Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS214150.roa
File: AS214150.roa (raw, json)
Hash identifier: CJw3KmcYOFXR3A4UNln8eusS4z2/lkkcOJb1daV4nD0=
Subject key identifier: 68:FD:67:D6:9F:C7:AB:72:5C:1C:0F:6A:77:FF:27:7F:32:43:77:90
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 2EB730F48D2806926CD25A6297F200BFABFE7091
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS214150.roa
Signing time: Wed 16 Apr 2025 13:20:47 +0000
ROA not before: Wed 16 Apr 2025 13:15:47 +0000
ROA not after: Wed 15 Apr 2026 13:20:47 +0000
asID: 214150
IP address blocks: 103.137.193.0/24 maxlen: 24
103.204.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 00:46:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:b7:30:f4:8d:28:06:92:6c:d2:5a:62:97:f2:00:bf:ab:fe:70:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Apr 16 13:15:47 2025 GMT
Not After : Apr 15 13:20:47 2026 GMT
Subject: CN=68FD67D69FC7AB725C1C0F6A77FF277F32437790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:94:1d:64:ce:fe:2d:84:f1:26:de:5a:b4:3b:
cd:6b:a7:26:56:c3:0c:5e:5a:c6:8f:a2:f9:a2:2e:
ef:47:27:f1:6e:a2:9f:23:87:ad:a5:d8:e5:2a:57:
f9:69:f3:e6:ef:39:72:52:61:6e:8a:ab:7d:aa:b3:
80:7e:5b:99:91:d5:ac:11:a0:b4:57:1d:22:b8:01:
34:39:90:99:f3:f6:df:b3:1c:23:33:3b:28:23:98:
c1:f7:3d:70:5b:40:a1:a2:b7:94:59:2e:89:e7:7b:
8d:96:f2:62:bc:bf:fa:02:32:1f:11:a0:da:6d:89:
34:74:6d:e3:dd:09:de:e6:80:eb:ae:81:43:f6:54:
6d:f7:be:a5:e6:b3:d1:26:45:24:4b:ab:b9:01:53:
98:f0:e5:66:6b:07:f7:b1:ee:7b:0c:7a:df:dc:7c:
f7:06:0b:87:8a:4c:e4:96:0e:f8:d6:f9:ed:42:ac:
d9:57:f2:db:22:8c:92:9a:26:2b:3a:84:94:94:22:
01:4b:00:c6:7a:2b:35:a1:46:6a:16:14:06:34:6d:
7a:36:b7:3a:de:6e:66:69:39:ae:9a:87:83:d3:d0:
2a:2a:67:e5:a5:8c:f5:a3:a0:d1:80:2e:ce:1b:13:
c0:63:c4:33:fc:cd:3f:29:90:a5:4e:77:4a:bc:33:
06:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FD:67:D6:9F:C7:AB:72:5C:1C:0F:6A:77:FF:27:7F:32:43:77:90
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS214150.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.137.193.0/24
103.204.194.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:5f:5f:36:e8:93:9e:79:b0:cc:d4:d7:7a:a0:65:0e:e0:63:
d2:de:63:38:f1:aa:e7:6c:58:86:4b:a7:ad:21:ae:c5:92:0c:
2b:59:f9:85:ba:6e:08:c1:af:d1:d2:5d:cd:d0:15:59:81:24:
5b:34:7f:67:ca:b3:96:d0:37:d2:54:74:be:db:4a:7c:6b:70:
67:47:d4:f1:40:88:0e:e6:08:b2:56:23:d4:70:af:08:dc:78:
d8:d0:6e:6f:d6:5b:22:68:b4:ce:18:4a:fe:2a:0f:be:11:f8:
f0:b8:69:ce:bd:da:7b:56:96:c2:39:04:8d:06:a4:d3:d1:6b:
82:19:02:99:cb:3b:b3:7b:0f:36:4c:79:d9:40:26:75:73:49:
3f:97:2b:46:e1:c8:45:f2:60:62:20:f0:a6:07:12:87:5f:4f:
e8:96:3a:0f:aa:cf:5e:18:03:04:46:16:71:de:a9:fa:58:b7:
c4:28:03:9f:e1:89:eb:4e:7a:5e:d5:1b:ba:89:e8:3a:ce:d7:
d4:26:50:26:0c:d8:af:87:0d:81:3f:e6:99:ff:a2:37:82:93:
7c:8b:8e:ba:26:04:54:b3:84:bc:17:01:ba:ba:b3:60:f6:64:
c1:6f:92:96:4b:2e:7d:7e:19:be:73:7c:6a:1d:d0:b1:d0:67:
d3:6c:39:9a
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIULrcw9I0oBpJs0lpil/IAv6v+cJEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNTA0MTYxMzE1NDdaFw0yNjA0MTUxMzIwNDdaMDMxMTAvBgNV
BAMTKDY4RkQ2N0Q2OUZDN0FCNzI1QzFDMEY2QTc3RkYyNzdGMzI0Mzc3OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUlB1kzv4thPEm3lq0O81rpyZW
wwxeWsaPovmiLu9HJ/Fuop8jh62l2OUqV/lp8+bvOXJSYW6Kq32qs4B+W5mR1awR
oLRXHSK4ATQ5kJnz9t+zHCMzOygjmMH3PXBbQKGit5RZLonne42W8mK8v/oCMh8R
oNptiTR0bePdCd7mgOuugUP2VG33vqXms9EmRSRLq7kBU5jw5WZrB/ex7nsMet/c
fPcGC4eKTOSWDvjW+e1CrNlX8tsijJKaJis6hJSUIgFLAMZ6KzWhRmoWFAY0bXo2
tzrebmZpOa6ah4PT0CoqZ+WljPWjoNGALs4bE8BjxDP8zT8pkKVOd0q8MwaXAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUaP1n1p/Hq3JcHA9qd/8nfzJDd5AwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjE0MTUwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEH
AQH/BBYwFDASBAIAATAMAwQAZ4nBAwQAZ8zCMA0GCSqGSIb3DQEBCwUAA4IBAQDC
X1826JOeebDM1Nd6oGUO4GPS3mM48arnbFiGS6etIa7FkgwrWfmFum4Iwa/R0l3N
0BVZgSRbNH9nyrOW0DfSVHS+20p8a3BnR9TxQIgO5giyViPUcK8I3HjY0G5v1lsi
aLTOGEr+Kg++EfjwuGnOvdp7VpbCOQSNBqTT0WuCGQKZyzuzew82THnZQCZ1c0k/
lytG4chF8mBiIPCmBxKHX0/oljoPqs9eGAMERhZx3qn6WLfEKAOf4YnrTnpe1Ru6
ieg6ztfUJlAmDNivhw2BP+aZ/6I3gpN8i466JgRUs4S8FwG6urNg9mTBb5KWSy59
fhm+c3xqHdCx0GfTbDma
-----END CERTIFICATE-----
Generated at Sun Apr 27 07:06:13 2025 by rpki-client