Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS47689.roa
File: AS47689.roa (raw, json)
Hash identifier: OxH+v8llRDuxEmou/Ix5iX0QkJxzHPq4Xo8vpK1xGzA=
Subject key identifier: CE:8D:7C:43:17:B5:67:61:E4:01:95:CB:2C:10:86:DA:A4:56:46:9E
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 70C1EBB6FAC053A46C4ACEF3882A5D3341ACF86E
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS47689.roa
Signing time: Thu 03 Jul 2025 15:52:08 +0000
ROA not before: Thu 03 Jul 2025 15:47:08 +0000
ROA not after: Thu 02 Jul 2026 15:52:08 +0000
asID: 47689
IP address blocks: 2a06:a005:a18::/45 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:c1:eb:b6:fa:c0:53:a4:6c:4a:ce:f3:88:2a:5d:33:41:ac:f8:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 3 15:47:08 2025 GMT
Not After : Jul 2 15:52:08 2026 GMT
Subject: CN=CE8D7C4317B56761E40195CB2C1086DAA456469E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4f:d3:56:46:2a:1d:41:b8:8c:59:7c:7f:18:
03:01:6a:6f:c6:2b:0a:b3:ce:7b:2b:75:9a:32:54:
55:a9:4c:21:f6:d7:2b:70:3b:51:16:a2:3d:26:11:
2f:ad:12:93:a6:c0:c3:43:4e:b3:49:77:23:95:ff:
72:88:f9:2a:09:50:2c:14:1d:20:f6:61:e0:9b:18:
1c:88:fa:0b:70:74:b2:bb:c5:32:96:e7:05:ce:49:
0f:27:c0:4e:7f:9a:bb:c1:18:f9:8d:95:bb:19:48:
ee:a8:f6:91:57:61:05:72:ef:82:a6:2d:21:58:5f:
d1:ef:82:16:73:94:d9:5a:9e:30:f4:1f:37:1b:cc:
7d:88:49:57:02:85:ed:6f:85:70:55:91:62:f3:d2:
59:62:b9:cc:a2:c5:1f:55:50:37:77:87:c7:81:d5:
c1:3e:e6:bf:e8:c9:6b:51:9a:cf:1b:96:a9:85:99:
ea:ac:10:a9:f8:b6:1c:28:ed:ac:74:58:66:34:42:
c8:e6:62:69:22:6f:a8:1a:1f:16:60:30:b4:cc:5a:
40:79:0c:bb:ab:71:f5:41:a2:c4:b6:78:86:47:be:
f0:3b:35:15:ae:92:5c:44:fa:24:32:2c:e2:c7:64:
c0:bd:1a:42:dc:e2:3c:ab:f8:eb:44:02:c4:a5:c4:
0f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:8D:7C:43:17:B5:67:61:E4:01:95:CB:2C:10:86:DA:A4:56:46:9E
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS47689.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:a18::/45
Signature Algorithm: sha256WithRSAEncryption
00:3b:51:a3:4c:2e:2d:2e:e3:50:3d:f5:fb:7a:b6:a3:27:6c:
8c:74:01:38:dc:14:cd:86:2f:68:e2:3b:58:a3:f7:4b:27:e6:
0a:dd:bf:f1:17:89:2e:25:70:af:7d:4d:84:a3:35:25:5f:8b:
e9:e3:51:4a:9e:14:48:b3:42:13:b6:41:fa:09:9e:63:25:bc:
4a:01:47:f9:37:82:a4:4a:cc:79:db:19:89:5b:2b:33:27:9f:
6e:f9:27:5c:77:86:3f:ec:d9:9b:06:cf:14:13:0e:00:8c:14:
4d:ce:53:cb:21:7e:a0:c6:bb:90:4b:41:bb:d3:9d:54:6e:3e:
a9:87:bc:6a:aa:05:78:46:77:82:0d:68:db:33:33:7e:6b:05:
cd:97:e7:74:ed:aa:b8:b7:a8:c6:88:8c:b7:c1:30:d5:4a:0e:
e2:c1:fa:78:d1:2e:df:8a:cc:5c:f3:40:13:87:bc:3d:72:76:
ee:dc:b5:d5:d4:ee:5f:ad:9d:67:67:7e:c5:a3:b9:d6:8e:4f:
b2:2e:aa:87:a3:e9:57:fa:f0:61:97:dd:5a:4d:b9:1f:9e:e8:
a9:f3:95:bc:11:57:78:d8:2e:e4:5e:dc:6d:41:45:cb:56:39:
04:95:eb:b7:b2:1b:df:f8:8a:82:96:c5:34:78:23:71:e5:53:
2b:31:41:7c
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUcMHrtvrAU6RsSs7ziCpdM0Gs+G4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MDhaFw0yNjA3MDIxNTUyMDhaMDMxMTAvBgNV
BAMTKENFOEQ3QzQzMTdCNTY3NjFFNDAxOTVDQjJDMTA4NkRBQTQ1NjQ2OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZT9NWRiodQbiMWXx/GAMBam/G
KwqzznsrdZoyVFWpTCH21ytwO1EWoj0mES+tEpOmwMNDTrNJdyOV/3KI+SoJUCwU
HSD2YeCbGByI+gtwdLK7xTKW5wXOSQ8nwE5/mrvBGPmNlbsZSO6o9pFXYQVy74Km
LSFYX9HvghZzlNlanjD0HzcbzH2ISVcChe1vhXBVkWLz0lliucyixR9VUDd3h8eB
1cE+5r/oyWtRms8blqmFmeqsEKn4thwo7ax0WGY0QsjmYmkib6gaHxZgMLTMWkB5
DLurcfVBosS2eIZHvvA7NRWuklxE+iQyLOLHZMC9GkLc4jyr+OtEAsSlxA91AgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUzo18Qxe1Z2HkAZXLLBCG2qRWRp4wHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
NDc2ODkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwMqBqAFChgwDQYJKoZIhvcNAQELBQADggEBAAA7UaNM
Li0u41A99ft6tqMnbIx0ATjcFM2GL2jiO1ij90sn5grdv/EXiS4lcK99TYSjNSVf
i+njUUqeFEizQhO2QfoJnmMlvEoBR/k3gqRKzHnbGYlbKzMnn275J1x3hj/s2ZsG
zxQTDgCMFE3OU8shfqDGu5BLQbvTnVRuPqmHvGqqBXhGd4INaNszM35rBc2X53Tt
qri3qMaIjLfBMNVKDuLB+njRLt+KzFzzQBOHvD1ydu7ctdXU7l+tnWdnfsWjudaO
T7Iuqoej6Vf68GGX3VpNuR+e6KnzlbwRV3jYLuRe3G1BRctWOQSV67eyG9/4ioKW
xTR4I3HlUysxQXw=
-----END CERTIFICATE-----
Generated at Fri Jul 4 22:12:56 2025 by rpki-client