Route Origin Authorization
$ rpki-client -vvf rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/AS204333.roa
File: AS204333.roa (raw, json)
Hash identifier: CC4+FkLXRSK9OfpfU0ip0wUuqFQDwzFNdsbRmOxorcs=
Subject key identifier: 25:3A:F2:D9:DB:60:7E:D1:60:BD:66:AC:E2:87:89:BD:AD:69:32:3F
Certificate issuer: /CN=abdbfabaf201e2bb85b9edb4d643594ac30bbfe2
Certificate serial: 48B443E8B9824FCDDE2D1A578CB4520AAB3A39C7
Authority key identifier: AB:DB:FA:BA:F2:01:E2:BB:85:B9:ED:B4:D6:43:59:4A:C3:0B:BF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q9v6uvIB4ruFue201kNZSsMLv-I.cer
Subject info access: rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/AS204333.roa
Signing time: Wed 21 Dec 2022 16:56:54 +0000
ROA not before: Wed 21 Dec 2022 16:51:54 +0000
ROA not after: Wed 20 Dec 2023 16:56:54 +0000
asID: 204333
IP address blocks: 2a06:a005:d21::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:b4:43:e8:b9:82:4f:cd:de:2d:1a:57:8c:b4:52:0a:ab:3a:39:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abdbfabaf201e2bb85b9edb4d643594ac30bbfe2
Validity
Not Before: Dec 21 16:51:54 2022 GMT
Not After : Dec 20 16:56:54 2023 GMT
Subject: CN=253AF2D9DB607ED160BD66ACE28789BDAD69323F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8a:64:37:a8:a8:32:18:0d:66:b6:77:53:1b:
3b:1b:03:d4:0d:23:aa:2a:17:e2:e2:32:47:cb:8c:
b3:d2:76:a4:c6:d3:e2:5a:e1:b1:35:60:6b:a3:26:
bc:23:af:f7:9f:40:a8:84:20:15:9c:6b:89:9f:ec:
86:a2:0d:a7:a4:89:9c:98:f6:0e:61:77:e3:ea:5d:
4c:24:ec:83:cc:9d:d0:a8:f4:74:9d:b3:f2:a8:f2:
26:8b:7b:27:21:fa:38:45:67:47:f7:8c:39:3f:95:
b4:19:fc:b9:26:38:5d:c7:16:1c:fa:e4:33:29:94:
9f:8f:0d:a2:43:08:f6:8d:73:3b:d7:13:22:64:a4:
ff:49:8e:16:c3:83:43:c6:ca:41:cf:37:05:a2:a2:
59:16:31:df:c5:f4:e1:9d:09:fd:46:f8:07:de:3f:
1f:83:69:b6:9d:5d:33:da:b2:d6:40:6a:58:fb:63:
40:0e:8c:13:fa:96:ab:16:2f:4e:77:74:b8:af:84:
64:3b:96:49:7b:ef:f2:8e:ac:95:70:62:96:0f:a0:
1f:e1:8c:04:44:21:1f:5d:fa:c0:ee:43:eb:86:50:
c7:80:d7:8b:3d:49:a6:3d:26:12:71:c1:06:be:f3:
bb:60:66:8b:23:ce:e7:68:5a:46:d7:8a:3b:a2:a3:
15:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:3A:F2:D9:DB:60:7E:D1:60:BD:66:AC:E2:87:89:BD:AD:69:32:3F
X509v3 Authority Key Identifier:
keyid:AB:DB:FA:BA:F2:01:E2:BB:85:B9:ED:B4:D6:43:59:4A:C3:0B:BF:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/ABDBFABAF201E2BB85B9EDB4D643594AC30BBFE2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q9v6uvIB4ruFue201kNZSsMLv-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/AS204333.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:d21::/48
