Route Origin Authorization
$ rpki-client -vvf rpki.co/repo/AS945/1/AS201217.roa
File: AS201217.roa (raw, json)
Hash identifier: 7v9+uG7dTOwNw+wdH96g2ix1tw1FXqX+J5ksMmnZ4qA=
Subject key identifier: A9:53:DB:0D:2E:9B:2E:3D:0D:88:54:C5:5C:15:02:D3:FE:86:2F:BB
Certificate issuer: /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial: 5D4F6F1B36C43B643EF5145A2D6D3FB42954271F
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access: rsync://rpki.co/repo/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access: rsync://rpki.co/repo/AS945/1/AS201217.roa
Signing time: Mon 10 Apr 2023 03:31:32 +0000
ROA not before: Mon 10 Apr 2023 03:26:32 +0000
ROA not after: Mon 08 Apr 2024 03:31:32 +0000
asID: 201217
IP address blocks: 2a12:dd47:8e70::/44 maxlen: 48
2a12:dd47:f000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:4f:6f:1b:36:c4:3b:64:3e:f5:14:5a:2d:6d:3f:b4:29:54:27:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Validity
Not Before: Apr 10 03:26:32 2023 GMT
Not After : Apr 8 03:31:32 2024 GMT
Subject: CN=A953DB0D2E9B2E3D0D8854C55C1502D3FE862FBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8c:f2:96:5e:3a:64:b1:9f:bb:45:f9:67:9e:
c1:1f:47:6d:ea:42:58:50:b0:c7:c2:e8:68:07:c6:
52:f3:9f:3e:c5:72:18:c7:f8:2b:83:5a:83:9d:78:
c1:f4:f1:ef:1d:17:d0:b6:a3:b0:30:6f:62:15:9d:
95:bc:c8:0d:f6:96:cd:f1:c0:34:b7:e0:4e:06:10:
92:4f:bc:b2:bc:cb:c4:f8:df:bb:d0:6a:2f:8d:bc:
5f:ff:eb:fd:8f:c2:b0:dc:15:b2:d7:b4:e0:41:fe:
04:d3:30:d7:3f:3d:aa:ab:0a:8f:6f:0e:56:81:b7:
a6:c0:19:00:5a:fe:77:e3:9d:37:a6:8f:d9:78:8f:
d2:8d:ce:90:06:a9:1c:b3:ca:01:d6:e7:ac:de:b1:
e8:b7:1a:5c:03:89:7a:7f:ad:04:22:70:00:84:1c:
3f:48:d5:75:6d:94:ed:99:2e:90:c4:91:3d:34:f7:
e0:f2:9c:4e:59:91:86:c2:98:a1:40:11:74:81:2c:
10:f5:21:83:d0:9c:15:33:08:87:cf:c6:13:de:7c:
15:51:45:04:10:83:16:b2:83:60:d7:e8:80:c6:38:
07:fd:0b:55:77:af:d1:9b:13:20:a5:f2:6c:2d:fc:
2e:f9:f6:63:65:60:f2:84:9d:5d:af:14:07:82:29:
25:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:53:DB:0D:2E:9B:2E:3D:0D:88:54:C5:5C:15:02:D3:FE:86:2F:BB
X509v3 Authority Key Identifier:
keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.co/repo/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.co/repo/AS945/1/AS201217.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:8e70::/44
2a12:dd47:f000::/40
Signature Algorithm: sha256WithRSAEncryption
