Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS36231.roa
File: AS36231.roa (raw, json)
Hash identifier: c9RSj9GvM3XzmMA0hPGVogJllMATAeF35nJjfL5nrsk=
Subject key identifier: AB:D5:A5:E7:6B:1C:DE:F8:23:C6:1B:D8:D4:BE:BA:B6:FB:6B:04:E1
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 1787D2004BDCFDBCBF19E1DAB90CB20987F1E27D
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS36231.roa
Signing time: Fri 13 Mar 2026 20:02:58 +0000
ROA not before: Fri 13 Mar 2026 19:57:58 +0000
ROA not after: Fri 12 Mar 2027 20:02:58 +0000
asID: 36231
IP address blocks: 2a0a:6040:7107::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 14:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:87:d2:00:4b:dc:fd:bc:bf:19:e1:da:b9:0c:b2:09:87:f1:e2:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Mar 13 19:57:58 2026 GMT
Not After : Mar 12 20:02:58 2027 GMT
Subject: CN=ABD5A5E76B1CDEF823C61BD8D4BEBAB6FB6B04E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:54:a5:15:c7:1d:41:ae:7b:39:e9:c7:03:5d:
6a:15:08:25:9d:db:7d:73:84:b1:87:3e:5a:42:fe:
50:9a:f2:34:a0:56:ae:a7:52:13:9b:86:d8:36:5a:
9d:be:7e:c2:1e:8a:54:8c:11:4f:a1:f2:bd:60:a8:
9c:9c:ef:cd:0c:c0:e3:03:6d:9c:58:d9:e3:5d:7e:
cd:0c:d8:af:ac:38:ec:94:97:7a:ed:cf:a3:6d:72:
e4:13:bc:a4:42:78:4b:28:fa:7e:67:9c:4f:c8:29:
01:4a:3b:c1:b4:b1:a3:25:9f:e8:72:5a:08:c2:1b:
5b:59:95:4c:17:35:a7:74:c8:9d:eb:bf:47:42:d9:
55:cf:0e:12:69:f4:89:f0:3e:28:34:88:a5:09:a7:
07:1b:ba:11:68:fb:4f:8a:3b:5f:d7:a7:b2:e5:56:
4f:ae:6f:0a:a8:91:42:a1:66:4d:2f:5f:ae:b9:a1:
9c:aa:23:6f:a3:a4:d2:26:71:ce:c0:74:27:cd:e3:
ff:96:c0:1d:81:53:f7:c6:41:de:dd:1f:c5:3d:89:
d2:7f:be:e9:5b:09:9e:86:3a:89:51:5f:bc:6f:a1:
12:a8:aa:23:dd:8d:24:98:4c:eb:8a:78:a6:0d:8c:
c6:8b:38:b7:97:1c:fa:ba:d0:da:51:99:2b:64:2e:
a9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D5:A5:E7:6B:1C:DE:F8:23:C6:1B:D8:D4:BE:BA:B6:FB:6B:04:E1
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS36231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6040:7107::/48
Signature Algorithm: sha256WithRSAEncryption
a5:da:1f:7b:55:cd:a1:e6:2c:c0:5c:d3:63:80:3c:9e:1c:2a:
6c:5a:af:f2:e3:0d:c1:3a:8f:cc:63:11:e9:39:4a:de:7f:4a:
38:0c:e7:7c:20:26:e4:55:88:62:c5:23:c9:43:7a:2a:6f:f9:
09:67:2d:52:96:8e:7a:14:eb:19:6b:f6:3f:ca:7d:02:4d:96:
b7:9c:62:69:b0:02:ef:ba:cf:b4:c6:9f:d1:b2:b3:f5:aa:24:
61:72:bd:12:56:53:db:42:1c:aa:78:23:f9:e6:e7:7a:82:d3:
35:d4:ad:57:ff:6d:fc:a2:6f:bc:e3:28:d4:48:dc:71:48:83:
82:34:63:6d:aa:e7:0b:7a:3a:42:17:c5:39:93:89:dc:46:f2:
98:2e:f4:f2:e6:cc:ca:e0:81:ed:dc:e6:7b:88:52:b0:01:7b:
9d:a0:3c:ee:89:fb:72:43:7a:14:73:56:f5:65:11:10:69:f9:
b6:55:10:80:38:b8:fb:7b:08:7a:4f:2c:6a:80:bf:56:45:b9:
41:47:c5:68:1e:1a:c6:86:d0:bc:1d:ba:54:ed:6d:fc:b4:05:
33:fd:51:99:c5:85:4c:b4:47:af:7d:b4:86:de:ce:b5:94:95:
5e:43:7b:aa:e5:44:91:0d:a2:72:ae:ef:e1:ae:11:a0:3f:6b:
95:1c:97:ac
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUF4fSAEvc/by/GeHauQyyCYfx4n0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjAzMTMxOTU3NThaFw0yNzAzMTIyMDAyNThaMDMxMTAvBgNV
BAMTKEFCRDVBNUU3NkIxQ0RFRjgyM0M2MUJEOEQ0QkVCQUI2RkI2QjA0RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZVKUVxx1Brns56ccDXWoVCCWd
231zhLGHPlpC/lCa8jSgVq6nUhObhtg2Wp2+fsIeilSMEU+h8r1gqJyc780MwOMD
bZxY2eNdfs0M2K+sOOyUl3rtz6NtcuQTvKRCeEso+n5nnE/IKQFKO8G0saMln+hy
WgjCG1tZlUwXNad0yJ3rv0dC2VXPDhJp9InwPig0iKUJpwcbuhFo+0+KO1/Xp7Ll
Vk+ubwqokUKhZk0vX665oZyqI2+jpNImcc7AdCfN4/+WwB2BU/fGQd7dH8U9idJ/
vulbCZ6GOolRX7xvoRKoqiPdjSSYTOuKeKYNjMaLOLeXHPq60NpRmStkLql9AgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUq9Wl52sc3vgjxhvY1L66tvtrBOEwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MzYyMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwAqCmBAcQcwDQYJKoZIhvcNAQELBQADggEBAKXaH3tV
zaHmLMBc02OAPJ4cKmxar/LjDcE6j8xjEek5St5/SjgM53wgJuRViGLFI8lDeipv
+QlnLVKWjnoU6xlr9j/KfQJNlrecYmmwAu+6z7TGn9Gys/WqJGFyvRJWU9tCHKp4
I/nm53qC0zXUrVf/bfyib7zjKNRI3HFIg4I0Y22q5wt6OkIXxTmTidxG8pgu9PLm
zMrgge3c5nuIUrABe52gPO6J+3JDehRzVvVlERBp+bZVEIA4uPt7CHpPLGqAv1ZF
uUFHxWgeGsaG0LwdulTtbfy0BTP9UZnFhUy0R699tIbezrWUlV5De6rlRJENonKu
7+GuEaA/a5Ucl6w=
-----END CERTIFICATE-----
Generated at Sat Mar 21 17:52:02 2026 by rpki-client