Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS400536.roa
File: AS400536.roa (raw, json)
Hash identifier: Nf5dNh1GVKYlYpOGHc9+KyUWJmvBJWme0pnSZy46/kM=
Subject key identifier: 7F:08:5D:25:49:5A:A2:79:56:EC:AA:3D:49:19:09:DF:AF:C9:4A:3B
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 593258C4A602D0DA26AFFCF3ABE311290ED578AF
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS400536.roa
Signing time: Tue 05 Nov 2024 03:40:03 +0000
ROA not before: Tue 05 Nov 2024 03:35:03 +0000
ROA not after: Tue 04 Nov 2025 03:40:03 +0000
asID: 400536
IP address blocks: 2a06:a005:5f7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:32:58:c4:a6:02:d0:da:26:af:fc:f3:ab:e3:11:29:0e:d5:78:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 5 03:35:03 2024 GMT
Not After : Nov 4 03:40:03 2025 GMT
Subject: CN=7F085D25495AA27956ECAA3D491909DFAFC94A3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:12:87:c4:4f:f3:4f:a0:fa:01:d9:a4:75:7c:
74:da:40:52:6a:a0:f0:53:56:70:17:fa:31:b9:61:
a8:51:74:9f:20:4c:e6:90:79:63:ad:d7:e4:5c:b7:
a0:b1:2b:9d:a4:0a:3d:51:7b:92:dd:2c:b8:37:26:
e6:a2:dd:18:ea:cb:c1:1f:f2:e6:7c:bf:38:04:7e:
ed:d0:88:56:17:5e:4d:57:b5:07:f6:bd:13:4b:d8:
4a:4c:70:52:57:32:80:5e:ba:48:02:30:70:dd:91:
31:f8:45:ae:f8:04:8a:a7:e8:ec:65:29:c1:54:70:
14:ec:c2:88:17:4a:e8:36:8f:3b:0d:f7:d4:2b:6f:
75:b8:9b:9a:34:8e:f8:c2:cb:33:92:74:99:d5:c0:
9e:92:7a:1d:a9:fd:af:5d:8c:30:aa:53:c4:e0:8f:
72:96:7d:6b:47:6a:49:98:46:df:63:b6:61:ce:02:
78:78:ed:dc:98:e0:78:9a:70:61:0a:38:38:ec:9c:
fc:32:39:5d:54:af:ab:7b:fa:c2:57:ac:06:98:9f:
2c:98:7f:86:b8:18:d5:6c:be:b6:b3:fb:9f:4d:a6:
25:e2:35:c2:20:c6:89:d7:c1:2c:e2:21:34:90:13:
08:39:e0:7e:7e:9e:a5:b7:2d:79:4d:a0:5b:d8:af:
65:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:08:5D:25:49:5A:A2:79:56:EC:AA:3D:49:19:09:DF:AF:C9:4A:3B
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS400536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:5f7::/48
Signature Algorithm: sha256WithRSAEncryption
0a:e5:5c:13:3e:df:41:d7:7d:38:42:cc:b3:14:b4:08:01:90:
75:ed:31:d3:06:61:7e:80:9a:a8:27:e0:11:59:4a:5c:04:f6:
ff:e8:dd:6a:43:7e:73:d7:94:70:4a:9c:14:35:16:5c:dd:00:
bd:80:2a:23:4a:9f:ce:9b:9a:07:22:61:43:97:92:d6:11:7c:
b6:d6:2c:0a:5d:64:90:57:cc:82:c5:2c:bb:8b:c6:c8:c5:41:
ac:d8:ff:6c:c4:d1:49:f1:a6:6a:7a:4d:e6:e4:2e:cc:cb:ae:
52:2e:89:eb:b7:55:1b:1f:e1:5b:be:38:ba:2a:70:64:95:55:
ec:67:c3:cf:f1:53:86:af:ad:72:9c:d6:6d:a8:cd:bf:4c:b5:
46:39:bb:60:d3:d9:d9:de:cd:95:39:5a:68:6d:97:dd:d3:34:
a3:40:25:74:f0:46:ad:65:45:82:5c:c8:cf:f5:65:86:ad:5b:
8d:04:07:5b:01:a4:1f:2d:cc:65:58:43:fb:8d:75:29:52:a7:
f7:bb:98:b0:3b:05:a7:33:a5:4f:8b:e2:77:38:38:b6:43:0f:
f8:90:d7:d2:ac:f8:a6:34:59:0b:4d:24:88:f0:22:34:a0:52:
8b:b5:47:aa:81:21:fd:7a:54:02:22:c7:c6:6d:2a:e2:72:97:
5c:94:db:40
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUWTJYxKYC0Nomr/zzq+MRKQ7VeK8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDNaFw0yNTExMDQwMzQwMDNaMDMxMTAvBgNV
BAMTKDdGMDg1RDI1NDk1QUEyNzk1NkVDQUEzRDQ5MTkwOURGQUZDOTRBM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKEofET/NPoPoB2aR1fHTaQFJq
oPBTVnAX+jG5YahRdJ8gTOaQeWOt1+Rct6CxK52kCj1Re5LdLLg3Juai3Rjqy8Ef
8uZ8vzgEfu3QiFYXXk1XtQf2vRNL2EpMcFJXMoBeukgCMHDdkTH4Ra74BIqn6Oxl
KcFUcBTswogXSug2jzsN99Qrb3W4m5o0jvjCyzOSdJnVwJ6Seh2p/a9djDCqU8Tg
j3KWfWtHakmYRt9jtmHOAnh47dyY4HiacGEKODjsnPwyOV1Ur6t7+sJXrAaYnyyY
f4a4GNVsvraz+59NpiXiNcIgxonXwSziITSQEwg54H5+nqW3LXlNoFvYr2V5AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUfwhdJUlaonlW7Ko9SRkJ36/JSjswHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NDAwNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQX3MA0GCSqGSIb3DQEBCwUAA4IBAQAK5VwT
Pt9B1304QsyzFLQIAZB17THTBmF+gJqoJ+ARWUpcBPb/6N1qQ35z15RwSpwUNRZc
3QC9gCojSp/Om5oHImFDl5LWEXy21iwKXWSQV8yCxSy7i8bIxUGs2P9sxNFJ8aZq
ek3m5C7My65SLonrt1UbH+Fbvji6KnBklVXsZ8PP8VOGr61ynNZtqM2/TLVGObtg
09nZ3s2VOVpobZfd0zSjQCV08EatZUWCXMjP9WWGrVuNBAdbAaQfLcxlWEP7jXUp
Uqf3u5iwOwWnM6VPi+J3ODi2Qw/4kNfSrPimNFkLTSSI8CI0oFKLtUeqgSH9elQC
IsfGbSricpdclNtA
-----END CERTIFICATE-----
Generated at Mon Nov 25 15:51:31 2024 by rpki-client on console-ams.rpki-client.org