Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204375.roa
File: AS204375.roa (raw, json)
Hash identifier: wO14HSuDSeR/8ixf0TcQnGemgLdRU6G92WaS7wI3nvY=
Subject key identifier: 1C:1F:72:E0:23:86:A2:AC:40:02:51:E1:D7:CC:4B:7F:F3:18:54:04
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 52975504FB25701B0C6273E76E5A69A89AC93AAA
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204375.roa
Signing time: Wed 28 May 2025 20:30:00 +0000
ROA not before: Wed 28 May 2025 20:25:00 +0000
ROA not after: Wed 27 May 2026 20:30:00 +0000
asID: 204375
IP address blocks: 2a06:a005:ad0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 08:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:97:55:04:fb:25:70:1b:0c:62:73:e7:6e:5a:69:a8:9a:c9:3a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: May 28 20:25:00 2025 GMT
Not After : May 27 20:30:00 2026 GMT
Subject: CN=1C1F72E02386A2AC400251E1D7CC4B7FF3185404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:98:27:3b:46:c0:1b:e9:07:91:9e:39:cd:fb:
39:3b:45:ba:34:2d:39:c7:85:da:44:c6:ee:c3:68:
a8:e1:f6:1f:d6:63:69:a4:1b:65:aa:0f:c0:19:0a:
67:b1:a2:5e:8e:6e:03:22:78:60:b4:7f:71:6f:ad:
87:cd:53:fa:9e:b9:22:74:8f:17:cc:fb:fe:73:3e:
f8:c8:bb:a1:75:f4:57:eb:ac:bc:35:36:32:63:54:
17:7b:71:35:3d:48:7c:62:d9:af:ea:82:6f:d1:88:
ac:07:b3:b0:5e:c0:5a:9b:ea:df:e6:70:be:a4:15:
ba:3b:0a:43:80:34:d8:e0:4f:00:34:6a:e8:be:8b:
36:f9:72:95:c0:96:c0:bc:8a:f9:64:42:f6:4b:7f:
7d:44:3d:e9:43:aa:74:ea:b9:10:34:0b:33:06:c8:
60:64:e0:b7:0a:32:a1:60:44:d7:be:c9:77:c0:ae:
fc:83:9e:61:b7:58:64:bd:5f:7f:a5:7e:81:af:d3:
67:c5:17:c6:da:d4:fd:81:57:b1:42:09:55:53:da:
a0:6c:5f:2f:dd:8c:ce:eb:0f:4e:34:56:73:87:f5:
00:08:21:2b:94:0b:69:44:0b:a0:99:a6:9f:8c:a7:
48:10:8f:da:f2:d0:c5:07:3b:73:19:05:f8:4a:ea:
c3:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:1F:72:E0:23:86:A2:AC:40:02:51:E1:D7:CC:4B:7F:F3:18:54:04
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204375.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:ad0::/44
Signature Algorithm: sha256WithRSAEncryption
6e:09:99:3c:4f:07:2b:86:8e:a7:d7:21:97:97:7e:5c:b9:e5:
f6:83:61:c2:50:63:e2:d5:02:41:0b:6f:30:db:19:85:f9:f8:
78:5b:25:ad:cd:0f:22:43:c0:9e:f9:fc:95:b7:ae:a2:2c:fc:
8f:a6:a9:e3:6f:35:ad:e5:2e:f4:4d:2e:3e:7d:64:69:a2:30:
84:21:4f:cb:32:56:2a:7b:5c:9d:6d:cc:ba:09:0e:28:59:1d:
e8:49:f1:a6:e2:8c:a9:4d:0e:9c:0a:c9:18:81:64:74:01:08:
fe:9a:8e:36:95:61:c5:de:03:e6:7a:c5:05:fb:6f:eb:5f:bf:
8f:04:5f:8d:7c:93:7f:0f:8a:84:e1:3e:20:60:ac:71:a6:6c:
45:2e:11:e1:49:51:4f:b6:6e:ef:cb:7e:16:62:9c:55:a7:33:
16:30:4d:0d:04:b8:21:66:c1:2b:d1:6f:52:a5:71:cd:01:5b:
a5:73:20:11:53:82:91:f1:64:50:20:7e:b3:38:b8:1e:54:42:
d9:17:71:a6:0f:82:73:83:0d:de:f0:2d:59:f6:a2:1f:00:e5:
af:6d:35:c2:ec:6e:e6:27:a6:20:bd:63:76:c4:de:3a:a9:ae:
7e:1d:d3:13:b5:4e:bc:f5:5a:ab:b9:3c:5e:98:ce:1c:01:87:
ca:f4:cf:4b
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUUpdVBPslcBsMYnPnblppqJrJOqowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNTA1MjgyMDI1MDBaFw0yNjA1MjcyMDMwMDBaMDMxMTAvBgNV
BAMTKDFDMUY3MkUwMjM4NkEyQUM0MDAyNTFFMUQ3Q0M0QjdGRjMxODU0MDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDImCc7RsAb6QeRnjnN+zk7Rbo0
LTnHhdpExu7DaKjh9h/WY2mkG2WqD8AZCmexol6ObgMieGC0f3FvrYfNU/qeuSJ0
jxfM+/5zPvjIu6F19FfrrLw1NjJjVBd7cTU9SHxi2a/qgm/RiKwHs7BewFqb6t/m
cL6kFbo7CkOANNjgTwA0aui+izb5cpXAlsC8ivlkQvZLf31EPelDqnTquRA0CzMG
yGBk4LcKMqFgRNe+yXfArvyDnmG3WGS9X3+lfoGv02fFF8ba1P2BV7FCCVVT2qBs
Xy/djM7rD040VnOH9QAIISuUC2lEC6CZpp+Mp0gQj9ry0MUHO3MZBfhK6sNrAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUHB9y4COGoqxAAlHh18xLf/MYVAQwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA0Mzc1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQrQMA0GCSqGSIb3DQEBCwUAA4IBAQBuCZk8
Twcrho6n1yGXl35cueX2g2HCUGPi1QJBC28w2xmF+fh4WyWtzQ8iQ8Ce+fyVt66i
LPyPpqnjbzWt5S70TS4+fWRpojCEIU/LMlYqe1ydbcy6CQ4oWR3oSfGm4oypTQ6c
CskYgWR0AQj+mo42lWHF3gPmesUF+2/rX7+PBF+NfJN/D4qE4T4gYKxxpmxFLhHh
SVFPtm7vy34WYpxVpzMWME0NBLghZsEr0W9SpXHNAVulcyARU4KR8WRQIH6zOLge
VELZF3GmD4Jzgw3e8C1Z9qIfAOWvbTXC7G7mJ6YgvWN2xN46qa5+HdMTtU689Vqr
uTxemM4cAYfK9M9L
-----END CERTIFICATE-----
Generated at Tue Jun 3 12:35:39 2025 by rpki-client