This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS58212.roa
File:                     AS58212.roa (raw, json)
Hash identifier:          Ylj7poOMvhiwF3SaBb7itEWDIkRNByY0yYlNRJ+2ndk=
Subject key identifier:   82:E2:FB:E5:3C:4D:3A:05:B0:DC:72:C5:84:84:8E:BF:C6:F2:CD:AC
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       51E2CFDAC88CF8797E970E474D4091A84FE27C10
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS58212.roa
Signing time:             Mon 05 Jan 2026 19:18:24 +0000
ROA not before:           Mon 05 Jan 2026 19:13:24 +0000
ROA not after:            Mon 04 Jan 2027 19:18:24 +0000
asID:                     58212
IP address blocks:        2a05:dfc7::/32 maxlen: 48
                          2a06:a000::/32 maxlen: 48
                          2a0d:d907::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 Jan 2026 12:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:e2:cf:da:c8:8c:f8:79:7e:97:0e:47:4d:40:91:a8:4f:e2:7c:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jan  5 19:13:24 2026 GMT
            Not After : Jan  4 19:18:24 2027 GMT
        Subject: CN=82E2FBE53C4D3A05B0DC72C584848EBFC6F2CDAC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:3a:7d:d7:ca:0e:58:7e:ef:a8:7b:cc:e1:f7:
                    1b:4b:da:d4:8b:d0:60:6c:f5:8f:8e:be:1f:b3:d7:
                    33:60:63:95:78:77:cf:ce:7c:38:72:0b:ed:43:ab:
                    51:4f:70:dc:8c:ec:26:ed:29:a9:50:2a:24:c7:e6:
                    c9:1d:0f:f1:1a:1e:08:d8:1b:c8:d3:94:a3:da:6d:
                    25:e1:dc:76:ef:88:2d:c3:1f:77:58:23:f4:a6:8e:
                    51:ce:d6:04:0a:13:18:ee:17:76:33:c4:80:aa:ce:
                    46:3e:19:0d:d7:ad:08:5a:e7:ed:ac:c9:64:81:2b:
                    00:9e:f5:f6:5a:a4:73:42:f1:d0:d4:78:7c:1a:ee:
                    5e:a3:c5:b5:3c:e0:11:a4:3f:fa:33:2d:40:9b:0e:
                    b6:e1:aa:61:c4:20:56:d5:f7:92:e6:41:ca:cb:0b:
                    04:09:d5:21:d2:4d:d4:22:f9:a2:a2:49:9d:c7:6e:
                    71:cf:87:6d:04:05:73:00:85:0a:f6:6f:74:f5:91:
                    23:3f:f0:29:3a:ad:33:e4:86:2f:e9:38:a8:01:5f:
                    74:51:73:30:ca:7a:f4:67:34:ac:f9:79:5f:91:23:
                    a7:54:96:d0:82:35:6a:22:ac:46:82:7d:35:bd:64:
                    2f:7c:2b:91:1b:a1:4f:30:a7:e0:59:7e:dc:48:97:
                    c8:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:E2:FB:E5:3C:4D:3A:05:B0:DC:72:C5:84:84:8E:BF:C6:F2:CD:AC
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS58212.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc7::/32
                  2a06:a000::/32
                  2a0d:d907::/32

    Signature Algorithm: sha256WithRSAEncryption
         7f:26:a5:76:04:4c:0c:74:2e:0e:db:4f:7d:dc:0b:6d:9e:60:
         38:00:07:6e:ea:9f:df:36:e0:16:db:89:5d:22:df:3f:26:ad:
         ec:e3:9e:65:f4:4c:d3:39:0f:d3:40:18:d8:81:bb:6f:b1:b3:
         2a:9e:72:99:17:5d:bd:82:12:49:43:2b:bb:ee:72:c6:12:2c:
         ad:89:bc:d9:41:8b:70:6f:00:63:9f:30:87:a9:f8:fd:e5:b1:
         d2:1f:52:99:4a:23:a8:bc:f7:04:eb:77:af:ab:5a:90:b0:1a:
         4e:3d:c5:ce:2b:71:a8:50:5e:0f:cd:c9:07:1c:3c:b3:f2:be:
         3d:70:df:4c:96:01:3c:b9:2e:c6:4e:80:fe:7b:31:fa:af:f2:
         e2:8b:ee:9c:0c:90:5a:a2:3b:52:8b:c3:1d:39:98:5a:94:45:
         ea:96:8f:ac:8c:4c:81:6d:ef:12:a1:f8:20:0c:88:d1:13:93:
         d4:76:e7:bc:00:cc:c2:85:d4:fe:e1:88:42:b1:da:a0:bd:1a:
         12:50:ca:58:0a:66:ba:40:d4:c7:1c:d2:7a:c8:59:42:c6:a1:
         27:3f:10:54:4d:58:93:fd:06:8a:4f:98:2d:38:d6:cf:48:f2:
         a9:a4:c4:b7:bc:cf:a8:47:5c:49:9b:52:74:60:75:35:ff:c3:
         10:71:95:b5
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIUUeLP2siM+Hl+lw5HTUCRqE/ifBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjAxMDUxOTEzMjRaFw0yNzAxMDQxOTE4MjRaMDMxMTAvBgNV
BAMTKDgyRTJGQkU1M0M0RDNBMDVCMERDNzJDNTg0ODQ4RUJGQzZGMkNEQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBOn3Xyg5Yfu+oe8zh9xtL2tSL
0GBs9Y+Ovh+z1zNgY5V4d8/OfDhyC+1Dq1FPcNyM7CbtKalQKiTH5skdD/EaHgjY
G8jTlKPabSXh3HbviC3DH3dYI/SmjlHO1gQKExjuF3YzxICqzkY+GQ3XrQha5+2s
yWSBKwCe9fZapHNC8dDUeHwa7l6jxbU84BGkP/ozLUCbDrbhqmHEIFbV95LmQcrL
CwQJ1SHSTdQi+aKiSZ3HbnHPh20EBXMAhQr2b3T1kSM/8Ck6rTPkhi/pOKgBX3RR
czDKevRnNKz5eV+RI6dUltCCNWoirEaCfTW9ZC98K5EboU8wp+BZftxIl8h9AgMB
AAGjggH9MIIB+TAdBgNVHQ4EFgQUguL75TxNOgWw3HLFhISOv8byzawwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
NTgyMTIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcB
Af8EHzAdMBsEAgACMBUDBQAqBd/HAwUAKgagAAMFACoN2QcwDQYJKoZIhvcNAQEL
BQADggEBAH8mpXYETAx0Lg7bT33cC22eYDgAB27qn9824BbbiV0i3z8mrezjnmX0
TNM5D9NAGNiBu2+xsyqecpkXXb2CEklDK7vucsYSLK2JvNlBi3BvAGOfMIep+P3l
sdIfUplKI6i89wTrd6+rWpCwGk49xc4rcahQXg/NyQccPLPyvj1w30yWATy5LsZO
gP57Mfqv8uKL7pwMkFqiO1KLwx05mFqUReqWj6yMTIFt7xKh+CAMiNETk9R257wA
zMKF1P7hiEKx2qC9GhJQylgKZrpA1Mcc0nrIWULGoSc/EFRNWJP9BopPmC041s9I
8qmkxLe8z6hHXEmbUnRgdTX/wxBxlbU=
-----END CERTIFICATE-----