Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS204406.roa
File: AS204406.roa (raw, json)
Hash identifier: 8IcuPNFjyoYHQnFWjQvIcgESleEtZg1H8OafXxgV7GI=
Subject key identifier: 23:3A:98:4B:F8:E5:AF:95:88:F8:69:09:19:3B:8D:6D:ED:3C:75:58
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 525CB7A5E1E15E61356AB4FF870EE567E5B5082E
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS204406.roa
Signing time: Thu 04 Jun 2026 15:58:47 +0000
ROA not before: Thu 04 Jun 2026 15:53:47 +0000
ROA not after: Thu 03 Jun 2027 15:58:47 +0000
asID: 204406
IP address blocks: 2a06:a005:1660::/44 maxlen: 48
2a06:a005:1c90::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:5c:b7:a5:e1:e1:5e:61:35:6a:b4:ff:87:0e:e5:67:e5:b5:08:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jun 4 15:53:47 2026 GMT
Not After : Jun 3 15:58:47 2027 GMT
Subject: CN=233A984BF8E5AF9588F86909193B8D6DED3C7558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a4:c7:1d:ff:91:8b:5b:55:48:b3:ad:a2:b2:
74:2c:00:66:53:7a:04:de:ca:7b:76:52:2a:a8:d3:
96:f0:b6:c6:9f:c3:0e:96:dc:88:7e:82:ef:4b:97:
f5:e4:b7:88:6d:c2:e0:ac:03:ac:10:ee:ab:11:d2:
1f:09:75:70:c2:b2:00:5a:43:10:ce:ff:6d:f1:1e:
79:d8:95:e2:97:21:de:21:b9:b5:7f:d9:27:a7:f6:
bd:0e:30:c7:3e:45:32:ad:4e:27:24:e2:33:3a:d0:
30:d9:65:6d:2b:9d:7c:4b:fb:24:56:b7:57:40:4a:
0c:5a:38:70:0b:fc:a5:84:73:ea:35:d4:4a:cf:e5:
e7:a4:b6:52:08:57:20:65:24:84:58:b8:f5:06:81:
c0:1b:87:82:37:80:e8:2c:da:f7:de:c9:89:a4:01:
33:48:3f:d0:df:e5:00:16:c7:64:f8:e4:3d:0a:ee:
7e:45:e8:04:2c:15:29:db:85:c2:cb:f7:1f:8c:17:
ef:7b:58:12:ff:6f:e8:66:a6:f6:48:79:98:fd:8c:
65:07:97:f3:53:11:d0:35:2e:7e:2b:31:9d:0e:35:
1e:31:9d:23:ae:af:92:b8:6e:1f:00:f4:e2:89:bf:
54:6f:82:6b:e1:8f:b8:7d:08:39:28:95:02:12:31:
ba:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:3A:98:4B:F8:E5:AF:95:88:F8:69:09:19:3B:8D:6D:ED:3C:75:58
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS204406.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1660::/44
2a06:a005:1c90::/44
Signature Algorithm: sha256WithRSAEncryption
c0:6b:a6:67:4d:4b:74:0f:2c:dd:79:83:4a:8e:c8:35:9f:e3:
bd:e9:d0:25:84:69:7f:cf:6f:aa:8e:7f:9b:ba:f4:5e:ea:1c:
19:81:63:68:65:41:08:fa:3e:c3:b7:51:97:77:1a:8c:d5:0d:
e0:ee:44:dd:8a:59:6c:f9:4b:7f:69:6e:e8:41:ae:94:d8:98:
2d:79:83:44:56:40:f8:b8:a8:fd:15:51:98:d7:28:f3:51:30:
ee:95:37:53:02:9a:52:04:9d:9a:1a:07:d2:39:e4:db:01:87:
b8:1d:c2:ee:b4:c2:fa:01:57:6f:3d:99:70:df:ec:68:51:e3:
27:79:03:f9:84:99:1e:57:6a:4c:14:9d:10:6b:30:80:a1:1b:
3f:65:ce:ab:48:52:f6:b3:52:eb:90:6b:8b:47:56:f9:aa:7a:
8d:05:30:04:9e:f6:29:52:1f:52:93:05:66:68:ad:b5:00:02:
f7:5e:dc:9c:fe:25:46:50:52:62:ed:01:33:9d:3f:91:54:55:
93:9d:b0:62:28:f4:51:49:1f:fb:01:9f:1f:b1:c1:4c:14:82:
c9:26:b2:27:5b:a1:0b:92:c4:28:55:41:ac:5d:bf:21:76:90:
70:b9:37:1d:cd:3b:9d:c3:ac:73:6c:ff:91:50:4d:3f:3e:59:
8f:25:f9:ac
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUUly3peHhXmE1arT/hw7lZ+W1CC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNDdaFw0yNzA2MDMxNTU4NDdaMDMxMTAvBgNV
BAMTKDIzM0E5ODRCRjhFNUFGOTU4OEY4NjkwOTE5M0I4RDZERUQzQzc1NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCupMcd/5GLW1VIs62isnQsAGZT
egTeynt2Uiqo05bwtsafww6W3Ih+gu9Ll/Xkt4htwuCsA6wQ7qsR0h8JdXDCsgBa
QxDO/23xHnnYleKXId4hubV/2Sen9r0OMMc+RTKtTick4jM60DDZZW0rnXxL+yRW
t1dASgxaOHAL/KWEc+o11ErP5eektlIIVyBlJIRYuPUGgcAbh4I3gOgs2vfeyYmk
ATNIP9Df5QAWx2T45D0K7n5F6AQsFSnbhcLL9x+MF+97WBL/b+hmpvZIeZj9jGUH
l/NTEdA1Ln4rMZ0ONR4xnSOur5K4bh8A9OKJv1Rvgmvhj7h9CDkolQISMbqzAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUIzqYS/jlr5WI+GkJGTuNbe08dVgwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjA0NDA2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcEKgagBRZgAwcEKgagBRyQMA0GCSqGSIb3DQEBCwUA
A4IBAQDAa6ZnTUt0DyzdeYNKjsg1n+O96dAlhGl/z2+qjn+buvRe6hwZgWNoZUEI
+j7Dt1GXdxqM1Q3g7kTdills+Ut/aW7oQa6U2JgteYNEVkD4uKj9FVGY1yjzUTDu
lTdTAppSBJ2aGgfSOeTbAYe4HcLutML6AVdvPZlw3+xoUeMneQP5hJkeV2pMFJ0Q
azCAoRs/Zc6rSFL2s1LrkGuLR1b5qnqNBTAEnvYpUh9SkwVmaK21AAL3Xtyc/iVG
UFJi7QEznT+RVFWTnbBiKPRRSR/7AZ8fscFMFILJJrInW6ELksQoVUGsXb8hdpBw
uTcdzTudw6xzbP+RUE0/PlmPJfms
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:25:51 2026 by rpki-client