Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: rUyuA3AYYomKAjHyGPU6Og68RL6buOyxUe3/qzCs56E=
Subject key identifier: 53:EB:2A:3F:96:92:84:7E:8A:75:0B:29:10:9A:5B:FD:8A:91:9E:48
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 7E25578CBE8A42FA4A96EEC017FFDFF5ADDBFBC9
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS16276.roa
Signing time: Sat 18 Oct 2025 07:13:59 +0000
ROA not before: Sat 18 Oct 2025 07:08:59 +0000
ROA not after: Sat 17 Oct 2026 07:13:59 +0000
asID: 16276
IP address blocks: 85.155.225.0/24 maxlen: 24
104.167.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:44:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:25:57:8c:be:8a:42:fa:4a:96:ee:c0:17:ff:df:f5:ad:db:fb:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Oct 18 07:08:59 2025 GMT
Not After : Oct 17 07:13:59 2026 GMT
Subject: CN=53EB2A3F9692847E8A750B29109A5BFD8A919E48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:fe:00:37:a5:e3:30:4c:35:d5:e5:2f:33:b7:
fa:8a:e1:fc:ca:a6:f8:cd:df:d2:a9:1a:b1:18:d8:
8f:76:48:58:0f:b7:c3:fa:ea:81:5b:75:29:62:ad:
a9:68:73:f2:b9:70:10:10:84:1b:a6:90:d9:ba:1b:
09:c3:90:71:ce:a9:fd:58:33:48:c0:be:51:c0:00:
9a:ca:af:41:26:45:44:24:a2:b0:49:d5:99:f5:ab:
ae:1a:4a:2d:c3:86:e9:5e:dc:ad:13:6a:04:52:ef:
d8:da:73:35:bc:59:9e:6c:23:a9:73:ad:62:f1:2d:
af:a5:49:e3:76:95:64:7e:3f:61:cc:be:6b:d0:95:
ad:df:8e:9b:bc:30:66:77:e4:86:34:92:a8:b8:ba:
f0:5c:7e:cb:2f:77:43:f9:38:39:04:5a:0c:39:5d:
dc:8e:37:79:7d:51:0f:8b:be:6e:bc:75:f4:0a:19:
64:bc:fb:9c:fc:53:50:3b:a3:f9:fa:6b:07:f5:3f:
ae:9d:59:70:5e:08:46:d7:9d:6c:8d:81:fd:d8:c0:
62:5f:2e:db:4b:88:f1:0b:bd:66:d1:37:64:d0:4d:
0a:ec:a0:df:f1:65:71:13:43:9f:e1:6e:f9:e4:65:
cc:8e:dd:e6:ee:b1:2a:68:e3:2f:a2:12:5c:36:8b:
74:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EB:2A:3F:96:92:84:7E:8A:75:0B:29:10:9A:5B:FD:8A:91:9E:48
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.155.225.0/24
104.167.16.0/24
Signature Algorithm: sha256WithRSAEncryption
91:dd:37:79:3a:d6:63:a8:33:62:ca:52:03:d2:72:6f:cc:c7:
e9:fc:66:bf:42:d3:26:df:35:2f:5d:fa:3b:05:52:6d:8b:54:
a2:4c:48:55:81:60:5b:6c:35:6c:47:f9:7b:be:10:81:f9:13:
cf:34:8a:f8:29:9b:23:67:62:81:91:b7:33:19:27:a7:55:f6:
e0:77:b8:0a:7d:be:63:65:3e:57:53:e3:c9:64:16:fd:a5:9d:
a0:d5:e4:49:c6:17:69:97:ce:1b:11:82:bd:7a:72:8e:7b:c0:
4d:ef:6d:00:21:8f:c2:fe:62:3b:31:0f:95:c8:78:09:ea:2e:
08:3c:84:9f:bd:8f:8f:f1:74:91:16:c8:34:88:df:d0:fd:22:
4e:b9:65:94:9f:cb:13:37:fb:46:a2:57:d8:32:56:d0:6b:bc:
e4:0c:3b:1f:5e:fa:8c:6b:97:69:1d:45:bd:bc:e7:be:82:9f:
7c:d3:18:81:a0:ff:d6:40:d8:9b:28:cf:8f:59:11:dc:f8:9b:
b3:df:ab:26:d7:5f:91:f5:0b:5e:f6:c3:7f:c0:8c:e1:bf:78:
f1:12:02:5c:b1:13:1a:5a:6e:cd:e7:7b:c7:26:e8:10:d9:2e:
5a:3b:13:69:8a:b0:18:0b:2e:c8:80:c7:38:8e:73:84:fe:91:
05:25:45:88
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgIUfiVXjL6KQvpKlu7AF//f9a3b+8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTEwMTgwNzA4NTlaFw0yNjEwMTcwNzEzNTlaMDMxMTAvBgNV
BAMTKDUzRUIyQTNGOTY5Mjg0N0U4QTc1MEIyOTEwOUE1QkZEOEE5MTlFNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDy/gA3peMwTDXV5S8zt/qK4fzK
pvjN39KpGrEY2I92SFgPt8P66oFbdSliraloc/K5cBAQhBumkNm6GwnDkHHOqf1Y
M0jAvlHAAJrKr0EmRUQkorBJ1Zn1q64aSi3Dhule3K0TagRS79jaczW8WZ5sI6lz
rWLxLa+lSeN2lWR+P2HMvmvQla3fjpu8MGZ35IY0kqi4uvBcfssvd0P5ODkEWgw5
XdyON3l9UQ+Lvm68dfQKGWS8+5z8U1A7o/n6awf1P66dWXBeCEbXnWyNgf3YwGJf
LttLiPELvWbRN2TQTQrsoN/xZXETQ5/hbvnkZcyO3ebusSpo4y+iElw2i3R1AgMB
AAGjggH0MIIB8DAdBgNVHQ4EFgQUU+sqP5aShH6KdQspEJpb/YqRnkgwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MTYyNzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcB
Af8EFjAUMBIEAgABMAwDBABVm+EDBABopxAwDQYJKoZIhvcNAQELBQADggEBAJHd
N3k61mOoM2LKUgPScm/Mx+n8Zr9C0ybfNS9d+jsFUm2LVKJMSFWBYFtsNWxH+Xu+
EIH5E880ivgpmyNnYoGRtzMZJ6dV9uB3uAp9vmNlPldT48lkFv2lnaDV5EnGF2mX
zhsRgr16co57wE3vbQAhj8L+YjsxD5XIeAnqLgg8hJ+9j4/xdJEWyDSI39D9Ik65
ZZSfyxM3+0aiV9gyVtBrvOQMOx9e+oxrl2kdRb28576Cn3zTGIGg/9ZA2Jsoz49Z
Edz4m7PfqybXX5H1C172w3/AjOG/ePESAlyxExpabs3ne8cm6BDZLlo7E2mKsBgL
LsiAxziOc4T+kQUlRYg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:08:42 2025 by rpki-client