Signature Algorithm: sha256WithRSAEncryption
54:13:82:ea:e3:44:fb:a7:cf:ac:71:1e:3c:6f:13:74:f9:b5:
38:b8:85:fd:91:3d:7b:c8:90:56:7c:a0:03:06:65:cd:bc:3a:
87:da:a5:d5:4b:b6:63:73:1c:7e:0b:d4:a7:02:7f:16:b8:a3:
37:8a:a2:aa:2f:1c:fd:53:0b:42:be:a6:f8:df:88:89:8d:91:
20:cd:15:8d:4f:59:06:e5:10:01:5b:00:01:9c:64:ad:86:29:
57:fc:82:32:ae:4d:cd:52:96:59:26:05:c3:ac:71:88:9b:21:
72:a0:d5:72:97:0e:59:38:4f:18:c0:bf:52:ef:bf:e6:3f:2c:
e7:8e:02:68:47:7e:2b:4c:2a:b6:0e:ef:90:3c:2b:05:a5:ab:
06:52:49:67:cf:3e:2b:ea:10:6b:4d:e0:b9:f3:62:69:6b:94:
07:ea:3c:41:af:28:02:41:48:12:ac:2f:93:3a:58:36:24:4b:
74:ca:d4:9e:c4:04:d2:6a:9d:ca:a4:bf:80:78:d1:21:f9:2a:
79:d9:a6:d9:3a:ed:7b:99:f3:ac:25:c8:26:e2:b7:30:1f:80:
c9:81:77:96:b3:f3:9b:66:ee:90:7b:a3:28:af:eb:0e:60:c5:
df:3a:48:29:76:40:0a:1a:e5:92:db:08:b4:ec:7e:13:70:d3:
eb:9e:54:aa
-----BEGIN CERTIFICATE-----
MIIEtTCCA52gAwIBAgIUSLRD6LmCT83eLRpXjLRSCqs6OccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWJkYmZhYmFmMjAxZTJiYjg1YjllZGI0ZDY0MzU5NGFj
MzBiYmZlMjAeFw0yMjEyMjExNjUxNTRaFw0yMzEyMjAxNjU2NTRaMDMxMTAvBgNV
BAMTKDI1M0FGMkQ5REI2MDdFRDE2MEJENjZBQ0UyODc4OUJEQUQ2OTMyM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVimQ3qKgyGA1mtndTGzsbA9QN
I6oqF+LiMkfLjLPSdqTG0+Ja4bE1YGujJrwjr/efQKiEIBWca4mf7IaiDaekiZyY
9g5hd+PqXUwk7IPMndCo9HSds/Ko8iaLeych+jhFZ0f3jDk/lbQZ/LkmOF3HFhz6
5DMplJ+PDaJDCPaNczvXEyJkpP9JjhbDg0PGykHPNwWiolkWMd/F9OGdCf1G+Afe
Px+DabadXTPastZAalj7Y0AOjBP6lqsWL053dLivhGQ7lkl77/KOrJVwYpYPoB/h
jAREIR9d+sDuQ+uGUMeA14s9SaY9JhJxwQa+87tgZosjzudoWkbXijuioxWnAgMB
AAGjggG/MIIBuzAdBgNVHQ4EFgQUJTry2dtgftFgvWas4oeJva1pMj8wHwYDVR0j
BBgwFoAUq9v6uvIB4ruFue201kNZSsMLv+IwDgYDVR0PAQH/BAQDAgeAMGwGA1Ud
HwRlMGMwYaBfoF2GW3JzeW5jOi8vcnBraS56YXBwaWVob3N0LmNvbS9yZXBvL1pB
UFBJRS1SUEtJLzIvQUJEQkZBQkFGMjAxRTJCQjg1QjlFREI0RDY0MzU5NEFDMzBC
QkZFMi5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3E5djZ1dklCNHJ1RnVlMjAx
a05aU3NNTHYtSS5jZXIwVwYIKwYBBQUHAQsESzBJMEcGCCsGAQUFBzALhjtyc3lu
YzovL3Jwa2kuemFwcGllaG9zdC5jb20vcmVwby9aQVBQSUUtUlBLSS8yL0FTMjA0
MzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/
BBMwETAPBAIAAjAJAwcAKgagBQ0hMA0GCSqGSIb3DQEBCwUAA4IBAQBUE4Lq40T7
p8+scR48bxN0+bU4uIX9kT17yJBWfKADBmXNvDqH2qXVS7Zjcxx+C9SnAn8WuKM3
iqKqLxz9UwtCvqb434iJjZEgzRWNT1kG5RABWwABnGSthilX/IIyrk3NUpZZJgXD
rHGImyFyoNVylw5ZOE8YwL9S77/mPyznjgJoR34rTCq2Du+QPCsFpasGUklnzz4r
6hBrTeC582Jpa5QH6jxBrygCQUgSrC+TOlg2JEt0ytSexATSap3KpL+AeNEh+Sp5
2abZOu17mfOsJcgm4rcwH4DJgXeWs/ObZu6Qe6Mor+sOYMXfOkgpdkAKGuWS2wi0
7H4TcNPrnlSq
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:15:47 2025 by rpki-client