Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS201217.roa
File: AS201217.roa (raw, json)
Hash identifier: N//WCVfbkEDkemtlecBI1jjqdmMGr1bE1GIaElZFHWU=
Subject key identifier: 71:BE:16:4F:37:EE:D2:8A:B6:DD:F9:96:53:C6:71:1E:D0:D9:76:24
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 340884BA2B5AD9378B327598B8515B550037903F
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS201217.roa
Signing time: Thu 04 Jun 2026 15:58:49 +0000
ROA not before: Thu 04 Jun 2026 15:53:49 +0000
ROA not after: Thu 03 Jun 2027 15:58:49 +0000
asID: 201217
IP address blocks: 2a06:a005:1c78::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:08:84:ba:2b:5a:d9:37:8b:32:75:98:b8:51:5b:55:00:37:90:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jun 4 15:53:49 2026 GMT
Not After : Jun 3 15:58:49 2027 GMT
Subject: CN=71BE164F37EED28AB6DDF99653C6711ED0D97624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:65:9d:65:eb:68:d0:ac:20:d1:a2:fb:a0:d8:
99:9e:32:21:f4:d0:05:83:60:8d:68:71:46:2a:d8:
8f:55:dd:2a:28:b7:dd:b2:d6:e9:2e:ba:e5:ff:6d:
2b:76:36:22:e5:af:19:0b:97:1e:c5:9b:a9:1f:20:
91:99:72:3c:4c:ef:38:12:ca:94:f8:8d:e4:ca:e0:
08:54:53:66:2e:21:2c:cc:12:25:25:83:86:79:03:
3e:63:c5:78:13:c9:77:15:0f:7e:f7:d3:dc:26:23:
32:74:32:15:99:1e:6c:08:df:18:ef:75:20:4e:44:
b7:ef:d3:c2:53:28:3a:c6:75:31:fc:c2:d1:18:8f:
be:be:68:e4:b0:ed:7e:04:8f:18:94:20:4f:33:68:
d2:f2:82:42:df:6a:14:fc:d0:80:02:bc:be:f9:ef:
6d:d9:36:4e:f6:37:c7:12:f1:66:a5:e2:43:db:23:
c3:c2:57:62:7c:05:a6:f5:1e:9b:fa:ef:ac:79:0d:
e5:4f:e3:4f:31:3d:16:8a:0a:2f:8b:57:53:fd:d4:
58:80:7e:83:56:b2:7b:64:95:bf:e1:f5:4f:93:a3:
f7:1b:9b:65:b1:21:d1:29:6e:89:b0:29:77:40:2c:
94:08:3f:85:34:3f:01:8a:52:3b:e8:ad:17:50:25:
b6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:BE:16:4F:37:EE:D2:8A:B6:DD:F9:96:53:C6:71:1E:D0:D9:76:24
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS201217.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1c78::/48
Signature Algorithm: sha256WithRSAEncryption
86:24:c3:59:9e:c3:d2:db:f0:88:9b:ca:e1:12:fa:d6:2b:8b:
db:da:7d:6a:84:8e:71:79:f9:d6:67:b4:a5:78:3a:bd:d5:78:
94:8d:e7:e3:46:25:ff:df:b6:d3:0b:21:31:ea:fa:53:6a:6d:
9b:25:87:46:73:c2:f7:5a:1c:4e:19:c4:bd:fd:22:71:1e:d8:
2b:f5:10:dd:b0:19:38:2f:72:84:19:b8:e3:4a:c0:f0:f9:f8:
f7:4e:16:47:39:9b:cd:d2:75:e8:4a:2c:17:ec:8f:db:6d:4e:
c8:f5:20:0a:1d:32:32:65:b9:d1:06:e3:54:40:d6:73:fd:27:
1a:6f:ea:00:11:56:c3:e3:6e:d5:10:a1:80:db:b4:e5:77:34:
95:ff:22:3f:2e:f6:a3:b7:ad:8d:72:ac:6c:54:58:d7:65:26:
5a:80:13:96:93:00:fb:11:e2:67:ed:43:61:e9:60:9c:fa:e3:
bb:56:74:59:1e:44:c8:95:77:9f:a3:94:d4:0e:fa:c4:ee:91:
56:e0:a6:f6:2e:53:a8:19:65:37:30:29:56:b5:78:c7:00:8d:
03:10:d2:08:b6:e6:d7:8f:3d:65:0f:08:c5:66:d7:9e:eb:20:
36:78:62:b2:52:09:ab:18:7f:ae:8f:3f:c1:04:81:9a:dd:64:
98:2b:c7:7b
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUNAiEuita2TeLMnWYuFFbVQA3kD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNDlaFw0yNzA2MDMxNTU4NDlaMDMxMTAvBgNV
BAMTKDcxQkUxNjRGMzdFRUQyOEFCNkRERjk5NjUzQzY3MTFFRDBEOTc2MjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1ZZ1l62jQrCDRovug2JmeMiH0
0AWDYI1ocUYq2I9V3Soot92y1ukuuuX/bSt2NiLlrxkLlx7Fm6kfIJGZcjxM7zgS
ypT4jeTK4AhUU2YuISzMEiUlg4Z5Az5jxXgTyXcVD37309wmIzJ0MhWZHmwI3xjv
dSBORLfv08JTKDrGdTH8wtEYj76+aOSw7X4EjxiUIE8zaNLygkLfahT80IACvL75
723ZNk72N8cS8Wal4kPbI8PCV2J8Bab1Hpv676x5DeVP408xPRaKCi+LV1P91FiA
foNWsntklb/h9U+To/cbm2WxIdEpbomwKXdALJQIP4U0PwGKUjvorRdQJbZ5AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUcb4WTzfu0oq23fmWU8ZxHtDZdiQwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjAxMjE3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBRx4MA0GCSqGSIb3DQEBCwUAA4IBAQCGJMNZ
nsPS2/CIm8rhEvrWK4vb2n1qhI5xefnWZ7SleDq91XiUjefjRiX/37bTCyEx6vpT
am2bJYdGc8L3WhxOGcS9/SJxHtgr9RDdsBk4L3KEGbjjSsDw+fj3ThZHOZvN0nXo
SiwX7I/bbU7I9SAKHTIyZbnRBuNUQNZz/Scab+oAEVbD427VEKGA27TldzSV/yI/
Lvajt62NcqxsVFjXZSZagBOWkwD7EeJn7UNh6WCc+uO7VnRZHkTIlXefo5TUDvrE
7pFW4Kb2LlOoGWU3MClWtXjHAI0DENIItubXjz1lDwjFZtee6yA2eGKyUgmrGH+u
jz/BBIGa3WSYK8d7
-----END CERTIFICATE-----
Generated at Sat Jun 6 10:50:28 2026 by rpki-client