Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214150.roa
File: AS214150.roa (raw, json)
Hash identifier: Cl+SMdkKt8fTFxjDDuKP/Fds3nXJq/CUYj+nJDKwFG8=
Subject key identifier: 07:D5:22:C2:94:E8:E9:9B:93:3E:53:92:A0:21:A9:37:94:A5:F7:18
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 1DBCF559F54A554906EA76549950B699463C60C5
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214150.roa
Signing time: Fri 31 Oct 2025 19:03:07 +0000
ROA not before: Fri 31 Oct 2025 18:58:07 +0000
ROA not after: Fri 30 Oct 2026 19:03:07 +0000
asID: 214150
IP address blocks: 103.204.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:bc:f5:59:f5:4a:55:49:06:ea:76:54:99:50:b6:99:46:3c:60:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Oct 31 18:58:07 2025 GMT
Not After : Oct 30 19:03:07 2026 GMT
Subject: CN=07D522C294E8E99B933E5392A021A93794A5F718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a4:a4:12:78:20:cb:ef:8b:5b:e7:9d:7b:81:
1b:1a:51:cf:c7:b9:eb:17:06:90:3c:ce:1c:5b:00:
38:ee:e3:42:1e:0b:11:1c:e2:c8:d6:9b:18:67:89:
eb:4a:56:4e:bf:d7:4e:f4:57:f3:c8:46:01:27:5d:
2f:6e:93:65:c2:ab:09:29:43:61:1f:9d:f3:85:39:
f8:27:2b:ed:fe:9e:e5:b6:4f:cc:cf:06:01:ed:90:
79:1d:9f:e0:5f:df:77:c6:6e:84:d3:d0:59:dd:c7:
5e:bb:37:28:e9:af:73:a0:87:fc:07:da:9c:10:b0:
96:8c:e5:44:d7:30:21:79:08:ee:f4:14:d9:d2:77:
79:fa:b8:d1:a5:82:cd:c6:a3:ba:12:52:9d:88:74:
da:8c:15:5c:7d:d0:fb:9e:f9:4a:cf:f9:96:c7:34:
12:0c:9e:26:43:72:58:f5:6d:95:59:3b:7f:6e:0a:
19:9a:29:15:18:93:e8:2c:64:25:88:fa:a4:10:92:
18:c0:28:ce:bd:cf:63:f0:b3:88:94:c0:73:22:d8:
16:3c:d3:6c:4f:05:16:c0:0f:0d:b7:4d:ae:e1:57:
64:47:23:2b:a1:8b:7d:f1:36:2e:30:c3:1c:83:a7:
2d:dc:f8:0b:8c:f9:6d:7b:c4:94:ea:c9:ef:c3:d7:
e0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D5:22:C2:94:E8:E9:9B:93:3E:53:92:A0:21:A9:37:94:A5:F7:18
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS214150.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.204.194.0/24
Signature Algorithm: sha256WithRSAEncryption
21:e8:d0:20:b4:46:af:ca:43:cf:b2:af:d8:d3:75:6b:21:bd:
ed:0b:27:ad:74:3a:8f:74:46:37:ef:46:5c:a7:23:8b:e8:90:
24:e6:c2:c0:6d:1b:a3:a7:59:50:df:ad:94:64:28:a6:c1:72:
ad:08:6d:ed:36:58:bf:af:16:7a:5a:66:df:d3:49:54:8f:ff:
e7:69:e9:2b:3f:2b:59:fc:63:09:f2:79:a0:e3:b9:3b:33:04:
b2:ee:b9:71:7d:1b:46:27:0b:8e:dd:6e:8d:90:a7:63:6e:18:
ab:96:28:07:7f:04:92:f7:77:59:70:48:3c:63:3d:96:0a:42:
4f:9d:d6:5f:d0:9d:1c:11:b3:60:70:4b:b4:5d:3b:72:48:d3:
35:a8:31:c3:ca:ce:be:f8:40:14:5f:be:5c:89:48:7f:e7:71:
a3:ed:c1:47:91:d0:4a:59:1d:db:70:f3:8a:e5:fa:7f:bb:a0:
d0:bc:f9:c3:87:70:c1:3c:92:ab:63:d3:0e:81:3a:66:a9:0a:
c8:d9:29:a7:b1:e2:de:e3:15:be:a4:3e:c6:bf:63:3c:78:e7:
10:80:54:18:6a:e0:4a:68:a9:0c:94:e3:62:f2:9b:48:bf:35:
6d:cc:4e:83:68:4e:96:1a:2b:72:8a:0f:df:e5:68:f2:fe:7b:
f1:f2:08:06
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUHbz1WfVKVUkG6nZUmVC2mUY8YMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTEwMzExODU4MDdaFw0yNjEwMzAxOTAzMDdaMDMxMTAvBgNV
BAMTKDA3RDUyMkMyOTRFOEU5OUI5MzNFNTM5MkEwMjFBOTM3OTRBNUY3MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMpKQSeCDL74tb5517gRsaUc/H
uesXBpA8zhxbADju40IeCxEc4sjWmxhnietKVk6/1070V/PIRgEnXS9uk2XCqwkp
Q2EfnfOFOfgnK+3+nuW2T8zPBgHtkHkdn+Bf33fGboTT0Fndx167Nyjpr3Ogh/wH
2pwQsJaM5UTXMCF5CO70FNnSd3n6uNGlgs3Go7oSUp2IdNqMFVx90Pue+UrP+ZbH
NBIMniZDclj1bZVZO39uChmaKRUYk+gsZCWI+qQQkhjAKM69z2Pws4iUwHMi2BY8
02xPBRbADw23Ta7hV2RHIyuhi33xNi4wwxyDpy3c+AuM+W17xJTqye/D1+BVAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUB9UiwpTo6ZuTPlOSoCGpN5Sl9xgwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjE0MTUwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAZ8zCMA0GCSqGSIb3DQEBCwUAA4IBAQAh6NAgtEav
ykPPsq/Y03VrIb3tCyetdDqPdEY370ZcpyOL6JAk5sLAbRujp1lQ362UZCimwXKt
CG3tNli/rxZ6Wmbf00lUj//naekrPytZ/GMJ8nmg47k7MwSy7rlxfRtGJwuO3W6N
kKdjbhirligHfwSS93dZcEg8Yz2WCkJPndZf0J0cEbNgcEu0XTtySNM1qDHDys6+
+EAUX75ciUh/53Gj7cFHkdBKWR3bcPOK5fp/u6DQvPnDh3DBPJKrY9MOgTpmqQrI
2SmnseLe4xW+pD7Gv2M8eOcQgFQYauBKaKkMlONi8ptIvzVtzE6DaE6WGityig/f
5Wjy/nvx8ggG
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:54:23 2025 by rpki-client