Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214456.roa
File: AS214456.roa (raw, json)
Hash identifier: PtoetBWG0zpLx0JDjRzOs/I2KmMR1/o+ODJ8EPl6qGY=
Subject key identifier: 4F:9A:A6:F1:AE:F5:0C:D9:AE:D3:51:1C:A0:F5:A0:14:08:45:9C:C0
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 095386A61BC1C68D63C07CDE7646099E59BFB6D5
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214456.roa
Signing time: Thu 03 Jul 2025 15:51:37 +0000
ROA not before: Thu 03 Jul 2025 15:46:37 +0000
ROA not after: Thu 02 Jul 2026 15:51:37 +0000
asID: 214456
IP address blocks: 81.31.213.0/24 maxlen: 24
103.230.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:53:86:a6:1b:c1:c6:8d:63:c0:7c:de:76:46:09:9e:59:bf:b6:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:46:37 2025 GMT
Not After : Jul 2 15:51:37 2026 GMT
Subject: CN=4F9AA6F1AEF50CD9AED3511CA0F5A01408459CC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cb:24:2f:a9:57:ad:9d:f2:7a:d1:40:a0:2a:
e7:f8:35:09:2f:7d:b9:c0:d8:53:c4:5b:51:c6:88:
9b:1e:6d:7b:7f:78:2f:21:03:91:49:94:29:40:be:
0a:12:42:4c:c5:45:3a:ff:9a:b5:35:d8:48:21:37:
8e:9c:31:59:2f:dc:2f:64:89:7e:64:42:75:0c:d8:
2a:ab:50:fb:e9:56:58:ce:f7:d7:66:ed:cc:ac:74:
0e:99:3b:46:22:8b:8c:25:9d:51:cd:df:80:76:be:
2e:b5:58:82:43:d5:a0:c2:e7:6e:c0:4c:df:dc:a2:
e8:93:35:e0:35:67:2f:2a:18:fc:54:89:98:05:88:
6c:db:eb:e3:ad:81:41:c0:72:fa:d2:a0:62:5b:9f:
8e:1d:bf:88:0f:13:77:2d:9e:6f:c4:19:05:2e:5b:
0d:75:5f:4e:bc:5b:4b:ff:ee:3a:84:66:66:52:c3:
15:7d:cb:14:fc:72:48:f8:13:6a:ce:2d:6e:d1:44:
cd:8c:27:b1:d4:fd:69:e8:3a:ab:b8:f9:34:99:c0:
10:3e:79:66:4a:66:9a:5f:74:c2:29:a3:4c:f4:8c:
84:c6:19:ff:bf:da:e2:84:4b:25:cc:9e:3f:37:35:
f3:fc:bc:ac:4c:e8:be:b0:15:59:04:e6:e4:12:0b:
30:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:9A:A6:F1:AE:F5:0C:D9:AE:D3:51:1C:A0:F5:A0:14:08:45:9C:C0
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214456.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.213.0/24
103.230.142.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:73:af:fc:fc:a1:ed:7b:0d:53:57:f2:64:75:92:62:04:d0:
77:83:c3:f1:c1:84:8a:fc:b4:09:e3:67:b4:40:5f:e1:ef:dc:
b4:da:94:ee:fa:94:8e:9c:e6:42:56:b2:31:f0:80:82:2d:1c:
7b:94:b9:07:c3:18:06:eb:df:c2:9f:3c:e6:e7:9c:60:35:67:
f1:75:77:45:1f:aa:7d:e6:e0:6d:4d:98:d3:fd:df:a2:38:09:
63:1f:81:b9:e8:dd:0b:19:81:5d:3d:c6:b6:af:ce:c9:d0:d8:
43:5a:5b:3a:48:2d:a8:79:d2:cd:53:e4:b2:83:ed:5d:8d:3e:
23:f9:4d:f5:0e:3c:fa:a2:54:63:96:e8:cb:40:c2:97:48:6f:
db:a6:3a:f5:f3:05:65:79:0d:18:9a:17:87:a8:a2:e3:f0:26:
82:51:94:fb:85:74:6e:c5:0c:24:5a:c1:16:98:7f:20:cc:a4:
55:3b:35:83:47:55:35:87:da:83:b0:b8:2b:f3:4d:0e:8d:58:
06:33:1f:49:fc:3b:3a:eb:65:b2:1d:fc:ee:af:da:d2:52:5f:
c2:40:74:87:55:c4:91:53:7d:fc:f8:a9:98:b8:59:0e:33:d6:
c9:1f:c2:42:4c:15:1d:08:24:77:f0:37:ec:e6:98:8c:36:f5:
89:f1:80:da
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUCVOGphvBxo1jwHzedkYJnlm/ttUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ2MzdaFw0yNjA3MDIxNTUxMzdaMDMxMTAvBgNV
BAMTKDRGOUFBNkYxQUVGNTBDRDlBRUQzNTExQ0EwRjVBMDE0MDg0NTlDQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjyyQvqVetnfJ60UCgKuf4NQkv
fbnA2FPEW1HGiJsebXt/eC8hA5FJlClAvgoSQkzFRTr/mrU12EghN46cMVkv3C9k
iX5kQnUM2CqrUPvpVljO99dm7cysdA6ZO0Yii4wlnVHN34B2vi61WIJD1aDC527A
TN/couiTNeA1Zy8qGPxUiZgFiGzb6+OtgUHAcvrSoGJbn44dv4gPE3ctnm/EGQUu
Ww11X068W0v/7jqEZmZSwxV9yxT8ckj4E2rOLW7RRM2MJ7HU/WnoOqu4+TSZwBA+
eWZKZppfdMIpo0z0jITGGf+/2uKESyXMnj83NfP8vKxM6L6wFVkE5uQSCzCnAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUT5qm8a71DNmu01EcoPWgFAhFnMAwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjE0NDU2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEH
AQH/BBYwFDASBAIAATAMAwQAUR/VAwQAZ+aOMA0GCSqGSIb3DQEBCwUAA4IBAQAM
c6/8/KHtew1TV/JkdZJiBNB3g8PxwYSK/LQJ42e0QF/h79y02pTu+pSOnOZCVrIx
8ICCLRx7lLkHwxgG69/Cnzzm55xgNWfxdXdFH6p95uBtTZjT/d+iOAljH4G56N0L
GYFdPca2r87J0NhDWls6SC2oedLNU+Syg+1djT4j+U31Djz6olRjlujLQMKXSG/b
pjr18wVleQ0YmheHqKLj8CaCUZT7hXRuxQwkWsEWmH8gzKRVOzWDR1U1h9qDsLgr
800OjVgGMx9J/Ds662WyHfzur9rSUl/CQHSHVcSRU338+KmYuFkOM9bJH8JCTBUd
CCR38Dfs5piMNvWJ8YDa
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:12:56 2025 by rpki-client