Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204374.roa
File: AS204374.roa (raw, json)
Hash identifier: cIxNyR1vRwjpKeFyZ8nId+kzgmNDv8XL/z9zFuI9BGY=
Subject key identifier: 68:84:B8:E2:80:01:DE:98:73:8E:28:DC:BF:98:C9:9D:77:44:2B:CA
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 572403F75D9D73E9EBC3113AA8939923742A2901
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204374.roa
Signing time: Tue 05 Nov 2024 03:40:10 +0000
ROA not before: Tue 05 Nov 2024 03:35:10 +0000
ROA not after: Tue 04 Nov 2025 03:40:10 +0000
asID: 204374
IP address blocks: 2a06:a005:5a7::/48 maxlen: 48
2a06:a005:85f::/48 maxlen: 48
2a06:a005:1090::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 11:21:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:24:03:f7:5d:9d:73:e9:eb:c3:11:3a:a8:93:99:23:74:2a:29:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:10 2024 GMT
Not After : Nov 4 03:40:10 2025 GMT
Subject: CN=6884B8E28001DE98738E28DCBF98C99D77442BCA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ae:6c:8e:5f:d2:1d:fc:00:5a:4b:a5:1b:b1:
94:d2:5d:a6:5b:1f:8c:f6:9d:f6:3c:d5:d8:82:e9:
96:72:2d:78:17:a7:02:ad:94:9c:d7:da:fe:af:97:
00:4a:61:75:8d:90:da:e9:50:24:d0:50:66:7e:b9:
59:79:1a:8d:bb:2f:e6:58:08:de:ee:09:84:d7:c6:
77:c4:92:ad:3b:cc:a3:56:91:a6:db:a6:b3:1a:9a:
a1:d7:04:e7:84:c7:20:92:d0:34:56:25:a4:18:8a:
6e:2d:21:8f:82:29:10:73:72:4a:aa:0c:89:3c:cd:
ea:12:fc:f4:52:65:39:be:f1:80:cb:16:7b:b1:de:
5e:d0:78:50:12:b2:3a:78:5a:e4:60:ea:80:23:09:
9f:a6:00:1a:6e:06:e7:7a:1e:f3:e6:93:83:28:50:
59:d3:b5:02:cc:c7:0a:47:04:e6:ae:86:94:c1:23:
82:6e:1e:e7:f0:5f:a2:09:0b:6b:ae:64:bc:b3:72:
6a:3f:35:fe:da:db:b0:06:1b:ed:88:65:8b:bb:f2:
c6:48:da:e4:ed:62:ba:17:5c:e6:4a:f9:f9:d9:f6:
64:4e:d0:2b:9a:1f:d1:6e:45:3b:d5:72:d1:d8:b6:
85:78:51:26:a0:d8:19:cf:53:75:fc:00:01:0a:bc:
e6:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:84:B8:E2:80:01:DE:98:73:8E:28:DC:BF:98:C9:9D:77:44:2B:CA
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204374.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:5a7::/48
2a06:a005:85f::/48
2a06:a005:1090::/44
Signature Algorithm: sha256WithRSAEncryption
cc:51:a8:2f:1f:6c:15:64:c1:d5:41:26:36:6c:f6:58:cc:19:
c9:d7:9b:9f:f2:86:5a:47:ef:93:af:fb:b7:14:60:4f:38:36:
44:2f:08:3b:97:c5:80:ca:c1:f1:8d:11:44:39:11:2c:12:80:
30:ce:33:1a:8e:cb:48:d3:d5:36:26:9e:3e:a3:ee:a2:01:60:
4a:4e:cd:a4:7b:86:7a:04:ba:99:ba:c5:2b:db:2d:a8:a6:e9:
e6:e6:34:50:f9:67:0e:0f:ee:71:2e:a9:4e:0c:42:4a:cf:c4:
0d:f2:2d:b2:4e:a5:58:a1:ae:15:d7:76:da:1e:1e:63:46:c0:
f2:28:17:cf:7d:12:6f:43:87:d3:56:4c:a7:e8:3e:8e:f9:ae:
a5:db:ad:6b:0b:eb:0f:0e:ea:8a:b6:56:da:bd:87:cc:19:f8:
83:b1:7b:5b:15:05:2a:27:e0:76:15:60:20:1d:c2:05:d2:40:
3a:9a:3d:b8:bc:bd:cf:df:54:c4:0c:8f:8e:b6:72:c7:83:d9:
57:90:95:b5:1d:d1:89:28:42:47:fa:00:4f:8a:db:7e:41:ea:
1e:b5:8e:1b:59:d8:48:60:cb:b1:f7:9d:f1:f1:e7:8a:51:3c:
7e:5e:2b:d1:82:59:78:22:02:f8:24:22:78:4c:6f:1e:fc:b8:
4c:b5:15:88
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIUVyQD912dc+nrwxE6qJOZI3QqKQEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MTBaFw0yNTExMDQwMzQwMTBaMDMxMTAvBgNV
BAMTKDY4ODRCOEUyODAwMURFOTg3MzhFMjhEQ0JGOThDOTlENzc0NDJCQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMrmyOX9Id/ABaS6UbsZTSXaZb
H4z2nfY81diC6ZZyLXgXpwKtlJzX2v6vlwBKYXWNkNrpUCTQUGZ+uVl5Go27L+ZY
CN7uCYTXxnfEkq07zKNWkabbprMamqHXBOeExyCS0DRWJaQYim4tIY+CKRBzckqq
DIk8zeoS/PRSZTm+8YDLFnux3l7QeFASsjp4WuRg6oAjCZ+mABpuBud6HvPmk4Mo
UFnTtQLMxwpHBOauhpTBI4JuHufwX6IJC2uuZLyzcmo/Nf7a27AGG+2IZYu78sZI
2uTtYroXXOZK+fnZ9mRO0CuaH9FuRTvVctHYtoV4USag2BnPU3X8AAEKvOa7AgMB
AAGjggIEMIICADAdBgNVHQ4EFgQUaIS44oAB3phzjijcv5jJnXdEK8owHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA0Mzc0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEH
AQH/BCUwIzAhBAIAAjAbAwcAKgagBQWnAwcAKgagBQhfAwcEKgagBRCQMA0GCSqG
SIb3DQEBCwUAA4IBAQDMUagvH2wVZMHVQSY2bPZYzBnJ15uf8oZaR++Tr/u3FGBP
ODZELwg7l8WAysHxjRFEOREsEoAwzjMajstI09U2Jp4+o+6iAWBKTs2ke4Z6BLqZ
usUr2y2opunm5jRQ+WcOD+5xLqlODEJKz8QN8i2yTqVYoa4V13baHh5jRsDyKBfP
fRJvQ4fTVkyn6D6O+a6l261rC+sPDuqKtlbavYfMGfiDsXtbFQUqJ+B2FWAgHcIF
0kA6mj24vL3P31TEDI+OtnLHg9lXkJW1HdGJKEJH+gBPitt+QeoetY4bWdhIYMux
953x8eeKUTx+XivRgll4IgL4JCJ4TG8e/LhMtRWI
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:28:29 2025 by rpki-client