Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS209652.roa
File: AS209652.roa (raw, json)
Hash identifier: HyQUbGY5KEUa57meJPQZQXBG5lcG0aNVFVG34o0I1+c=
Subject key identifier: B5:CB:C5:EA:1C:A9:7E:97:F7:42:30:53:C8:BB:9C:4D:E1:F3:F8:31
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 4921820427CE399EC2255C03F6A2517A9F415EA0
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS209652.roa
Signing time: Thu 03 Jul 2025 15:51:26 +0000
ROA not before: Thu 03 Jul 2025 15:46:26 +0000
ROA not after: Thu 02 Jul 2026 15:51:26 +0000
asID: 209652
IP address blocks: 2a06:a005:b61::/48 maxlen: 48
2a06:a005:2ad0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:21:82:04:27:ce:39:9e:c2:25:5c:03:f6:a2:51:7a:9f:41:5e:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:46:26 2025 GMT
Not After : Jul 2 15:51:26 2026 GMT
Subject: CN=B5CBC5EA1CA97E97F7423053C8BB9C4DE1F3F831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:74:59:6c:be:9e:c1:73:0c:57:4b:52:d9:c4:
b4:c7:a1:8b:73:b0:6d:a7:b5:46:98:dc:03:ea:88:
70:7a:9c:3d:fb:6a:1c:38:35:41:2d:e7:08:1a:77:
25:fb:9f:ad:8e:8e:8a:fc:8e:59:05:92:17:1b:e3:
e0:5a:bc:3b:23:6e:38:7e:92:9a:e7:17:4e:1e:af:
ac:08:b5:e0:18:ee:ef:cd:fd:76:96:d3:0d:88:a6:
1b:88:44:f5:35:0f:18:cf:92:f1:17:be:3d:23:2b:
94:1f:1d:0e:5d:be:be:3e:06:81:3c:2b:49:97:77:
58:30:9c:6e:6e:21:36:db:5e:9a:38:26:21:7c:b0:
44:24:44:a8:1b:32:0b:20:0b:d3:5b:05:17:43:46:
99:62:58:c8:bc:d0:d2:0c:a2:44:2a:96:e9:07:a8:
c7:b9:ed:b6:64:27:0a:af:5c:9c:65:d6:f2:b7:68:
37:fb:30:5d:87:5b:7b:f6:c4:54:d7:52:2a:d9:9f:
0c:fd:2b:65:f6:d8:11:dc:17:dd:2f:d2:4e:f7:38:
a9:81:17:dc:05:ab:c0:6b:e0:87:bf:b2:6c:86:cd:
ec:16:ac:10:08:66:00:f1:a6:c0:86:51:87:30:56:
e9:98:12:e6:e3:3e:84:3d:49:8e:ae:c5:e0:b3:4b:
8b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:CB:C5:EA:1C:A9:7E:97:F7:42:30:53:C8:BB:9C:4D:E1:F3:F8:31
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS209652.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:b61::/48
2a06:a005:2ad0::/44
Signature Algorithm: sha256WithRSAEncryption
73:b6:aa:ea:86:70:aa:2e:53:fd:c3:8f:26:28:04:1b:6b:d9:
29:ce:44:30:46:1e:42:5e:28:86:70:d8:38:46:02:54:6a:06:
70:c9:fd:2e:d0:32:79:79:10:76:66:ab:b9:97:c6:67:d5:6d:
e4:e2:b3:4b:e5:1e:eb:3c:ad:74:09:e9:d6:c6:de:d7:ac:5d:
e7:a6:d2:7f:ca:eb:45:f3:81:7a:54:d6:83:3d:7c:61:85:f6:
db:c5:2f:a1:bc:6e:ac:12:35:04:0e:42:f2:34:39:73:18:62:
fe:b4:35:c7:7c:42:be:6c:b2:e9:b3:4e:41:a8:c2:af:ad:d1:
7e:7e:96:4a:aa:d9:9e:6a:d9:6c:5c:c4:f6:0f:52:47:d6:1a:
21:79:af:32:3d:37:f6:d5:58:d5:4e:41:3e:d7:8a:b6:9a:25:
e6:fe:b0:c9:b4:4b:b5:33:8a:95:57:d6:f2:59:18:f9:17:e3:
61:c6:36:fa:6f:db:49:4c:91:3e:82:95:47:2a:41:8d:8f:f2:
62:17:1b:cb:b8:1d:bc:16:5d:d1:fc:95:92:44:50:6f:5f:ae:
ad:ed:a9:50:b6:62:01:6b:90:c8:5b:57:8f:92:19:59:9a:9a:
d0:91:04:1a:90:0e:12:48:2d:91:1c:67:e6:7f:8b:03:01:16:
c1:18:b7:65
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUSSGCBCfOOZ7CJVwD9qJRep9BXqAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ2MjZaFw0yNjA3MDIxNTUxMjZaMDMxMTAvBgNV
BAMTKEI1Q0JDNUVBMUNBOTdFOTdGNzQyMzA1M0M4QkI5QzRERTFGM0Y4MzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCudFlsvp7BcwxXS1LZxLTHoYtz
sG2ntUaY3APqiHB6nD37ahw4NUEt5wgadyX7n62Ojor8jlkFkhcb4+BavDsjbjh+
kprnF04er6wIteAY7u/N/XaW0w2IphuIRPU1DxjPkvEXvj0jK5QfHQ5dvr4+BoE8
K0mXd1gwnG5uITbbXpo4JiF8sEQkRKgbMgsgC9NbBRdDRpliWMi80NIMokQqlukH
qMe57bZkJwqvXJxl1vK3aDf7MF2HW3v2xFTXUirZnwz9K2X22BHcF90v0k73OKmB
F9wFq8Br4Ie/smyGzewWrBAIZgDxpsCGUYcwVumYEubjPoQ9SY6uxeCzS4tnAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUtcvF6hypfpf3QjBTyLucTeHz+DEwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjA5NjUyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcAKgagBQthAwcEKgagBSrQMA0GCSqGSIb3DQEBCwUA
A4IBAQBztqrqhnCqLlP9w48mKAQba9kpzkQwRh5CXiiGcNg4RgJUagZwyf0u0DJ5
eRB2Zqu5l8Zn1W3k4rNL5R7rPK10CenWxt7XrF3nptJ/yutF84F6VNaDPXxhhfbb
xS+hvG6sEjUEDkLyNDlzGGL+tDXHfEK+bLLps05BqMKvrdF+fpZKqtmeatlsXMT2
D1JH1hohea8yPTf21VjVTkE+14q2miXm/rDJtEu1M4qVV9byWRj5F+Nhxjb6b9tJ
TJE+gpVHKkGNj/JiFxvLuB28Fl3R/JWSRFBvX66t7alQtmIBa5DIW1ePkhlZmprQ
kQQakA4SSC2RHGfmf4sDARbBGLdl
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:05:27 2025 by rpki-client