Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS204931.roa
File: AS204931.roa (raw, json)
Hash identifier: cIE++k3Sw6jVYKstMnRQLs3fUaCc/xZo48w9g5VkE1Y=
Subject key identifier: C0:22:C4:92:5D:93:C4:85:4B:2D:FE:82:1A:A0:45:80:EC:81:80:49
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 5A2A1816D59BCEBB6E72F9823DC5EB5AB4CE8E90
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS204931.roa
Signing time: Thu 04 Jun 2026 15:58:53 +0000
ROA not before: Thu 04 Jun 2026 15:53:53 +0000
ROA not after: Thu 03 Jun 2027 15:58:53 +0000
asID: 204931
IP address blocks: 2a06:a005:2bc0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:2a:18:16:d5:9b:ce:bb:6e:72:f9:82:3d:c5:eb:5a:b4:ce:8e:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jun 4 15:53:53 2026 GMT
Not After : Jun 3 15:58:53 2027 GMT
Subject: CN=C022C4925D93C4854B2DFE821AA04580EC818049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:dd:7b:da:88:67:a2:8d:57:5b:90:5c:f9:bc:
78:ec:6a:c1:b0:78:fa:f1:52:9b:47:14:6c:ee:43:
f3:83:16:63:8f:a7:36:a2:72:f6:95:cc:65:14:4c:
32:0d:cf:fa:78:df:4e:b3:14:f9:98:03:a0:d3:4b:
d5:a2:a2:45:c1:5e:77:5c:23:8f:89:d8:eb:8d:23:
a2:49:e0:30:08:f3:5c:14:35:e2:10:d4:bf:2d:58:
44:5b:52:25:a4:12:b1:74:e3:f9:05:ec:1c:03:32:
0f:8b:82:1c:b0:c6:bc:2e:14:d4:b0:0c:9c:ef:6e:
d9:5b:9b:92:7d:50:e9:40:68:f2:bf:4c:1d:7f:38:
ed:01:de:2b:b8:8a:ae:5a:89:b3:73:86:5e:9f:89:
bc:f8:18:c3:11:d8:04:b8:a6:24:ec:dc:b2:e5:dd:
c4:3c:65:b4:66:5e:26:03:30:87:97:d8:fd:a7:b3:
8f:23:38:0f:cd:f8:4f:b8:c2:73:0b:07:82:21:27:
ac:e5:2a:47:a9:4c:64:2b:ad:be:8f:b0:7a:85:83:
5f:fe:a5:5c:20:14:2e:2d:39:f3:90:91:5c:5c:91:
9d:0e:74:d9:92:fe:3b:1d:67:0d:6a:31:59:6a:39:
69:0a:bb:65:76:85:6e:3d:16:57:ab:ba:59:e7:e2:
78:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:22:C4:92:5D:93:C4:85:4B:2D:FE:82:1A:A0:45:80:EC:81:80:49
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS204931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:2bc0::/44
Signature Algorithm: sha256WithRSAEncryption
1a:86:28:7d:8f:35:9f:4a:4a:81:4f:04:db:1e:08:26:11:e6:
93:92:98:a8:12:bb:e5:76:23:e1:4c:8e:de:b9:08:19:90:a9:
22:a2:7f:f3:01:2c:e8:65:00:ad:0c:88:49:cd:df:20:12:06:
7b:66:d1:da:bd:38:e5:bd:de:cd:f2:50:16:e1:0f:3e:71:c0:
5f:ba:d6:ca:95:e5:72:06:45:c5:42:e4:c9:a9:cd:84:0e:e8:
eb:cb:69:21:22:6d:58:25:a6:b3:ec:b6:a2:4c:fe:a2:98:18:
65:65:bf:07:71:fb:23:e0:43:dc:0d:61:cf:9b:b9:8a:5e:42:
21:eb:9f:bb:c9:74:9d:ad:81:05:5b:32:fb:88:6f:58:2b:bf:
d5:11:ef:d5:57:c1:1a:5c:0d:29:7d:75:30:1b:bf:60:d3:57:
9a:ab:22:58:a6:10:9a:81:86:29:b7:b5:f1:21:9e:7d:63:94:
71:73:1a:1d:8c:80:64:3c:78:a1:96:ea:c6:53:c4:48:fc:07:
cf:b5:8d:06:1b:ce:b5:7f:c8:f8:3f:e1:c6:1d:80:a8:68:ff:
28:0d:7d:f7:77:22:1c:fc:ea:53:ed:f7:9c:34:67:c4:8d:0e:
c7:03:7b:ff:60:8a:19:11:62:83:fc:8d:ab:f5:b8:77:01:ad:
5d:e3:58:0d
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUWioYFtWbzrtucvmCPcXrWrTOjpAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNTNaFw0yNzA2MDMxNTU4NTNaMDMxMTAvBgNV
BAMTKEMwMjJDNDkyNUQ5M0M0ODU0QjJERkU4MjFBQTA0NTgwRUM4MTgwNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCG3XvaiGeijVdbkFz5vHjsasGw
ePrxUptHFGzuQ/ODFmOPpzaicvaVzGUUTDINz/p4306zFPmYA6DTS9WiokXBXndc
I4+J2OuNI6JJ4DAI81wUNeIQ1L8tWERbUiWkErF04/kF7BwDMg+LghywxrwuFNSw
DJzvbtlbm5J9UOlAaPK/TB1/OO0B3iu4iq5aibNzhl6fibz4GMMR2AS4piTs3LLl
3cQ8ZbRmXiYDMIeX2P2ns48jOA/N+E+4wnMLB4IhJ6zlKkepTGQrrb6PsHqFg1/+
pVwgFC4tOfOQkVxckZ0OdNmS/jsdZw1qMVlqOWkKu2V2hW49Flerulnn4nhfAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUwCLEkl2TxIVLLf6CGqBFgOyBgEkwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjA0OTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSvAMA0GCSqGSIb3DQEBCwUAA4IBAQAahih9
jzWfSkqBTwTbHggmEeaTkpioErvldiPhTI7euQgZkKkion/zASzoZQCtDIhJzd8g
EgZ7ZtHavTjlvd7N8lAW4Q8+ccBfutbKleVyBkXFQuTJqc2EDujry2khIm1YJaaz
7LaiTP6imBhlZb8Hcfsj4EPcDWHPm7mKXkIh65+7yXSdrYEFWzL7iG9YK7/VEe/V
V8EaXA0pfXUwG79g01eaqyJYphCagYYpt7XxIZ59Y5RxcxodjIBkPHihlurGU8RI
/AfPtY0GG861f8j4P+HGHYCoaP8oDX33dyIc/OpT7fecNGfEjQ7HA3v/YIoZEWKD
/I2r9bh3Aa1d41gN
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:43:26 2026 by rpki-client