Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS148971.roa
File: AS148971.roa (raw, json)
Hash identifier: z8hWjw+5gTgQkMYcWUP/A5UOa2KsUMIZELdB8+wSg1I=
Subject key identifier: B4:6C:A0:E4:F8:4E:C0:81:88:24:5B:18:1D:8C:FC:72:C0:C9:E4:22
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 0B67BDB68FE2FD923E8895B6307EC2DEC09A47C7
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS148971.roa
Signing time: Thu 04 Jun 2026 15:58:48 +0000
ROA not before: Thu 04 Jun 2026 15:53:48 +0000
ROA not after: Thu 03 Jun 2027 15:58:48 +0000
asID: 148971
IP address blocks: 2a06:a005:25a0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:67:bd:b6:8f:e2:fd:92:3e:88:95:b6:30:7e:c2:de:c0:9a:47:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jun 4 15:53:48 2026 GMT
Not After : Jun 3 15:58:48 2027 GMT
Subject: CN=B46CA0E4F84EC08188245B181D8CFC72C0C9E422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:aa:82:85:f3:68:11:7b:e0:b0:b1:1f:92:9c:
bd:50:a8:90:81:84:69:85:23:fa:59:8d:f8:00:05:
62:92:84:07:e4:35:e0:72:94:17:fd:0e:05:8d:b1:
b2:ca:22:0f:b1:74:ad:ec:c3:3c:2c:c7:c1:a7:43:
71:e7:3a:94:c3:c2:30:e2:dc:46:00:4e:a6:d0:ed:
e5:04:70:e9:55:68:d2:40:38:1f:28:02:80:98:70:
db:91:d9:33:07:e4:d7:02:81:09:b9:88:4d:ff:1d:
04:54:44:6c:1d:d9:6e:34:8c:3e:fe:84:b4:10:65:
b7:fa:94:c1:3c:6e:41:b3:5b:bf:9a:91:fc:01:5f:
12:32:6b:5d:ce:d7:cb:45:97:03:7d:35:c8:56:6d:
d4:4d:4a:bf:4d:cb:0d:9d:ce:b8:19:7f:70:3b:27:
d5:92:f6:b8:8c:91:36:72:9e:10:bf:13:c3:69:bf:
40:bd:b5:98:d7:ec:85:b6:06:bd:bf:e0:f4:2c:9b:
a4:f1:2d:a0:89:0e:83:4d:d7:d0:61:02:44:1c:f6:
19:1e:fc:92:6b:9f:18:84:fe:51:0a:47:a3:f7:a0:
ef:d3:fa:59:f2:33:b2:a7:56:4c:a7:7a:95:28:e3:
46:04:d1:14:3e:47:cc:7a:fc:ed:a8:00:7e:0a:6d:
a6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:6C:A0:E4:F8:4E:C0:81:88:24:5B:18:1D:8C:FC:72:C0:C9:E4:22
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS148971.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:25a0::/44
Signature Algorithm: sha256WithRSAEncryption
30:66:b3:75:e1:8c:6a:1c:6b:48:13:09:2e:54:40:4b:62:1d:
c6:c8:9a:ff:5e:98:43:b1:d1:ab:b8:c3:52:8f:ea:46:90:b0:
82:01:23:65:76:39:3e:67:5a:28:58:be:30:d2:bc:a4:cd:c3:
77:83:75:1a:56:ac:0e:60:42:83:12:dc:77:c7:25:3c:c1:45:
df:ca:1f:d9:b5:dd:e9:59:69:fd:03:a2:44:bb:22:e0:15:26:
2b:39:93:69:ab:ef:46:1a:d7:f9:3d:05:39:01:29:0a:5b:b9:
f4:44:16:c7:57:a4:28:b6:cd:8d:2a:23:e1:ad:12:9f:78:05:
24:a3:a0:3e:0b:8c:6c:f2:9d:4a:b7:48:ef:e9:2f:cb:0c:fb:
ac:7d:e1:20:12:22:9d:5c:3d:c9:c0:94:9e:1a:1c:d0:cb:69:
a3:07:35:c3:6f:01:af:58:07:5a:ce:93:54:52:77:43:ce:d6:
c5:df:c7:cd:c5:69:74:47:09:86:f3:f2:08:60:be:6b:06:3b:
e6:8f:6e:d0:15:88:9f:14:07:7e:e8:15:aa:cf:c7:0d:d7:96:
4b:36:41:c6:2e:68:98:35:c1:fb:fa:b8:75:a8:83:42:d7:a8:
3d:d1:45:eb:1f:00:75:2e:5a:57:e6:42:d1:37:6e:c8:71:0d:
f3:89:31:80
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUC2e9to/i/ZI+iJW2MH7C3sCaR8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNDhaFw0yNzA2MDMxNTU4NDhaMDMxMTAvBgNV
BAMTKEI0NkNBMEU0Rjg0RUMwODE4ODI0NUIxODFEOENGQzcyQzBDOUU0MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGqoKF82gRe+CwsR+SnL1QqJCB
hGmFI/pZjfgABWKShAfkNeBylBf9DgWNsbLKIg+xdK3swzwsx8GnQ3HnOpTDwjDi
3EYATqbQ7eUEcOlVaNJAOB8oAoCYcNuR2TMH5NcCgQm5iE3/HQRURGwd2W40jD7+
hLQQZbf6lME8bkGzW7+akfwBXxIya13O18tFlwN9NchWbdRNSr9Nyw2dzrgZf3A7
J9WS9riMkTZynhC/E8Npv0C9tZjX7IW2Br2/4PQsm6TxLaCJDoNN19BhAkQc9hke
/JJrnxiE/lEKR6P3oO/T+lnyM7KnVkynepUo40YE0RQ+R8x6/O2oAH4KbaYfAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUtGyg5PhOwIGIJFsYHYz8csDJ5CIwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MTQ4OTcxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSWgMA0GCSqGSIb3DQEBCwUAA4IBAQAwZrN1
4YxqHGtIEwkuVEBLYh3GyJr/XphDsdGruMNSj+pGkLCCASNldjk+Z1ooWL4w0ryk
zcN3g3UaVqwOYEKDEtx3xyU8wUXfyh/Ztd3pWWn9A6JEuyLgFSYrOZNpq+9GGtf5
PQU5ASkKW7n0RBbHV6Qots2NKiPhrRKfeAUko6A+C4xs8p1Kt0jv6S/LDPusfeEg
EiKdXD3JwJSeGhzQy2mjBzXDbwGvWAdazpNUUndDztbF38fNxWl0RwmG8/IIYL5r
Bjvmj27QFYifFAd+6BWqz8cN15ZLNkHGLmiYNcH7+rh1qINC16g90UXrHwB1LlpX
5kLRN27IcQ3ziTGA
-----END CERTIFICATE-----
Generated at Sat Jun 6 05:23:12 2026 by rpki-client