Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS212049.roa
File: AS212049.roa (raw, json)
Hash identifier: dn5yVrMqSWKFnCpradjZThzNP/4Pl+YANbpd/RnM1Co=
Subject key identifier: F9:A0:5C:A8:2B:34:E5:B8:09:88:E9:1B:F7:66:3E:DE:B0:AD:17:98
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 24A1E4ED71ACCFE8BE96DFEFE2E1F04468E9841C
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS212049.roa
Signing time: Thu 03 Jul 2025 15:52:23 +0000
ROA not before: Thu 03 Jul 2025 15:47:23 +0000
ROA not after: Thu 02 Jul 2026 15:52:23 +0000
asID: 212049
IP address blocks: 2a06:a005:1083::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:a1:e4:ed:71:ac:cf:e8:be:96:df:ef:e2:e1:f0:44:68:e9:84:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:23 2025 GMT
Not After : Jul 2 15:52:23 2026 GMT
Subject: CN=F9A05CA82B34E5B80988E91BF7663EDEB0AD1798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:56:b2:0d:ea:60:b7:31:b9:06:34:52:95:3a:
d6:50:ce:3c:ca:81:d8:4b:9a:08:50:65:cf:a4:38:
2c:09:58:ac:5b:77:f7:25:0a:52:7a:b5:04:79:27:
ab:11:9f:48:7a:46:8c:c1:1f:7c:ac:a6:4d:01:eb:
61:9d:c1:6f:3c:b6:81:87:c0:8c:16:e8:60:21:1e:
70:f0:6a:3e:35:66:65:7c:a2:0a:f1:4c:a8:c9:98:
ac:e1:2d:1e:8e:e6:f9:62:ba:a9:4c:83:10:16:d2:
fb:6a:c2:2d:dc:63:71:5d:5a:9f:09:89:51:16:14:
80:37:16:4f:57:c4:8b:96:23:6a:99:75:e0:97:e4:
12:97:48:7d:26:27:02:f4:43:58:73:53:2c:6a:ae:
27:c1:cc:59:f2:85:c0:1f:55:26:10:a3:ba:b7:18:
aa:b3:a9:23:00:7d:90:64:3a:76:52:ac:af:f5:69:
8e:d1:2e:e3:5b:81:f4:80:a8:e1:33:7f:0c:d7:0d:
ef:34:01:76:d7:35:4b:d3:bf:26:55:71:ab:67:5d:
8a:0d:86:d3:c7:41:f4:4c:3a:1e:35:7b:f5:b3:fe:
22:55:7b:62:b2:35:c0:9a:ba:9d:ce:78:81:18:c8:
7c:19:98:27:cf:2f:00:20:fc:ca:e2:d0:5e:68:f1:
8d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A0:5C:A8:2B:34:E5:B8:09:88:E9:1B:F7:66:3E:DE:B0:AD:17:98
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS212049.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1083::/48
Signature Algorithm: sha256WithRSAEncryption
21:b8:2e:5b:12:77:00:28:65:bb:2f:a4:52:1f:06:b9:cb:0a:
80:5b:d5:7b:12:74:92:09:7f:79:98:91:1f:94:94:7f:3a:94:
a8:8e:a6:aa:c0:30:d0:41:bf:56:d6:da:ae:2f:e6:d4:55:4e:
3a:4d:d2:b1:49:23:bf:09:e3:fd:e6:14:17:32:d8:18:cf:8f:
10:da:25:2e:45:f9:23:04:c6:a1:47:c0:06:48:5e:a9:e6:f4:
99:41:09:01:0d:53:42:03:89:0c:7c:e8:e3:92:60:0e:89:23:
6e:f5:13:d9:dc:0b:91:d8:e9:a7:3c:df:b6:ea:5f:23:cd:fa:
56:05:35:e4:b7:71:c2:e9:55:ad:72:79:0c:a8:e5:3c:b1:c0:
48:77:87:94:57:7a:50:f9:ff:31:a8:aa:4c:e3:43:44:8c:2b:
65:56:23:bb:d2:75:7c:d8:4d:c3:39:ff:9e:05:28:df:9a:4d:
d7:66:f2:6a:36:37:5f:d8:9e:e2:f3:b0:44:e6:58:59:f6:fc:
75:08:fa:12:72:ce:ff:84:73:fc:e1:62:fe:a0:a1:fd:87:e4:
bc:52:8b:63:80:16:57:46:b7:a7:ab:37:da:32:18:62:7a:b4:
08:20:05:27:10:7c:41:bf:51:d1:98:03:fc:e4:55:b0:80:a0:
52:f5:8e:20
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUJKHk7XGsz+i+lt/v4uHwRGjphBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MjNaFw0yNjA3MDIxNTUyMjNaMDMxMTAvBgNV
BAMTKEY5QTA1Q0E4MkIzNEU1QjgwOTg4RTkxQkY3NjYzRURFQjBBRDE3OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaVrIN6mC3MbkGNFKVOtZQzjzK
gdhLmghQZc+kOCwJWKxbd/clClJ6tQR5J6sRn0h6RozBH3yspk0B62GdwW88toGH
wIwW6GAhHnDwaj41ZmV8ogrxTKjJmKzhLR6O5vliuqlMgxAW0vtqwi3cY3FdWp8J
iVEWFIA3Fk9XxIuWI2qZdeCX5BKXSH0mJwL0Q1hzUyxqrifBzFnyhcAfVSYQo7q3
GKqzqSMAfZBkOnZSrK/1aY7RLuNbgfSAqOEzfwzXDe80AXbXNUvTvyZVcatnXYoN
htPHQfRMOh41e/Wz/iJVe2KyNcCaup3OeIEYyHwZmCfPLwAg/Mri0F5o8Y3RAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU+aBcqCs05bgJiOkb92Y+3rCtF5gwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjEyMDQ5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBRCDMA0GCSqGSIb3DQEBCwUAA4IBAQAhuC5b
EncAKGW7L6RSHwa5ywqAW9V7EnSSCX95mJEflJR/OpSojqaqwDDQQb9W1tquL+bU
VU46TdKxSSO/CeP95hQXMtgYz48Q2iUuRfkjBMahR8AGSF6p5vSZQQkBDVNCA4kM
fOjjkmAOiSNu9RPZ3AuR2OmnPN+26l8jzfpWBTXkt3HC6VWtcnkMqOU8scBId4eU
V3pQ+f8xqKpM40NEjCtlViO70nV82E3DOf+eBSjfmk3XZvJqNjdf2J7i87BE5lhZ
9vx1CPoScs7/hHP84WL+oKH9h+S8UotjgBZXRrenqzfaMhhierQIIAUnEHxBv1HR
mAP85FWwgKBS9Y4g
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:19:17 2025 by rpki-client