Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS212001.roa
File: AS212001.roa (raw, json)
Hash identifier: NN2C4eBPwCJyAkItfWAGot98csXZuZ69G6e1Wjg09ms=
Subject key identifier: 25:A3:8D:EF:E8:E4:4A:A9:20:71:C7:0B:B3:76:CD:AA:78:5C:E6:5B
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 0A0D38656971811813D1251FC7E72B63FAC6DBB6
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS212001.roa
Signing time: Thu 03 Jul 2025 15:52:25 +0000
ROA not before: Thu 03 Jul 2025 15:47:25 +0000
ROA not after: Thu 02 Jul 2026 15:52:25 +0000
asID: 212001
IP address blocks: 2a06:9f44:d000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:0d:38:65:69:71:81:18:13:d1:25:1f:c7:e7:2b:63:fa:c6:db:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:25 2025 GMT
Not After : Jul 2 15:52:25 2026 GMT
Subject: CN=25A38DEFE8E44AA92071C70BB376CDAA785CE65B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:14:60:fe:b0:5a:25:59:e6:b5:9b:89:c6:63:
3f:e5:7f:e7:44:05:a6:e0:a6:ed:08:6d:33:cb:60:
85:95:77:94:5b:49:88:8b:a1:5d:f8:0a:d9:63:e9:
31:70:0f:3d:f4:b0:d3:1b:ff:34:62:fc:bd:8f:d1:
bd:ad:f3:dd:c0:ac:b0:60:0d:a8:e1:ef:66:6e:3e:
cd:40:fb:2a:97:86:1f:be:66:1d:99:ff:59:73:c9:
7d:65:85:e8:40:a7:c7:21:99:4c:f0:21:e3:22:54:
b2:67:c4:e5:b2:33:95:ba:ae:b1:e0:02:c2:79:e2:
83:07:8f:36:cb:e3:c4:1e:60:96:51:d6:fe:76:0e:
99:70:f6:07:5e:6d:2b:93:7b:64:f8:53:b2:7e:f5:
c2:f7:6f:9c:49:c8:3a:33:17:7e:43:f9:a4:8e:71:
0d:8f:1f:e8:db:82:41:e8:d1:98:ef:1b:79:12:d7:
00:2f:b9:22:10:0b:30:fe:bb:79:7f:8f:70:fd:50:
84:17:38:b9:66:b3:b3:50:a1:73:3d:26:81:53:db:
4f:76:32:ce:87:f9:ad:66:1f:27:80:a2:92:9b:c1:
30:79:8b:42:d5:b7:35:4d:3c:b4:b6:ba:60:9b:df:
00:83:88:2c:1b:f9:fb:97:0a:06:59:85:63:35:5d:
80:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A3:8D:EF:E8:E4:4A:A9:20:71:C7:0B:B3:76:CD:AA:78:5C:E6:5B
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS212001.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9f44:d000::/36
Signature Algorithm: sha256WithRSAEncryption
6f:5d:8a:ea:e1:e6:04:48:c0:3e:d1:8b:42:e7:60:8e:04:96:
54:ef:fa:e1:b0:01:0e:40:95:6d:1e:33:c1:a7:df:3b:33:6f:
7a:d4:60:df:b1:7d:42:dc:c6:36:54:a7:2a:07:2f:35:13:51:
e1:1a:6a:65:e8:fd:d5:bb:90:26:67:eb:fc:05:3c:c0:04:49:
66:8a:9b:39:3b:2d:6e:9b:a3:39:ff:74:44:1f:3f:19:32:15:
8e:c4:b3:6d:9c:d5:e5:f2:34:85:84:5a:7a:ee:2f:b2:01:7d:
b7:1d:ae:3d:b9:76:3b:ad:64:3c:86:97:84:7c:4b:42:71:99:
d0:e7:27:35:81:6c:56:cf:fa:0a:48:2f:ba:3b:96:12:bf:b8:
e4:41:8f:66:e3:11:9f:07:d3:07:76:db:67:74:9f:a5:b1:66:
b9:36:5f:9b:1b:4b:3d:07:02:96:76:8f:e0:1e:bb:ba:19:cd:
b6:f6:3c:22:81:4c:74:90:ee:2c:3c:29:1f:5e:59:a1:7e:01:
c3:70:f6:b9:22:99:8c:f5:47:d5:87:6f:ed:32:ad:c5:a3:83:
a6:50:a9:d2:c1:c7:8f:8c:82:8a:41:84:41:b4:a1:4a:a9:86:
60:d4:45:eb:31:77:e5:8c:19:1a:cd:57:2a:4d:ca:21:da:a2:
8b:69:a0:ef
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUCg04ZWlxgRgT0SUfx+crY/rG27YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MjVaFw0yNjA3MDIxNTUyMjVaMDMxMTAvBgNV
BAMTKDI1QTM4REVGRThFNDRBQTkyMDcxQzcwQkIzNzZDREFBNzg1Q0U2NUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfFGD+sFolWea1m4nGYz/lf+dE
Babgpu0IbTPLYIWVd5RbSYiLoV34Ctlj6TFwDz30sNMb/zRi/L2P0b2t893ArLBg
Dajh72ZuPs1A+yqXhh++Zh2Z/1lzyX1lhehAp8chmUzwIeMiVLJnxOWyM5W6rrHg
AsJ54oMHjzbL48QeYJZR1v52Dplw9gdebSuTe2T4U7J+9cL3b5xJyDozF35D+aSO
cQ2PH+jbgkHo0ZjvG3kS1wAvuSIQCzD+u3l/j3D9UIQXOLlms7NQoXM9JoFT2092
Ms6H+a1mHyeAopKbwTB5i0LVtzVNPLS2umCb3wCDiCwb+fuXCgZZhWM1XYBJAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUJaON7+jkSqkgcccLs3bNqnhc5lswHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjEyMDAxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEH
AQH/BBIwEDAOBAIAAjAIAwYEKgafRNAwDQYJKoZIhvcNAQELBQADggEBAG9diurh
5gRIwD7Ri0LnYI4EllTv+uGwAQ5AlW0eM8Gn3zszb3rUYN+xfULcxjZUpyoHLzUT
UeEaamXo/dW7kCZn6/wFPMAESWaKmzk7LW6bozn/dEQfPxkyFY7Es22c1eXyNIWE
WnruL7IBfbcdrj25djutZDyGl4R8S0JxmdDnJzWBbFbP+gpIL7o7lhK/uORBj2bj
EZ8H0wd222d0n6WxZrk2X5sbSz0HApZ2j+Aeu7oZzbb2PCKBTHSQ7iw8KR9eWaF+
AcNw9rkimYz1R9WHb+0yrcWjg6ZQqdLBx4+MgopBhEG0oUqphmDUResxd+WMGRrN
VypNyiHaootpoO8=
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:24:54 2025 by rpki-client