Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214442.roa
File: AS214442.roa (raw, json)
Hash identifier: TnBile74+qnna0jnaZkf0kBaAJdhdRJO00lkw5ogx9c=
Subject key identifier: 2D:A2:24:52:DA:36:D4:BB:80:BB:23:01:54:9A:0C:4D:48:E3:60:0A
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 440FBD8F0C63DD57647CE34EF8F9B72AC99B9C89
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214442.roa
Signing time: Thu 03 Jul 2025 15:51:36 +0000
ROA not before: Thu 03 Jul 2025 15:46:36 +0000
ROA not after: Thu 02 Jul 2026 15:51:36 +0000
asID: 214442
IP address blocks: 118.91.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:0f:bd:8f:0c:63:dd:57:64:7c:e3:4e:f8:f9:b7:2a:c9:9b:9c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:46:36 2025 GMT
Not After : Jul 2 15:51:36 2026 GMT
Subject: CN=2DA22452DA36D4BB80BB2301549A0C4D48E3600A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fa:45:be:f1:dd:dc:aa:90:3a:27:76:2b:a3:
ec:df:2b:55:03:18:c9:ef:42:4b:7e:de:ff:9e:f7:
84:90:2d:c7:03:c4:2e:30:13:3f:8d:3c:48:62:83:
33:64:f2:32:d6:5c:f3:e6:25:fc:fa:9c:8a:03:e5:
93:2d:66:bc:f1:fc:50:f2:c8:b6:2f:5e:37:7c:67:
ef:bf:e1:80:4e:09:72:5d:f9:ef:45:2b:19:2c:70:
7d:78:9e:c6:81:c6:f0:3b:62:33:3e:65:2e:f5:5b:
9a:99:db:a8:44:a0:06:7d:d2:da:e8:de:2c:42:0c:
c4:6c:55:b5:7c:b5:33:ae:c7:3b:54:24:41:04:99:
83:f2:3d:7a:59:32:9e:cf:d7:8a:29:bf:57:d2:8c:
c5:a4:eb:93:04:2f:7a:ae:3e:5a:12:9c:74:2c:b3:
26:f7:89:54:f0:21:14:12:71:5d:48:f2:57:83:b7:
93:ce:d9:92:1f:91:10:0b:a9:72:00:b1:45:fa:ca:
dc:c6:2a:f6:49:d4:0f:28:da:fb:a5:bd:e7:1b:ac:
16:60:9b:1e:56:13:e6:26:07:bf:be:6d:89:a0:f3:
a7:ed:c4:95:9b:d5:93:a4:8a:19:39:97:d0:26:54:
ae:2e:59:1b:60:fa:e5:56:16:0d:08:3d:f4:d5:00:
81:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:A2:24:52:DA:36:D4:BB:80:BB:23:01:54:9A:0C:4D:48:E3:60:0A
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214442.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
118.91.184.0/24
Signature Algorithm: sha256WithRSAEncryption
78:7b:43:97:88:f9:9e:fa:a7:42:d3:f3:cf:16:d4:62:89:03:
4d:26:54:22:6e:4c:60:8d:39:c0:ec:ff:b3:51:15:5d:f1:65:
b5:4e:51:10:b5:08:0b:93:e4:d7:57:05:22:af:61:4a:04:3c:
59:b6:cc:54:23:91:22:5d:bc:e5:87:a4:5b:41:81:ac:11:9a:
3f:d9:ac:0c:72:45:f0:6d:2d:a4:e3:9a:2c:be:68:12:ea:fa:
a6:cd:88:66:d3:40:7d:e6:71:24:ca:dd:08:7d:d1:f7:33:70:
76:a3:68:d8:1e:e4:10:fd:71:21:94:03:3e:ac:95:54:3a:d4:
dd:29:66:10:8d:fd:1e:9e:91:1b:c3:7d:65:e2:c4:47:a4:50:
7d:11:6f:65:05:c2:1c:c4:58:6a:71:c9:8b:55:38:ba:64:78:
40:2d:30:33:46:22:f1:63:34:51:dc:0f:d1:08:02:f6:62:e2:
12:7c:c0:68:82:2c:fa:26:3f:29:10:f8:cc:40:2d:2f:16:82:
48:59:5a:0c:46:9e:45:97:52:02:6a:94:27:9a:a4:53:9a:00:
6c:6d:a1:ad:65:0d:c6:51:b9:92:b7:8f:39:05:88:38:4a:7b:
a3:31:1c:67:69:7d:ab:30:af:ed:8c:0d:2f:ae:6f:d8:a7:a6:
a6:6e:7d:55
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIURA+9jwxj3VdkfONO+Pm3KsmbnIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ2MzZaFw0yNjA3MDIxNTUxMzZaMDMxMTAvBgNV
BAMTKDJEQTIyNDUyREEzNkQ0QkI4MEJCMjMwMTU0OUEwQzRENDhFMzYwMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCM+kW+8d3cqpA6J3Yro+zfK1UD
GMnvQkt+3v+e94SQLccDxC4wEz+NPEhigzNk8jLWXPPmJfz6nIoD5ZMtZrzx/FDy
yLYvXjd8Z++/4YBOCXJd+e9FKxkscH14nsaBxvA7YjM+ZS71W5qZ26hEoAZ90tro
3ixCDMRsVbV8tTOuxztUJEEEmYPyPXpZMp7P14opv1fSjMWk65MEL3quPloSnHQs
syb3iVTwIRQScV1I8leDt5PO2ZIfkRALqXIAsUX6ytzGKvZJ1A8o2vulvecbrBZg
mx5WE+YmB7++bYmg86ftxJWb1ZOkihk5l9AmVK4uWRtg+uVWFg0IPfTVAIGbAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQULaIkUto21LuAuyMBVJoMTUjjYAowHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjE0NDQyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAdlu4MA0GCSqGSIb3DQEBCwUAA4IBAQB4e0OXiPme
+qdC0/PPFtRiiQNNJlQibkxgjTnA7P+zURVd8WW1TlEQtQgLk+TXVwUir2FKBDxZ
tsxUI5EiXbzlh6RbQYGsEZo/2awMckXwbS2k45osvmgS6vqmzYhm00B95nEkyt0I
fdH3M3B2o2jYHuQQ/XEhlAM+rJVUOtTdKWYQjf0enpEbw31l4sRHpFB9EW9lBcIc
xFhqccmLVTi6ZHhALTAzRiLxYzRR3A/RCAL2YuISfMBogiz6Jj8pEPjMQC0vFoJI
WVoMRp5Fl1ICapQnmqRTmgBsbaGtZQ3GUbmSt485BYg4SnujMRxnaX2rMK/tjA0v
rm/Yp6ambn1V
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:12:55 2025 by rpki-client