Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS208768.roa
File: AS208768.roa (raw, json)
Hash identifier: T0Ltf2ulSoF0rKe33wrtlQccmst++4rzQ/4y76lasns=
Subject key identifier: C4:6C:3D:F5:82:70:5C:D3:0E:4F:70:B2:BD:7B:87:6B:8B:3F:63:FF
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 2BB2801AA49401A95B307755669A4CDA44A0E0A8
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS208768.roa
Signing time: Thu 03 Jul 2025 15:52:23 +0000
ROA not before: Thu 03 Jul 2025 15:47:23 +0000
ROA not after: Thu 02 Jul 2026 15:52:23 +0000
asID: 208768
IP address blocks: 2a06:a005:2ca0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:b2:80:1a:a4:94:01:a9:5b:30:77:55:66:9a:4c:da:44:a0:e0:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:23 2025 GMT
Not After : Jul 2 15:52:23 2026 GMT
Subject: CN=C46C3DF582705CD30E4F70B2BD7B876B8B3F63FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9b:42:63:96:d5:4a:83:ef:15:82:de:c6:77:
f4:7a:0a:62:82:37:1e:62:8d:5c:0d:46:6d:a5:2a:
1e:27:3e:00:f9:97:8b:0b:fb:2c:f9:11:76:f3:ad:
c4:81:30:29:5a:a6:3a:27:cc:20:a2:f7:8b:d3:1d:
5e:81:60:65:a9:58:bb:1a:83:fe:c1:64:bb:8a:b4:
83:b7:c6:65:99:6b:a4:2c:23:85:76:24:47:94:7f:
35:fe:43:88:14:4d:3d:94:4b:24:06:d1:e5:83:0d:
5d:73:e2:cd:62:e8:41:ef:bc:3d:36:14:eb:00:f6:
74:bc:9f:85:86:54:19:ab:22:5d:07:8f:ad:38:e3:
98:0b:dc:92:5b:bb:65:1f:bc:3d:7a:86:11:7b:05:
b6:19:59:b5:40:f8:aa:9b:02:d3:8c:8c:53:26:73:
34:71:3c:f9:6a:2b:2b:ac:f7:45:56:9c:64:d9:25:
52:11:aa:cc:8d:ef:8c:e4:7f:52:98:56:66:6c:d9:
5d:92:ad:5e:1e:52:9a:a8:d6:c3:22:12:37:a5:fd:
e4:0b:87:01:b5:e6:f7:66:b5:62:7d:20:2c:10:1d:
34:db:c3:0d:1b:6d:a5:9e:c5:2f:e8:6a:64:10:14:
1f:90:59:00:95:7f:9d:f9:34:23:0e:84:e5:b3:94:
89:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:6C:3D:F5:82:70:5C:D3:0E:4F:70:B2:BD:7B:87:6B:8B:3F:63:FF
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS208768.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:2ca0::/44
Signature Algorithm: sha256WithRSAEncryption
64:9c:ae:66:76:1f:03:e9:02:d5:60:d2:89:0a:70:6a:4c:ee:
23:ee:2c:e5:7b:57:35:1a:07:62:82:65:0c:dd:38:29:36:31:
b9:67:5b:94:e6:f8:78:d3:38:d9:c1:1a:c6:79:56:7c:c7:e7:
2b:bb:66:2b:6a:cc:4a:73:b6:13:6a:ed:5e:35:c4:a6:9d:20:
ca:8d:2b:e3:ac:1d:26:9a:aa:49:cf:b6:c5:c8:7e:7a:20:b5:
f1:4b:8f:f6:14:be:72:d7:18:70:60:4c:48:d2:df:30:60:70:
f9:ba:fe:3a:93:25:d9:33:43:12:02:3d:ee:38:8b:e3:6e:ce:
68:14:2d:4b:32:33:f8:3e:2f:e0:97:60:0c:b7:4b:85:ae:a5:
60:6d:56:36:f3:d3:49:8c:f4:9c:ff:fb:31:f4:6c:01:5e:5e:
3b:e4:1e:c3:3f:a3:17:82:64:fb:b0:19:00:57:a9:40:b5:61:
0a:2b:fb:39:df:66:40:98:d4:bc:47:74:3c:a8:26:86:fa:c1:
ab:22:87:1f:da:35:91:15:f6:ca:fc:e2:14:2b:76:c0:9b:78:
07:fd:72:d7:35:2b:12:30:d5:76:79:2f:c4:7a:1d:4b:26:28:
cf:5c:1b:d1:38:c3:d9:44:80:c5:8d:a4:28:fa:0c:92:72:9d:
5b:88:70:63
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUK7KAGqSUAalbMHdVZppM2kSg4KgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MjNaFw0yNjA3MDIxNTUyMjNaMDMxMTAvBgNV
BAMTKEM0NkMzREY1ODI3MDVDRDMwRTRGNzBCMkJEN0I4NzZCOEIzRjYzRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCym0JjltVKg+8Vgt7Gd/R6CmKC
Nx5ijVwNRm2lKh4nPgD5l4sL+yz5EXbzrcSBMClapjonzCCi94vTHV6BYGWpWLsa
g/7BZLuKtIO3xmWZa6QsI4V2JEeUfzX+Q4gUTT2USyQG0eWDDV1z4s1i6EHvvD02
FOsA9nS8n4WGVBmrIl0Hj60445gL3JJbu2UfvD16hhF7BbYZWbVA+KqbAtOMjFMm
czRxPPlqKyus90VWnGTZJVIRqsyN74zkf1KYVmZs2V2SrV4eUpqo1sMiEjel/eQL
hwG15vdmtWJ9ICwQHTTbww0bbaWexS/oamQQFB+QWQCVf535NCMOhOWzlIlbAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUxGw99YJwXNMOT3CyvXuHa4s/Y/8wHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjA4NzY4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSygMA0GCSqGSIb3DQEBCwUAA4IBAQBknK5m
dh8D6QLVYNKJCnBqTO4j7izle1c1GgdigmUM3TgpNjG5Z1uU5vh40zjZwRrGeVZ8
x+cru2YrasxKc7YTau1eNcSmnSDKjSvjrB0mmqpJz7bFyH56ILXxS4/2FL5y1xhw
YExI0t8wYHD5uv46kyXZM0MSAj3uOIvjbs5oFC1LMjP4Pi/gl2AMt0uFrqVgbVY2
89NJjPSc//sx9GwBXl475B7DP6MXgmT7sBkAV6lAtWEKK/s532ZAmNS8R3Q8qCaG
+sGrIocf2jWRFfbK/OIUK3bAm3gH/XLXNSsSMNV2eS/Eeh1LJijPXBvROMPZRIDF
jaQo+gyScp1biHBj
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:06:09 2025 by rpki-client