Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS17138.roa
File: AS17138.roa (raw, json)
Hash identifier: Lkxp41/R9gaZ8nOtUbJfKA7cPvk8d0mRyk+i/i5ZGeg=
Subject key identifier: 85:7A:88:2D:50:EC:B3:B2:E4:ED:0C:42:78:A9:A1:43:1B:E0:C7:34
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 1D5E7F3B268E9F8CADB8C9C02EC6F6C176CF98B4
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS17138.roa
Signing time: Thu 03 Jul 2025 15:52:29 +0000
ROA not before: Thu 03 Jul 2025 15:47:29 +0000
ROA not after: Thu 02 Jul 2026 15:52:29 +0000
asID: 17138
IP address blocks: 2a06:a005:b10::/44 maxlen: 48
2a06:a005:b20::/44 maxlen: 48
2a06:a005:b30::/44 maxlen: 48
2a06:a005:b40::/44 maxlen: 48
2a06:a005:b50::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:5e:7f:3b:26:8e:9f:8c:ad:b8:c9:c0:2e:c6:f6:c1:76:cf:98:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:29 2025 GMT
Not After : Jul 2 15:52:29 2026 GMT
Subject: CN=857A882D50ECB3B2E4ED0C4278A9A1431BE0C734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7e:13:85:56:5a:da:bf:7d:3a:75:0a:72:87:
3d:22:21:f9:9c:ad:8b:54:40:1f:b4:c2:b8:05:6f:
0b:14:80:4b:d4:ac:15:f6:3e:4c:85:80:c9:e7:7f:
ab:88:53:e2:9e:2e:3a:42:ff:39:f7:6d:99:30:57:
cc:a7:a0:3a:d2:0d:3b:3c:10:ef:a1:9a:76:73:f6:
8c:85:ac:80:63:c1:76:96:da:46:0c:42:b9:d7:fe:
b5:cb:6b:a7:44:6b:28:dc:57:d0:6b:a6:f7:80:d5:
01:25:7e:30:66:a0:7a:fa:71:20:af:ec:4c:4c:00:
72:fd:78:c4:43:92:da:fc:5f:53:a2:62:cc:82:4f:
89:8a:79:29:a9:95:a2:4f:f3:63:29:ef:fa:ec:ce:
8d:25:0f:45:67:40:64:c8:4b:26:e3:61:25:fe:08:
fd:88:de:7f:d9:e0:eb:18:0d:25:15:47:61:56:87:
d8:f2:7c:9d:52:bd:62:d2:17:c9:99:67:94:8f:b4:
73:c4:e2:1d:cf:ab:72:ea:0e:7f:bf:db:02:23:c7:
bc:15:a3:37:88:14:e7:12:73:0e:ae:9f:fe:01:cc:
64:58:1d:f1:26:59:c5:8f:08:fd:c7:c9:2f:73:77:
14:65:b3:23:71:95:1d:a9:15:6e:f8:d0:a0:99:88:
8c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:7A:88:2D:50:EC:B3:B2:E4:ED:0C:42:78:A9:A1:43:1B:E0:C7:34
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS17138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:b10::-2a06:a005:b5f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6a:fd:0a:94:be:b5:0d:a1:61:02:f5:35:50:9a:8b:d0:f5:6b:
de:9d:30:75:6f:cb:64:e6:7f:32:21:0e:a9:80:04:9b:2b:a8:
c2:33:9d:32:ac:4f:ff:28:27:58:0c:2b:60:4a:2a:4e:3a:30:
4e:c5:5d:0f:e2:ba:04:30:07:ca:4f:2d:d7:0a:73:20:df:d7:
66:a0:fc:8e:c9:f4:06:ba:7c:60:d4:89:97:14:a4:a9:a3:e0:
4f:93:eb:db:13:83:b8:22:da:00:08:76:09:25:96:33:55:4f:
67:e4:41:39:6e:6e:c4:23:8e:5c:2e:ea:4c:81:af:14:45:19:
67:d8:a0:03:54:4d:99:9c:48:82:72:01:90:8c:c3:e3:a8:eb:
03:c3:99:86:14:5c:08:4d:a8:da:60:d8:ab:6f:31:7c:ff:c1:
ca:27:42:1f:80:a2:54:da:c7:74:20:2f:1d:42:b6:cb:1d:cc:
94:24:a1:49:00:4b:1c:87:03:5a:e6:57:97:c4:98:e3:68:58:
66:5a:a9:ae:e3:87:f3:37:f1:27:16:8b:fb:f4:08:9f:83:c3:
fa:e5:b1:ca:5a:6b:96:13:21:57:8d:55:b1:d3:9f:8b:bd:eb:
5d:6a:32:85:dd:56:fa:d7:e8:fc:53:7c:3f:c0:b2:65:63:81:
bc:42:8f:f6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIUHV5/OyaOn4ytuMnALsb2wXbPmLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MjlaFw0yNjA3MDIxNTUyMjlaMDMxMTAvBgNV
BAMTKDg1N0E4ODJENTBFQ0IzQjJFNEVEMEM0Mjc4QTlBMTQzMUJFMEM3MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTfhOFVlrav306dQpyhz0iIfmc
rYtUQB+0wrgFbwsUgEvUrBX2PkyFgMnnf6uIU+KeLjpC/zn3bZkwV8ynoDrSDTs8
EO+hmnZz9oyFrIBjwXaW2kYMQrnX/rXLa6dEayjcV9BrpveA1QElfjBmoHr6cSCv
7ExMAHL9eMRDktr8X1OiYsyCT4mKeSmplaJP82Mp7/rszo0lD0VnQGTISybjYSX+
CP2I3n/Z4OsYDSUVR2FWh9jyfJ1SvWLSF8mZZ5SPtHPE4h3Pq3LqDn+/2wIjx7wV
ozeIFOcScw6un/4BzGRYHfEmWcWPCP3HyS9zdxRlsyNxlR2pFW740KCZiIxVAgMB
AAGjggH8MIIB+DAdBgNVHQ4EFgQUhXqILVDss7Lk7QxCeKmhQxvgxzQwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MTcxMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcB
Af8EHjAcMBoEAgACMBQwEgMHBCoGoAULEAMHBSoGoAULQDANBgkqhkiG9w0BAQsF
AAOCAQEAav0KlL61DaFhAvU1UJqL0PVr3p0wdW/LZOZ/MiEOqYAEmyuowjOdMqxP
/ygnWAwrYEoqTjowTsVdD+K6BDAHyk8t1wpzIN/XZqD8jsn0Brp8YNSJlxSkqaPg
T5Pr2xODuCLaAAh2CSWWM1VPZ+RBOW5uxCOOXC7qTIGvFEUZZ9igA1RNmZxIgnIB
kIzD46jrA8OZhhRcCE2o2mDYq28xfP/ByidCH4CiVNrHdCAvHUK2yx3MlCShSQBL
HIcDWuZXl8SY42hYZlqpruOH8zfxJxaL+/QIn4PD+uWxylprlhMhV41VsdOfi73r
XWoyhd1W+tfo/FN8P8CyZWOBvEKP9g==
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:04:18 2025 by rpki-client