Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS150325.roa
File: AS150325.roa (raw, json)
Hash identifier: ZeOrnRWnO3rKDykFY3+iAOWFs2pkUXYuuv6z4/lVWAE=
Subject key identifier: D1:4A:9D:86:77:B1:B3:79:68:B0:6B:0A:0D:7B:B9:1F:BA:E9:DE:14
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 792179CA879508C0C39984C25D9CD6DB29D9492F
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS150325.roa
Signing time: Tue 05 Dec 2023 02:44:12 +0000
ROA not before: Tue 05 Dec 2023 02:39:12 +0000
ROA not after: Tue 03 Dec 2024 02:44:12 +0000
asID: 150325
IP address blocks: 2a06:a005:3::/48 maxlen: 48
2a06:a005:16c0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:21:79:ca:87:95:08:c0:c3:99:84:c2:5d:9c:d6:db:29:d9:49:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Dec 5 02:39:12 2023 GMT
Not After : Dec 3 02:44:12 2024 GMT
Subject: CN=D14A9D8677B1B37968B06B0A0D7BB91FBAE9DE14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8f:59:b8:ff:16:39:ab:a6:7e:97:ec:a6:16:
35:8b:3c:7c:c0:e8:59:3a:20:a0:12:cd:2d:96:87:
2d:8c:43:a6:50:9c:65:ee:b6:1a:2c:1b:41:f1:e6:
34:28:30:a0:b3:9c:03:03:87:c2:18:80:e9:68:ac:
b2:d8:3b:bc:6c:41:66:52:90:65:ff:38:8b:41:be:
59:e7:3c:cb:84:12:2f:71:1e:45:fd:b0:a7:4e:90:
e0:f0:89:67:c7:e0:ba:43:5f:20:f9:1b:56:4a:80:
f2:70:94:7f:90:f3:0a:ce:60:32:5a:71:02:47:62:
fb:32:2d:dc:4b:39:e6:30:71:bf:7f:0d:5e:aa:e7:
8f:22:e4:ed:40:42:3f:0d:1f:c8:1b:bc:1e:8e:6c:
96:98:b4:65:c4:54:0f:da:ee:ee:7e:36:3a:19:31:
36:98:57:d5:84:81:03:75:42:c0:f1:fc:ed:0e:b1:
d2:1b:e2:be:e1:fd:07:0b:07:f2:5d:bc:63:09:19:
bb:51:f2:5d:da:e2:79:73:c0:68:35:78:e5:f0:17:
24:9f:56:9f:63:20:3d:b2:17:ee:66:2c:0f:d1:c1:
c7:bf:35:2f:c0:e6:f2:bb:a5:c4:1e:87:a2:16:45:
f7:9e:87:00:1e:e2:f9:ac:c8:78:44:ce:65:dc:d7:
d8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4A:9D:86:77:B1:B3:79:68:B0:6B:0A:0D:7B:B9:1F:BA:E9:DE:14
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS150325.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:3::/48
2a06:a005:16c0::/44
Signature Algorithm: sha256WithRSAEncryption
c1:a9:b3:73:c6:4f:2a:8f:e3:28:7d:b7:92:d4:23:04:03:22:
9b:a4:a9:23:d1:d5:e6:7e:63:a7:87:ab:17:21:e6:83:22:61:
88:e8:a1:95:f6:96:e2:2a:22:18:d4:38:bd:aa:b8:e3:aa:2b:
16:00:65:5b:22:b7:12:5c:54:3d:d9:6b:21:9a:e2:d8:07:c7:
d3:e5:18:c5:07:4c:70:ac:ae:15:f4:f2:de:e5:aa:24:c7:32:
33:79:35:67:e1:bd:99:8d:bc:c7:04:b7:20:a5:06:31:5c:13:
48:d6:76:e7:eb:97:2b:20:ff:3e:0a:35:00:36:a5:7a:d6:2e:
73:74:35:2d:cc:c9:ce:49:25:b6:f5:bf:f9:f3:0f:5a:0d:8f:
00:f4:02:fa:1b:bf:27:a5:9e:ee:dd:8c:d1:08:6f:93:18:ad:
a3:6a:94:1e:fb:0c:7f:e2:dd:66:d1:ff:59:94:35:47:37:3b:
bf:c9:55:1b:cc:54:d8:c7:15:b2:67:95:c6:41:95:27:6d:0a:
ce:94:be:1a:9f:88:9a:1b:99:10:01:95:25:fc:bb:9d:8b:37:
8f:aa:18:c3:52:59:85:ed:ed:b8:4a:a2:21:84:b5:68:9a:28:
7e:d5:3d:1f:95:a9:25:db:60:86:c7:45:4a:0c:90:78:67:e5:
e1:58:df:4f
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUeSF5yoeVCMDDmYTCXZzW2ynZSS8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTJaFw0yNDEyMDMwMjQ0MTJaMDMxMTAvBgNV
BAMTKEQxNEE5RDg2NzdCMUIzNzk2OEIwNkIwQTBEN0JCOTFGQkFFOURFMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvj1m4/xY5q6Z+l+ymFjWLPHzA
6Fk6IKASzS2Why2MQ6ZQnGXuthosG0Hx5jQoMKCznAMDh8IYgOlorLLYO7xsQWZS
kGX/OItBvlnnPMuEEi9xHkX9sKdOkODwiWfH4LpDXyD5G1ZKgPJwlH+Q8wrOYDJa
cQJHYvsyLdxLOeYwcb9/DV6q548i5O1AQj8NH8gbvB6ObJaYtGXEVA/a7u5+NjoZ
MTaYV9WEgQN1QsDx/O0OsdIb4r7h/QcLB/JdvGMJGbtR8l3a4nlzwGg1eOXwFySf
Vp9jID2yF+5mLA/Rwce/NS/A5vK7pcQeh6IWRfeehwAe4vmsyHhEzmXc19hPAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQU0Uqdhnexs3losGsKDXu5H7rp3hQwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTUwMzI1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcAKgagBQADAwcEKgagBRbAMA0GCSqGSIb3DQEBCwUA
A4IBAQDBqbNzxk8qj+MofbeS1CMEAyKbpKkj0dXmfmOnh6sXIeaDImGI6KGV9pbi
KiIY1Di9qrjjqisWAGVbIrcSXFQ92WshmuLYB8fT5RjFB0xwrK4V9PLe5aokxzIz
eTVn4b2ZjbzHBLcgpQYxXBNI1nbn65crIP8+CjUANqV61i5zdDUtzMnOSSW29b/5
8w9aDY8A9AL6G78npZ7u3YzRCG+TGK2japQe+wx/4t1m0f9ZlDVHNzu/yVUbzFTY
xxWyZ5XGQZUnbQrOlL4an4iaG5kQAZUl/LudizePqhjDUlmF7e24SqIhhLVomih+
1T0flakl22CGx0VKDJB4Z+XhWN9P
-----END CERTIFICATE-----
Generated at Fri May 3 20:12:30 2024 by rpki-client on console-ams.rpki-client.org