Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: /+BJmQ7xhzmD3xCEQagbw28yaw6Bhz+7D1pZvggVfac=
Subject key identifier: A2:0B:B6:88:9F:6D:FC:60:5C:BE:71:E9:64:B9:2B:B9:21:0D:2E:34
Certificate issuer: /CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9
Certificate serial: 21F2761E29E7F70A9E01F2EBF2D5CF3A168D681B
Authority key identifier: AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS40676.roa
Signing time: Tue 24 Dec 2024 15:36:28 +0000
ROA not before: Tue 24 Dec 2024 15:31:28 +0000
ROA not after: Tue 23 Dec 2025 15:36:28 +0000
asID: 40676
IP address blocks: 104.234.134.0/24 maxlen: 24
104.234.172.0/24 maxlen: 24
104.234.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:f2:76:1e:29:e7:f7:0a:9e:01:f2:eb:f2:d5:cf:3a:16:8d:68:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9
Validity
Not Before: Dec 24 15:31:28 2024 GMT
Not After : Dec 23 15:36:28 2025 GMT
Subject: CN=A20BB6889F6DFC605CBE71E964B92BB9210D2E34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:93:29:2f:02:7d:49:85:80:33:2d:0f:44:c7:
3a:a7:f3:31:20:b1:07:d2:9a:f6:1f:54:09:5c:2e:
0d:ae:98:5d:47:ff:fa:35:7d:f2:63:bc:ed:75:1b:
e9:39:81:96:43:19:3c:93:37:44:f6:74:a4:ba:23:
9f:37:49:6c:8b:62:23:ef:59:9c:da:cb:5d:27:8b:
f5:06:cd:7f:33:04:48:f8:ed:b1:cc:f9:21:87:c4:
3e:54:7b:d8:87:c8:f8:e6:10:af:31:1b:7d:44:be:
8f:94:ac:e8:21:a1:35:8c:51:94:fe:4f:bc:ac:6a:
e1:70:a5:1b:54:32:76:e2:f1:d8:85:b5:f6:34:e2:
b1:dd:ca:3f:4f:82:c1:cb:21:d9:34:cb:16:c0:25:
7a:d5:f8:50:31:d0:d7:10:ba:0c:1d:37:00:82:a6:
27:35:f7:b3:91:15:6c:e7:f9:59:ea:dd:7d:60:c0:
30:a4:96:48:83:5c:ed:e6:c2:6d:4c:f2:d3:96:5c:
a1:78:d8:7f:55:7a:9c:dd:75:4c:21:3d:9f:a2:15:
8e:18:5b:99:63:36:ee:40:1f:ba:d2:0d:03:91:81:
f0:d7:07:05:99:49:dc:c4:2f:3b:5c:a6:fd:d1:be:
af:07:ef:e8:95:c7:b5:55:73:ba:ca:92:f2:a0:96:
cc:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:0B:B6:88:9F:6D:FC:60:5C:BE:71:E9:64:B9:2B:B9:21:0D:2E:34
X509v3 Authority Key Identifier:
keyid:AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.234.134.0/24
104.234.172.0/24
104.234.177.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:5b:8b:b0:bd:9f:7e:58:56:99:87:a5:32:11:f7:38:bb:97:
08:2c:36:90:38:4d:5f:9e:6d:5f:13:01:1f:79:71:96:c6:9a:
c9:a0:db:18:2d:97:04:ca:8f:50:a5:99:cb:8c:85:70:09:8b:
15:22:b8:e4:26:32:e4:a7:92:b9:63:f9:32:2e:23:81:12:e8:
89:55:39:23:82:9a:c3:65:33:6f:cd:4e:d2:3a:bf:dd:3e:84:
