Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209735.roa
File: AS209735.roa (raw, json)
Hash identifier: yqyUFxLgxqjIyPmAh4fDELLecc/akA5tGOwpyrv1eZc=
Subject key identifier: CE:00:9B:0D:DF:65:CA:BD:72:0D:B7:D4:64:9C:A2:06:0B:F6:E2:4E
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 1077B57AB0F1EFDA6EC527C1FCC0090B71400D0A
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209735.roa
Signing time: Mon 12 May 2025 22:49:02 +0000
ROA not before: Mon 12 May 2025 22:44:02 +0000
ROA not after: Mon 11 May 2026 22:49:02 +0000
asID: 209735
IP address blocks: 103.146.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 15:44:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:77:b5:7a:b0:f1:ef:da:6e:c5:27:c1:fc:c0:09:0b:71:40:0d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: May 12 22:44:02 2025 GMT
Not After : May 11 22:49:02 2026 GMT
Subject: CN=CE009B0DDF65CABD720DB7D4649CA2060BF6E24E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:82:3b:46:31:66:ad:43:f6:5f:11:ed:9e:cb:
d7:31:77:75:6b:56:27:5d:d3:94:ea:96:28:ea:8e:
d5:01:a7:d3:c4:56:7a:e9:1d:f9:79:fb:be:68:bb:
48:c8:97:f8:ce:ad:b9:c1:45:24:5d:fa:2e:b4:d8:
ab:27:b8:e8:71:98:3a:56:fe:69:74:83:4d:ec:1c:
2a:65:ea:3c:36:3f:22:8c:85:67:30:66:db:68:c8:
bd:d0:e0:21:db:cb:33:76:ff:62:e1:a3:23:2d:d8:
bd:83:20:49:69:fd:e5:f9:09:da:9d:22:01:18:16:
bd:6f:49:7d:3d:da:e8:c7:a9:76:26:ee:07:a2:1c:
94:f5:85:cd:a1:23:7b:da:17:85:92:e9:e2:11:99:
bf:3a:44:5d:d9:90:d7:05:e0:18:9b:dd:68:79:c1:
9d:16:75:91:18:a6:69:2a:48:a9:56:6f:09:4d:0b:
14:8f:77:d0:59:1b:5a:a0:93:15:9a:c9:1e:6e:d2:
1a:be:3b:af:c7:e1:76:35:e3:36:c7:18:68:2e:89:
a3:91:c1:10:d7:b9:64:93:d1:e1:29:03:d6:6e:e6:
39:eb:9a:06:4d:74:c4:a7:bf:8f:ae:1f:3e:c0:b3:
1a:73:07:93:ee:de:67:54:8b:80:32:09:49:40:6e:
ca:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:00:9B:0D:DF:65:CA:BD:72:0D:B7:D4:64:9C:A2:06:0B:F6:E2:4E
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS209735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.146.103.0/24
Signature Algorithm: sha256WithRSAEncryption
30:30:3e:98:9a:71:a2:af:80:98:75:0f:df:40:f0:cb:66:e7:
30:27:09:0e:65:c7:bd:78:7e:24:85:c4:79:97:fe:91:7e:49:
4e:af:65:8e:04:e8:cd:b3:2d:e3:08:f2:02:97:14:08:63:01:
9d:39:4a:46:a4:67:51:aa:4b:d3:aa:b8:83:ed:41:c9:23:79:
db:df:73:9b:30:5e:01:52:f7:22:f4:38:1b:3a:14:2b:66:5f:
64:89:66:a0:bf:f4:65:5d:09:4e:7d:ad:23:ed:13:00:dc:4d:
b3:21:58:9d:a8:c2:8e:74:a4:52:16:fe:59:c5:06:e6:d6:0e:
1f:43:7a:08:8e:0b:4c:c6:5f:ee:66:27:6d:c9:a9:a5:f2:bc:
82:87:e2:e8:41:98:c7:24:74:8f:2e:09:bd:0b:21:b2:cc:76:
4a:b8:03:80:92:53:d5:58:ed:f5:9a:b3:40:9d:8d:d1:16:ac:
4b:a9:ab:56:b4:83:a6:d0:b9:35:71:fd:13:d8:da:3f:0d:bd:
93:c3:5c:79:25:89:d6:1f:3b:18:73:18:1a:5e:af:df:51:08:
b6:a6:da:62:57:c2:29:18:0b:ea:ee:c6:04:1f:4f:9c:cc:15:
32:33:09:ca:aa:ab:c0:ae:8e:ed:88:6b:8a:6d:cb:76:76:0f:
07:47:19:5a
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUEHe1erDx79puxSfB/MAJC3FADQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNTA1MTIyMjQ0MDJaFw0yNjA1MTEyMjQ5MDJaMDMxMTAvBgNV
BAMTKENFMDA5QjBEREY2NUNBQkQ3MjBEQjdENDY0OUNBMjA2MEJGNkUyNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCugjtGMWatQ/ZfEe2ey9cxd3Vr
Vidd05TqlijqjtUBp9PEVnrpHfl5+75ou0jIl/jOrbnBRSRd+i602KsnuOhxmDpW
/ml0g03sHCpl6jw2PyKMhWcwZttoyL3Q4CHbyzN2/2LhoyMt2L2DIElp/eX5Cdqd
IgEYFr1vSX092ujHqXYm7geiHJT1hc2hI3vaF4WS6eIRmb86RF3ZkNcF4Bib3Wh5
wZ0WdZEYpmkqSKlWbwlNCxSPd9BZG1qgkxWayR5u0hq+O6/H4XY14zbHGGguiaOR
wRDXuWST0eEpA9Zu5jnrmgZNdMSnv4+uHz7AsxpzB5Pu3mdUi4AyCUlAbsoTAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUzgCbDd9lyr1yDbfUZJyiBgv24k4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA5NzM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAZ5JnMA0GCSqGSIb3DQEBCwUAA4IBAQAwMD6YmnGi
r4CYdQ/fQPDLZucwJwkOZce9eH4khcR5l/6RfklOr2WOBOjNsy3jCPIClxQIYwGd
OUpGpGdRqkvTqriD7UHJI3nb33ObMF4BUvci9DgbOhQrZl9kiWagv/RlXQlOfa0j
7RMA3E2zIVidqMKOdKRSFv5ZxQbm1g4fQ3oIjgtMxl/uZidtyaml8ryCh+LoQZjH
JHSPLgm9CyGyzHZKuAOAklPVWO31mrNAnY3RFqxLqatWtIOm0Lk1cf0T2No/Db2T
w1x5JYnWHzsYcxgaXq/fUQi2ptpiV8IpGAvq7sYEH0+czBUyMwnKqqvAro7tiGuK
bct2dg8HRxla
-----END CERTIFICATE-----
Generated at Mon Jun 16 00:05:38 2025 by rpki-client