Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214451.roa
File: AS214451.roa (raw, json)
Hash identifier: SIcXvdPOTMBltQm6YoJ7WtgKH/GMl4WW+R9VEh+gno4=
Subject key identifier: ED:59:53:FC:4C:81:67:75:AF:DD:25:06:D4:AE:7C:AE:C4:B9:8D:09
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 7F0FBAC1F5473917D2D0127AAF7CA2C796194A83
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214451.roa
Signing time: Tue 09 Sep 2025 08:04:38 +0000
ROA not before: Tue 09 Sep 2025 07:59:38 +0000
ROA not after: Tue 08 Sep 2026 08:04:38 +0000
asID: 214451
IP address blocks: 103.254.62.0/24 maxlen: 24
195.184.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:0f:ba:c1:f5:47:39:17:d2:d0:12:7a:af:7c:a2:c7:96:19:4a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Sep 9 07:59:38 2025 GMT
Not After : Sep 8 08:04:38 2026 GMT
Subject: CN=ED5953FC4C816775AFDD2506D4AE7CAEC4B98D09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c5:97:f3:73:51:f8:0e:55:3a:cd:cd:1b:8e:
53:4f:1d:26:e6:07:77:ec:f8:a0:11:2e:58:ff:7c:
d5:83:26:fd:f1:b9:c2:ef:4d:b8:8e:ab:df:e8:e3:
34:d0:00:ae:c9:56:1e:29:d1:95:54:a9:f5:94:49:
89:31:14:bd:28:e0:e5:7a:d7:4e:84:02:cf:e3:6a:
34:a7:1b:c6:9a:81:5a:6d:5d:65:22:b9:93:7a:be:
84:c9:2a:0c:97:f3:21:68:d6:39:ce:b2:09:77:ec:
f2:83:8d:ef:a0:10:43:40:e5:ff:8c:91:c9:4d:f7:
83:7a:02:30:26:6a:6f:c8:d3:00:f1:b7:44:23:b9:
1b:bc:3a:da:fe:f0:17:36:1c:38:cb:5d:ce:ad:90:
56:6c:05:98:c5:42:d6:c7:b5:fd:21:73:c7:17:98:
a0:26:80:69:3d:38:6c:f6:00:28:d7:2e:64:66:cf:
a5:b0:a2:93:d2:b4:02:f3:7b:63:e3:22:f8:4d:c2:
e2:de:96:1f:9c:b9:86:b1:3c:c8:84:59:f6:2b:aa:
d4:73:4f:3f:b7:32:2f:25:07:55:b2:68:1f:ec:c6:
40:64:57:68:50:5d:43:83:91:6c:d9:85:1f:ca:c6:
6e:24:1e:f1:f2:9d:1b:ee:76:ef:bd:59:3b:88:cb:
39:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:59:53:FC:4C:81:67:75:AF:DD:25:06:D4:AE:7C:AE:C4:B9:8D:09
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214451.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.254.62.0/24
195.184.247.0/24
Signature Algorithm: sha256WithRSAEncryption
26:2e:a9:e6:aa:d7:52:d9:2b:1e:2e:4b:70:1a:a2:1d:d6:27:
7b:5e:0f:9e:b8:ba:96:c8:4f:80:0f:a3:64:9f:09:59:cf:db:
3a:37:02:24:4f:32:5f:43:9d:28:ee:22:9e:d4:4d:3c:63:bd:
c8:b7:a1:e2:da:8e:0c:09:48:31:25:d1:49:e7:87:aa:03:15:
e0:07:62:2c:c9:58:03:34:7b:f5:a8:24:f3:f7:0e:1d:21:71:
61:12:34:84:62:12:f8:ea:74:95:1a:7b:95:f7:ad:7f:88:a7:
87:28:7c:bb:2c:25:7c:18:9d:e2:4c:85:cd:9d:f5:c7:17:22:
b1:8d:9b:fd:ab:c5:18:26:f8:69:c7:26:6d:0e:79:2d:9e:9d:
f4:a6:86:44:c8:09:5d:38:56:d6:e1:0b:f9:e0:d1:17:cb:26:
3e:60:eb:93:7c:46:52:c9:8f:fb:51:b8:c8:9a:7b:d7:3f:fb:
ba:c9:b6:d5:be:06:af:ea:9a:dd:3e:ae:7a:2f:7b:cc:c3:00:
58:23:de:28:4f:32:80:55:89:d8:d6:7b:5b:6e:9a:c9:b9:e4:
98:bb:4b:df:96:33:51:11:07:40:11:83:bb:34:2e:39:76:08:
d5:8d:cf:54:52:72:f0:91:6d:f7:c4:75:fe:49:e9:aa:a3:6d:
9e:8b:3e:bf
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUfw+6wfVHORfS0BJ6r3yix5YZSoMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA5MDkwNzU5MzhaFw0yNjA5MDgwODA0MzhaMDMxMTAvBgNV
BAMTKEVENTk1M0ZDNEM4MTY3NzVBRkREMjUwNkQ0QUU3Q0FFQzRCOThEMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuxZfzc1H4DlU6zc0bjlNPHSbm
B3fs+KARLlj/fNWDJv3xucLvTbiOq9/o4zTQAK7JVh4p0ZVUqfWUSYkxFL0o4OV6
106EAs/jajSnG8aagVptXWUiuZN6voTJKgyX8yFo1jnOsgl37PKDje+gEENA5f+M
kclN94N6AjAmam/I0wDxt0QjuRu8Otr+8Bc2HDjLXc6tkFZsBZjFQtbHtf0hc8cX
mKAmgGk9OGz2ACjXLmRmz6WwopPStALze2PjIvhNwuLelh+cuYaxPMiEWfYrqtRz
Tz+3Mi8lB1WyaB/sxkBkV2hQXUODkWzZhR/Kxm4kHvHynRvudu+9WTuIyznVAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQU7VlT/EyBZ3Wv3SUG1K58rsS5jQkwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjE0NDUxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEH
AQH/BBYwFDASBAIAATAMAwQAZ/4+AwQAw7j3MA0GCSqGSIb3DQEBCwUAA4IBAQAm
LqnmqtdS2SseLktwGqId1id7Xg+euLqWyE+AD6NknwlZz9s6NwIkTzJfQ50o7iKe
1E08Y73It6Hi2o4MCUgxJdFJ54eqAxXgB2IsyVgDNHv1qCTz9w4dIXFhEjSEYhL4
6nSVGnuV961/iKeHKHy7LCV8GJ3iTIXNnfXHFyKxjZv9q8UYJvhpxyZtDnktnp30
poZEyAldOFbW4Qv54NEXyyY+YOuTfEZSyY/7UbjImnvXP/u6ybbVvgav6prdPq56
L3vMwwBYI94oTzKAVYnY1ntbbprJueSYu0vfljNREQdAEYO7NC45dgjVjc9UUnLw
kW33xHX+Semqo22eiz6/
-----END CERTIFICATE-----
Generated at Wed Oct 8 17:25:42 2025 by rpki-client