Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS199840.roa
File: AS199840.roa (raw, json)
Hash identifier: QeHwFrdOIATCO1G+E7wh/uChFdaQjLxy/P8x++TXvR4=
Subject key identifier: 4A:46:AB:C0:DB:BA:F0:17:FA:E0:1B:A6:A8:B4:A7:58:56:70:17:3C
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 6A5D378900783165ACEDA0B826CB181B7634E233
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS199840.roa
Signing time: Thu 04 Jun 2026 15:58:53 +0000
ROA not before: Thu 04 Jun 2026 15:53:53 +0000
ROA not after: Thu 03 Jun 2027 15:58:53 +0000
asID: 199840
IP address blocks: 2a06:a005:d20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:5d:37:89:00:78:31:65:ac:ed:a0:b8:26:cb:18:1b:76:34:e2:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jun 4 15:53:53 2026 GMT
Not After : Jun 3 15:58:53 2027 GMT
Subject: CN=4A46ABC0DBBAF017FAE01BA6A8B4A7585670173C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fd:99:4d:4a:73:50:0f:05:93:95:7c:f1:ad:
14:7d:90:40:c4:7a:a9:2f:2e:ce:32:8c:b0:03:b5:
8f:32:b7:3a:d8:fa:5f:44:ae:c1:13:20:bd:12:38:
a5:cf:68:21:2d:a5:06:d3:48:33:78:f7:da:ef:55:
49:cb:08:50:d8:53:24:e5:17:03:7f:df:e5:17:0a:
10:f5:92:a8:56:de:52:cd:c2:f1:40:a4:19:eb:a5:
d6:c9:b9:b2:22:f3:2a:18:ac:d8:ca:71:77:83:cf:
55:d9:d5:d0:e7:8a:96:0d:05:f7:c2:0a:d9:78:a3:
b8:29:81:2a:9d:63:52:a9:61:eb:ca:4d:0f:73:a1:
c7:e0:29:26:46:0e:35:87:21:b7:59:88:09:e6:1c:
d4:d3:63:1f:db:a0:8e:3b:1e:f7:93:60:33:d1:82:
35:4e:eb:0a:06:0b:ad:29:b6:c7:ee:ea:48:7e:5d:
6c:0a:c9:ec:77:bb:52:de:06:48:9e:a0:2f:7b:50:
3a:60:5d:ca:8b:00:6a:0b:32:29:f7:7d:d0:1b:f4:
36:c3:34:c3:4e:ee:77:a2:7d:20:7d:1a:1f:ca:48:
87:2a:3a:83:74:55:01:e2:01:c6:c1:f4:41:10:fe:
76:43:8b:9b:1e:e7:a2:d3:c8:58:c5:05:37:2e:9a:
13:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:46:AB:C0:DB:BA:F0:17:FA:E0:1B:A6:A8:B4:A7:58:56:70:17:3C
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS199840.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:d20::/48
Signature Algorithm: sha256WithRSAEncryption
b1:40:1b:84:a3:38:d1:0e:70:1a:2a:d5:3e:6b:fb:00:8a:5d:
c2:4c:32:12:42:c6:f9:9d:b6:08:f9:d4:ca:88:61:f4:15:dc:
45:41:d5:fe:de:ef:5d:0a:05:3a:b2:e2:ce:f4:73:09:b2:52:
4c:bd:c6:2e:ca:b1:ca:05:2b:f7:d2:d7:a7:85:d1:6c:2d:a5:
ee:78:21:48:75:0a:c6:6a:ac:5c:2e:2e:95:fa:d7:04:b5:68:
4b:e5:9f:15:f0:ca:04:f2:6f:5a:7e:84:5a:06:61:ce:eb:99:
bf:f5:43:e4:ac:4f:1e:1c:bd:85:5f:0c:de:ca:98:91:0a:50:
1e:8a:40:48:2e:e9:3f:44:34:e2:22:e7:21:3b:78:3b:22:86:
83:76:2b:39:82:c7:d0:12:72:62:0a:c6:b9:cc:15:a9:93:19:
fb:da:09:17:85:d5:48:ff:fb:d0:53:af:56:6f:b7:4a:20:14:
c8:f3:6d:5c:8e:19:39:f5:07:97:37:06:1f:d0:67:3c:4e:48:
a8:58:97:df:c1:a1:ed:6b:d9:f8:3c:1c:5a:67:93:6c:94:3f:
94:09:ae:ce:cd:20:43:a0:94:d5:33:72:f1:70:8e:5f:36:07:
ca:71:9b:41:1b:58:e6:47:03:93:76:9a:0c:ad:e2:9a:33:93:
4f:94:da:96
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUal03iQB4MWWs7aC4JssYG3Y04jMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNTNaFw0yNzA2MDMxNTU4NTNaMDMxMTAvBgNV
BAMTKDRBNDZBQkMwREJCQUYwMTdGQUUwMUJBNkE4QjRBNzU4NTY3MDE3M0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo/ZlNSnNQDwWTlXzxrRR9kEDE
eqkvLs4yjLADtY8ytzrY+l9ErsETIL0SOKXPaCEtpQbTSDN499rvVUnLCFDYUyTl
FwN/3+UXChD1kqhW3lLNwvFApBnrpdbJubIi8yoYrNjKcXeDz1XZ1dDnipYNBffC
Ctl4o7gpgSqdY1KpYevKTQ9zocfgKSZGDjWHIbdZiAnmHNTTYx/boI47HveTYDPR
gjVO6woGC60ptsfu6kh+XWwKyex3u1LeBkieoC97UDpgXcqLAGoLMin3fdAb9DbD
NMNO7neifSB9Gh/KSIcqOoN0VQHiAcbB9EEQ/nZDi5se56LTyFjFBTcumhNnAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUSkarwNu68Bf64BumqLSnWFZwFzwwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MTk5ODQwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQ0gMA0GCSqGSIb3DQEBCwUAA4IBAQCxQBuE
ozjRDnAaKtU+a/sAil3CTDISQsb5nbYI+dTKiGH0FdxFQdX+3u9dCgU6suLO9HMJ
slJMvcYuyrHKBSv30tenhdFsLaXueCFIdQrGaqxcLi6V+tcEtWhL5Z8V8MoE8m9a
foRaBmHO65m/9UPkrE8eHL2FXwzeypiRClAeikBILuk/RDTiIuchO3g7IoaDdis5
gsfQEnJiCsa5zBWpkxn72gkXhdVI//vQU69Wb7dKIBTI821cjhk59QeXNwYf0Gc8
TkioWJffwaHta9n4PBxaZ5NslD+UCa7OzSBDoJTVM3LxcI5fNgfKcZtBG1jmRwOT
dpoMreKaM5NPlNqW
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:07 2026 by rpki-client