Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS148971.roa
File: AS148971.roa (raw, json)
Hash identifier: YjgAaAnXNPKlj6Aa96HwObTxnR+jMR+D4fTVJtXFwVI=
Subject key identifier: 0F:51:2B:3E:0B:83:CC:9E:F1:0F:3E:FE:EA:C7:7C:7B:14:41:60:A3
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 47C8F69CBF3D62A180C0E51D0C63C8FD64AB542F
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS148971.roa
Signing time: Thu 03 Jul 2025 15:52:08 +0000
ROA not before: Thu 03 Jul 2025 15:47:08 +0000
ROA not after: Thu 02 Jul 2026 15:52:08 +0000
asID: 148971
IP address blocks: 2a06:a005:25a0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:c8:f6:9c:bf:3d:62:a1:80:c0:e5:1d:0c:63:c8:fd:64:ab:54:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:08 2025 GMT
Not After : Jul 2 15:52:08 2026 GMT
Subject: CN=0F512B3E0B83CC9EF10F3EFEEAC77C7B144160A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:13:30:2b:ce:91:4c:75:15:8a:f4:b4:6d:3d:
4d:92:24:4b:79:c0:92:ed:06:16:74:bf:8a:29:45:
74:83:f8:60:71:40:2c:eb:f1:9f:77:b1:7f:28:0a:
3f:43:d9:da:8b:c8:d1:ed:59:bb:37:b9:b2:6a:c4:
5a:74:ee:3f:dd:4f:6a:e6:1d:33:12:be:8c:e4:b2:
82:53:de:6e:71:75:f4:82:89:d7:7b:12:d1:80:22:
42:ea:d6:a5:82:9c:99:c2:b6:c8:d4:d6:65:3d:5f:
ba:08:e5:68:a9:ec:3b:bc:e1:cc:c6:18:bc:19:30:
c4:3e:c8:c3:06:c7:75:0a:d1:66:41:8c:f1:fe:56:
21:4a:46:5b:53:a4:a3:50:4b:60:62:7c:15:1e:7d:
98:cf:25:3a:6f:82:ab:bf:4d:c1:16:3b:d2:b2:59:
80:5a:dd:68:78:ee:cc:98:de:b6:3a:e7:dd:9e:ea:
ae:5b:a6:14:e9:3f:b7:15:8e:0c:bb:34:ed:2c:20:
c6:da:e9:b0:ef:94:4e:f6:94:9a:51:bc:10:84:17:
d4:f3:5a:6d:4d:48:78:7c:5a:7a:40:e9:6a:f1:31:
9e:f4:5f:66:30:1b:24:ad:55:51:b3:45:bb:dc:26:
92:fc:82:ef:b5:c9:54:00:7b:ed:0d:8b:4d:ae:96:
24:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:51:2B:3E:0B:83:CC:9E:F1:0F:3E:FE:EA:C7:7C:7B:14:41:60:A3
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS148971.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:25a0::/44
Signature Algorithm: sha256WithRSAEncryption
b0:3f:62:c4:2b:93:fd:39:f9:cd:5f:b2:9e:bf:96:2f:90:58:
5f:4f:c5:f2:ef:a9:74:7e:65:a2:8d:d7:6e:b6:64:d2:b1:d0:
e5:cc:72:8b:a0:bb:76:0a:13:2f:19:64:45:3c:6b:8c:15:41:
be:37:eb:6b:47:aa:bb:b5:e3:6f:08:bd:00:c8:2d:6d:be:23:
af:24:28:ff:e6:3b:68:83:4c:c9:4a:af:61:ae:67:ef:e6:6f:
62:00:d9:96:8b:ec:5d:9b:75:f2:d4:3c:48:c8:4b:9b:ef:0f:
2b:c5:f7:af:ec:e6:54:cc:bb:fc:99:ff:89:d0:f2:63:1e:26:
39:58:fe:cc:06:a7:fa:84:0d:79:71:f4:45:5a:f3:ac:bf:a2:
5a:73:e3:18:0c:da:10:74:11:39:6c:39:6d:e4:44:87:6f:b5:
45:68:28:17:5d:2a:4e:c7:e9:58:31:80:df:08:0a:52:56:7b:
f7:f2:df:47:3a:5b:38:46:aa:4a:31:de:00:7c:81:81:25:ef:
fa:e4:96:16:02:92:d1:b8:85:f0:29:12:55:b1:f5:30:1d:de:
55:0c:7b:54:2b:d1:ee:c8:45:9e:9c:8e:ad:21:92:4b:15:8f:
52:7b:ab:47:1a:8c:76:d1:e5:98:83:b8:ab:ce:fc:da:b7:0f:
1e:58:c2:a6
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUR8j2nL89YqGAwOUdDGPI/WSrVC8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MDhaFw0yNjA3MDIxNTUyMDhaMDMxMTAvBgNV
BAMTKDBGNTEyQjNFMEI4M0NDOUVGMTBGM0VGRUVBQzc3QzdCMTQ0MTYwQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCEzArzpFMdRWK9LRtPU2SJEt5
wJLtBhZ0v4opRXSD+GBxQCzr8Z93sX8oCj9D2dqLyNHtWbs3ubJqxFp07j/dT2rm
HTMSvozksoJT3m5xdfSCidd7EtGAIkLq1qWCnJnCtsjU1mU9X7oI5Wip7Du84czG
GLwZMMQ+yMMGx3UK0WZBjPH+ViFKRltTpKNQS2BifBUefZjPJTpvgqu/TcEWO9Ky
WYBa3Wh47syY3rY6592e6q5bphTpP7cVjgy7NO0sIMba6bDvlE72lJpRvBCEF9Tz
Wm1NSHh8WnpA6WrxMZ70X2YwGyStVVGzRbvcJpL8gu+1yVQAe+0Ni02uliRJAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUD1ErPguDzJ7xDz7+6sd8exRBYKMwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MTQ4OTcxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSWgMA0GCSqGSIb3DQEBCwUAA4IBAQCwP2LE
K5P9OfnNX7Kev5YvkFhfT8Xy76l0fmWijddutmTSsdDlzHKLoLt2ChMvGWRFPGuM
FUG+N+trR6q7teNvCL0AyC1tviOvJCj/5jtog0zJSq9hrmfv5m9iANmWi+xdm3Xy
1DxIyEub7w8rxfev7OZUzLv8mf+J0PJjHiY5WP7MBqf6hA15cfRFWvOsv6Jac+MY
DNoQdBE5bDlt5ESHb7VFaCgXXSpOx+lYMYDfCApSVnv38t9HOls4RqpKMd4AfIGB
Je/65JYWApLRuIXwKRJVsfUwHd5VDHtUK9HuyEWenI6tIZJLFY9Se6tHGox20eWY
g7irzvzatw8eWMKm
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:01:39 2025 by rpki-client