Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: Rqwr7IVAU2fZhd7bF05lk20cCEIGmANBWTm+xFvkUog=
Subject key identifier: 70:4A:F8:F9:CD:93:C1:A0:31:E6:0B:FB:46:8F:7D:11:29:E0:88:56
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 37045FC5BA7DE083B8F86DDD240BFF8471775158
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS0.roa
Signing time: Sun 20 Apr 2025 01:32:31 +0000
ROA not before: Sun 20 Apr 2025 01:27:31 +0000
ROA not after: Sun 19 Apr 2026 01:32:31 +0000
asID: 0
IP address blocks: 2a07:54c7:6000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:04:5f:c5:ba:7d:e0:83:b8:f8:6d:dd:24:0b:ff:84:71:77:51:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Apr 20 01:27:31 2025 GMT
Not After : Apr 19 01:32:31 2026 GMT
Subject: CN=704AF8F9CD93C1A031E60BFB468F7D1129E08856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3e:32:bb:0d:67:e5:97:6c:13:d3:2b:95:26:
80:10:ab:ef:bd:aa:ea:62:cc:fe:b2:c8:59:99:f8:
ef:b7:7a:b7:db:29:9f:25:1e:75:e3:87:ce:39:75:
01:16:9c:ef:98:e2:71:dd:ed:02:9c:70:32:c3:ab:
06:67:57:cc:0d:f9:7e:56:26:f7:aa:1a:0c:c9:31:
72:8f:4e:b3:27:bd:79:4a:81:31:c6:6d:c3:2c:6b:
d1:db:f4:fe:c2:d0:df:e9:df:f9:16:da:b9:cd:63:
ed:c1:7b:6e:3e:b4:3c:d4:cd:6f:ee:4f:8e:83:c8:
a9:0b:5d:3a:b7:a4:28:b6:4c:3a:87:10:9e:71:90:
dc:20:51:ad:22:2f:f4:17:06:d1:4f:56:d2:e2:e9:
86:68:d1:95:a6:71:80:ea:e3:1f:29:d7:2f:62:67:
0d:4c:27:a2:1c:71:cc:e0:14:96:52:28:99:82:c3:
8a:56:8b:61:2e:f5:2d:97:71:1e:a8:a9:e6:3c:c6:
f7:5d:4c:f0:f7:e2:40:04:83:39:c0:86:bb:1b:3b:
19:f9:11:51:de:f6:6d:ea:73:9b:6d:d9:d8:c9:59:
92:e0:c4:ca:dc:4e:73:97:ec:d4:21:50:d7:02:2b:
55:8c:d7:2e:3d:52:24:66:44:75:95:cc:5d:7e:20:
e7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:4A:F8:F9:CD:93:C1:A0:31:E6:0B:FB:46:8F:7D:11:29:E0:88:56
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c7:6000::/36
Signature Algorithm: sha256WithRSAEncryption
47:b0:26:cb:5a:e6:ff:5e:b7:65:47:1d:e8:60:20:e1:c1:1b:
84:19:84:be:33:b0:b1:98:00:f4:63:df:04:82:d6:69:a9:35:
0c:70:64:26:f2:eb:a7:69:dd:a8:e1:b9:ae:e4:d0:bb:df:8f:
25:fc:b8:4d:a5:dc:40:de:e7:9d:8c:9c:84:e9:c6:72:32:14:
df:ba:28:fa:88:d7:65:d9:22:7c:ae:c1:46:40:94:b7:0e:6d:
8f:15:79:9e:3a:89:e6:a1:8c:7c:45:70:7c:ca:16:25:24:22:
28:b8:5e:a6:40:3f:5c:0a:64:a3:e9:fe:44:75:7d:ca:c8:da:
a7:d5:b2:e4:70:16:7c:e8:9f:86:b0:3f:9e:3b:92:3e:b9:76:
94:cf:84:fa:df:ab:66:fd:71:0a:71:8f:c8:e2:c2:08:17:24:
5f:79:87:38:82:f7:36:f8:45:71:8f:78:4f:40:7a:e0:1b:97:
21:b3:5e:8b:50:54:c3:9e:f2:71:42:24:7b:32:16:a0:82:dd:
fd:77:9a:e1:64:7b:0b:68:5e:93:c1:a0:d7:4d:36:08:f5:46:
3b:5d:ec:42:2c:1e:bb:b3:94:30:1f:d3:e0:cb:e2:55:b1:0d:
a3:40:d3:17:6e:13:dc:3f:ff:ba:67:32:f8:48:c1:db:42:19:
90:47:0e:61
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUNwRfxbp94IO4+G3dJAv/hHF3UVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNTA0MjAwMTI3MzFaFw0yNjA0MTkwMTMyMzFaMDMxMTAvBgNV
BAMTKDcwNEFGOEY5Q0Q5M0MxQTAzMUU2MEJGQjQ2OEY3RDExMjlFMDg4NTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvPjK7DWfll2wT0yuVJoAQq++9
qupizP6yyFmZ+O+3erfbKZ8lHnXjh845dQEWnO+Y4nHd7QKccDLDqwZnV8wN+X5W
JveqGgzJMXKPTrMnvXlKgTHGbcMsa9Hb9P7C0N/p3/kW2rnNY+3Be24+tDzUzW/u
T46DyKkLXTq3pCi2TDqHEJ5xkNwgUa0iL/QXBtFPVtLi6YZo0ZWmcYDq4x8p1y9i
Zw1MJ6IccczgFJZSKJmCw4pWi2Eu9S2XcR6oqeY8xvddTPD34kAEgznAhrsbOxn5
EVHe9m3qc5tt2djJWZLgxMrcTnOX7NQhUNcCK1WM1y49UiRmRHWVzF1+IOfRAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUcEr4+c2TwaAx5gv7Ro99ESngiFYwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoHVMdgMA0G
CSqGSIb3DQEBCwUAA4IBAQBHsCbLWub/XrdlRx3oYCDhwRuEGYS+M7CxmAD0Y98E
gtZpqTUMcGQm8uunad2o4bmu5NC7348l/LhNpdxA3uedjJyE6cZyMhTfuij6iNdl
2SJ8rsFGQJS3Dm2PFXmeOonmoYx8RXB8yhYlJCIouF6mQD9cCmSj6f5EdX3KyNqn
1bLkcBZ86J+GsD+eO5I+uXaUz4T636tm/XEKcY/I4sIIFyRfeYc4gvc2+EVxj3hP
QHrgG5chs16LUFTDnvJxQiR7Mhaggt39d5rhZHsLaF6TwaDXTTYI9UY7XexCLB67
s5QwH9Pgy+JVsQ2jQNMXbhPcP/+6ZzL4SMHbQhmQRw5h
-----END CERTIFICATE-----
Generated at Sun Aug 31 01:20:09 2025 by rpki-client