Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS133448.roa
File: AS133448.roa (raw, json)
Hash identifier: QGS/5jhYsvjYKqt+knL7T0kSgPS8oVOWcVnmcGOQ9sM=
Subject key identifier: A9:B6:63:7A:12:14:64:0D:9D:A9:C6:1C:2F:7F:FF:48:90:DB:34:27
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 3894C5F7F9CBDD6FF61D226FB692CECCD7C0C6A6
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS133448.roa
Signing time: Thu 03 Jul 2025 15:51:41 +0000
ROA not before: Thu 03 Jul 2025 15:46:41 +0000
ROA not after: Thu 02 Jul 2026 15:51:41 +0000
asID: 133448
IP address blocks: 5.253.85.0/24 maxlen: 24
103.68.110.0/24 maxlen: 24
103.214.69.0/24 maxlen: 24
185.90.62.0/24 maxlen: 24
185.99.134.0/24 maxlen: 24
185.121.162.0/24 maxlen: 24
185.121.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:94:c5:f7:f9:cb:dd:6f:f6:1d:22:6f:b6:92:ce:cc:d7:c0:c6:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:46:41 2025 GMT
Not After : Jul 2 15:51:41 2026 GMT
Subject: CN=A9B6637A1214640D9DA9C61C2F7FFF4890DB3427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6e:2d:f3:22:75:0e:45:4c:fc:95:95:51:2f:
10:13:73:12:6f:54:e5:f0:f8:aa:dc:7b:57:ad:1a:
1a:0e:32:18:a9:7e:92:66:20:66:5f:9b:68:38:42:
37:53:0f:fa:79:34:2a:39:d5:5b:85:7b:5b:b2:b9:
57:b9:81:7a:12:f7:0b:83:f5:f6:cb:2d:ee:dc:11:
12:c4:b7:0e:aa:ba:d1:d3:fb:a0:b8:d1:53:76:2c:
69:12:d3:c7:99:43:0d:7b:d3:80:51:38:1b:a5:e8:
3e:6b:28:4b:d3:7f:c0:ef:ec:cb:9c:e0:af:ab:1a:
72:ea:2d:4c:d0:f6:40:c1:fa:a5:92:32:ee:23:70:
8f:44:9a:46:e1:9b:05:c3:df:19:f1:5f:dc:7f:7a:
a0:fd:28:7e:13:36:41:f7:7b:d3:99:a0:bc:32:11:
6d:9d:9d:8d:a5:6d:00:00:2b:34:31:7b:da:e0:3e:
7d:1a:b0:fe:ff:68:fa:c5:f5:9d:cf:51:34:5f:72:
a3:23:6d:5f:49:54:b7:aa:a2:39:ab:a9:92:1e:04:
3a:9b:74:94:a8:97:87:b6:72:3b:a8:4d:ef:db:d4:
d8:64:a9:66:1d:b0:e5:86:81:2b:1a:82:c8:3d:82:
ef:ff:e2:76:ef:46:e2:d9:e3:78:8d:31:c1:b5:85:
1d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B6:63:7A:12:14:64:0D:9D:A9:C6:1C:2F:7F:FF:48:90:DB:34:27
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS133448.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.85.0/24
103.68.110.0/24
103.214.69.0/24
185.90.62.0/24
185.99.134.0/24
185.121.162.0/23
Signature Algorithm: sha256WithRSAEncryption
39:11:d3:ad:3d:08:ca:86:19:05:b2:0d:f2:3f:8e:02:7c:9f:
0c:b8:60:0b:7b:91:22:02:f9:64:45:46:96:85:aa:85:7a:ae:
c2:b2:ff:43:43:9b:5b:e2:4d:8c:78:9e:18:46:bc:23:98:53:
cb:ad:ae:f9:df:be:fb:a3:de:cb:42:90:e1:e1:a0:7d:10:1d:
53:c2:8a:51:ad:a0:38:fe:74:a4:cd:68:8b:ce:81:90:3d:86:
a3:db:b3:73:79:c3:d1:1e:5c:32:71:98:bf:ae:5a:1d:39:4e:
9c:60:06:dd:5c:25:a0:48:d3:91:0e:28:c9:d0:d4:63:b6:0d:
9c:15:c0:31:bd:d9:45:9c:ef:c2:37:92:85:d6:e9:f9:fd:5e:
ac:a9:30:c2:35:f1:d0:df:d9:69:d6:81:b0:2b:b0:2f:c8:21:
0f:87:16:d2:5c:7e:79:da:0d:80:7c:2f:21:8b:6e:3d:f3:3a:
63:8b:46:99:00:8c:86:c3:4c:8d:17:70:94:b1:4e:68:28:e0:
e5:54:27:f8:7f:81:e4:e6:f9:79:82:00:b6:4f:fc:71:c8:ac:
23:65:cf:a7:38:83:01:c2:f9:95:d0:9a:a0:ac:a2:55:54:09:
a7:a0:db:d4:89:f8:76:dd:10:46:90:e1:a9:fd:c7:07:51:63:
69:8f:a1:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUOJTF9/nL3W/2HSJvtpLOzNfAxqYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ2NDFaFw0yNjA3MDIxNTUxNDFaMDMxMTAvBgNV
BAMTKEE5QjY2MzdBMTIxNDY0MEQ5REE5QzYxQzJGN0ZGRjQ4OTBEQjM0MjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0bi3zInUORUz8lZVRLxATcxJv
VOXw+Krce1etGhoOMhipfpJmIGZfm2g4QjdTD/p5NCo51VuFe1uyuVe5gXoS9wuD
9fbLLe7cERLEtw6qutHT+6C40VN2LGkS08eZQw1704BROBul6D5rKEvTf8Dv7Muc
4K+rGnLqLUzQ9kDB+qWSMu4jcI9EmkbhmwXD3xnxX9x/eqD9KH4TNkH3e9OZoLwy
EW2dnY2lbQAAKzQxe9rgPn0asP7/aPrF9Z3PUTRfcqMjbV9JVLeqojmrqZIeBDqb
dJSol4e2cjuoTe/b1NhkqWYdsOWGgSsagsg9gu//4nbvRuLZ43iNMcG1hR0zAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUqbZjehIUZA2dqcYcL3//SJDbNCcwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MTMzNDQ4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEH
AQH/BC4wLDAqBAIAATAkAwQABf1VAwQAZ0RuAwQAZ9ZFAwQAuVo+AwQAuWOGAwQB
uXmiMA0GCSqGSIb3DQEBCwUAA4IBAQA5EdOtPQjKhhkFsg3yP44CfJ8MuGALe5Ei
AvlkRUaWhaqFeq7Csv9DQ5tb4k2MeJ4YRrwjmFPLra753777o97LQpDh4aB9EB1T
wopRraA4/nSkzWiLzoGQPYaj27NzecPRHlwycZi/rlodOU6cYAbdXCWgSNORDijJ
0NRjtg2cFcAxvdlFnO/CN5KF1un5/V6sqTDCNfHQ39lp1oGwK7AvyCEPhxbSXH55
2g2AfC8hi2498zpji0aZAIyGw0yNF3CUsU5oKODlVCf4f4Hk5vl5ggC2T/xxyKwj
Zc+nOIMBwvmV0JqgrKJVVAmnoNvUifh23RBGkOGp/ccHUWNpj6FG
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:18:41 2025 by rpki-client