Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399866.roa
File: AS399866.roa (raw, json)
Hash identifier: ySBXk57CwAjDFIo3JscYDwF7+ED9pXUJLPCtCge/8mQ=
Subject key identifier: D9:31:C4:9B:86:84:A2:0D:F9:7B:5C:A6:51:50:99:6F:A2:AC:7C:23
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 4AED17B5468ED3A53936E699AB401C7D2213EB77
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399866.roa
Signing time: Tue 05 Nov 2024 03:40:03 +0000
ROA not before: Tue 05 Nov 2024 03:35:03 +0000
ROA not after: Tue 04 Nov 2025 03:40:03 +0000
asID: 399866
IP address blocks: 2a06:a005:1170::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:ed:17:b5:46:8e:d3:a5:39:36:e6:99:ab:40:1c:7d:22:13:eb:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:03 2024 GMT
Not After : Nov 4 03:40:03 2025 GMT
Subject: CN=D931C49B8684A20DF97B5CA65150996FA2AC7C23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0d:79:18:e1:01:62:3d:82:ca:f0:34:15:96:
45:5b:c7:bd:ef:c9:60:f3:b5:72:52:dd:fd:93:87:
b6:b8:9a:ba:34:0a:65:dc:9c:f8:30:80:ae:4d:9d:
3d:45:86:b1:68:66:ea:d6:e7:6f:2c:bf:13:bb:a6:
0d:a4:9e:5c:16:82:de:39:06:b7:77:75:31:39:d1:
98:e9:a2:fa:b1:f0:76:07:41:a8:ef:38:d0:bf:c6:
24:56:82:ad:24:fc:70:73:dc:e8:98:8f:43:34:c1:
6b:b0:1f:ca:e5:d6:4f:a8:9e:1a:ec:5d:2e:3c:99:
43:aa:73:62:ae:f7:54:62:34:0d:ad:bd:27:52:5d:
25:a7:06:2b:9d:34:30:1b:59:8d:e2:11:9a:7a:87:
c1:67:2a:10:b7:69:88:ba:d2:ed:b8:00:0e:27:ae:
bc:91:38:79:80:ee:29:77:fc:28:fb:a5:60:54:0b:
af:1f:fb:9e:a2:ef:47:2e:e0:b3:23:38:7b:49:92:
e7:f5:55:a2:63:78:94:72:a7:ed:9c:83:7b:14:c3:
47:a4:d4:fa:ba:8e:a8:58:2b:eb:94:8a:a3:40:70:
34:2d:38:7b:c8:4b:73:cb:73:d4:22:9e:0a:e1:c0:
3b:e3:3f:8d:d3:40:e1:3c:da:6e:cf:64:2a:c0:ad:
c6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:31:C4:9B:86:84:A2:0D:F9:7B:5C:A6:51:50:99:6F:A2:AC:7C:23
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS399866.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1170::/44
Signature Algorithm: sha256WithRSAEncryption
4d:ab:cf:78:0d:ea:86:b9:89:5d:d0:6d:39:6b:15:89:14:3a:
3b:c5:72:21:db:50:d2:82:ae:ae:85:a1:61:df:82:3d:bc:09:
c9:7b:56:4c:54:0f:f6:f4:b5:be:ce:30:16:0d:14:1c:c9:02:
02:0a:44:fc:a5:7b:d1:df:f1:38:a4:8a:d7:89:65:1d:52:6b:
26:57:cf:18:e5:b4:2a:53:30:ab:5c:fb:77:e2:8f:59:c9:ec:
39:4d:6d:1e:3f:fa:e9:dc:7a:66:87:5b:62:dc:95:18:6a:63:
3b:99:48:86:b0:2f:6f:d2:c7:71:3e:1d:63:44:ee:17:87:bf:
f5:74:62:13:e9:10:9e:9b:62:ef:97:59:a0:a2:08:cd:6a:26:
73:11:4e:2c:d5:04:3c:e3:bd:3b:3e:8d:5f:e2:21:9d:0c:8b:
06:68:e5:a0:25:3f:cc:9d:6a:47:b7:d7:99:21:6c:bb:d2:cf:
41:af:17:64:f1:18:24:f1:4e:78:35:f5:91:93:b1:e5:2c:31:
7a:1a:47:e2:41:79:c7:5f:19:a2:7c:d3:a9:69:46:de:41:72:
b7:82:ff:30:db:55:0f:d0:a5:ae:31:aa:ad:83:e0:89:d6:aa:
87:4c:82:65:e1:39:25:b6:69:8b:fc:f7:1e:6f:7d:88:97:c2:
65:8a:3d:6e
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUSu0XtUaO06U5NuaZq0AcfSIT63cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDNaFw0yNTExMDQwMzQwMDNaMDMxMTAvBgNV
BAMTKEQ5MzFDNDlCODY4NEEyMERGOTdCNUNBNjUxNTA5OTZGQTJBQzdDMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwDXkY4QFiPYLK8DQVlkVbx73v
yWDztXJS3f2Th7a4mro0CmXcnPgwgK5NnT1FhrFoZurW528svxO7pg2knlwWgt45
Brd3dTE50Zjpovqx8HYHQajvONC/xiRWgq0k/HBz3OiYj0M0wWuwH8rl1k+onhrs
XS48mUOqc2Ku91RiNA2tvSdSXSWnBiudNDAbWY3iEZp6h8FnKhC3aYi60u24AA4n
rryROHmA7il3/Cj7pWBUC68f+56i70cu4LMjOHtJkuf1VaJjeJRyp+2cg3sUw0ek
1Pq6jqhYK+uUiqNAcDQtOHvIS3PLc9QingrhwDvjP43TQOE82m7PZCrArca9AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU2THEm4aEog35e1ymUVCZb6KsfCMwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
Mzk5ODY2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRFwMA0GCSqGSIb3DQEBCwUAA4IBAQBNq894
DeqGuYld0G05axWJFDo7xXIh21DSgq6uhaFh34I9vAnJe1ZMVA/29LW+zjAWDRQc
yQICCkT8pXvR3/E4pIrXiWUdUmsmV88Y5bQqUzCrXPt34o9Zyew5TW0eP/rp3Hpm
h1ti3JUYamM7mUiGsC9v0sdxPh1jRO4Xh7/1dGIT6RCem2Lvl1mgogjNaiZzEU4s
1QQ84707Po1f4iGdDIsGaOWgJT/MnWpHt9eZIWy70s9Brxdk8Rgk8U54NfWRk7Hl
LDF6GkfiQXnHXxmifNOpaUbeQXK3gv8w21UP0KWuMaqtg+CJ1qqHTIJl4TkltmmL
/Pceb32Il8Jlij1u
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:01:56 2024 by rpki-client on console-ams.rpki-client.org