Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS270168.roa
File: AS270168.roa (raw, json)
Hash identifier: snmzm7Cg8J5DZO2/9OCL51puD5JC59xljvrER4dMaF0=
Subject key identifier: E2:3C:7D:80:D9:65:23:CA:2A:5B:30:FE:65:A5:A4:70:7B:44:EB:0F
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 4E4B2947ED75D326BFB6374767AF9C4602C241FC
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS270168.roa
Signing time: Thu 03 Jul 2025 15:52:35 +0000
ROA not before: Thu 03 Jul 2025 15:47:35 +0000
ROA not after: Thu 02 Jul 2026 15:52:35 +0000
asID: 270168
IP address blocks: 103.137.192.0/24 maxlen: 24
202.50.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:4b:29:47:ed:75:d3:26:bf:b6:37:47:67:af:9c:46:02:c2:41:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:35 2025 GMT
Not After : Jul 2 15:52:35 2026 GMT
Subject: CN=E23C7D80D96523CA2A5B30FE65A5A4707B44EB0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:15:c9:69:bf:7e:b5:a4:fa:ad:9c:cb:25:da:
bc:77:65:27:ab:b0:dd:cf:81:66:13:af:45:1a:0b:
4c:41:1a:7c:24:8c:5d:21:21:96:a9:3b:79:af:83:
8d:d6:bc:83:18:9b:ef:90:29:49:32:e8:30:75:45:
ef:68:e2:9b:e9:59:f2:d5:c4:10:78:ca:ac:f6:cb:
59:92:fa:75:fe:5c:a0:22:a1:77:4a:4f:51:37:a6:
71:aa:2d:98:a1:a4:1d:08:f3:79:c8:e5:21:18:ae:
55:af:4a:11:1e:f6:34:cb:2a:3b:7a:5a:5c:7b:af:
57:90:4a:59:be:98:09:88:82:a5:9b:14:b2:e8:7b:
f5:59:ab:ea:1a:c6:83:f5:c4:9f:d5:be:bb:7a:29:
cd:a2:ca:67:a8:71:9b:b6:e6:8a:e8:36:97:cf:be:
99:a7:b2:73:47:70:fc:1a:56:c7:80:90:45:16:00:
83:c5:85:8a:87:07:f1:04:c2:80:29:a2:6a:65:b5:
01:04:53:33:63:76:31:cb:35:00:a0:45:d7:8f:3b:
b5:e2:7e:ba:49:40:54:da:e8:c2:bc:7c:bd:18:64:
86:f6:7a:f2:b4:f6:01:2b:10:d1:15:eb:2c:86:3f:
84:f4:1b:c9:9a:5e:f8:e8:a3:6a:4f:c6:8c:86:1d:
33:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3C:7D:80:D9:65:23:CA:2A:5B:30:FE:65:A5:A4:70:7B:44:EB:0F
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS270168.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.137.192.0/24
202.50.52.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:c9:62:0b:66:a2:ea:a1:7b:e6:93:d3:d6:75:3a:40:a2:8f:
e3:59:64:30:93:30:f8:70:ec:70:ca:69:42:bb:ad:ae:6c:eb:
c3:88:39:79:34:6a:69:4b:77:4e:bd:38:16:44:70:e3:4d:a0:
1f:55:3a:30:6f:a2:9d:4b:41:c2:2f:23:bc:b4:93:9e:99:5d:
99:cc:1d:ec:15:19:67:74:f1:60:c3:fb:71:c8:c2:06:b8:08:
98:82:f7:d4:18:74:ac:b0:0d:12:59:58:04:7a:e2:b4:41:3a:
5d:90:e4:68:6b:a7:c7:0c:ed:27:20:88:08:89:05:28:ae:78:
f2:71:88:77:8a:51:b0:f1:00:ee:32:08:cb:5e:3f:c0:d3:b0:
a2:b0:ac:09:de:ba:b2:84:6a:13:5f:a8:b6:08:74:eb:1f:4f:
90:15:14:04:02:4b:56:bf:a3:89:02:5e:ed:84:66:e6:04:7d:
97:87:b3:4f:b4:34:6a:0c:2a:4a:24:3a:49:ea:68:e7:7e:c3:
26:5a:1d:e3:a1:12:5a:64:a9:bf:00:63:d7:ac:ec:19:cc:4d:
6f:6b:a0:27:1f:71:d2:11:08:eb:11:93:8c:99:98:75:bd:db:
3c:7c:40:c1:ed:7a:ee:eb:9b:77:2d:43:25:69:c3:59:1c:16:
11:73:d0:23
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUTkspR+110ya/tjdHZ6+cRgLCQfwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MzVaFw0yNjA3MDIxNTUyMzVaMDMxMTAvBgNV
BAMTKEUyM0M3RDgwRDk2NTIzQ0EyQTVCMzBGRTY1QTVBNDcwN0I0NEVCMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBFclpv361pPqtnMsl2rx3ZSer
sN3PgWYTr0UaC0xBGnwkjF0hIZapO3mvg43WvIMYm++QKUky6DB1Re9o4pvpWfLV
xBB4yqz2y1mS+nX+XKAioXdKT1E3pnGqLZihpB0I83nI5SEYrlWvShEe9jTLKjt6
Wlx7r1eQSlm+mAmIgqWbFLLoe/VZq+oaxoP1xJ/Vvrt6Kc2iymeocZu25oroNpfP
vpmnsnNHcPwaVseAkEUWAIPFhYqHB/EEwoApompltQEEUzNjdjHLNQCgRdePO7Xi
frpJQFTa6MK8fL0YZIb2evK09gErENEV6yyGP4T0G8maXvjoo2pPxoyGHTNrAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQU4jx9gNllI8oqWzD+ZaWkcHtE6w8wHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjcwMTY4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEH
AQH/BBYwFDASBAIAATAMAwQAZ4nAAwQAyjI0MA0GCSqGSIb3DQEBCwUAA4IBAQCi
yWILZqLqoXvmk9PWdTpAoo/jWWQwkzD4cOxwymlCu62ubOvDiDl5NGppS3dOvTgW
RHDjTaAfVTowb6KdS0HCLyO8tJOemV2ZzB3sFRlndPFgw/txyMIGuAiYgvfUGHSs
sA0SWVgEeuK0QTpdkORoa6fHDO0nIIgIiQUornjycYh3ilGw8QDuMgjLXj/A07Ci
sKwJ3rqyhGoTX6i2CHTrH0+QFRQEAktWv6OJAl7thGbmBH2Xh7NPtDRqDCpKJDpJ
6mjnfsMmWh3joRJaZKm/AGPXrOwZzE1va6AnH3HSEQjrEZOMmZh1vds8fEDB7Xru
65t3LUMlacNZHBYRc9Aj
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:09:17 2025 by rpki-client