Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200890.roa
File: AS200890.roa (raw, json)
Hash identifier: nTGOyfpLDjlyE7awwUHs7e/MOJHkd3s/9t22lEU65jU=
Subject key identifier: 8B:2A:AB:F0:36:D7:16:BB:5F:A0:10:0C:02:08:B1:D6:C0:47:35:A6
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 762F78CCB833509E0822A7B0DBB5BC563A16A035
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200890.roa
Signing time: Thu 03 Jul 2025 15:52:26 +0000
ROA not before: Thu 03 Jul 2025 15:47:26 +0000
ROA not after: Thu 02 Jul 2026 15:52:26 +0000
asID: 200890
IP address blocks: 2a06:a005:1b60::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:2f:78:cc:b8:33:50:9e:08:22:a7:b0:db:b5:bc:56:3a:16:a0:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:26 2025 GMT
Not After : Jul 2 15:52:26 2026 GMT
Subject: CN=8B2AABF036D716BB5FA0100C0208B1D6C04735A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d8:c5:d1:e7:fc:55:dc:af:a6:bc:bb:3e:4f:
57:1a:82:47:fc:cb:cb:51:ea:e3:b1:fc:fe:65:dc:
d4:26:bc:8f:9c:f0:70:ae:14:cd:60:2c:f5:0b:46:
1c:00:77:2c:22:6d:25:af:10:9b:9c:d5:c7:06:e1:
a1:09:58:d6:1f:25:53:2c:22:84:a6:30:86:fe:d9:
48:8a:09:36:65:dc:fe:fc:49:05:85:1b:25:33:f2:
28:bf:dc:5d:4b:26:6e:58:f1:94:4a:51:47:25:19:
12:43:e7:28:cf:7f:c4:96:2c:4a:76:48:0f:5c:1e:
31:c7:f8:56:64:23:fb:37:c5:d3:fd:25:46:a5:42:
97:bf:3c:6b:0b:75:75:34:d0:55:47:7b:7b:96:41:
20:f5:92:d9:86:3c:1a:13:40:6c:ed:03:c6:97:7a:
23:e5:ed:f9:46:1c:bb:b5:63:57:d3:2c:aa:00:cd:
44:3c:2b:0f:84:7d:2a:80:8b:4b:d3:67:e2:a3:0b:
97:b9:02:36:02:9a:a8:11:09:b4:02:6b:af:6e:cd:
2c:c3:97:d6:af:b7:48:18:26:e9:80:3e:cf:de:02:
2f:1d:ae:8b:82:a3:95:38:34:2a:60:56:2d:ef:50:
df:3b:7e:30:22:8d:ae:63:66:09:00:8a:2e:38:31:
56:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:2A:AB:F0:36:D7:16:BB:5F:A0:10:0C:02:08:B1:D6:C0:47:35:A6
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200890.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1b60::/44
Signature Algorithm: sha256WithRSAEncryption
43:80:07:a3:ce:1d:75:b6:0b:32:3b:dc:55:2d:89:f9:6a:79:
31:f5:c0:2c:81:11:46:86:6d:ba:0c:5f:1c:8f:b7:fe:24:a5:
e4:57:14:31:3d:43:c5:e2:25:ed:5f:17:7f:81:1b:72:df:8d:
1f:cb:36:f4:fc:4d:3c:36:15:ef:88:e9:e4:cb:f0:1d:6a:9d:
3e:23:bb:22:49:4f:ab:20:be:8a:81:7c:73:d9:cd:3b:fc:2d:
48:16:2e:57:c5:f5:c4:ad:b6:74:15:ed:76:0a:98:b8:ba:9c:
7d:22:a1:31:99:14:22:9c:35:12:19:ff:4b:e4:22:ad:a6:13:
d6:b4:87:09:ae:d1:20:42:c1:a9:fd:d6:d0:98:7b:a7:bb:4d:
8a:03:3c:df:8f:8c:bb:db:d9:7d:b8:d7:87:ae:10:cd:79:cd:
2b:4a:3e:3b:7e:5e:ef:48:ea:06:57:e3:6d:cf:90:15:fd:88:
7c:0d:38:da:89:8b:f3:35:25:f2:16:55:c1:6c:ab:17:f9:e3:
ba:ad:ac:83:93:b3:08:f0:05:7e:07:1e:28:6b:83:39:c3:10:
fc:1c:03:82:f8:19:b8:40:2c:78:53:cc:3a:e6:8a:7a:a5:64:
a4:2c:d8:70:a6:67:a7:99:27:a5:2a:f9:71:fe:c9:66:a5:4c:
38:14:7d:03
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUdi94zLgzUJ4IIqew27W8VjoWoDUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MjZaFw0yNjA3MDIxNTUyMjZaMDMxMTAvBgNV
BAMTKDhCMkFBQkYwMzZENzE2QkI1RkEwMTAwQzAyMDhCMUQ2QzA0NzM1QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA2MXR5/xV3K+mvLs+T1cagkf8
y8tR6uOx/P5l3NQmvI+c8HCuFM1gLPULRhwAdywibSWvEJuc1ccG4aEJWNYfJVMs
IoSmMIb+2UiKCTZl3P78SQWFGyUz8ii/3F1LJm5Y8ZRKUUclGRJD5yjPf8SWLEp2
SA9cHjHH+FZkI/s3xdP9JUalQpe/PGsLdXU00FVHe3uWQSD1ktmGPBoTQGztA8aX
eiPl7flGHLu1Y1fTLKoAzUQ8Kw+EfSqAi0vTZ+KjC5e5AjYCmqgRCbQCa69uzSzD
l9avt0gYJumAPs/eAi8drouCo5U4NCpgVi3vUN87fjAija5jZgkAii44MVY9AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUiyqr8DbXFrtfoBAMAgix1sBHNaYwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjAwODkwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRtgMA0GCSqGSIb3DQEBCwUAA4IBAQBDgAej
zh11tgsyO9xVLYn5ankx9cAsgRFGhm26DF8cj7f+JKXkVxQxPUPF4iXtXxd/gRty
340fyzb0/E08NhXviOnky/Adap0+I7siSU+rIL6KgXxz2c07/C1IFi5XxfXErbZ0
Fe12Cpi4upx9IqExmRQinDUSGf9L5CKtphPWtIcJrtEgQsGp/dbQmHunu02KAzzf
j4y729l9uNeHrhDNec0rSj47fl7vSOoGV+Ntz5AV/Yh8DTjaiYvzNSXyFlXBbKsX
+eO6rayDk7MI8AV+Bx4oa4M5wxD8HAOC+Bm4QCx4U8w65op6pWSkLNhwpmenmSel
Kvlx/slmpUw4FH0D
-----END CERTIFICATE-----
Generated at Fri Jul 4 21:57:39 2025 by rpki-client