Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS204901.roa
File: AS204901.roa (raw, json)
Hash identifier: d3Emj35Dfg12pEQv53WSRTw0swlQUgdsTkRc+xU2kYs=
Subject key identifier: D4:EC:E6:12:CB:38:93:FC:8A:F2:30:50:DA:B9:7B:5B:14:BE:64:49
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 3BF85AD0E702A7A207B3394921180C606705462B
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS204901.roa
Signing time: Thu 03 Jul 2025 15:52:13 +0000
ROA not before: Thu 03 Jul 2025 15:47:13 +0000
ROA not after: Thu 02 Jul 2026 15:52:13 +0000
asID: 204901
IP address blocks: 2a06:a005:1690::/44 maxlen: 48
2a06:a005:1c20::/44 maxlen: 48
2a06:a005:2600::/44 maxlen: 48
2a06:a005:2830::/44 maxlen: 48
2a06:a005:2840::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:f8:5a:d0:e7:02:a7:a2:07:b3:39:49:21:18:0c:60:67:05:46:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:13 2025 GMT
Not After : Jul 2 15:52:13 2026 GMT
Subject: CN=D4ECE612CB3893FC8AF23050DAB97B5B14BE6449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:ee:f8:3a:29:e7:21:cc:d8:85:0d:67:bd:92:
d4:fa:58:bf:fe:c0:2c:98:71:5a:0c:34:db:e0:0e:
ad:cb:28:14:43:16:7b:f9:57:86:86:8d:30:24:9c:
1c:54:7d:c2:e2:91:1e:e1:3a:b1:f1:19:0e:b8:ef:
55:aa:32:69:9a:fa:2e:3e:1e:4d:40:c5:94:2b:5b:
9a:28:9f:9a:72:9a:4b:0c:32:2f:e9:d7:55:a2:13:
b6:38:7c:ea:1e:12:ce:80:47:77:86:c1:b4:11:c0:
27:b0:9e:e6:76:e2:79:f1:3e:00:ac:d5:b0:63:85:
f2:c2:3b:83:da:19:c4:d2:ec:57:ca:95:18:ea:e8:
b3:d4:ef:d4:1f:03:a2:93:ae:b9:23:9d:87:92:f9:
48:39:e3:77:b2:de:8e:c7:3f:99:69:58:c6:17:90:
d8:0e:13:a9:dc:a0:81:da:8d:0b:42:87:09:99:9c:
f7:8d:00:86:8d:dd:15:7c:1f:60:39:4a:4a:3f:8a:
dd:e3:80:54:8e:5b:12:bf:20:c8:94:25:68:68:d3:
db:1d:95:41:16:f8:7c:20:b6:43:14:8b:ad:80:a7:
be:3c:fa:40:02:11:4e:3f:06:b7:53:62:dd:82:0a:
29:e8:44:40:5f:1d:25:e3:60:c0:19:79:bc:07:1c:
aa:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:EC:E6:12:CB:38:93:FC:8A:F2:30:50:DA:B9:7B:5B:14:BE:64:49
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS204901.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1690::/44
2a06:a005:1c20::/44
2a06:a005:2600::/44
2a06:a005:2830::-2a06:a005:284f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1e:23:0a:8f:88:ba:a5:db:f4:57:82:f4:42:c3:65:77:64:1f:
2f:1b:45:b9:6e:13:af:cc:78:04:3d:5b:11:8a:7b:eb:96:52:
16:57:bd:4b:31:88:20:6e:fc:3c:8d:01:96:42:c7:c5:47:a9:
f8:ee:a3:4f:e6:71:27:84:f4:bc:de:68:83:d6:20:49:80:ad:
fd:2f:ba:b3:a5:92:1b:37:c5:22:bf:06:29:46:30:7a:71:80:
10:0f:4a:2c:ff:36:01:77:5e:52:64:02:0f:46:72:94:db:6c:
56:c8:95:a3:2a:25:dd:9e:61:26:02:3c:c3:26:ff:a8:72:c5:
01:99:df:61:a7:ee:5e:73:1e:26:75:bb:e6:12:b4:73:0c:24:
6a:58:98:9d:36:59:25:42:15:a2:ae:b4:d2:0a:41:1b:c7:3f:
bf:24:40:2f:bf:aa:ee:ca:0f:02:72:df:ea:bc:3d:35:f2:79:
85:80:5a:f6:f7:b2:28:42:17:80:5a:53:2a:30:a1:ad:bf:4b:
dc:bb:34:0e:97:24:38:17:44:57:90:be:4b:c9:41:c4:fd:87:
0d:9f:c2:c4:55:65:2e:81:1b:97:e3:9f:c6:e4:51:db:1c:90:
ed:04:0f:93:9e:e2:78:51:4c:8e:4a:64:c6:d0:ec:59:62:56:
c5:64:28:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIUO/ha0OcCp6IHszlJIRgMYGcFRiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MTNaFw0yNjA3MDIxNTUyMTNaMDMxMTAvBgNV
BAMTKEQ0RUNFNjEyQ0IzODkzRkM4QUYyMzA1MERBQjk3QjVCMTRCRTY0NDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD77vg6KechzNiFDWe9ktT6WL/+
wCyYcVoMNNvgDq3LKBRDFnv5V4aGjTAknBxUfcLikR7hOrHxGQ6471WqMmma+i4+
Hk1AxZQrW5oon5pymksMMi/p11WiE7Y4fOoeEs6AR3eGwbQRwCewnuZ24nnxPgCs
1bBjhfLCO4PaGcTS7FfKlRjq6LPU79QfA6KTrrkjnYeS+Ug543ey3o7HP5lpWMYX
kNgOE6ncoIHajQtChwmZnPeNAIaN3RV8H2A5Sko/it3jgFSOWxK/IMiUJWho09sd
lUEW+HwgtkMUi62Ap748+kACEU4/BrdTYt2CCinoREBfHSXjYMAZebwHHKp9AgMB
AAGjggIYMIICFDAdBgNVHQ4EFgQU1OzmEss4k/yK8jBQ2rl7WxS+ZEkwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjA0OTAxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEH
AQH/BDkwNzA1BAIAAjAvAwcEKgagBRaQAwcEKgagBRwgAwcEKgagBSYAMBIDBwQq
BqAFKDADBwQqBqAFKEAwDQYJKoZIhvcNAQELBQADggEBAB4jCo+IuqXb9FeC9ELD
ZXdkHy8bRbluE6/MeAQ9WxGKe+uWUhZXvUsxiCBu/DyNAZZCx8VHqfjuo0/mcSeE
9LzeaIPWIEmArf0vurOlkhs3xSK/BilGMHpxgBAPSiz/NgF3XlJkAg9GcpTbbFbI
laMqJd2eYSYCPMMm/6hyxQGZ32Gn7l5zHiZ1u+YStHMMJGpYmJ02WSVCFaKutNIK
QRvHP78kQC+/qu7KDwJy3+q8PTXyeYWAWvb3sihCF4BaUyowoa2/S9y7NA6XJDgX
RFeQvkvJQcT9hw2fwsRVZS6BG5fjn8bkUdsckO0ED5Oe4nhRTI5KZMbQ7FliVsVk
KGE=
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:01:40 2025 by rpki-client