Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200965.roa
File: AS200965.roa (raw, json)
Hash identifier: 8qSUzTWqdZIGLNdmEz88yD/OUq2eWAhSbvWtP+x1Kug=
Subject key identifier: 7D:68:EA:24:50:D2:77:AA:C4:AA:22:6C:BD:61:1D:A4:02:48:0B:09
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 06FC7750AB4037EFFDE07C7435DD18C2D197318C
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200965.roa
Signing time: Thu 03 Jul 2025 15:52:33 +0000
ROA not before: Thu 03 Jul 2025 15:47:33 +0000
ROA not after: Thu 02 Jul 2026 15:52:33 +0000
asID: 200965
IP address blocks: 2a06:a005:24a0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:fc:77:50:ab:40:37:ef:fd:e0:7c:74:35:dd:18:c2:d1:97:31:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:33 2025 GMT
Not After : Jul 2 15:52:33 2026 GMT
Subject: CN=7D68EA2450D277AAC4AA226CBD611DA402480B09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:06:35:5d:b7:c3:86:a8:6f:72:53:aa:12:c7:
8e:c3:7c:67:3b:21:63:0c:a3:e5:a2:a3:af:75:e9:
3c:8d:b7:9e:ee:85:6a:28:80:07:cb:fb:5d:a2:59:
b5:27:c2:8d:31:d4:1c:c8:ea:dc:5a:db:73:30:db:
78:1e:00:74:dd:cb:fb:7a:b9:df:43:47:ef:d5:dc:
6b:94:34:da:98:71:ce:fb:40:52:c6:d8:70:b9:c0:
19:e0:2d:4f:9e:b6:70:20:eb:bb:7f:a2:50:c7:89:
f1:a3:42:f9:84:e1:bd:fc:6c:60:73:13:6c:c1:78:
d2:39:ef:5f:d3:b5:94:07:af:7d:79:5b:90:9a:76:
58:38:13:c9:8d:19:40:ac:c7:be:72:fc:1e:37:a0:
d9:29:20:80:f9:ed:f9:d2:ab:c2:51:ef:9e:a3:f8:
96:02:b0:54:a2:fa:f7:f8:84:0e:fa:a5:1a:04:dc:
83:b5:4a:81:38:28:e7:5d:4a:2c:40:1b:44:33:c9:
e4:f2:01:79:ea:21:3a:2b:66:d7:44:04:57:8e:dc:
83:5d:67:26:ca:1a:02:00:40:47:12:e9:5e:44:94:
e2:c2:72:39:06:e5:67:ac:06:85:b9:91:ca:a8:2e:
04:fe:22:e0:e6:e6:4c:e2:15:65:2c:b8:a9:3d:61:
2d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:68:EA:24:50:D2:77:AA:C4:AA:22:6C:BD:61:1D:A4:02:48:0B:09
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200965.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:24a0::/44
Signature Algorithm: sha256WithRSAEncryption
2d:f4:af:56:fc:33:ba:65:19:d9:5f:d6:8e:31:82:ca:ed:ee:
78:63:01:8c:cd:71:ea:3a:25:b4:70:05:84:53:37:e8:7d:5c:
fd:85:6b:bf:64:93:cf:bd:60:2c:93:62:a8:7c:a7:a6:34:f5:
1f:44:ef:cf:f6:d5:73:0e:08:56:59:43:b7:a7:ce:13:7a:9d:
e9:45:c6:a0:0a:b0:0f:69:40:64:91:cc:d6:0a:04:59:e5:61:
42:c7:ec:87:4d:ca:4c:d0:7a:b5:0d:71:bb:dd:af:30:6e:35:
b0:0c:d3:f7:89:9a:cd:e6:3a:fc:df:68:7b:e6:7c:07:b1:20:
2f:81:c6:85:9f:3d:d6:5b:2d:51:12:14:2b:77:10:fb:72:b3:
4c:1c:b5:8d:3e:6c:b0:9b:94:25:0c:b0:ae:7e:f7:bd:df:59:
9f:a6:75:a7:ec:33:8a:ae:0a:84:a4:7b:1b:ec:0b:3a:66:01:
0a:24:47:cf:61:8d:ef:3e:ad:9a:5c:00:e5:75:dd:05:e0:90:
5e:da:af:b7:aa:fe:9f:5b:0a:53:0c:f8:30:d0:22:d9:22:67:
fa:19:4d:68:9a:98:ae:13:43:25:60:65:67:29:e8:30:d6:46:
55:a3:92:8f:0f:b8:70:c7:26:7f:20:d9:e1:72:a0:72:43:59:
7f:d9:11:b5
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUBvx3UKtAN+/94Hx0Nd0YwtGXMYwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MzNaFw0yNjA3MDIxNTUyMzNaMDMxMTAvBgNV
BAMTKDdENjhFQTI0NTBEMjc3QUFDNEFBMjI2Q0JENjExREE0MDI0ODBCMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4BjVdt8OGqG9yU6oSx47DfGc7
IWMMo+Wio6916TyNt57uhWoogAfL+12iWbUnwo0x1BzI6txa23Mw23geAHTdy/t6
ud9DR+/V3GuUNNqYcc77QFLG2HC5wBngLU+etnAg67t/olDHifGjQvmE4b38bGBz
E2zBeNI571/TtZQHr315W5Cadlg4E8mNGUCsx75y/B43oNkpIID57fnSq8JR756j
+JYCsFSi+vf4hA76pRoE3IO1SoE4KOddSixAG0QzyeTyAXnqITorZtdEBFeO3INd
ZybKGgIAQEcS6V5ElOLCcjkG5WesBoW5kcqoLgT+IuDm5kziFWUsuKk9YS37AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUfWjqJFDSd6rEqiJsvWEdpAJICwkwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjAwOTY1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSSgMA0GCSqGSIb3DQEBCwUAA4IBAQAt9K9W
/DO6ZRnZX9aOMYLK7e54YwGMzXHqOiW0cAWEUzfofVz9hWu/ZJPPvWAsk2KofKem
NPUfRO/P9tVzDghWWUO3p84Tep3pRcagCrAPaUBkkczWCgRZ5WFCx+yHTcpM0Hq1
DXG73a8wbjWwDNP3iZrN5jr832h75nwHsSAvgcaFnz3WWy1REhQrdxD7crNMHLWN
Pmywm5QlDLCufve931mfpnWn7DOKrgqEpHsb7As6ZgEKJEfPYY3vPq2aXADldd0F
4JBe2q+3qv6fWwpTDPgw0CLZImf6GU1ompiuE0MlYGVnKegw1kZVo5KPD7hwxyZ/
INnhcqByQ1l/2RG1
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:05:02 2025 by rpki-client