Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS149020.roa
File: AS149020.roa (raw, json)
Hash identifier: qTxaMXpsGaGONnCeOWi9Y/MRAWFPtj98RjCMTQt26Wk=
Subject key identifier: F4:3D:5E:F6:06:7B:2A:3D:28:3C:CC:41:A5:47:4A:F9:C9:A2:45:1C
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 2FD8813D54479C4552B904114EB12E29F2DEFBFE
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS149020.roa
Signing time: Thu 03 Jul 2025 15:52:29 +0000
ROA not before: Thu 03 Jul 2025 15:47:29 +0000
ROA not after: Thu 02 Jul 2026 15:52:29 +0000
asID: 149020
IP address blocks: 27.0.234.0/24 maxlen: 24
103.68.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:d8:81:3d:54:47:9c:45:52:b9:04:11:4e:b1:2e:29:f2:de:fb:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:29 2025 GMT
Not After : Jul 2 15:52:29 2026 GMT
Subject: CN=F43D5EF6067B2A3D283CCC41A5474AF9C9A2451C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fc:b0:55:65:be:25:6f:9b:a6:90:31:c1:ae:
e5:b3:25:db:4e:5c:c9:8f:f4:f4:7b:3f:6d:1c:7c:
43:9c:46:1a:9a:c2:0c:b3:01:c9:4a:df:99:46:00:
5b:e7:5d:58:a9:da:f2:65:8f:30:6f:c7:3d:18:13:
de:5b:90:22:22:36:ac:63:19:42:a9:83:b3:5a:1c:
2b:87:a3:f1:54:3a:82:ae:f1:23:bb:a9:c8:82:a8:
d7:c8:c2:7e:8b:29:b0:f7:43:a7:ff:3a:f8:0b:4f:
75:f0:53:ea:0f:0d:80:a2:74:14:e4:40:d0:58:6a:
df:89:c7:4e:b4:ff:09:3f:0c:5b:c0:b3:bc:20:58:
f0:84:ce:3c:05:80:76:02:80:bb:63:dd:17:b7:dd:
b3:3f:2e:c8:66:5b:95:94:c3:45:02:57:1f:8d:70:
9e:45:1f:af:e4:d2:a1:a8:84:de:0c:ef:26:58:c1:
73:f1:d3:bd:e7:00:1e:49:db:ca:d5:ba:d2:99:68:
f7:d8:d4:6a:d3:e1:2d:de:d3:38:ea:f2:ff:81:7d:
7e:84:15:d8:9e:9f:9a:5a:5f:f1:28:36:4a:ab:88:
5c:e9:bb:79:24:79:ce:7b:46:ea:bd:b5:cf:7f:84:
94:be:3b:5b:4d:2e:3b:2b:1a:86:0a:24:fe:ea:73:
f2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:3D:5E:F6:06:7B:2A:3D:28:3C:CC:41:A5:47:4A:F9:C9:A2:45:1C
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS149020.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.0.234.0/24
103.68.108.0/24
Signature Algorithm: sha256WithRSAEncryption
97:11:f8:d3:3f:36:be:bb:50:c2:42:3a:4b:13:68:3a:a4:5c:
38:5c:85:e2:fe:9b:66:8c:e6:8a:67:39:52:a0:fa:66:cc:a5:
3c:a9:e4:a8:66:aa:e0:dc:94:9a:e3:aa:7d:ff:85:66:a2:11:
e2:eb:f8:06:d3:66:06:c0:c4:6d:6d:bf:e1:8e:ad:42:a6:92:
7c:87:ba:b5:ec:33:6c:b3:cd:38:d8:a6:7f:06:e8:9a:9b:f5:
38:be:47:ea:a1:15:9a:52:62:29:54:cd:89:22:06:4a:f9:2b:
45:11:13:9e:36:24:3f:c5:dc:ae:e8:e6:ac:1c:5b:61:07:bc:
10:ce:3e:fc:4d:6c:da:ba:e2:9f:03:07:bb:f1:4c:c2:42:f5:
a4:00:7b:41:5f:44:2d:cb:d3:7f:35:0b:a1:fc:58:72:11:33:
f7:77:ee:c7:ad:3b:f9:2d:16:9c:2e:78:5a:6b:c1:62:45:b9:
7b:66:c9:8d:b9:cf:48:8e:da:13:37:38:72:d5:fa:41:28:19:
c5:ce:ef:5f:ac:85:d4:39:35:69:08:c1:65:9d:39:71:f2:29:
71:e2:52:9f:c4:f0:5e:ae:c5:dd:d9:7a:90:a6:74:29:5c:86:
c6:f5:10:0c:37:02:dc:bb:9e:3a:43:1e:93:f0:83:d4:92:bf:
59:8e:2b:92
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUL9iBPVRHnEVSuQQRTrEuKfLe+/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MjlaFw0yNjA3MDIxNTUyMjlaMDMxMTAvBgNV
BAMTKEY0M0Q1RUY2MDY3QjJBM0QyODNDQ0M0MUE1NDc0QUY5QzlBMjQ1MUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCK/LBVZb4lb5umkDHBruWzJdtO
XMmP9PR7P20cfEOcRhqawgyzAclK35lGAFvnXVip2vJljzBvxz0YE95bkCIiNqxj
GUKpg7NaHCuHo/FUOoKu8SO7qciCqNfIwn6LKbD3Q6f/OvgLT3XwU+oPDYCidBTk
QNBYat+Jx060/wk/DFvAs7wgWPCEzjwFgHYCgLtj3Re33bM/LshmW5WUw0UCVx+N
cJ5FH6/k0qGohN4M7yZYwXPx073nAB5J28rVutKZaPfY1GrT4S3e0zjq8v+BfX6E
Fdien5paX/EoNkqriFzpu3kkec57Ruq9tc9/hJS+O1tNLjsrGoYKJP7qc/JrAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQU9D1e9gZ7Kj0oPMxBpUdK+cmiRRwwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MTQ5MDIwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEH
AQH/BBYwFDASBAIAATAMAwQAGwDqAwQAZ0RsMA0GCSqGSIb3DQEBCwUAA4IBAQCX
EfjTPza+u1DCQjpLE2g6pFw4XIXi/ptmjOaKZzlSoPpmzKU8qeSoZqrg3JSa46p9
/4VmohHi6/gG02YGwMRtbb/hjq1CppJ8h7q17DNss8042KZ/Buiam/U4vkfqoRWa
UmIpVM2JIgZK+StFEROeNiQ/xdyu6OasHFthB7wQzj78TWzauuKfAwe78UzCQvWk
AHtBX0Qty9N/NQuh/FhyETP3d+7HrTv5LRacLnhaa8FiRbl7ZsmNuc9IjtoTNzhy
1fpBKBnFzu9frIXUOTVpCMFlnTlx8ilx4lKfxPBersXd2XqQpnQpXIbG9RAMNwLc
u546Qx6T8IPUkr9ZjiuS
-----END CERTIFICATE-----
Generated at Fri Jul 4 21:58:20 2025 by rpki-client