Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS137509.roa
File: AS137509.roa (raw, json)
Hash identifier: 55K6YVR2uP65cOgcH78LiCyWASuM3zr2UrV5sf7C33c=
Subject key identifier: 9A:1F:F0:9C:B8:AB:FC:C8:CB:E0:D6:24:46:19:61:2C:8D:B8:7A:F1
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 015551A455CB8157DC7598209E1311205CC103E9
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS137509.roa
Signing time: Tue 19 Sep 2023 02:14:58 +0000
ROA not before: Tue 19 Sep 2023 02:09:58 +0000
ROA not after: Tue 17 Sep 2024 02:14:58 +0000
asID: 137509
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:55:51:a4:55:cb:81:57:dc:75:98:20:9e:13:11:20:5c:c1:03:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Sep 19 02:09:58 2023 GMT
Not After : Sep 17 02:14:58 2024 GMT
Subject: CN=9A1FF09CB8ABFCC8CBE0D6244619612C8DB87AF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:82:8c:1d:f6:9a:73:df:a5:41:24:34:92:bd:
c6:a2:a1:6e:b6:31:96:02:b2:ff:65:34:3f:7d:97:
82:fc:dd:65:0d:95:b3:06:f6:d8:26:76:1e:0a:74:
3d:77:26:e6:39:d8:d6:09:b7:a6:26:76:5e:cc:ca:
93:16:a7:17:67:d8:76:e0:c6:54:31:d8:01:fc:22:
61:49:71:38:f8:8c:f3:22:05:f6:3e:e4:bd:90:60:
7c:e5:83:4e:90:9c:02:1d:47:56:56:c0:5f:57:70:
ef:0e:64:ac:d5:60:b5:b4:7d:2c:36:ca:ea:d9:30:
54:9f:07:40:80:66:b9:76:21:89:3d:1e:c1:13:5b:
9d:48:04:02:af:45:80:c9:53:86:e5:84:a5:31:03:
2a:bd:6b:eb:41:32:ef:48:0d:23:89:51:02:99:f7:
51:d0:20:ff:15:12:ef:5f:3e:eb:56:f2:49:90:b7:
31:f3:46:7b:c7:b8:73:af:33:b5:38:78:c2:99:84:
dc:b4:0a:00:c1:06:f7:2d:9f:29:2a:fa:ea:3e:6a:
b3:87:e0:e2:a2:f2:0c:9f:ee:46:19:8c:ea:66:1a:
e1:86:c0:a2:7c:db:4a:6e:d0:7a:58:d3:90:09:71:
e8:22:c7:04:eb:87:c5:be:a4:e6:94:30:14:4a:2f:
1c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1F:F0:9C:B8:AB:FC:C8:CB:E0:D6:24:46:19:61:2C:8D:B8:7A:F1
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS137509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
1f:18:51:63:50:a7:c6:eb:3b:9b:00:c3:ff:81:ff:db:67:ea:
f2:2a:93:03:95:94:21:fe:1f:38:44:b3:bf:8e:06:ec:55:d6:
cb:1f:68:68:9d:ed:0a:63:d1:47:62:2e:b1:46:ff:be:cf:d9:
1f:30:86:10:67:f4:ba:5b:5d:e9:06:ab:ef:47:45:3c:54:5a:
05:44:88:8b:8b:24:ed:c2:af:04:2a:b8:31:fd:d7:bb:4f:c1:
be:51:55:f2:96:de:3d:e1:65:e0:cb:66:21:48:49:9c:f2:0b:
d0:38:4c:f8:ad:a6:fd:09:23:ea:2d:98:1c:8c:03:09:3f:90:
bb:15:a3:4b:90:94:5e:23:16:6a:12:86:9e:fd:d5:94:bf:53:
bb:62:0f:10:80:2e:2f:6c:f7:ad:b3:ed:d0:64:1c:c5:1d:90:
08:7e:1d:f9:fa:8f:b2:ca:11:b0:6b:b1:6a:07:f7:ae:03:d6:
a6:d3:93:31:db:93:68:9d:19:35:fd:35:f6:62:e0:cf:97:cd:
36:05:54:c8:af:fd:09:05:6f:a8:98:ca:d8:67:04:b5:50:db:
e6:d1:95:e3:67:4b:5d:77:e2:c7:d6:3f:be:41:15:ba:2f:2c:
b7:ae:43:8e:a9:a7:e8:17:bc:9d:dd:63:a5:0c:22:a4:6a:3a:
96:30:d5:87
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAVVRpFXLgVfcdZggnhMRIFzBA+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yMzA5MTkwMjA5NThaFw0yNDA5MTcwMjE0NThaMDMxMTAvBgNV
BAMTKDlBMUZGMDlDQjhBQkZDQzhDQkUwRDYyNDQ2MTk2MTJDOERCODdBRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCugowd9ppz36VBJDSSvcaioW62
MZYCsv9lND99l4L83WUNlbMG9tgmdh4KdD13JuY52NYJt6Ymdl7MypMWpxdn2Hbg
xlQx2AH8ImFJcTj4jPMiBfY+5L2QYHzlg06QnAIdR1ZWwF9XcO8OZKzVYLW0fSw2
yurZMFSfB0CAZrl2IYk9HsETW51IBAKvRYDJU4blhKUxAyq9a+tBMu9IDSOJUQKZ
91HQIP8VEu9fPutW8kmQtzHzRnvHuHOvM7U4eMKZhNy0CgDBBvctnykq+uo+arOH
4OKi8gyf7kYZjOpmGuGGwKJ820pu0HpY05AJcegixwTrh8W+pOaUMBRKLxwrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUmh/wnLir/MjL4NYkRhlhLI24evEwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMTM3NTA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
wrALMA0GCSqGSIb3DQEBCwUAA4IBAQAfGFFjUKfG6zubAMP/gf/bZ+ryKpMDlZQh
/h84RLO/jgbsVdbLH2hone0KY9FHYi6xRv++z9kfMIYQZ/S6W13pBqvvR0U8VFoF
RIiLiyTtwq8EKrgx/de7T8G+UVXylt494WXgy2YhSEmc8gvQOEz4rab9CSPqLZgc
jAMJP5C7FaNLkJReIxZqEoae/dWUv1O7Yg8QgC4vbPets+3QZBzFHZAIfh35+o+y
yhGwa7FqB/euA9am05Mx25NonRk1/TX2YuDPl802BVTIr/0JBW+omMrYZwS1UNvm
0ZXjZ0tdd+LH1j++QRW6Lyy3rkOOqafoF7yd3WOlDCKkajqWMNWH
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:25:23 2025 by rpki-client