Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203040.roa
File: AS203040.roa (raw, json)
Hash identifier: TTNsFw5lkE0sqPvfC77W49XB5xqx0N+iCud+8hm4ZW8=
Subject key identifier: 53:76:EB:C4:46:BF:37:F9:DF:59:DF:30:C9:49:3B:54:B8:78:34:F6
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 726C93FC4729AA9F2F30A2067CB3B50BA1825141
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203040.roa
Signing time: Fri 29 Nov 2024 02:40:12 +0000
ROA not before: Fri 29 Nov 2024 02:35:12 +0000
ROA not after: Fri 28 Nov 2025 02:40:12 +0000
asID: 203040
IP address blocks: 2a06:a005:5bb::/48 maxlen: 48
2a06:a005:5e0::/48 maxlen: 48
2a06:a005:ba0::/48 maxlen: 48
2a06:a005:ba1::/48 maxlen: 48
2a06:a005:ba2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:6c:93:fc:47:29:aa:9f:2f:30:a2:06:7c:b3:b5:0b:a1:82:51:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Nov 29 02:35:12 2024 GMT
Not After : Nov 28 02:40:12 2025 GMT
Subject: CN=5376EBC446BF37F9DF59DF30C9493B54B87834F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:56:f4:48:4f:d7:1a:5d:bc:fc:d2:ee:37:0e:
a1:a5:c9:f1:9d:83:9c:76:09:51:fe:43:9f:55:8e:
82:34:ef:fc:75:9d:d2:be:de:ca:23:1d:c9:7d:ef:
20:60:a9:e6:82:19:09:a7:ab:c5:20:51:3e:dd:af:
74:c4:16:aa:b0:aa:65:f0:7e:c7:14:ce:8b:39:fd:
3d:d4:e3:1a:6a:40:7b:ec:97:01:68:c7:39:20:31:
d0:5b:03:4d:83:37:7e:b2:d4:a3:f5:99:14:5a:96:
15:6f:3e:fe:a2:2f:08:30:1a:ba:d5:66:e5:d8:8e:
c3:e0:87:af:c8:d6:66:f8:07:eb:a7:55:41:f4:ca:
ed:35:c9:64:d4:72:6f:9d:15:16:0a:77:63:d3:7c:
d6:5a:12:d9:d9:b0:1b:c3:4b:7b:11:4f:13:07:5b:
b2:1c:4c:47:74:f5:59:c4:3c:43:bf:10:4c:34:38:
76:6f:02:f9:68:82:16:08:2d:a9:ec:2d:df:c7:f6:
68:0a:9b:48:67:09:c0:11:9e:66:8c:e6:38:49:a6:
42:75:48:44:b4:4c:df:82:f7:e2:df:2f:16:d6:9f:
c8:7e:b4:da:24:76:84:b4:95:4a:d5:9c:af:08:8b:
9d:c7:b6:a3:d3:8a:7c:cb:f3:d0:61:91:da:c4:c0:
b2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:76:EB:C4:46:BF:37:F9:DF:59:DF:30:C9:49:3B:54:B8:78:34:F6
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203040.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:5bb::/48
2a06:a005:5e0::/48
2a06:a005:ba0::-2a06:a005:ba2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
92:ae:0d:ff:5e:2c:a4:d0:8f:d7:97:5e:c7:9f:e0:04:52:99:
88:4b:f1:fb:d2:fe:7f:7b:60:c7:b6:d1:ed:16:66:92:d4:7c:
9b:44:6e:83:32:69:8c:c1:4f:fa:07:5f:46:78:f9:8d:4b:e1:
44:07:4d:50:c0:be:1f:ce:7a:49:6e:da:7a:97:e6:82:c8:c6:
8f:ec:4f:e2:b3:72:42:a7:c1:82:d0:f6:17:34:04:1b:4a:af:
23:87:e1:32:24:0d:93:9d:cd:31:77:ac:7e:fa:fd:f8:a2:c6:
c5:15:e3:e2:6a:46:7b:85:37:5d:87:6a:1c:a5:a2:69:b2:c8:
56:96:ed:49:da:b2:c8:59:43:4c:e6:4e:82:60:8e:b7:44:39:
57:82:e1:6f:fd:18:df:21:4a:68:f0:4a:22:9c:66:99:a5:ad:
f1:0a:aa:3b:ce:07:e5:e0:66:cc:f1:9b:85:90:36:fa:62:80:
66:6a:fd:b9:18:ba:ce:7a:95:85:10:ff:df:d1:0d:6a:96:3a:
a9:6a:49:cd:10:41:53:f7:f2:f2:63:f2:bd:66:9c:08:cb:33:
45:28:b9:f1:ea:31:7a:0f:09:d4:57:ba:cb:77:1f:00:fe:ff:
18:4f:90:33:e2:e7:8d:31:22:db:42:9a:e1:93:9d:c3:17:1d:
b1:58:26:90
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUcmyT/Ecpqp8vMKIGfLO1C6GCUUEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMjkwMjM1MTJaFw0yNTExMjgwMjQwMTJaMDMxMTAvBgNV
BAMTKDUzNzZFQkM0NDZCRjM3RjlERjU5REYzMEM5NDkzQjU0Qjg3ODM0RjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5VvRIT9caXbz80u43DqGlyfGd
g5x2CVH+Q59VjoI07/x1ndK+3sojHcl97yBgqeaCGQmnq8UgUT7dr3TEFqqwqmXw
fscUzos5/T3U4xpqQHvslwFoxzkgMdBbA02DN36y1KP1mRRalhVvPv6iLwgwGrrV
ZuXYjsPgh6/I1mb4B+unVUH0yu01yWTUcm+dFRYKd2PTfNZaEtnZsBvDS3sRTxMH
W7IcTEd09VnEPEO/EEw0OHZvAvloghYILansLd/H9mgKm0hnCcARnmaM5jhJpkJ1
SES0TN+C9+LfLxbWn8h+tNokdoS0lUrVnK8Ii53HtqPTinzL89BhkdrEwLJFAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUU3brxEa/N/nfWd8wyUk7VLh4NPYwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAzMDQwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEH
AQH/BDAwLjAsBAIAAjAmAwcAKgagBQW7AwcAKgagBQXgMBIDBwUqBqAFC6ADBwAq
BqAFC6IwDQYJKoZIhvcNAQELBQADggEBAJKuDf9eLKTQj9eXXsef4ARSmYhL8fvS
/n97YMe20e0WZpLUfJtEboMyaYzBT/oHX0Z4+Y1L4UQHTVDAvh/Oeklu2nqX5oLI
xo/sT+KzckKnwYLQ9hc0BBtKryOH4TIkDZOdzTF3rH76/fiixsUV4+JqRnuFN12H
ahylommyyFaW7UnasshZQ0zmToJgjrdEOVeC4W/9GN8hSmjwSiKcZpmlrfEKqjvO
B+XgZszxm4WQNvpigGZq/bkYus56lYUQ/9/RDWqWOqlqSc0QQVP38vJj8r1mnAjL
M0UoufHqMXoPCdRXust3HwD+/xhPkDPi540xIttCmuGTncMXHbFYJpA=
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:14:18 2025 by rpki-client