Route Origin Authorization
$ rpki-client -vvf rpki-pp.com/repo/GOOFL/0/323630323a663833643a38303a3a2f34332d3438203d3e203437303635.roa
File: 323630323a663833643a38303a3a2f34332d3438203d3e203437303635.roa (raw, json)
Hash identifier: S3TTKO+mvrKKZxmhi2Vdb8z7xnZWflqiYoewfRslrlE=
Subject key identifier: 8C:57:C5:80:5A:49:11:11:20:8C:75:03:CB:4A:78:CB:22:D6:C9:72
Certificate issuer: /CN=86de965d715637d41a8c4a1b113daffd5c9fa0c7db182e74ae
Certificate serial: 2B73825955485527AB6F8691F6C2CAD7A63630EF
Authority key identifier: 98:75:18:7C:51:B2:08:93:34:91:43:82:82:FA:25:A7:B3:F5:AB:DC
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/7c9b1947-b813-43b3-9152-c4ccbff1cde7/86de965d715637d41a8c4a1b113daffd5c9fa0c7db182e74ae.cer
Subject info access: rsync://rpki-pp.com/repo/GOOFL/0/323630323a663833643a38303a3a2f34332d3438203d3e203437303635.roa
Signing time: Mon 14 Oct 2024 15:49:16 +0000
ROA not before: Mon 14 Oct 2024 15:44:16 +0000
ROA not after: Mon 13 Oct 2025 15:49:16 +0000
asID: 47065
IP address blocks: 2602:f83d:80::/43 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:73:82:59:55:48:55:27:ab:6f:86:91:f6:c2:ca:d7:a6:36:30:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86de965d715637d41a8c4a1b113daffd5c9fa0c7db182e74ae
Validity
Not Before: Oct 14 15:44:16 2024 GMT
Not After : Oct 13 15:49:16 2025 GMT
Subject: CN=8C57C5805A491111208C7503CB4A78CB22D6C972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:14:28:42:41:85:61:3d:d9:fb:ee:ed:cb:71:
c7:1e:91:38:74:47:2e:a9:70:11:ea:86:e4:00:38:
c1:3a:ea:ce:7a:1b:cf:f3:ee:4c:ad:7b:96:b6:3b:
32:6e:6e:de:ef:c8:87:72:ed:67:cf:54:41:3d:71:
20:cb:91:56:9c:22:47:0f:e0:76:0a:cb:b6:7d:5d:
69:79:f7:23:90:8b:02:c4:92:3d:15:ca:c1:4f:15:
bc:90:db:be:d0:34:fa:4b:0e:ef:b8:67:d9:2b:65:
03:a6:37:12:12:e3:3d:36:b9:ce:52:30:32:fa:16:
28:ba:39:d1:cd:61:34:e6:50:47:f9:f9:fd:67:d7:
a6:48:60:ad:96:e1:4f:c0:a6:15:40:e6:d6:19:5e:
b8:a2:77:f6:5f:35:f2:ed:e0:3b:56:a9:97:93:e3:
e4:89:41:ad:be:99:98:81:b0:b3:9a:ab:bf:20:bd:
fb:d7:ca:8c:ab:d9:d5:ca:c1:38:6c:82:e2:30:dd:
6a:ae:ef:14:db:17:06:06:5e:c7:98:c0:05:d7:ba:
b3:ee:c9:9f:5d:ed:6b:16:95:1f:99:4b:b9:e7:60:
af:26:fa:b4:91:2b:4e:57:d9:30:76:79:57:af:24:
32:d5:41:03:b2:f8:00:e6:45:07:04:e0:be:0c:86:
ce:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:57:C5:80:5A:49:11:11:20:8C:75:03:CB:4A:78:CB:22:D6:C9:72
X509v3 Authority Key Identifier:
keyid:98:75:18:7C:51:B2:08:93:34:91:43:82:82:FA:25:A7:B3:F5:AB:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-pp.com/repo/GOOFL/0/9875187C51B208933491438282FA25A7B3F5ABDC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/7c9b1947-b813-43b3-9152-c4ccbff1cde7/86de965d715637d41a8c4a1b113daffd5c9fa0c7db182e74ae.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-pp.com/repo/GOOFL/0/323630323a663833643a38303a3a2f34332d3438203d3e203437303635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2602:f83d:80::/43
