Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS203686.roa
File: AS203686.roa (raw, json)
Hash identifier: QdyOKpxsOgS5zHLDAk40Cqw8E/3pjG8Fh8A6NU3TFlQ=
Subject key identifier: 0A:60:CE:A8:47:43:E9:10:72:ED:3D:4B:FB:D9:DF:22:15:C7:B8:A6
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 18CB50856384972FA481892556DB5772BC1E5F82
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS203686.roa
Signing time: Thu 04 Jun 2026 15:58:53 +0000
ROA not before: Thu 04 Jun 2026 15:53:53 +0000
ROA not after: Thu 03 Jun 2027 15:58:53 +0000
asID: 203686
IP address blocks: 2a06:9f44:f120::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:cb:50:85:63:84:97:2f:a4:81:89:25:56:db:57:72:bc:1e:5f:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jun 4 15:53:53 2026 GMT
Not After : Jun 3 15:58:53 2027 GMT
Subject: CN=0A60CEA84743E91072ED3D4BFBD9DF2215C7B8A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6f:01:99:b2:45:af:62:b3:28:db:db:4c:7d:
3e:e5:7b:19:17:68:e2:89:02:be:3f:5f:91:20:db:
fe:9c:d3:e0:33:38:e7:7a:72:0c:af:7f:07:ca:7f:
db:64:cd:53:ae:ac:fe:d1:80:c4:23:9a:c1:20:e8:
6a:cf:37:41:3b:5c:31:2c:1a:b5:db:46:2e:b9:62:
e0:ec:a7:68:7e:46:d9:3f:89:23:d3:9b:29:d1:aa:
b4:e1:b0:c3:75:18:d1:5f:66:d9:ae:03:5b:fd:17:
89:9e:26:f1:60:8e:25:36:0f:85:c6:4a:69:14:4d:
52:b5:1e:02:55:f9:3d:e1:78:69:0b:c0:72:f6:88:
ef:1e:ce:53:35:fd:c5:85:15:92:a3:cb:44:a2:19:
29:65:34:32:bb:c6:44:9f:05:28:9a:ef:81:8c:19:
f2:9c:ac:e8:fd:08:8b:46:9f:cd:fe:e6:2f:8a:8f:
2d:8a:74:53:b5:10:7c:76:89:36:c0:e0:ef:68:ce:
5b:06:7b:5d:60:d4:c1:db:ca:89:58:67:41:ee:48:
c3:52:77:c5:5d:3a:d4:49:83:56:03:c0:ab:3d:f7:
b4:4a:d2:5f:41:6c:31:7f:7e:d1:22:38:81:dd:fc:
4d:7c:f7:66:74:38:cd:05:5a:4f:bc:3a:73:b6:54:
8c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:60:CE:A8:47:43:E9:10:72:ED:3D:4B:FB:D9:DF:22:15:C7:B8:A6
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS203686.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9f44:f120::/44
Signature Algorithm: sha256WithRSAEncryption
81:18:14:2c:f1:0e:4b:68:47:16:34:e7:4b:e5:b2:45:a7:1a:
73:9a:58:59:aa:d5:13:fd:a1:e4:eb:b9:e8:58:d8:ee:7e:c2:
a0:56:4f:36:78:c8:e8:50:aa:e7:03:d0:6c:58:d2:26:82:a8:
ba:c3:46:50:14:55:6d:40:6c:0d:ed:02:7a:bc:b4:bb:af:2b:
3f:6e:be:99:33:ce:58:e1:13:84:04:74:0b:7b:2c:fb:da:f1:
14:cf:a0:c4:d1:35:aa:2f:b9:db:51:75:93:c0:3e:0a:25:79:
f9:30:61:45:16:65:ac:cf:42:50:4c:38:db:fc:a8:f1:3a:e6:
6d:b5:01:54:e1:52:87:0e:8c:0a:00:1c:31:4f:05:4b:f9:0f:
3d:0c:58:d1:29:72:d1:11:84:10:67:df:9b:59:6d:68:7c:61:
ec:d0:1e:48:d6:5b:d4:f3:41:18:47:5f:3b:b9:fd:38:13:70:
de:ce:aa:bd:4b:b4:fa:ef:e1:24:3a:ed:a5:7c:80:06:8c:06:
4d:d7:70:c1:32:6e:cf:59:4a:9e:84:5b:68:09:70:13:47:68:
26:51:7b:dc:ba:80:c9:86:94:5e:d1:78:58:03:43:28:8b:0e:
9e:75:ea:43:5e:a0:9d:2e:fa:5d:44:68:b8:92:dd:d4:68:ad:
6e:f3:66:2b
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUGMtQhWOEly+kgYklVttXcrweX4IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNTNaFw0yNzA2MDMxNTU4NTNaMDMxMTAvBgNV
BAMTKDBBNjBDRUE4NDc0M0U5MTA3MkVEM0Q0QkZCRDlERjIyMTVDN0I4QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCybwGZskWvYrMo29tMfT7lexkX
aOKJAr4/X5Eg2/6c0+AzOOd6cgyvfwfKf9tkzVOurP7RgMQjmsEg6GrPN0E7XDEs
GrXbRi65YuDsp2h+Rtk/iSPTmynRqrThsMN1GNFfZtmuA1v9F4meJvFgjiU2D4XG
SmkUTVK1HgJV+T3heGkLwHL2iO8ezlM1/cWFFZKjy0SiGSllNDK7xkSfBSia74GM
GfKcrOj9CItGn83+5i+Kjy2KdFO1EHx2iTbA4O9ozlsGe11g1MHbyolYZ0HuSMNS
d8VdOtRJg1YDwKs997RK0l9BbDF/ftEiOIHd/E1892Z0OM0FWk+8OnO2VIyTAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUCmDOqEdD6RBy7T1L+9nfIhXHuKYwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjAzNjg2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgafRPEgMA0GCSqGSIb3DQEBCwUAA4IBAQCBGBQs
8Q5LaEcWNOdL5bJFpxpzmlhZqtUT/aHk67noWNjufsKgVk82eMjoUKrnA9BsWNIm
gqi6w0ZQFFVtQGwN7QJ6vLS7rys/br6ZM85Y4ROEBHQLeyz72vEUz6DE0TWqL7nb
UXWTwD4KJXn5MGFFFmWsz0JQTDjb/KjxOuZttQFU4VKHDowKABwxTwVL+Q89DFjR
KXLREYQQZ9+bWW1ofGHs0B5I1lvU80EYR187uf04E3Dezqq9S7T67+EkOu2lfIAG
jAZN13DBMm7PWUqehFtoCXATR2gmUXvcuoDJhpRe0XhYA0Moiw6edepDXqCdLvpd
RGi4kt3UaK1u82Yr
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:25:45 2026 by rpki-client