks: 2a0a:6043::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:3a:f2:99:d0:4a:a1:70:1a:9d:a4:61:6f:f0:09:81:75:4e:57:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Sep 22 03:34:59 2024 GMT
Not After : Sep 21 03:39:59 2025 GMT
Subject: CN=D489463F71EE92A5B57FD9AA3B30685D66D7A5B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7a:45:48:6e:65:fc:b5:36:22:38:61:00:44:
99:aa:7c:a8:37:c2:73:d9:4d:21:4b:95:42:0a:93:
36:55:d6:3e:63:f9:04:2b:93:a4:78:a0:2e:df:d9:
83:0e:03:ea:9c:76:aa:61:40:9e:f6:30:07:69:40:
8b:ae:d0:72:2b:a4:6c:7f:0f:7b:9c:e5:25:c7:67:
3b:5a:18:65:5d:0a:81:90:39:60:ce:46:fe:be:36:
34:81:7f:95:8d:10:be:d1:41:75:b8:6a:5c:a9:77:
3d:27:99:af:a0:c5:59:23:7f:2a:02:e2:c0:35:93:
8e:ed:c4:6d:48:67:4a:f3:c7:d9:e8:f9:9c:ed:b5:
7a:da:fb:57:e6:d9:ea:9b:f9:2c:b0:a8:3c:d6:fa:
71:d8:aa:ff:c2:aa:e0:eb:c6:9a:bb:4e:8e:ce:84:
b2:f7:49:50:67:57:ac:98:76:7b:e8:ee:08:97:54:
45:c0:3c:2e:9f:43:1c:35:42:cb:94:d3:1e:7f:37:
b8:40:f8:7e:ca:44:25:aa:91:51:79:55:4d:5e:53:
59:65:7c:27:be:11:eb:47:86:25:4a:c8:aa:38:47:
78:4c:6b:cb:ce:38:a8:95:a9:fa:8a:d1:62:13:20:
4b:dc:33:0c:8f:2b:02:6d:6a:83:c7:9f:f5:b1:99:
eb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:89:46:3F:71:EE:92:A5:B5:7F:D9:AA:3B:30:68:5D:66:D7:A5:B8
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6043::/40
Signature Algorithm: sha256WithRSAEncryption
a3:dc:6b:2c:39:23:87:f6:b2:9d:a4:20:7e:4e:35:77:50:58:
05:88:63:c5:8b:8f:d4:30:65:99:05:50:cb:21:b4:fd:9f:51:
b3:13:b7:e5:e9:e6:3d:06:b3:51:7b:f0:2d:28:d6:d4:27:cd:
0d:53:4d:d7:c9:04:f7:42:cc:e5:f3:01:da:89:e9:14:d8:7b:
a5:95:cf:1e:5e:3d:1e:bc:d0:fc:9b:91:ae:f1:7d:69:e3:b5:
63:85:02:58:30:91:f3:ee:9b:a0:7c:3c:11:8c:57:dc:b9:3f:
a9:85:99:cc:4e:c4:ed:ec:73:8a:9f:ea:10:79:c4:ae:4a:61:
fa:3b:e6:4d:bf:a0:0d:c4:75:4d:ef:22:dd:84:0d:63:ea:a2:
01:05:45:6b:7a:e5:9a:d8:db:f1:bd:fa:8c:9c:49:8d:d6:6b:
43:e8:47:3f:76:87:e2:3c:17:59:fd:3c:b7:93:61:95:e2:0c:
cb:ec:6c:ae:26:90:1b:e8:93:c3:40:85:1f:9f:b0:33:a4:4c:
f7:56:7f:6a:31:52:fa:ca:b5:a0:f1:73:93:36:79:8d:b0:f1:
7d:21:c1:b0:cd:67:cd:42:f0:fa:be:5b:25:75:43:47:8e:43:
72:a2:e7:7a:96:aa:b2:e5:02:53:33:59:7b:d0:f2:5c:47:32:
8d:1b:8c:3d
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUTjrymdBKoXAanaRhb/AJgXVOV9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDA5MjIwMzM0NTlaFw0yNTA5MjEwMzM5NTlaMDMxMTAvBgNV
BAMTKEQ0ODk0NjNGNzFFRTkyQTVCNTdGRDlBQTNCMzA2ODVENjZEN0E1QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgekVIbmX8tTYiOGEARJmqfKg3
wnPZTSFLlUIKkzZV1j5j+QQrk6R4oC7f2YMOA+qcdqphQJ72MAdpQIuu0HIrpGx/
D3uc5SXHZztaGGVdCoGQOWDORv6+NjSBf5WNEL7RQXW4alypdz0nma+gxVkjfyoC
4sA1k47txG1IZ0rzx9no+ZzttXra+1fm2eqb+SywqDzW+nHYqv/CquDrxpq7To7O
hLL3SVBnV6yYdnvo7giXVEXAPC6fQxw1QsuU0x5/N7hA+H7KRCWqkVF5VU1eU1ll
fCe+EetHhiVKyKo4R3hMa8vOOKiVqfqK0WITIEvcMwyPKwJtaoPHn/Wxmev9AgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQU1IlGP3HukqW1f9mqOzBoXWbXpbgwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTQ2MTgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcB
Af8EEjAQMA4EAgACMAgDBgAqCmBDADANBgkqhkiG9w0BAQsFAAOCAQEAo9xrLDkj
h/aynaQgfk41d1BYBYhjxYuP1DBlmQVQyyG0/Z9RsxO35enmPQazUXvwLSjW1CfN
DVNN18kE90LM5fMB2onpFNh7pZXPHl49HrzQ/JuRrvF9aeO1Y4UCWDCR8+6boHw8
EYxX3Lk/qYWZzE7E7exzip/qEHnErkph+jvmTb+gDcR1Te8i3YQNY+qiAQVFa3rl
mtjb8b36jJxJjdZrQ+hHP3aH4jwXWf08t5NhleIMy+xsriaQG+iTw0CFH5+wM6RM
91Z/ajFS+sq1oPFzkzZ5jbDxfSHBsM1nzULw+r5bJXVDR45DcqLnepaqsuUCUzNZ
e9DyXEcyjRuMPQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:34:45 2025 by rpki-client