f1:ab:62:ee:37:d2:58:a5:88:30:01:99:a3:49:05:f8:7b:a0:
cb:2a:c0:5d:d6:79:f7:d9:0b:ec:50:63:59:27:27:3b:07:e9:
9e:91:37:90:05:62:a2:02:e6:dc:87:43:98:0b:0d:55:29:5f:
c5:c0:bd:20:3d:a7:54:65:14:50:1e:06:6c:f7:94:08:de:8a:
7e:0c:dd:91:08:46:00:eb:b1:35:23:77:1c:5c:8e:8c:04:03:
34:bf:13:8a:2e:16:ce:b0:5c:a0:b4:6a:56:08:03:89:c4:4d:
c1:b4:d1:73:1b:96:af:74:a2:f5:c3:c9:50:93:15:c9:17:31:
6c:1a:25:95:57:f1:b1:57:76:c7:88:dc:ca:e3:61:ff:79:63:
7d:2f:22:6c:f1:26:3d:0a:55:1b:19:a5:3d:26:bc:14:96:07:
af:ef:ee:af
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIUIfJ2Hinn9wqeAfLr8tXPOhaNaBswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNzJjYzFmZDI4ZDRhMDRjODQ3M2MzYWMwYjE5OTQwMjcw
Y2JiZjEyM2YzYzBiMWY3ZjkwHhcNMjQxMjI0MTUzMTI4WhcNMjUxMjIzMTUzNjI4
WjAzMTEwLwYDVQQDEyhBMjBCQjY4ODlGNkRGQzYwNUNCRTcxRTk2NEI5MkJCOTIx
MEQyRTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpMpLwJ9SYWA
My0PRMc6p/MxILEH0pr2H1QJXC4NrphdR//6NX3yY7ztdRvpOYGWQxk8kzdE9nSk
uiOfN0lsi2Ij71mc2stdJ4v1Bs1/MwRI+O2xzPkhh8Q+VHvYh8j45hCvMRt9RL6P
lKzoIaE1jFGU/k+8rGrhcKUbVDJ24vHYhbX2NOKx3co/T4LByyHZNMsWwCV61fhQ
MdDXELoMHTcAgqYnNfezkRVs5/lZ6t19YMAwpJZIg1zt5sJtTPLTllyheNh/VXqc
3XVMIT2fohWOGFuZYzbuQB+60g0DkYHw1wcFmUncxC87XKb90b6vB+/olce1VXO6
ypLyoJbMCwIDAQABo4ICijCCAoYwHQYDVR0OBBYEFKILtoifbfxgXL5x6WS5K7kh
DS40MB8GA1UdIwQYMBaAFKtcr6lXBjNzOJPZHuSwWh8OzNBrMA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODU4N2ZhMjAwMTg1YzVjYjliY2IyYmFjLzAv
QUI1Q0FGQTk1NzA2MzM3MzM4OTNEOTFFRTRCMDVBMUYwRUNDRDA2Qi5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNzZmZTExZDQtZDM1Mi00OTk0LThmNmMtZDZjOTFi
MGI4NDE1LzNmNWUyZTViLWM3MzEtNGRiOC05Yjg3LWFmOWY4ZTU4YTFjNi83MmNj
MWZkMjhkNGEwNGM4NDczYzNhYzBiMTk5NDAyNzBjYmJmMTIzZjNjMGIxZjdmOS5j
ZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NTg3ZmEyMDAxODVjNWNiOWJj
YjJiYWMvMC9BUzQwNjc2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsG
CCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAaOqGAwQAaOqsAwQAaOqxMA0GCSqG
SIb3DQEBCwUAA4IBAQCKW4uwvZ9+WFaZh6UyEfc4u5cILDaQOE1fnm1fEwEfeXGW
xprJoNsYLZcEyo9QpZnLjIVwCYsVIrjkJjLkp5K5Y/kyLiOBEuiJVTkjgprDZTNv
zU7SOr/dPoTxq2LuN9JYpYgwAZmjSQX4e6DLKsBd1nn32QvsUGNZJyc7B+mekTeQ
BWKiAubch0OYCw1VKV/FwL0gPadUZRRQHgZs95QI3op+DN2RCEYA67E1I3ccXI6M
BAM0vxOKLhbOsFygtGpWCAOJxE3BtNFzG5avdKL1w8lQkxXJFzFsGiWVV/GxV3bH
iNzK42H/eWN9LyJs8SY9ClUbGaU9JrwUlgev7+6v
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:55 2025 by rpki-client