Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS216409.roa
File: AS216409.roa (raw, json)
Hash identifier: rjOSjjFtHbnJlLln2iY3G3ysSxlHzvsjLFMecQYKIc8=
Subject key identifier: 57:8B:5B:8D:55:73:E3:02:F8:3E:B5:98:37:01:0A:27:E5:C4:54:05
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 711B95A9A8030DF260224576FF3989D27806FE23
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS216409.roa
Signing time: Mon 13 Apr 2026 19:48:18 +0000
ROA not before: Mon 13 Apr 2026 19:43:18 +0000
ROA not after: Mon 12 Apr 2027 19:48:18 +0000
asID: 216409
IP address blocks: 89.39.210.0/24 maxlen: 24
94.24.109.0/24 maxlen: 24
153.76.123.0/24 maxlen: 24
168.222.240.0/24 maxlen: 24
206.53.2.0/24 maxlen: 24
206.53.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:1b:95:a9:a8:03:0d:f2:60:22:45:76:ff:39:89:d2:78:06:fe:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Apr 13 19:43:18 2026 GMT
Not After : Apr 12 19:48:18 2027 GMT
Subject: CN=578B5B8D5573E302F83EB59837010A27E5C45405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:57:4e:9e:07:50:35:fd:71:fd:87:6f:3a:60:
1e:0d:21:ac:bb:c2:8e:5c:7e:46:9d:12:e9:7d:79:
4e:36:7d:c5:fa:01:d2:f3:7d:4e:71:f1:a8:6a:a3:
8b:d1:ed:9e:b7:d4:7b:49:3d:c5:b9:9f:0e:7e:49:
b2:23:1b:c3:14:87:cf:67:d7:74:04:cf:0b:0a:f8:
ca:fa:d2:2e:f6:84:e4:ec:fd:36:a3:cb:e9:83:96:
9a:f2:55:e0:dc:29:50:27:3c:bc:a5:58:40:6a:01:
4e:d7:c3:a0:cb:10:52:2c:c4:26:97:3b:fd:db:f7:
76:b1:c5:5e:ee:da:d5:32:be:4f:08:03:81:9d:d8:
c9:c7:c6:fb:f8:73:77:43:0e:6c:15:16:99:30:38:
c6:82:f2:7e:7e:5e:b7:9c:d2:06:63:af:fb:9c:44:
9b:1e:15:ff:a9:11:c7:52:59:97:9a:4e:59:b8:95:
d2:8e:da:ee:4a:f0:65:db:8d:38:10:f4:7e:91:9d:
03:12:34:82:6f:21:70:77:d4:6b:89:87:81:e0:5b:
91:50:d0:e0:41:0d:ff:ed:9c:a0:cc:b3:1b:23:f0:
de:d3:fa:d3:3f:76:2f:72:2f:09:6f:ac:83:0c:2e:
5c:11:35:4b:6b:6f:d3:8d:4c:9b:76:e6:51:c3:59:
b9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:8B:5B:8D:55:73:E3:02:F8:3E:B5:98:37:01:0A:27:E5:C4:54:05
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS216409.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.210.0/24
94.24.109.0/24
153.76.123.0/24
168.222.240.0/24
206.53.2.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:49:ae:a8:6c:b9:c9:85:0b:bd:f7:6c:61:79:36:bc:d8:19:
f5:52:39:22:81:5c:80:08:08:0e:51:54:31:24:9a:cb:ba:7d:
bb:e0:3c:af:5d:55:95:7e:f4:5a:5f:e3:f6:9c:fb:08:ea:d8:
7c:b2:54:c3:f1:86:dc:e6:96:3d:9b:35:70:eb:d9:37:db:5f:
bf:50:cd:5b:f6:36:a4:14:4f:17:62:6e:3f:b5:15:af:98:39:
e4:f5:63:16:11:a2:22:83:10:0b:d5:88:89:96:5e:83:f7:44:
10:24:1a:7f:6c:1a:fd:e8:c2:4f:3a:6e:9d:05:45:e4:a4:7b:
86:49:a6:13:db:6d:89:94:1b:68:2a:f4:83:4c:be:0f:d5:f0:
49:e1:1e:02:8a:11:55:50:fa:34:21:d3:70:b0:31:17:83:8f:
43:19:6f:71:6f:72:fa:ad:2c:b8:92:4d:1c:73:64:e7:43:e1:
20:b4:43:19:47:8e:11:fc:5c:7c:54:1b:00:09:0e:00:d0:44:
66:65:f9:8e:cc:45:e8:3e:9f:95:32:b9:7a:82:ca:c8:7a:0d:
ca:43:33:92:66:ba:51:3e:a1:1e:4e:8e:70:ca:0c:8e:ef:6d:
20:80:33:45:87:d3:3a:96:71:7b:b4:2a:47:27:9d:bc:4c:ec:
85:73:45:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIUcRuVqagDDfJgIkV2/zmJ0ngG/iMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA0MTMxOTQzMThaFw0yNzA0MTIxOTQ4MThaMDMxMTAvBgNV
BAMTKDU3OEI1QjhENTU3M0UzMDJGODNFQjU5ODM3MDEwQTI3RTVDNDU0MDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEV06eB1A1/XH9h286YB4NIay7
wo5cfkadEul9eU42fcX6AdLzfU5x8ahqo4vR7Z631HtJPcW5nw5+SbIjG8MUh89n
13QEzwsK+Mr60i72hOTs/Tajy+mDlpryVeDcKVAnPLylWEBqAU7Xw6DLEFIsxCaX
O/3b93axxV7u2tUyvk8IA4Gd2MnHxvv4c3dDDmwVFpkwOMaC8n5+Xrec0gZjr/uc
RJseFf+pEcdSWZeaTlm4ldKO2u5K8GXbjTgQ9H6RnQMSNIJvIXB31GuJh4HgW5FQ
0OBBDf/tnKDMsxsj8N7T+tM/di9yLwlvrIMMLlwRNUtrb9ONTJt25lHDWbnfAgMB
AAGjggIHMIICAzAdBgNVHQ4EFgQUV4tbjVVz4wL4PrWYNwEKJ+XEVAUwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjE2NDA5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEH
AQH/BCgwJjAkBAIAATAeAwQAWSfSAwQAXhhtAwQAmUx7AwQAqN7wAwQBzjUCMA0G
CSqGSIb3DQEBCwUAA4IBAQCNSa6obLnJhQu992xheTa82Bn1UjkigVyACAgOUVQx
JJrLun274DyvXVWVfvRaX+P2nPsI6th8slTD8Ybc5pY9mzVw69k321+/UM1b9jak
FE8XYm4/tRWvmDnk9WMWEaIigxAL1YiJll6D90QQJBp/bBr96MJPOm6dBUXkpHuG
SaYT222JlBtoKvSDTL4P1fBJ4R4CihFVUPo0IdNwsDEXg49DGW9xb3L6rSy4kk0c
c2TnQ+EgtEMZR44R/Fx8VBsACQ4A0ERmZfmOzEXoPp+VMrl6gsrIeg3KQzOSZrpR
PqEeTo5wygyO720ggDNFh9M6lnF7tCpHJ528TOyFc0XS
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:18:30 2026 by rpki-client