Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS208529.roa
File: AS208529.roa (raw, json)
Hash identifier: MvKADN8Xo8RiSn//ifdD4Iv6rTVH74gK0IjBGIv9lwk=
Subject key identifier: C6:2A:2F:45:14:F0:E8:66:1D:1E:6D:3D:23:97:B7:98:BF:C8:AF:EF
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 4504178916258B2341965FE11DD116A21B0AF43D
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS208529.roa
Signing time: Thu 03 Jul 2025 15:51:51 +0000
ROA not before: Thu 03 Jul 2025 15:46:51 +0000
ROA not after: Thu 02 Jul 2026 15:51:51 +0000
asID: 208529
IP address blocks: 2a06:a005:5e7::/48 maxlen: 48
2a06:a005:c60::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:04:17:89:16:25:8b:23:41:96:5f:e1:1d:d1:16:a2:1b:0a:f4:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:46:51 2025 GMT
Not After : Jul 2 15:51:51 2026 GMT
Subject: CN=C62A2F4514F0E8661D1E6D3D2397B798BFC8AFEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9c:4e:a4:dc:2f:a5:b0:00:41:04:61:77:42:
f9:05:26:f2:b1:9b:2e:eb:4d:01:d6:42:86:21:c5:
75:8d:d9:05:7a:b7:80:f1:17:fe:8b:84:f9:e7:ba:
d3:b3:cb:40:87:af:26:dc:4e:e3:05:6c:1b:14:03:
03:9c:97:d4:26:50:32:f0:65:6f:c6:de:fb:d6:4b:
69:e2:3f:7f:e8:ed:3c:51:b3:76:c2:24:9c:04:e3:
66:9c:26:68:2c:30:7e:8a:a5:15:7f:dd:5d:56:5e:
f1:ca:12:01:ee:b6:16:93:7a:e9:03:9b:9b:42:c9:
c9:e5:77:16:84:67:52:46:6a:16:f5:1e:6d:2f:82:
53:07:cc:77:a3:c7:ad:b6:c6:f7:0e:4a:87:b2:80:
7b:b0:ca:ff:ca:4d:8b:c3:cb:7f:36:c0:be:13:83:
ad:e5:68:bf:a2:7d:a4:1a:3d:72:bf:3f:d1:d9:c5:
b1:e6:77:d3:78:31:88:fd:47:35:9e:c0:82:d0:ea:
35:48:3a:f7:53:50:dc:16:85:a3:70:6e:f4:bb:f5:
24:a6:f5:3b:da:79:fb:17:16:ff:2e:65:fe:ed:0e:
0c:42:e8:cb:b2:3b:0a:4d:54:e3:c5:8e:34:08:cf:
c5:79:87:e0:ff:e6:ad:27:30:20:74:bd:1c:04:50:
f1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:2A:2F:45:14:F0:E8:66:1D:1E:6D:3D:23:97:B7:98:BF:C8:AF:EF
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS208529.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:5e7::/48
2a06:a005:c60::/44
Signature Algorithm: sha256WithRSAEncryption
96:b3:46:36:66:a5:36:a1:46:11:74:1d:bb:7f:7f:1f:c7:89:
fc:d1:69:3b:8d:54:fb:ab:60:f1:67:03:94:ad:e3:00:7c:48:
1a:1b:d0:2f:c4:0f:28:80:3b:0b:0a:4d:08:56:3e:8b:a4:6b:
26:09:f0:af:3f:c1:da:b5:f0:e2:3e:01:67:09:31:6e:84:58:
dc:5e:17:b5:d7:4e:1a:12:fa:ec:a5:66:9e:f6:fd:cc:7a:ce:
66:94:22:c5:03:35:7d:17:6b:ba:2c:94:49:09:f0:05:4a:51:
f7:ab:08:1e:2e:c8:db:c4:8b:15:4e:c1:36:a7:39:91:3b:32:
e6:47:e9:36:b8:cd:6e:24:31:a3:1c:18:01:11:77:bd:11:d3:
23:a3:f9:9e:b8:51:98:fa:96:df:18:a4:7a:aa:62:3b:88:1a:
0e:a8:e7:c1:d5:82:6e:88:04:0d:c3:69:f2:a2:66:22:73:75:
99:f3:e6:b7:5d:4b:c2:8c:1b:68:51:93:1f:33:1e:de:4e:2c:
28:2b:79:41:2c:03:47:1f:42:b3:e3:a1:7b:3f:de:0f:39:4d:
48:a4:5a:c1:7c:c3:20:f9:99:64:02:78:6f:bd:b6:30:e3:68:
b3:76:24:8f:21:83:e0:ba:74:81:8d:9c:7e:8e:a3:33:a0:7d:
4f:65:4b:34
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIURQQXiRYliyNBll/hHdEWohsK9D0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ2NTFaFw0yNjA3MDIxNTUxNTFaMDMxMTAvBgNV
BAMTKEM2MkEyRjQ1MTRGMEU4NjYxRDFFNkQzRDIzOTdCNzk4QkZDOEFGRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsnE6k3C+lsABBBGF3QvkFJvKx
my7rTQHWQoYhxXWN2QV6t4DxF/6LhPnnutOzy0CHrybcTuMFbBsUAwOcl9QmUDLw
ZW/G3vvWS2niP3/o7TxRs3bCJJwE42acJmgsMH6KpRV/3V1WXvHKEgHuthaTeukD
m5tCycnldxaEZ1JGahb1Hm0vglMHzHejx622xvcOSoeygHuwyv/KTYvDy382wL4T
g63laL+ifaQaPXK/P9HZxbHmd9N4MYj9RzWewILQ6jVIOvdTUNwWhaNwbvS79SSm
9TvaefsXFv8uZf7tDgxC6MuyOwpNVOPFjjQIz8V5h+D/5q0nMCB0vRwEUPGTAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUxiovRRTw6GYdHm09I5e3mL/Ir+8wHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjA4NTI5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcAKgagBQXnAwcEKgagBQxgMA0GCSqGSIb3DQEBCwUA
A4IBAQCWs0Y2ZqU2oUYRdB27f38fx4n80Wk7jVT7q2DxZwOUreMAfEgaG9AvxA8o
gDsLCk0IVj6LpGsmCfCvP8HatfDiPgFnCTFuhFjcXhe1104aEvrspWae9v3Mes5m
lCLFAzV9F2u6LJRJCfAFSlH3qwgeLsjbxIsVTsE2pzmROzLmR+k2uM1uJDGjHBgB
EXe9EdMjo/meuFGY+pbfGKR6qmI7iBoOqOfB1YJuiAQNw2nyomYic3WZ8+a3XUvC
jBtoUZMfMx7eTiwoK3lBLANHH0Kz46F7P94POU1IpFrBfMMg+ZlkAnhvvbYw42iz
diSPIYPgunSBjZx+jqMzoH1PZUs0
-----END CERTIFICATE-----
Generated at Fri Jul 4 21:58:58 2025 by rpki-client