Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: UqSPfebCqs4MShAiMnV8LtVJs9FzWFhg8nJUNnRj3v0=
Subject key identifier: E6:7B:D8:B3:4E:DC:D6:2D:6A:CD:96:1A:9E:9D:82:20:7F:FA:1E:B5
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 4C58D0882AD5A7C3E045941FF5433CE309A8AB29
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS16509.roa
Signing time: Sun 22 Oct 2023 03:35:16 +0000
ROA not before: Sun 22 Oct 2023 03:30:16 +0000
ROA not after: Sun 20 Oct 2024 03:35:16 +0000
asID: 16509
IP address blocks: 2a0a:6043::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:58:d0:88:2a:d5:a7:c3:e0:45:94:1f:f5:43:3c:e3:09:a8:ab:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Oct 22 03:30:16 2023 GMT
Not After : Oct 20 03:35:16 2024 GMT
Subject: CN=E67BD8B34EDCD62D6ACD961A9E9D82207FFA1EB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ff:89:3e:f7:23:51:f2:3d:db:c8:c1:a1:e8:
1c:05:98:bd:75:06:4c:62:a3:f4:d6:f9:5b:3b:df:
2a:68:dd:a8:8e:3d:f3:7b:67:17:b8:85:f4:a0:3d:
ae:96:97:9d:1f:87:55:8b:97:64:46:9c:aa:5b:64:
f7:9f:fd:82:06:19:ef:01:d5:19:c3:26:37:c5:fd:
2e:1e:92:89:d7:e1:02:c4:52:66:ae:0e:d0:f0:5a:
cf:be:cd:ef:40:3f:e9:c2:da:07:20:89:63:84:8c:
34:95:0f:61:df:cc:41:c5:c0:b6:72:99:16:62:40:
20:c6:18:a2:da:e8:da:59:13:a8:61:16:65:1f:31:
99:33:84:8d:9d:28:02:f3:0f:a8:f6:77:13:d2:41:
78:81:14:8b:b0:4b:0b:c8:f1:cc:86:d2:cc:2f:d4:
07:97:55:6a:7c:c4:9c:e3:c1:c6:1c:17:36:3f:ed:
b1:64:12:6f:86:82:b0:80:48:91:c7:86:c7:69:11:
3d:02:8d:3f:31:f9:c3:b0:ac:5b:10:fd:a3:b8:49:
cc:b1:7e:7b:d8:de:e8:c0:2d:26:18:d2:71:be:25:
09:80:8d:8a:3c:18:b9:32:0f:62:c8:67:bc:a7:4f:
da:54:5e:25:f4:be:98:4f:3c:52:1c:65:85:38:a5:
8d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7B:D8:B3:4E:DC:D6:2D:6A:CD:96:1A:9E:9D:82:20:7F:FA:1E:B5
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6043::/40
Signature Algorithm: sha256WithRSAEncryption
69:b1:9e:65:73:9a:2f:16:5b:0e:0f:06:b8:18:f4:b2:34:d8:
42:53:ff:9c:0a:0e:17:d6:69:da:36:db:26:3e:f1:06:40:dd:
d3:ca:7b:e0:98:2c:88:f1:7f:a0:d4:20:0d:2f:3e:7a:6d:02:
ff:d6:26:64:0f:06:fd:2b:10:b1:77:db:5a:4f:4a:78:66:0f:
ed:cc:ba:a0:0d:cd:cd:79:d2:82:42:40:8d:96:63:e8:98:10:
03:6f:cc:3c:d2:f6:52:f7:97:26:69:5d:9b:4e:07:40:27:c6:
c1:6c:4e:7b:c8:49:b8:bd:f2:cc:09:a3:02:b5:6e:81:6a:5c:
92:21:32:46:3e:22:f3:b4:5c:0a:02:5d:31:53:f9:6f:aa:18:
ee:6d:d2:91:72:35:8f:ef:d4:26:ce:cf:b2:e7:53:a9:b0:87:
fa:aa:80:07:da:54:c8:65:ed:b1:5a:e6:ae:df:5c:27:30:06:
8f:36:66:2a:9c:bc:fb:95:ae:25:71:39:a5:91:cb:17:52:6a:
46:54:5a:21:ef:56:0a:2e:f6:d0:43:11:2c:69:4f:c1:18:97:
df:51:f2:60:63:d6:91:70:cc:57:c0:03:8f:44:d7:2b:09:7c:
bd:30:8d:6d:f2:0d:fe:4f:4a:ae:c5:63:e3:b5:04:70:67:d6:
8f:9d:0d:29
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUTFjQiCrVp8PgRZQf9UM84wmoqykwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEwMjIwMzMwMTZaFw0yNDEwMjAwMzM1MTZaMDMxMTAvBgNV
BAMTKEU2N0JEOEIzNEVEQ0Q2MkQ2QUNEOTYxQTlFOUQ4MjIwN0ZGQTFFQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo/4k+9yNR8j3byMGh6BwFmL11
Bkxio/TW+Vs73ypo3aiOPfN7Zxe4hfSgPa6Wl50fh1WLl2RGnKpbZPef/YIGGe8B
1RnDJjfF/S4ekonX4QLEUmauDtDwWs++ze9AP+nC2gcgiWOEjDSVD2HfzEHFwLZy
mRZiQCDGGKLa6NpZE6hhFmUfMZkzhI2dKALzD6j2dxPSQXiBFIuwSwvI8cyG0swv
1AeXVWp8xJzjwcYcFzY/7bFkEm+GgrCASJHHhsdpET0CjT8x+cOwrFsQ/aO4Scyx
fnvY3ujALSYY0nG+JQmAjYo8GLkyD2LIZ7ynT9pUXiX0vphPPFIcZYU4pY1NAgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQU5nvYs07c1i1qzZYanp2CIH/6HrUwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTY1MDkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcB
Af8EEjAQMA4EAgACMAgDBgAqCmBDADANBgkqhkiG9w0BAQsFAAOCAQEAabGeZXOa
LxZbDg8GuBj0sjTYQlP/nAoOF9Zp2jbbJj7xBkDd08p74JgsiPF/oNQgDS8+em0C
/9YmZA8G/SsQsXfbWk9KeGYP7cy6oA3NzXnSgkJAjZZj6JgQA2/MPNL2UveXJmld
m04HQCfGwWxOe8hJuL3yzAmjArVugWpckiEyRj4i87RcCgJdMVP5b6oY7m3SkXI1
j+/UJs7PsudTqbCH+qqAB9pUyGXtsVrmrt9cJzAGjzZmKpy8+5WuJXE5pZHLF1Jq
RlRaIe9WCi720EMRLGlPwRiX31HyYGPWkXDMV8ADj0TXKwl8vTCNbfIN/k9KrsVj
47UEcGfWj50NKQ==
-----END CERTIFICATE-----
Generated at Thu May 2 12:22:57 2024 by rpki-client on console-ams.rpki-client.org