Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS211509.roa
File: AS211509.roa (raw, json)
Hash identifier: +IZljJBNq426oO7HdHbsVgqJlOWIcRB8nJ96qJZ0HH4=
Subject key identifier: F5:48:93:56:FF:AB:6C:4A:FD:86:4E:71:F4:43:DC:63:5C:76:74:85
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 07B7A3246ED65038C5195BBC81EC0ACB3F93D21F
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS211509.roa
Signing time: Thu 03 Jul 2025 15:51:29 +0000
ROA not before: Thu 03 Jul 2025 15:46:29 +0000
ROA not after: Thu 02 Jul 2026 15:51:29 +0000
asID: 211509
IP address blocks: 2a06:a005:8::/48 maxlen: 48
2a06:a005:f70::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:b7:a3:24:6e:d6:50:38:c5:19:5b:bc:81:ec:0a:cb:3f:93:d2:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:46:29 2025 GMT
Not After : Jul 2 15:51:29 2026 GMT
Subject: CN=F5489356FFAB6C4AFD864E71F443DC635C767485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ac:70:3e:41:50:c4:d9:ad:3e:9a:da:43:d4:
ba:69:da:f6:ae:1e:80:1a:08:2c:eb:05:17:ff:07:
84:12:77:f7:9b:5c:47:85:ab:4d:a4:ea:7a:53:14:
8c:a0:ea:04:e6:f9:b1:24:d1:11:18:0d:85:4d:26:
bc:ca:85:2d:9a:ff:b2:8f:da:09:21:8b:80:b1:83:
fc:4e:88:b8:5b:fc:34:6b:5d:15:a1:60:b3:ad:73:
a1:73:73:f4:05:10:9c:be:36:e0:5b:5f:77:19:36:
00:88:fe:b6:6c:7e:53:71:8c:8d:45:95:fa:fa:24:
f9:ad:98:88:97:be:ba:3a:fa:01:87:2e:a9:1b:88:
f1:31:7d:91:a1:9a:5d:1b:cf:d0:97:19:3d:b2:97:
73:4e:9f:fa:dd:68:d0:20:ff:23:f0:ea:0f:51:58:
c0:b2:55:ad:71:3e:df:cb:8f:0d:6a:f6:b8:fd:77:
1f:a6:19:93:6d:14:34:de:81:fa:00:c1:80:65:39:
20:72:b0:6f:c4:d5:d8:14:4f:fb:94:db:45:8b:87:
37:9e:c2:c5:55:3c:f6:53:a5:d0:2a:29:a5:35:9f:
5c:88:01:ee:8f:d3:4a:f0:4e:78:04:e7:b8:e9:78:
f5:44:fd:40:4e:77:e6:b0:0b:e0:4c:dc:4c:4c:40:
dc:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:48:93:56:FF:AB:6C:4A:FD:86:4E:71:F4:43:DC:63:5C:76:74:85
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS211509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:8::/48
2a06:a005:f70::/44
Signature Algorithm: sha256WithRSAEncryption
13:47:f4:a7:a6:c5:c0:47:b0:b9:34:7c:34:86:f7:16:c6:54:
4c:2b:a1:f8:51:bd:a3:28:f6:6a:d6:e5:7f:10:14:fb:38:92:
12:2a:31:a5:71:1f:9c:56:90:cf:c9:68:50:1d:91:f4:78:07:
d2:ea:1f:8d:92:9d:2c:f1:7a:a8:3e:f5:22:bf:93:16:82:5c:
94:e5:ac:0e:3c:59:0c:fd:46:a9:cf:8e:51:c2:58:52:e3:f5:
c7:e6:10:e7:48:bf:79:65:86:09:bf:91:7d:4f:e3:3f:f4:fa:
a9:c6:f5:90:e5:74:3c:a7:26:cc:70:d1:65:15:73:41:ba:64:
84:f9:ec:ca:af:3d:a2:cf:21:c5:fe:a4:71:df:f7:d3:03:10:
1a:19:71:c4:dd:ed:ed:f1:5b:5c:ab:97:f7:a6:9e:9a:83:75:
e0:3c:b4:74:c1:36:90:c8:5c:87:0a:42:64:0c:fa:78:47:5e:
9d:d5:83:5a:d6:53:41:11:a8:01:39:11:a8:6b:d1:44:f0:50:
c9:93:e6:f0:0f:29:21:ed:7e:cb:e8:16:23:24:58:ba:90:11:
00:57:2b:84:5d:34:89:16:fc:3d:dc:20:10:d5:5b:01:91:80:
3b:8f:10:6c:26:53:53:70:fb:7e:c5:07:28:b9:e2:2a:c6:23:
41:11:22:7b
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUB7ejJG7WUDjFGVu8gewKyz+T0h8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ2MjlaFw0yNjA3MDIxNTUxMjlaMDMxMTAvBgNV
BAMTKEY1NDg5MzU2RkZBQjZDNEFGRDg2NEU3MUY0NDNEQzYzNUM3Njc0ODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbrHA+QVDE2a0+mtpD1Lpp2vau
HoAaCCzrBRf/B4QSd/ebXEeFq02k6npTFIyg6gTm+bEk0REYDYVNJrzKhS2a/7KP
2gkhi4Cxg/xOiLhb/DRrXRWhYLOtc6Fzc/QFEJy+NuBbX3cZNgCI/rZsflNxjI1F
lfr6JPmtmIiXvro6+gGHLqkbiPExfZGhml0bz9CXGT2yl3NOn/rdaNAg/yPw6g9R
WMCyVa1xPt/Ljw1q9rj9dx+mGZNtFDTegfoAwYBlOSBysG/E1dgUT/uU20WLhzee
wsVVPPZTpdAqKaU1n1yIAe6P00rwTngE57jpePVE/UBOd+awC+BM3ExMQNzPAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQU9UiTVv+rbEr9hk5x9EPcY1x2dIUwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjExNTA5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcAKgagBQAIAwcEKgagBQ9wMA0GCSqGSIb3DQEBCwUA
A4IBAQATR/SnpsXAR7C5NHw0hvcWxlRMK6H4Ub2jKPZq1uV/EBT7OJISKjGlcR+c
VpDPyWhQHZH0eAfS6h+Nkp0s8XqoPvUiv5MWglyU5awOPFkM/Uapz45RwlhS4/XH
5hDnSL95ZYYJv5F9T+M/9PqpxvWQ5XQ8pybMcNFlFXNBumSE+ezKrz2izyHF/qRx
3/fTAxAaGXHE3e3t8Vtcq5f3pp6ag3XgPLR0wTaQyFyHCkJkDPp4R16d1YNa1lNB
EagBORGoa9FE8FDJk+bwDykh7X7L6BYjJFi6kBEAVyuEXTSJFvw93CAQ1VsBkYA7
jxBsJlNTcPt+xQcoueIqxiNBESJ7
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:04:18 2025 by rpki-client