Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS23470.roa
File: AS23470.roa (raw, json)
Hash identifier: sP/8W0IBWQSTz4wZ52R3FvI1+qC5PeIcJDqeaYmqx90=
Subject key identifier: AD:F3:5E:87:11:A9:38:C8:A8:F0:7D:36:AE:9A:BD:84:AE:19:CD:83
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 4F469EB5205A5FCC3E3949065E0AA6C1ED9E446A
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS23470.roa
Signing time: Fri 25 Jul 2025 22:07:57 +0000
ROA not before: Fri 25 Jul 2025 22:02:57 +0000
ROA not after: Fri 24 Jul 2026 22:07:57 +0000
asID: 23470
IP address blocks: 144.48.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 Aug 2025 23:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:46:9e:b5:20:5a:5f:cc:3e:39:49:06:5e:0a:a6:c1:ed:9e:44:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Jul 25 22:02:57 2025 GMT
Not After : Jul 24 22:07:57 2026 GMT
Subject: CN=ADF35E8711A938C8A8F07D36AE9ABD84AE19CD83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:fe:f7:f9:0c:5b:34:e8:e7:d0:54:a1:2a:5b:
ab:c9:96:3b:91:53:c4:a1:39:6f:98:19:73:fc:ba:
00:15:a7:41:45:a3:93:6b:a3:1f:e7:c5:62:2b:ef:
b0:ae:16:76:32:a6:c9:4f:34:da:13:53:ec:26:16:
75:7e:3c:7c:ab:b0:00:1a:16:48:33:b8:d9:60:a6:
29:a0:52:3b:91:6b:6a:3c:c8:ff:4b:d6:df:5b:de:
33:cc:40:3d:64:00:7e:47:94:d8:2b:42:ce:ce:b1:
b7:47:78:6e:23:3c:23:ed:b0:82:cd:c2:ab:c7:60:
da:18:1b:3a:03:3a:4c:2b:07:1e:3e:20:b2:46:7a:
d9:aa:64:a0:1d:19:69:eb:75:c7:2c:ee:f6:a1:5e:
c4:63:98:24:fa:2b:94:7d:ca:99:22:da:1a:cd:1a:
e8:a9:c4:cd:7d:ed:62:53:06:1c:93:2a:52:81:fa:
d2:5c:91:aa:b8:ff:56:3d:5b:e1:1c:f9:71:75:19:
21:a4:b0:75:56:7e:ac:91:66:79:96:fa:70:b3:ae:
4b:8a:22:a3:63:27:27:3e:be:4a:7b:6b:80:2e:29:
2f:cc:57:33:0a:61:c0:d8:13:88:31:2a:b9:6d:cb:
78:3b:2c:0f:7c:9f:56:6b:aa:30:da:d4:8c:57:bf:
a8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F3:5E:87:11:A9:38:C8:A8:F0:7D:36:AE:9A:BD:84:AE:19:CD:83
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS23470.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.48.83.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:db:97:0b:fb:aa:ab:0e:0e:1d:be:6e:39:e6:27:17:c7:e5:
2d:42:67:63:01:3d:19:83:c4:78:9a:c5:85:45:59:b3:f8:2b:
e6:d8:19:30:1a:5e:02:08:e9:84:74:ea:e2:9d:07:55:82:b6:
38:d2:6b:0b:bc:b4:01:4c:25:3a:17:9f:9f:81:69:26:24:3b:
21:fa:06:6b:2e:14:3a:d8:be:4d:65:bc:7f:53:5b:85:32:bf:
31:de:53:28:44:bd:a3:8f:42:05:3e:9c:c0:6b:7e:46:34:66:
a3:c0:27:c7:45:d8:38:80:87:0e:8e:2f:01:e4:6c:8b:1f:9b:
80:02:67:2b:41:a3:80:86:fe:8b:e6:d8:67:a0:d0:bf:67:20:
82:9a:03:47:b4:b7:2f:97:fc:ea:1d:4c:f7:f0:95:92:71:51:
f2:2f:86:83:71:b0:d6:90:94:0c:61:3c:b5:00:e2:45:b3:32:
36:44:49:bd:a9:e9:8a:8b:d6:7e:db:0c:bc:0e:1e:ec:a2:3f:
28:8d:1a:19:8a:4a:ed:2e:d0:09:d6:0a:a7:e7:67:b1:e9:12:
7e:d5:69:f0:71:aa:05:80:16:ac:98:b1:e8:3a:a8:b0:f0:29:
b5:47:2b:b6:84:7f:22:22:cf:f2:a0:d4:82:aa:31:f1:7e:f5:
f9:c1:12:7a
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUT0aetSBaX8w+OUkGXgqmwe2eRGowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MjUyMjAyNTdaFw0yNjA3MjQyMjA3NTdaMDMxMTAvBgNV
BAMTKEFERjM1RTg3MTFBOTM4QzhBOEYwN0QzNkFFOUFCRDg0QUUxOUNEODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDq/vf5DFs06OfQVKEqW6vJljuR
U8ShOW+YGXP8ugAVp0FFo5Nrox/nxWIr77CuFnYypslPNNoTU+wmFnV+PHyrsAAa
FkgzuNlgpimgUjuRa2o8yP9L1t9b3jPMQD1kAH5HlNgrQs7OsbdHeG4jPCPtsILN
wqvHYNoYGzoDOkwrBx4+ILJGetmqZKAdGWnrdccs7vahXsRjmCT6K5R9ypki2hrN
GuipxM197WJTBhyTKlKB+tJckaq4/1Y9W+Ec+XF1GSGksHVWfqyRZnmW+nCzrkuK
IqNjJyc+vkp7a4AuKS/MVzMKYcDYE4gxKrlty3g7LA98n1ZrqjDa1IxXv6hzAgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQUrfNehxGpOMio8H02rpq9hK4ZzYMwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjM0NzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBACQMFMwDQYJKoZIhvcNAQELBQADggEBAMXblwv7qqsO
Dh2+bjnmJxfH5S1CZ2MBPRmDxHiaxYVFWbP4K+bYGTAaXgII6YR06uKdB1WCtjjS
awu8tAFMJToXn5+BaSYkOyH6BmsuFDrYvk1lvH9TW4UyvzHeUyhEvaOPQgU+nMBr
fkY0ZqPAJ8dF2DiAhw6OLwHkbIsfm4ACZytBo4CG/ovm2Geg0L9nIIKaA0e0ty+X
/OodTPfwlZJxUfIvhoNxsNaQlAxhPLUA4kWzMjZESb2p6YqL1n7bDLwOHuyiPyiN
GhmKSu0u0AnWCqfnZ7HpEn7VafBxqgWAFqyYseg6qLDwKbVHK7aEfyIiz/Kg1IKq
MfF+9fnBEno=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:56:55 2025 by rpki-client