Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: aQ+PUjW55ETxl3AtoM0MNxLru4cBnYd/PybowC/h3w0=
Subject key identifier: 9B:A4:F9:76:83:6D:DF:CE:F1:07:7C:80:28:D2:CF:32:6F:A4:E0:81
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 1C81EABF77CEDFA51249F2D8E973BACDC2124E06
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS3320.roa
Signing time: Mon 15 Sep 2025 10:18:25 +0000
ROA not before: Mon 15 Sep 2025 10:13:25 +0000
ROA not after: Mon 14 Sep 2026 10:18:25 +0000
asID: 3320
IP address blocks: 81.31.210.0/23 maxlen: 24
185.195.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:81:ea:bf:77:ce:df:a5:12:49:f2:d8:e9:73:ba:cd:c2:12:4e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Sep 15 10:13:25 2025 GMT
Not After : Sep 14 10:18:25 2026 GMT
Subject: CN=9BA4F976836DDFCEF1077C8028D2CF326FA4E081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:08:76:c8:76:bf:13:3e:0d:09:eb:12:11:15:
30:f0:15:5d:e3:a5:24:f7:43:69:89:dc:e5:d6:d3:
c6:ea:19:ce:ad:86:fe:1f:53:97:12:ce:90:0f:60:
03:84:6b:26:4e:6d:3f:f8:fc:1c:8e:12:bc:6e:e8:
b8:e9:4d:df:45:31:eb:c8:58:e8:73:ab:e0:97:67:
3b:c1:c2:76:16:ed:52:23:f5:1a:fe:39:0d:ca:04:
f7:2b:38:8e:f9:67:b9:2e:15:a7:38:28:6c:9c:59:
fa:f4:d7:6c:f5:4f:44:30:df:0f:85:b5:4a:7d:bb:
67:b6:d1:cd:12:fd:4a:df:20:8d:53:c4:67:c0:9b:
03:bd:9e:94:e8:67:4a:51:88:41:fe:4d:57:0e:c5:
9a:6d:52:77:15:73:74:d9:0a:be:1a:2b:93:54:7d:
16:a1:79:b4:64:ca:0f:fe:5b:53:0a:e6:57:f7:8f:
fb:22:4e:08:54:63:95:93:df:27:b8:60:6a:25:81:
19:3e:71:df:91:0a:92:4f:75:0c:c5:ce:f4:f9:88:
ec:82:3d:0e:35:14:52:e3:f4:89:b4:80:22:15:0f:
da:16:9d:6a:ad:5f:5c:ab:b9:78:48:96:b5:5a:d4:
5a:89:12:af:5c:7a:4a:7d:3a:37:10:71:2e:fc:e6:
dc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A4:F9:76:83:6D:DF:CE:F1:07:7C:80:28:D2:CF:32:6F:A4:E0:81
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.210.0/23
185.195.239.0/24
Signature Algorithm: sha256WithRSAEncryption
74:3e:e5:56:fa:19:ea:48:c6:ab:13:fe:40:5c:be:f7:f5:4c:
74:69:f9:17:65:1f:48:14:7f:4e:bb:a5:64:e0:b1:e4:e2:5f:
2e:d9:b4:62:ad:3f:c6:dd:9b:71:a5:03:de:ee:a1:f5:c3:cb:
c8:50:91:4c:ed:9e:99:ee:8d:f2:18:cd:41:85:c5:18:b9:db:
09:c1:0e:37:d7:27:b7:28:41:61:9a:cf:69:29:46:9c:29:d4:
ce:05:4e:8d:34:f0:5e:43:42:de:f2:14:11:8b:f4:a0:fc:33:
42:bf:22:dd:c6:a8:3c:bc:83:16:b6:4c:62:23:79:c5:f2:30:
fd:2f:c9:63:5a:2b:6c:f1:89:f6:80:4f:c7:a1:f9:0d:e9:17:
f2:0a:73:71:1a:11:a4:8d:02:6e:1f:64:f8:aa:fa:42:b7:62:
44:82:47:9a:ae:b5:a3:7b:6b:00:19:96:91:09:7f:1d:96:9b:
f3:1c:a7:0f:d1:4f:21:bf:02:79:ba:18:b3:3b:6c:0e:74:e2:
17:70:83:2a:4d:58:25:ab:7b:57:2e:14:c0:fa:2b:47:1d:24:
78:f3:89:c7:8b:60:7d:ef:42:6b:54:67:bc:23:83:94:ae:48:
20:b5:fb:fb:74:c9:29:28:1d:47:69:8b:50:a7:06:8a:ef:da:
0c:34:bf:c8
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgIUHIHqv3fO36USSfLY6XO6zcISTgYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA5MTUxMDEzMjVaFw0yNjA5MTQxMDE4MjVaMDMxMTAvBgNV
BAMTKDlCQTRGOTc2ODM2RERGQ0VGMTA3N0M4MDI4RDJDRjMyNkZBNEUwODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpCHbIdr8TPg0J6xIRFTDwFV3j
pST3Q2mJ3OXW08bqGc6thv4fU5cSzpAPYAOEayZObT/4/ByOErxu6LjpTd9FMevI
WOhzq+CXZzvBwnYW7VIj9Rr+OQ3KBPcrOI75Z7kuFac4KGycWfr012z1T0Qw3w+F
tUp9u2e20c0S/UrfII1TxGfAmwO9npToZ0pRiEH+TVcOxZptUncVc3TZCr4aK5NU
fRahebRkyg/+W1MK5lf3j/siTghUY5WT3ye4YGolgRk+cd+RCpJPdQzFzvT5iOyC
PQ41FFLj9Im0gCIVD9oWnWqtX1yruXhIlrVa1FqJEq9cekp9OjcQcS785txPAgMB
AAGjggHzMIIB7zAdBgNVHQ4EFgQUm6T5doNt387xB3yAKNLPMm+k4IEwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBuBggrBgEF
BQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MzMyMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB
/wQWMBQwEgQCAAEwDAMEAVEf0gMEALnD7zANBgkqhkiG9w0BAQsFAAOCAQEAdD7l
VvoZ6kjGqxP+QFy+9/VMdGn5F2UfSBR/TrulZOCx5OJfLtm0Yq0/xt2bcaUD3u6h
9cPLyFCRTO2eme6N8hjNQYXFGLnbCcEON9cntyhBYZrPaSlGnCnUzgVOjTTwXkNC
3vIUEYv0oPwzQr8i3caoPLyDFrZMYiN5xfIw/S/JY1orbPGJ9oBPx6H5DekX8gpz
cRoRpI0Cbh9k+Kr6QrdiRIJHmq61o3trABmWkQl/HZab8xynD9FPIb8CeboYszts
DnTiF3CDKk1YJat7Vy4UwPorRx0kePOJx4tgfe9Ca1RnvCODlK5IILX7+3TJKSgd
R2mLUKcGiu/aDDS/yA==
-----END CERTIFICATE-----
Generated at Wed Oct 8 17:25:18 2025 by rpki-client