Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS203852.roa
File: AS203852.roa (raw, json)
Hash identifier: p3TA7Mwb5nsl+t8fO1GnL1Yx2VdCGVqYqkwsOSwOoYs=
Subject key identifier: 60:DF:2F:A8:CA:22:6A:95:95:72:08:5E:CA:02:E3:5E:39:AE:B6:C1
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 11AE0BA412C02C1C952B6F7A6F36632CF80D0B20
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS203852.roa
Signing time: Thu 03 Jul 2025 15:51:42 +0000
ROA not before: Thu 03 Jul 2025 15:46:42 +0000
ROA not after: Thu 02 Jul 2026 15:51:42 +0000
asID: 203852
IP address blocks: 2a06:a005:1910::/44 maxlen: 48
2a06:a005:21a0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:ae:0b:a4:12:c0:2c:1c:95:2b:6f:7a:6f:36:63:2c:f8:0d:0b:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:46:42 2025 GMT
Not After : Jul 2 15:51:42 2026 GMT
Subject: CN=60DF2FA8CA226A959572085ECA02E35E39AEB6C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b4:6c:99:d5:32:78:94:06:4f:46:fc:84:25:
de:be:45:3b:ef:90:2e:1a:77:f6:f7:30:74:a4:c0:
54:2b:ef:12:0e:30:39:1d:bd:d1:4a:a1:2d:4d:bc:
45:7a:78:b4:cb:45:eb:96:41:d0:49:45:f2:7b:0b:
af:e9:2f:ba:57:2f:c2:8e:2b:7e:ab:50:7e:5d:b3:
23:ab:6b:82:40:f9:7c:43:0d:61:69:7d:2c:c6:24:
a5:e1:e1:33:eb:f3:4b:9a:b5:aa:99:b5:b4:dc:43:
e6:95:ee:33:75:ea:e8:84:06:67:44:e1:a7:0c:b5:
5f:32:6e:07:e6:9a:31:0b:84:3d:fd:08:c2:a1:2f:
e0:b3:bf:85:1a:21:e1:15:19:27:5b:5f:18:d5:89:
db:4b:9e:2a:7c:27:3d:9e:ba:87:f1:31:58:2f:40:
ff:01:eb:d9:0d:41:fa:9a:1b:0c:45:44:22:42:27:
fc:3d:ca:ea:40:38:95:4a:df:4f:d4:09:3d:bd:6e:
ff:26:70:a9:e9:fd:d7:b6:ce:24:e8:9e:72:37:1e:
5e:94:c6:9f:21:4b:f6:12:cd:1a:bc:4e:9f:c6:0c:
44:4d:f5:fd:e3:08:03:eb:90:d3:0a:e8:e6:72:08:
0d:8e:9c:1d:d9:c2:88:8a:b6:9e:fd:a7:e4:d7:8b:
1a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:DF:2F:A8:CA:22:6A:95:95:72:08:5E:CA:02:E3:5E:39:AE:B6:C1
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS203852.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1910::/44
2a06:a005:21a0::/44
Signature Algorithm: sha256WithRSAEncryption
8f:61:76:64:c2:2f:6f:2b:82:41:ab:63:43:52:52:0f:15:69:
3b:48:f5:51:45:ec:95:d3:e4:97:4c:a7:21:de:10:f7:ab:20:
5c:a9:85:da:ac:f9:b8:24:15:8a:91:41:12:0f:da:f1:60:a1:
95:3b:d8:8f:90:84:e8:66:16:bd:e8:bf:c1:d0:30:db:20:c2:
0b:3e:59:76:54:57:00:39:2d:0a:b6:76:ca:1a:f0:f3:d0:d5:
b8:1a:cd:26:6e:dc:25:21:b7:19:3c:c3:ac:43:c5:c4:46:94:
ea:44:04:83:76:b6:db:fe:f4:a2:0c:3d:76:3e:c1:14:36:b7:
5a:71:36:07:cb:47:be:46:67:a7:ee:bd:80:cf:a9:ab:83:9f:
07:9f:99:03:78:62:15:1e:67:41:5b:7d:fe:38:5d:10:b0:25:
c2:47:f5:e2:4c:04:66:0b:12:1a:26:35:41:00:c9:f4:24:e3:
1b:92:61:3d:bc:6a:cc:d6:8c:3e:42:3f:82:03:4e:70:a8:27:
d5:0a:b8:44:6b:55:f0:e1:ce:56:e7:5c:d9:eb:28:ea:60:b3:
e0:db:01:1c:06:d1:2f:f4:d3:d3:d0:43:e7:52:30:d0:69:5c:
a4:64:28:00:f9:00:30:e2:6d:41:9e:21:21:a6:da:de:c7:f8:
be:c7:b2:ab
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUEa4LpBLALByVK296bzZjLPgNCyAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ2NDJaFw0yNjA3MDIxNTUxNDJaMDMxMTAvBgNV
BAMTKDYwREYyRkE4Q0EyMjZBOTU5NTcyMDg1RUNBMDJFMzVFMzlBRUI2QzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbtGyZ1TJ4lAZPRvyEJd6+RTvv
kC4ad/b3MHSkwFQr7xIOMDkdvdFKoS1NvEV6eLTLReuWQdBJRfJ7C6/pL7pXL8KO
K36rUH5dsyOra4JA+XxDDWFpfSzGJKXh4TPr80uataqZtbTcQ+aV7jN16uiEBmdE
4acMtV8ybgfmmjELhD39CMKhL+Czv4UaIeEVGSdbXxjVidtLnip8Jz2euofxMVgv
QP8B69kNQfqaGwxFRCJCJ/w9yupAOJVK30/UCT29bv8mcKnp/de2ziTonnI3Hl6U
xp8hS/YSzRq8Tp/GDERN9f3jCAPrkNMK6OZyCA2OnB3ZwoiKtp79p+TXixp1AgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUYN8vqMoiapWVcgheygLjXjmutsEwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjAzODUyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcEKgagBRkQAwcEKgagBSGgMA0GCSqGSIb3DQEBCwUA
A4IBAQCPYXZkwi9vK4JBq2NDUlIPFWk7SPVRReyV0+SXTKch3hD3qyBcqYXarPm4
JBWKkUESD9rxYKGVO9iPkIToZha96L/B0DDbIMILPll2VFcAOS0KtnbKGvDz0NW4
Gs0mbtwlIbcZPMOsQ8XERpTqRASDdrbb/vSiDD12PsEUNrdacTYHy0e+Rmen7r2A
z6mrg58Hn5kDeGIVHmdBW33+OF0QsCXCR/XiTARmCxIaJjVBAMn0JOMbkmE9vGrM
1ow+Qj+CA05wqCfVCrhEa1Xw4c5W51zZ6yjqYLPg2wEcBtEv9NPT0EPnUjDQaVyk
ZCgA+QAw4m1BniEhptrex/i+x7Kr
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:15:49 2025 by rpki-client