9b:9a:fa:8b:93:46:cd:58:50:1b:a6:14:06:56:df:4a:db:9e:
be:8b:2d:5c:a5:9d:53:9e:f0:0b:44:11:ac:ca:a7:5a:ae:61:
51:64:5c:72:d7:91:72:82:03:72:46:49:23:a7:b0:b2:35:ee:
e2:7c:04:02:74:05:35:a6:9b:4c:fe:e4:1e:ac:d6:49:8f:f9:
16:3e:b7:46:0e:8b:a9:63:c4:56:aa:f3:70:b6:62:2a:7a:84:
bc:78:2c:6d:c5:e3:96:5c:7f:1f:0e:f8:31:77:58:5f:c2:cf:
b4:a5:fb:20:ff:36:7d:96:e3:43:3d:af:ac:d8:03:8e:bd:d2:
73:d7:64:ce:0d:ea:55:4e:4b:df:e7:09:96:89:03:53:2f:6e:
c1:e3:2d:51:38:5f:d0:da:70:82:0e:88:85:b7:ff:0c:f4:6f:
1d:26:e0:75:92:56:c1:41:42:29:a7:4a:9f:e9:e6:b5:62:7e:
60:ea:32:cb:54:48:4b:b5:b1:72:81:12:74:3e:52:f5:f9:22:
9a:f1:0b:88:52:3f:59:b3:6c:d5:7c:40:0c:68:04:fd:ba:28:
34:80:a1:0f:26:bc:97:15:dc:11:24:5a:c6:0b:cc:28:75:54:
de:18:b3:8f:e4:14:bd:f7:c9:ad:f9:d3:7a:53:ec:9f:dc:94:
69:27:73:5d
-----BEGIN CERTIFICATE-----
MIIEmzCCA4OgAwIBAgIUXU9vGzbEO2Q+9RRaLW0/tClUJx8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzA0MTAwMzI2MzJaFw0yNDA0MDgwMzMxMzJaMDMxMTAvBgNV
BAMTKEE5NTNEQjBEMkU5QjJFM0QwRDg4NTRDNTVDMTUwMkQzRkU4NjJGQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjjPKWXjpksZ+7RflnnsEfR23q
QlhQsMfC6GgHxlLznz7FchjH+CuDWoOdeMH08e8dF9C2o7Awb2IVnZW8yA32ls3x
wDS34E4GEJJPvLK8y8T437vQai+NvF//6/2PwrDcFbLXtOBB/gTTMNc/PaqrCo9v
DlaBt6bAGQBa/nfjnTemj9l4j9KNzpAGqRyzygHW56zesei3GlwDiXp/rQQicACE
HD9I1XVtlO2ZLpDEkT009+DynE5ZkYbCmKFAEXSBLBD1IYPQnBUzCIfPxhPefBVR
RQQQgxayg2DX6IDGOAf9C1V3r9GbEyCl8mwt/C759mNlYPKEnV2vFAeCKSXLAgMB
AAGjggGlMIIBoTAdBgNVHQ4EFgQUqVPbDS6bLj0NiFTFXBUC0/6GL7swHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZgYIKwYBBQUH
AQEEWjBYMFYGCCsGAQUFBzAChkpyc3luYzovL3Jwa2kuY28vcmVwby9BdWd1c3Qv
NS82NjA0Mjg5QzdFMzlFMDhFMUFFMTI1NUNFRTczQzA1QkZEOTlGM0U2LmNlcjBF
BggrBgEFBQcBCwQ5MDcwNQYIKwYBBQUHMAuGKXJzeW5jOi8vcnBraS5jby9yZXBv
L0FTOTQ1LzEvQVMyMDEyMTcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
KgYIKwYBBQUHAQcBAf8EGzAZMBcEAgACMBEDBwQqEt1HjnADBgAqEt1H8DANBgkq
hkiG9w0BAQsFAAOCAQEAm5r6i5NGzVhQG6YUBlbfStuevostXKWdU57wC0QRrMqn
Wq5hUWRccteRcoIDckZJI6ewsjXu4nwEAnQFNaabTP7kHqzWSY/5Fj63Rg6LqWPE
VqrzcLZiKnqEvHgsbcXjllx/Hw74MXdYX8LPtKX7IP82fZbjQz2vrNgDjr3Sc9dk
zg3qVU5L3+cJlokDUy9uweMtUThf0Npwgg6Ihbf/DPRvHSbgdZJWwUFCKadKn+nm
tWJ+YOoyy1RIS7WxcoESdD5S9fkimvELiFI/WbNs1XxADGgE/booNIChDya8lxXc
ESRaxgvMKHVU3hizj+QUvffJrfnTelPsn9yUaSdzXQ==
-----END CERTIFICATE-----
Generated at Tue Oct 17 16:43:40 2023 by rpki-client on console-fra.rpki-client.org