Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS213267.roa
File: AS213267.roa (raw, json)
Hash identifier: rSwmF3FuLsT91YKsb8TtarZ4mUM9TEwiF1bi899/PTs=
Subject key identifier: 2B:2E:2B:44:5A:72:AF:68:78:0D:CA:7F:B7:16:B5:B1:29:F8:2A:67
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 59A1B1E8E14643F27E0C1BA24AB81FD2962B5C4F
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS213267.roa
Signing time: Thu 03 Jul 2025 15:52:37 +0000
ROA not before: Thu 03 Jul 2025 15:47:37 +0000
ROA not after: Thu 02 Jul 2026 15:52:37 +0000
asID: 213267
IP address blocks: 2a06:a005:2f80::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:a1:b1:e8:e1:46:43:f2:7e:0c:1b:a2:4a:b8:1f:d2:96:2b:5c:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:37 2025 GMT
Not After : Jul 2 15:52:37 2026 GMT
Subject: CN=2B2E2B445A72AF68780DCA7FB716B5B129F82A67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:28:73:2a:0f:95:9b:97:07:e1:43:c0:b4:8e:
d7:eb:ef:51:f9:7b:98:37:fb:b0:18:d2:fd:e7:e3:
22:b9:09:1d:a5:de:65:74:ef:40:65:50:9d:de:96:
ee:81:60:14:4f:ef:11:d1:99:65:ce:ca:0c:19:e9:
12:47:68:ba:b9:0c:f6:cb:4e:a0:43:76:ac:42:ce:
1c:5d:64:f0:74:b0:4a:d0:eb:66:99:83:ad:5d:18:
7f:d1:46:67:fa:29:68:83:39:bd:13:b4:00:b1:20:
7b:78:c7:0d:6f:04:54:5e:95:1f:aa:a7:e6:f0:49:
e5:ab:bd:96:08:21:e5:9d:7d:47:a1:4b:cc:b9:f1:
b1:4a:e0:15:0f:d7:46:bf:c0:56:f3:1a:c6:ed:76:
41:9f:dc:d3:22:bd:66:16:d4:dc:78:1f:37:51:67:
bd:64:35:93:43:31:6e:d7:b8:44:5e:49:ed:0f:4e:
5f:01:36:33:78:2c:66:b6:4c:1d:95:34:c2:0e:84:
e5:e7:a6:94:56:8e:f7:68:8c:b4:e8:e3:b5:db:06:
d4:95:4c:2d:22:7a:1b:00:c2:75:94:2a:44:03:19:
5f:7c:b4:55:72:7d:08:49:58:45:bd:f2:fa:eb:7f:
ba:5d:a4:b9:ee:a5:27:13:5e:bb:e6:3d:3a:98:66:
b7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:2E:2B:44:5A:72:AF:68:78:0D:CA:7F:B7:16:B5:B1:29:F8:2A:67
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS213267.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:2f80::/44
Signature Algorithm: sha256WithRSAEncryption
84:91:1a:44:c7:3b:31:fc:16:8a:10:28:fe:48:99:81:32:77:
c8:22:65:15:52:0b:62:72:76:9b:d1:69:4b:85:6b:4b:82:1f:
cd:4c:6a:11:ad:1e:92:d7:da:e6:c3:ef:a7:9c:8d:48:fd:83:
f0:79:5e:5a:88:ca:cb:0a:04:c4:ee:bd:b3:ab:d2:8f:63:be:
66:75:ce:10:9a:fe:b1:bb:bf:88:1f:8b:29:45:8c:ef:2b:a5:
fb:95:0a:17:dc:09:cf:8c:9e:52:72:ed:86:d5:64:a4:51:84:
41:1b:3b:c5:58:f2:e9:b5:76:e7:8e:12:bf:48:ff:55:d2:1e:
4d:ab:fe:0c:cb:b6:dc:ee:fe:4b:9d:bc:62:0b:1c:55:11:58:
c1:e8:5f:5d:f3:f8:ec:45:92:c0:79:d0:ba:03:18:d7:de:32:
e2:c3:11:5e:3f:a8:79:2d:91:5f:c7:61:40:35:53:8b:ed:7d:
b5:a4:ea:ab:a5:4f:9a:38:e8:c8:64:c8:d3:81:cd:3b:f6:ee:
7a:e7:85:2c:76:01:bc:c5:c3:6a:02:b3:2b:e2:ab:06:94:3e:
1a:0f:5a:ea:d4:cb:d2:3b:0e:cb:cb:89:72:3f:4d:1b:1f:95:
0b:3a:1f:cc:d7:a9:2e:96:64:85:5b:6c:3d:87:f7:63:2b:d8:
5f:19:f2:50
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUWaGx6OFGQ/J+DBuiSrgf0pYrXE8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MzdaFw0yNjA3MDIxNTUyMzdaMDMxMTAvBgNV
BAMTKDJCMkUyQjQ0NUE3MkFGNjg3ODBEQ0E3RkI3MTZCNUIxMjlGODJBNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhKHMqD5WblwfhQ8C0jtfr71H5
e5g3+7AY0v3n4yK5CR2l3mV070BlUJ3elu6BYBRP7xHRmWXOygwZ6RJHaLq5DPbL
TqBDdqxCzhxdZPB0sErQ62aZg61dGH/RRmf6KWiDOb0TtACxIHt4xw1vBFRelR+q
p+bwSeWrvZYIIeWdfUehS8y58bFK4BUP10a/wFbzGsbtdkGf3NMivWYW1Nx4HzdR
Z71kNZNDMW7XuEReSe0PTl8BNjN4LGa2TB2VNMIOhOXnppRWjvdojLTo47XbBtSV
TC0iehsAwnWUKkQDGV98tFVyfQhJWEW98vrrf7pdpLnupScTXrvmPTqYZredAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUKy4rRFpyr2h4Dcp/txa1sSn4KmcwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjEzMjY3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBS+AMA0GCSqGSIb3DQEBCwUAA4IBAQCEkRpE
xzsx/BaKECj+SJmBMnfIImUVUgticnab0WlLhWtLgh/NTGoRrR6S19rmw++nnI1I
/YPweV5aiMrLCgTE7r2zq9KPY75mdc4Qmv6xu7+IH4spRYzvK6X7lQoX3AnPjJ5S
cu2G1WSkUYRBGzvFWPLptXbnjhK/SP9V0h5Nq/4My7bc7v5LnbxiCxxVEVjB6F9d
8/jsRZLAedC6AxjX3jLiwxFeP6h5LZFfx2FANVOL7X21pOqrpU+aOOjIZMjTgc07
9u5654UsdgG8xcNqArMr4qsGlD4aD1rq1MvSOw7Ly4lyP00bH5ULOh/M16kulmSF
W2w9h/djK9hfGfJQ
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:19:16 2025 by rpki-client