Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS64522.roa
File: AS64522.roa (raw, json)
Hash identifier: 9t4w6FkI13zdVOitbFUpXOsFTUZzyA9siH6TK2BeOVk=
Subject key identifier: 74:A4:9A:E7:8D:25:91:00:42:F4:18:49:C9:D6:23:CF:81:A0:7E:51
Certificate issuer: /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial: 1E26B21DC8F52186251244162827CF753DF1686F
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS64522.roa
Signing time: Thu 14 Aug 2025 19:20:32 +0000
ROA not before: Thu 14 Aug 2025 19:15:32 +0000
ROA not after: Thu 13 Aug 2026 19:20:32 +0000
asID: 64522
IP address blocks: 2a06:1287::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:26:b2:1d:c8:f5:21:86:25:12:44:16:28:27:cf:75:3d:f1:68:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Validity
Not Before: Aug 14 19:15:32 2025 GMT
Not After : Aug 13 19:20:32 2026 GMT
Subject: CN=74A49AE78D25910042F41849C9D623CF81A07E51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ac:95:de:d8:49:52:5d:ad:80:ad:02:4f:5c:
1c:a7:28:df:6a:a2:2f:07:1d:db:ef:a6:b5:f3:1e:
d6:56:bf:45:8a:56:7a:8a:7e:4a:cc:db:cf:f5:5f:
11:f5:a6:44:58:82:73:0f:d4:69:ad:d9:d1:0f:9e:
d9:60:8a:05:03:76:39:31:89:38:45:4b:4d:b8:c9:
1a:78:e6:16:db:a8:81:79:44:a7:c1:42:b5:df:91:
8c:16:07:7a:af:da:06:7a:df:71:0d:34:47:35:5a:
5b:02:38:41:d2:17:0f:2f:63:46:6d:d6:fe:04:1a:
37:16:ea:46:95:79:e5:b9:fe:62:88:12:37:f2:fa:
4b:a2:fd:aa:0c:1a:80:aa:8d:02:e0:8e:90:cc:0d:
97:f9:97:82:72:0c:30:96:89:3c:fd:56:3c:f2:f4:
3b:4e:a4:73:27:81:ce:a5:6a:dd:45:4b:1c:bd:1d:
5f:ba:f7:ab:87:3f:48:3c:50:94:20:1f:89:52:50:
29:3e:c4:f7:5c:42:09:75:0b:0f:70:58:76:db:39:
6f:99:27:9d:af:c4:bc:68:e8:57:b2:97:5d:1e:6a:
61:ab:f4:6b:ad:ef:23:b4:c9:51:2d:48:b5:3c:3a:
69:56:a0:5f:6e:a8:d7:8a:bb:54:f3:a4:30:eb:91:
7b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A4:9A:E7:8D:25:91:00:42:F4:18:49:C9:D6:23:CF:81:A0:7E:51
X509v3 Authority Key Identifier:
keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS64522.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1287::/32
Signature Algorithm: sha256WithRSAEncryption
a5:ab:a5:52:3d:1b:87:bb:bf:58:04:a9:f5:e6:0c:e9:b7:6b:
4d:2e:4a:0f:f2:72:ae:0b:28:eb:b0:73:0f:ee:4f:46:44:d3:
ab:19:a8:0f:68:64:ad:03:3f:f5:fd:cd:03:92:8b:3a:6c:2b:
e2:37:12:1c:f1:79:ff:28:47:d0:d8:cf:fc:bc:63:d6:73:c2:
ac:dd:a8:c3:c6:97:f6:3b:fe:35:11:d5:44:0f:d0:1d:3c:75:
a6:87:fe:53:c2:b4:1a:9b:47:d8:d6:4e:e2:cf:dc:18:97:0b:
ef:b7:68:bf:eb:97:1b:85:65:3a:b6:cc:58:af:b6:12:26:96:
5c:17:84:16:c3:8d:1b:18:18:bd:c5:28:3c:d6:75:28:e1:2e:
e1:0a:4f:0b:40:ef:24:9a:f4:cc:bc:03:9c:7a:1f:fc:76:8a:
92:99:77:a8:7b:7e:2e:8b:a4:9d:dd:8e:c6:de:eb:a7:54:33:
a8:dd:3a:75:5e:9b:27:71:28:8e:fe:b1:11:a6:b5:59:b0:7c:
8b:40:32:ac:8a:5d:f5:ba:b6:d6:c4:26:f7:d7:f0:4f:90:81:
1d:c9:28:65:ee:4e:f3:13:3f:4e:30:03:a7:ca:f8:a1:e2:74:
19:8a:c4:98:64:cf:e6:10:3c:7e:eb:9c:3f:86:77:c2:fd:79:
7b:25:a0:7f
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUHiayHcj1IYYlEkQWKCfPdT3xaG8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA4MTQxOTE1MzJaFw0yNjA4MTMxOTIwMzJaMDMxMTAvBgNV
BAMTKDc0QTQ5QUU3OEQyNTkxMDA0MkY0MTg0OUM5RDYyM0NGODFBMDdFNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWrJXe2ElSXa2ArQJPXBynKN9q
oi8HHdvvprXzHtZWv0WKVnqKfkrM28/1XxH1pkRYgnMP1Gmt2dEPntlgigUDdjkx
iThFS024yRp45hbbqIF5RKfBQrXfkYwWB3qv2gZ633ENNEc1WlsCOEHSFw8vY0Zt
1v4EGjcW6kaVeeW5/mKIEjfy+kui/aoMGoCqjQLgjpDMDZf5l4JyDDCWiTz9Vjzy
9DtOpHMngc6lat1FSxy9HV+696uHP0g8UJQgH4lSUCk+xPdcQgl1Cw9wWHbbOW+Z
J52vxLxo6Feyl10eamGr9Gut7yO0yVEtSLU8OmlWoF9uqNeKu1TzpDDrkXsbAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUdKSa540lkQBC9BhJydYjz4GgflEwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
NjQ1MjIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcB
Af8EETAPMA0EAgACMAcDBQAqBhKHMA0GCSqGSIb3DQEBCwUAA4IBAQClq6VSPRuH
u79YBKn15gzpt2tNLkoP8nKuCyjrsHMP7k9GRNOrGagPaGStAz/1/c0Dkos6bCvi
NxIc8Xn/KEfQ2M/8vGPWc8Ks3ajDxpf2O/41EdVED9AdPHWmh/5TwrQam0fY1k7i
z9wYlwvvt2i/65cbhWU6tsxYr7YSJpZcF4QWw40bGBi9xSg81nUo4S7hCk8LQO8k
mvTMvAOceh/8doqSmXeoe34ui6Sd3Y7G3uunVDOo3Tp1XpsncSiO/rERprVZsHyL
QDKsil31urbWxCb31/BPkIEdyShl7k7zEz9OMAOnyvih4nQZisSYZM/mEDx+65w/
hnfC/Xl7JaB/
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:25:48 2025 by rpki-client