Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200879.roa
File: AS200879.roa (raw, json)
Hash identifier: 60epWyIV8XBhRkrkeO7vAI1mN8Ol3SBDwJgHjkmQn5U=
Subject key identifier: DA:22:5E:D1:33:C3:DE:45:6E:DE:13:A2:0F:50:7D:24:64:8F:35:D2
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 34E12099BF070BCCE246ED8DC3083C78B4A66450
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200879.roa
Signing time: Wed 26 Mar 2025 22:14:21 +0000
ROA not before: Wed 26 Mar 2025 22:09:21 +0000
ROA not after: Wed 25 Mar 2026 22:14:21 +0000
asID: 200879
IP address blocks: 2a06:a005:1d51::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 09:24:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:e1:20:99:bf:07:0b:cc:e2:46:ed:8d:c3:08:3c:78:b4:a6:64:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Mar 26 22:09:21 2025 GMT
Not After : Mar 25 22:14:21 2026 GMT
Subject: CN=DA225ED133C3DE456EDE13A20F507D24648F35D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5c:db:be:96:e2:70:11:3e:03:b1:71:ec:dd:
3b:0a:28:28:a7:89:4f:c2:a4:73:02:f8:a4:9e:6d:
0a:11:98:55:8a:11:eb:6d:4b:86:55:2f:57:ae:29:
0f:ea:c1:11:97:47:07:c0:fd:9d:69:1a:e2:42:89:
81:87:88:a5:ec:5e:44:be:8a:f0:48:c7:26:66:b7:
e0:2f:f7:b5:55:25:3e:c0:97:d1:73:18:e5:46:63:
6c:2c:8d:ac:9b:20:57:67:50:d1:6b:a9:04:3d:7c:
2a:66:64:02:9b:e4:5a:91:a1:5f:98:9d:ac:6c:25:
90:4e:4e:4f:38:85:2a:41:7b:03:bd:18:66:cf:d9:
bd:e5:79:29:a3:fd:25:16:4c:53:c8:ee:8d:ef:38:
96:de:80:4a:31:ad:2e:dd:a8:c9:01:1c:d0:b6:a2:
d6:e1:ed:a7:bf:ff:aa:6d:16:82:36:8a:0d:73:b1:
28:ef:a2:18:0d:e8:38:cb:d4:e0:d8:d8:7e:95:cc:
02:e1:30:49:ff:09:91:f1:87:66:d4:38:f6:9e:37:
3d:bb:66:96:b0:3b:02:77:88:a6:16:18:b7:79:91:
44:aa:66:65:cd:b3:e5:87:64:bf:6e:93:65:9b:b7:
53:69:d1:53:13:a5:58:fe:12:87:5f:fe:72:cd:7e:
09:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:22:5E:D1:33:C3:DE:45:6E:DE:13:A2:0F:50:7D:24:64:8F:35:D2
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200879.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1d51::/48
Signature Algorithm: sha256WithRSAEncryption
58:d3:d6:4c:66:2e:47:c2:f3:85:a1:3e:2b:73:95:51:a7:e6:
74:41:3e:68:6e:39:1d:27:e5:be:27:7e:2c:fa:55:fc:70:11:
1d:5c:91:5b:06:8e:3f:28:67:20:45:d0:f4:79:c1:df:54:c7:
bb:a4:e1:e7:3f:0a:82:3e:e6:b2:8e:10:47:b8:4c:d2:a9:70:
be:c7:ce:43:33:65:05:95:2f:d2:e0:cc:90:67:1f:06:48:11:
b6:7a:82:49:5d:96:c2:3d:7e:1b:2b:8f:60:47:33:70:83:39:
63:29:a7:d9:fd:b6:05:69:d5:3a:1d:6c:f3:0e:b1:31:02:af:
12:5d:34:83:59:7e:ff:77:3c:be:ff:b1:42:31:8f:40:29:bb:
85:23:19:1e:18:9c:7d:08:eb:b3:60:b7:46:46:d3:a8:69:15:
ed:38:71:50:5b:6d:10:28:70:b5:6f:51:76:f0:ea:67:05:a3:
f7:40:08:19:97:2d:d8:f0:79:ac:89:a6:4b:b7:bc:4d:2b:1e:
0d:cc:c6:47:78:7a:81:63:ff:c2:4c:58:7e:05:08:d9:8c:85:
37:8d:19:cf:06:b4:d4:0e:4c:ab:bf:b3:91:08:ea:ad:03:f5:
f8:f9:37:0e:7e:7b:3c:a8:3f:06:fd:fb:e7:5f:72:26:af:fe:
64:c5:7b:36
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUNOEgmb8HC8ziRu2Nwwg8eLSmZFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNTAzMjYyMjA5MjFaFw0yNjAzMjUyMjE0MjFaMDMxMTAvBgNV
BAMTKERBMjI1RUQxMzNDM0RFNDU2RURFMTNBMjBGNTA3RDI0NjQ4RjM1RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzXNu+luJwET4DsXHs3TsKKCin
iU/CpHMC+KSebQoRmFWKEettS4ZVL1euKQ/qwRGXRwfA/Z1pGuJCiYGHiKXsXkS+
ivBIxyZmt+Av97VVJT7Al9FzGOVGY2wsjaybIFdnUNFrqQQ9fCpmZAKb5FqRoV+Y
naxsJZBOTk84hSpBewO9GGbP2b3leSmj/SUWTFPI7o3vOJbegEoxrS7dqMkBHNC2
otbh7ae//6ptFoI2ig1zsSjvohgN6DjL1ODY2H6VzALhMEn/CZHxh2bUOPaeNz27
ZpawOwJ3iKYWGLd5kUSqZmXNs+WHZL9uk2Wbt1Np0VMTpVj+Eodf/nLNfgnPAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU2iJe0TPD3kVu3hOiD1B9JGSPNdIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwODc5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBR1RMA0GCSqGSIb3DQEBCwUAA4IBAQBY09ZM
Zi5HwvOFoT4rc5VRp+Z0QT5objkdJ+W+J34s+lX8cBEdXJFbBo4/KGcgRdD0ecHf
VMe7pOHnPwqCPuayjhBHuEzSqXC+x85DM2UFlS/S4MyQZx8GSBG2eoJJXZbCPX4b
K49gRzNwgzljKafZ/bYFadU6HWzzDrExAq8SXTSDWX7/dzy+/7FCMY9AKbuFIxke
GJx9COuzYLdGRtOoaRXtOHFQW20QKHC1b1F28OpnBaP3QAgZly3Y8HmsiaZLt7xN
Kx4NzMZHeHqBY//CTFh+BQjZjIU3jRnPBrTUDkyrv7ORCOqtA/X4+TcOfns8qD8G
/fvnX3Imr/5kxXs2
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:39:18 2025 by rpki-client