Signature Algorithm: sha256WithRSAEncryption
5f:99:77:ac:32:28:ca:33:ba:f8:19:7f:e3:51:78:40:a4:78:
71:42:59:8f:43:d2:d0:c2:89:de:52:03:db:06:45:fc:9e:9d:
7a:46:e4:de:1b:5b:72:4a:aa:28:0d:94:13:ed:1f:49:4b:cb:
90:3a:21:6e:e9:dd:12:37:d4:6a:cc:78:52:fe:07:87:c3:4c:
71:75:60:b1:e0:c1:aa:1e:d8:d7:ae:9b:df:da:aa:88:67:c1:
d8:68:d8:7c:2d:d4:4f:d0:40:a6:6b:9f:b7:50:81:36:1f:6a:
3d:d0:b2:d0:47:ba:85:84:7d:4f:ae:68:3e:48:6c:fe:c9:af:
60:f8:0d:81:53:6b:a9:dc:98:29:62:92:8d:dc:37:e9:bb:ed:
86:09:a4:5a:f0:c5:dd:be:c5:17:0c:24:65:d5:ad:2d:3c:1e:
bb:fe:fb:d5:f3:07:18:d5:e8:be:ae:29:ac:7e:bf:fe:f6:af:
8d:35:07:42:b4:49:f6:71:f6:99:1e:a8:19:ea:a2:e6:8e:82:
5c:af:3b:6e:61:f2:32:5d:75:5b:02:a3:d6:68:1a:21:c6:10:
8e:2d:ca:2f:0d:87:19:94:41:14:d9:23:31:88:96:87:f2:ee:
eb:b9:e8:c4:89:ea:c5:11:54:7b:ef:93:02:52:2a:09:83:c4:
2e:bf:c9:5c
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgIUK3OCWVVIVSerb4aR9sLK16Y2MO8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyODZkZTk2NWQ3MTU2MzdkNDFhOGM0YTFiMTEzZGFmZmQ1
YzlmYTBjN2RiMTgyZTc0YWUwHhcNMjQxMDE0MTU0NDE2WhcNMjUxMDEzMTU0OTE2
WjAzMTEwLwYDVQQDEyg4QzU3QzU4MDVBNDkxMTExMjA4Qzc1MDNDQjRBNzhDQjIy
RDZDOTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRQoQkGFYT3Z
++7ty3HHHpE4dEcuqXAR6obkADjBOurOehvP8+5MrXuWtjsybm7e78iHcu1nz1RB
PXEgy5FWnCJHD+B2Csu2fV1pefcjkIsCxJI9FcrBTxW8kNu+0DT6Sw7vuGfZK2UD
pjcSEuM9NrnOUjAy+hYoujnRzWE05lBH+fn9Z9emSGCtluFPwKYVQObWGV64onf2
XzXy7eA7VqmXk+PkiUGtvpmYgbCzmqu/IL3718qMq9nVysE4bILiMN1qru8U2xcG
Bl7HmMAF17qz7smfXe1rFpUfmUu552CvJvq0kStOV9kwdnlXryQy1UEDsvgA5kUH
BOC+DIbOvQIDAQABo4ICZTCCAmEwHQYDVR0OBBYEFIxXxYBaSRERIIx1A8tKeMsi
1slyMB8GA1UdIwQYMBaAFJh1GHxRsgiTNJFDgoL6Jaez9avcMA4GA1UdDwEB/wQE
AwIHgDBeBgNVHR8EVzBVMFOgUaBPhk1yc3luYzovL3Jwa2ktcHAuY29tL3JlcG8v
R09PRkwvMC85ODc1MTg3QzUxQjIwODkzMzQ5MTQzODI4MkZBMjVBN0IzRjVBQkRD
LmNybDCB8wYIKwYBBQUHAQEEgeYwgeMwgeAGCCsGAQUFBzAChoHTcnN5bmM6Ly9y
cGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRhLzVlNGEyM2VhLWU4
MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy82OWZkMDE1Ni1iYjFmLTQ4YjYtYmYz
Mi1jOTQ5MjI4NmYxOTUvN2M5YjE5NDctYjgxMy00M2IzLTkxNTItYzRjY2JmZjFj
ZGU3Lzg2ZGU5NjVkNzE1NjM3ZDQxYThjNGExYjExM2RhZmZkNWM5ZmEwYzdkYjE4
MmU3NGFlLmNlcjB7BggrBgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8v
cnBraS1wcC5jb20vcmVwby9HT09GTC8wLzMyMzYzMDMyM2E2NjM4MzM2NDNhMzgz
MDNhM2EyZjM0MzMyZDM0MzgyMDNkM2UyMDM0MzczMDM2MzUucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwUm
Avg9AIAwDQYJKoZIhvcNAQELBQADggEBAF+Zd6wyKMozuvgZf+NReECkeHFCWY9D
0tDCid5SA9sGRfyenXpG5N4bW3JKqigNlBPtH0lLy5A6IW7p3RI31GrMeFL+B4fD
THF1YLHgwaoe2Neum9/aqohnwdho2Hwt1E/QQKZrn7dQgTYfaj3QstBHuoWEfU+u
aD5IbP7Jr2D4DYFTa6ncmCliko3cN+m77YYJpFrwxd2+xRcMJGXVrS08Hrv++9Xz
BxjV6L6uKax+v/72r401B0K0SfZx9pkeqBnqouaOglyvO25h8jJddVsCo9ZoGiHG
EI4tyi8NhxmUQRTZIzGIlofy7uu56MSJ6sURVHvvkwJSKgmDxC6/yVw=
-----END CERTIFICATE-----
Generated at Sat Nov 2 09:06:30 2024 by rpki-client on console-ams.rpki-client.org