Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS150249.roa
File: AS150249.roa (raw, json)
Hash identifier: ePXP/jM+LVuskE3+E3nwOFGsC64WlHZRvt306hcBVm0=
Subject key identifier: CB:C9:92:9D:AA:BA:12:A1:A5:AA:3F:18:19:DC:4D:C3:35:C8:A2:A2
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 624C7D0D3FBC4D2671938F5CFF951CC363A808D4
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS150249.roa
Signing time: Thu 04 Jun 2026 15:58:49 +0000
ROA not before: Thu 04 Jun 2026 15:53:49 +0000
ROA not after: Thu 03 Jun 2027 15:58:49 +0000
asID: 150249
IP address blocks: 2a06:9f44::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:4c:7d:0d:3f:bc:4d:26:71:93:8f:5c:ff:95:1c:c3:63:a8:08:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jun 4 15:53:49 2026 GMT
Not After : Jun 3 15:58:49 2027 GMT
Subject: CN=CBC9929DAABA12A1A5AA3F1819DC4DC335C8A2A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c8:71:26:b1:b3:0e:3f:6e:2b:35:0c:67:45:
ff:33:d6:44:d6:a6:2f:0d:7b:e8:e8:67:0b:11:95:
3f:65:e5:cd:b9:f6:c5:91:af:ce:d4:13:ae:ca:c7:
9a:d6:99:15:f7:6a:d3:b0:35:cb:da:fe:67:89:93:
8f:cd:94:68:34:98:df:95:bf:f8:ae:2f:69:cf:33:
6c:90:86:33:d3:da:05:a1:84:5d:19:be:e1:3c:ee:
5f:06:2b:b3:37:17:4b:ae:15:1c:1b:f3:61:3e:1e:
46:94:83:5f:a2:15:1b:18:c0:13:fc:87:10:c2:ad:
f6:c2:d0:a7:84:79:b0:5e:07:35:5f:80:5a:a8:e0:
a1:47:a1:bb:b1:35:9c:da:a5:3b:dd:8c:99:7b:4c:
d5:b2:7d:b1:f5:74:dd:55:fa:66:52:36:c1:5d:9d:
af:01:06:5a:28:06:cb:0e:9a:3c:6e:ef:c9:94:a9:
77:ab:c1:cc:39:34:2f:3e:59:6d:7d:24:b7:77:cd:
85:cb:1c:a7:9a:a0:f9:1e:07:94:06:9b:a9:27:43:
9a:d9:d9:27:7d:75:ca:e7:e7:7a:6c:f6:36:66:98:
89:bd:ab:3b:f9:77:73:7f:9a:89:e1:0e:3f:a7:6b:
34:be:18:20:d2:63:4f:47:67:b9:90:d3:91:bd:2f:
05:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C9:92:9D:AA:BA:12:A1:A5:AA:3F:18:19:DC:4D:C3:35:C8:A2:A2
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS150249.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9f44::/32
Signature Algorithm: sha256WithRSAEncryption
7b:9b:be:43:e7:60:e1:31:c0:53:67:ae:fe:58:02:d9:bd:e3:
c3:c5:a2:17:23:2d:51:30:e2:c4:3c:22:df:25:23:92:8a:0d:
73:7b:65:8f:b1:cf:e2:a1:f2:70:ec:11:05:e7:2f:4b:48:42:
a2:0c:de:81:7a:03:11:0b:fd:9b:90:41:e7:35:11:2a:82:84:
52:1b:95:4e:72:6b:de:3f:09:ca:b8:89:0a:9b:54:1b:1c:f2:
bd:38:b2:4a:32:f3:74:20:2c:bf:94:3a:76:cf:67:aa:53:8b:
56:fa:af:c7:42:5d:7a:31:ea:99:01:b4:ef:0a:ec:38:ee:8a:
95:b0:a0:98:76:87:03:7c:4b:52:fc:32:31:2f:6f:3f:48:20:
26:e5:5d:a8:22:a0:7e:e9:49:7a:12:5c:c6:3e:1a:e7:42:b2:
34:94:d8:94:88:67:4b:76:88:5e:78:1f:83:4e:43:a7:b6:16:
2a:1d:36:9f:1a:17:c7:ec:18:d1:e2:e3:9e:1f:a1:8f:27:f7:
c8:d3:f7:48:58:c1:13:2a:1b:dc:ee:c4:a5:b6:bf:e7:7e:0e:
ec:e5:d3:9d:90:09:11:fe:6a:b9:fc:ae:ac:46:23:02:a6:03:
86:e4:a8:3a:42:82:a7:a7:11:e8:ac:b9:bf:d0:26:fb:c0:4f:
01:56:13:9b
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUYkx9DT+8TSZxk49c/5Ucw2OoCNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNDlaFw0yNzA2MDMxNTU4NDlaMDMxMTAvBgNV
BAMTKENCQzk5MjlEQUFCQTEyQTFBNUFBM0YxODE5REM0REMzMzVDOEEyQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhyHEmsbMOP24rNQxnRf8z1kTW
pi8Ne+joZwsRlT9l5c259sWRr87UE67Kx5rWmRX3atOwNcva/meJk4/NlGg0mN+V
v/iuL2nPM2yQhjPT2gWhhF0ZvuE87l8GK7M3F0uuFRwb82E+HkaUg1+iFRsYwBP8
hxDCrfbC0KeEebBeBzVfgFqo4KFHobuxNZzapTvdjJl7TNWyfbH1dN1V+mZSNsFd
na8BBlooBssOmjxu78mUqXerwcw5NC8+WW19JLd3zYXLHKeaoPkeB5QGm6knQ5rZ
2Sd9dcrn53ps9jZmmIm9qzv5d3N/monhDj+nazS+GCDSY09HZ7mQ05G9LwWpAgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQUy8mSnaq6EqGlqj8YGdxNwzXIoqIwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MTUwMjQ5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKgafRDANBgkqhkiG9w0BAQsFAAOCAQEAe5u+Q+dg
4THAU2eu/lgC2b3jw8WiFyMtUTDixDwi3yUjkooNc3tlj7HP4qHycOwRBecvS0hC
ogzegXoDEQv9m5BB5zURKoKEUhuVTnJr3j8JyriJCptUGxzyvTiySjLzdCAsv5Q6
ds9nqlOLVvqvx0JdejHqmQG07wrsOO6KlbCgmHaHA3xLUvwyMS9vP0ggJuVdqCKg
fulJehJcxj4a50KyNJTYlIhnS3aIXngfg05Dp7YWKh02nxoXx+wY0eLjnh+hjyf3
yNP3SFjBEyob3O7Epba/534O7OXTnZAJEf5qufyurEYjAqYDhuSoOkKCp6cR6Ky5
v9Am+8BPAVYTmw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:25:52 2026 by rpki-client