Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS400304.roa
File: AS400304.roa (raw, json)
Hash identifier: SN4uEIOQVkKxbU2WU7YWiVeyV3zaISScr2qHDG0yh3s=
Subject key identifier: 28:F9:38:9F:97:1B:55:5A:3F:71:B9:D8:89:64:FC:40:F9:D3:39:BD
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 6394AE07647122A4097BE0A1C4CABA3B4E3687DC
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS400304.roa
Signing time: Fri 03 Jan 2025 17:56:45 +0000
ROA not before: Fri 03 Jan 2025 17:51:45 +0000
ROA not after: Fri 02 Jan 2026 17:56:45 +0000
asID: 400304
IP address blocks: 104.167.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 09:24:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:94:ae:07:64:71:22:a4:09:7b:e0:a1:c4:ca:ba:3b:4e:36:87:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Jan 3 17:51:45 2025 GMT
Not After : Jan 2 17:56:45 2026 GMT
Subject: CN=28F9389F971B555A3F71B9D88964FC40F9D339BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f0:6a:ca:1b:7b:03:9f:9b:39:15:36:08:f6:
4d:a9:18:18:c3:08:52:c8:01:76:1b:55:3d:fc:8c:
69:8e:5e:f8:50:bd:d6:64:1a:cd:d7:26:ff:f4:2f:
bb:ae:35:58:e0:c2:94:64:d7:c7:79:7e:3a:b4:ce:
ce:04:56:2d:6a:b6:43:ca:34:ed:b0:08:06:87:df:
41:52:5e:b2:3d:cf:b7:2f:06:a1:24:17:2d:35:14:
36:fd:32:ac:d8:53:4f:b6:8f:58:f6:67:58:f6:26:
80:73:6e:db:9e:00:68:05:f7:5b:65:0f:1c:e4:03:
72:fc:d8:ab:ae:39:fd:34:91:52:d9:22:34:ee:08:
22:c3:e6:56:94:d5:ff:93:56:3a:57:f7:35:00:b6:
46:f5:fa:28:53:a5:9c:28:a2:77:fb:20:49:8d:95:
8b:e4:53:7c:e0:3d:34:d5:40:16:cc:6a:05:38:23:
6b:e0:09:55:7a:38:5b:19:8a:15:55:04:30:84:7b:
f8:d1:ea:64:4b:b9:6c:65:ec:7e:07:65:a9:81:95:
28:63:8b:c6:0f:e2:13:4b:08:3a:22:a4:0d:2e:e6:
2b:b7:fc:15:4b:fc:2c:6d:50:a6:59:b7:66:61:9e:
87:1b:8c:2e:10:d0:33:21:24:a1:83:5c:5b:7c:4f:
da:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F9:38:9F:97:1B:55:5A:3F:71:B9:D8:89:64:FC:40:F9:D3:39:BD
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS400304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.167.17.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:09:7b:b1:b8:36:47:5b:4e:4f:fb:75:12:6c:68:8e:5f:41:
72:88:ec:31:44:63:da:d7:49:a8:03:fd:c1:d3:e3:d2:ec:f3:
3d:86:d9:2a:99:16:34:c3:80:12:b3:ec:64:dc:b3:2f:3c:c9:
79:a4:92:2f:af:50:d3:2a:36:12:e0:5b:67:a5:2b:98:c4:d5:
42:94:44:6f:3e:cc:8e:e7:92:c7:fe:7c:9c:2a:3a:d4:ed:c1:
73:60:44:05:98:4b:d0:e7:f0:96:1b:7e:0b:e1:4d:a0:bb:d8:
91:ad:93:41:5f:44:c0:54:27:3d:ae:e2:c7:b7:57:c8:92:29:
5c:be:98:2a:f3:a9:f1:b8:d9:7d:43:e7:2f:e6:db:a1:75:eb:
c1:b3:cd:db:81:19:96:10:98:12:60:d4:1f:18:43:26:2d:5c:
a9:0b:13:5f:37:35:73:e5:cc:87:9e:1d:40:a5:e6:0a:7e:43:
b1:2b:14:f9:b1:90:b6:52:fc:ad:ff:ab:c5:fb:45:1f:d5:22:
80:a2:06:2c:54:e6:5c:5e:9c:81:e0:50:51:f3:ef:b2:9f:21:
25:8e:f8:36:f7:42:3a:08:e9:d5:7d:d2:78:18:ab:46:e9:71:
9b:43:71:ff:62:2a:bb:af:83:16:b6:cd:cb:01:75:03:c2:c8:
6a:8a:ee:87
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUY5SuB2RxIqQJe+ChxMq6O042h9wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNTAxMDMxNzUxNDVaFw0yNjAxMDIxNzU2NDVaMDMxMTAvBgNV
BAMTKDI4RjkzODlGOTcxQjU1NUEzRjcxQjlEODg5NjRGQzQwRjlEMzM5QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDi8GrKG3sDn5s5FTYI9k2pGBjD
CFLIAXYbVT38jGmOXvhQvdZkGs3XJv/0L7uuNVjgwpRk18d5fjq0zs4EVi1qtkPK
NO2wCAaH30FSXrI9z7cvBqEkFy01FDb9MqzYU0+2j1j2Z1j2JoBzbtueAGgF91tl
DxzkA3L82KuuOf00kVLZIjTuCCLD5laU1f+TVjpX9zUAtkb1+ihTpZwoonf7IEmN
lYvkU3zgPTTVQBbMagU4I2vgCVV6OFsZihVVBDCEe/jR6mRLuWxl7H4HZamBlShj
i8YP4hNLCDoipA0u5iu3/BVL/CxtUKZZt2ZhnocbjC4Q0DMhJKGDXFt8T9o5AgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUKPk4n5cbVVo/cbnYiWT8QPnTOb0wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NDAwMzA0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAaKcRMA0GCSqGSIb3DQEBCwUAA4IBAQCdCXuxuDZH
W05P+3USbGiOX0FyiOwxRGPa10moA/3B0+PS7PM9htkqmRY0w4ASs+xk3LMvPMl5
pJIvr1DTKjYS4FtnpSuYxNVClERvPsyO55LH/nycKjrU7cFzYEQFmEvQ5/CWG34L
4U2gu9iRrZNBX0TAVCc9ruLHt1fIkilcvpgq86nxuNl9Q+cv5tuhdevBs83bgRmW
EJgSYNQfGEMmLVypCxNfNzVz5cyHnh1ApeYKfkOxKxT5sZC2Uvyt/6vF+0Uf1SKA
ogYsVOZcXpyB4FBR8++ynyEljvg290I6COnVfdJ4GKtG6XGbQ3H/Yiq7r4MWts3L
AXUDwshqiu6H
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:40:25 2025 by rpki-client