Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS204005.roa
File: AS204005.roa (raw, json)
Hash identifier: 61uOtOsb4wgPNIxSxHf4k43Tiz37HrBW0ammPNi08JI=
Subject key identifier: B3:37:9C:E1:8F:95:90:45:9F:C2:A0:01:B7:17:24:9D:F2:75:27:34
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 5A89EAF1DBF814CDBDBB3F3336912E130C7136D0
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS204005.roa
Signing time: Wed 28 May 2025 18:20:52 +0000
ROA not before: Wed 28 May 2025 18:15:52 +0000
ROA not after: Wed 27 May 2026 18:20:52 +0000
asID: 204005
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:89:ea:f1:db:f8:14:cd:bd:bb:3f:33:36:91:2e:13:0c:71:36:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: May 28 18:15:52 2025 GMT
Not After : May 27 18:20:52 2026 GMT
Subject: CN=B3379CE18F9590459FC2A001B717249DF2752734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:67:a1:7d:d3:df:4f:9c:35:da:de:04:f0:4e:
9b:d9:92:e2:0f:7e:f0:6d:26:22:9d:9d:91:4d:d2:
48:5a:74:d3:44:92:ae:a7:79:b3:c1:b1:c4:a3:41:
7d:a0:7a:b3:c8:5d:ed:cc:a1:76:c6:c4:ed:4a:e8:
a4:ed:ab:34:37:68:99:c7:15:88:dd:fa:a1:80:59:
a9:61:ca:c9:32:91:14:d3:86:b8:e2:d4:4e:d2:0c:
24:77:df:0a:fe:0e:eb:fc:70:cc:43:5f:b0:69:e4:
d5:61:e5:37:9e:bc:22:32:83:88:0a:b2:1d:cf:86:
02:de:16:37:16:26:c8:a9:a1:db:f2:13:b1:7d:c4:
4c:5f:ea:a0:24:02:ea:ce:01:9e:75:6e:77:a3:f0:
7d:83:eb:e3:a6:73:cb:4d:4d:b5:38:cc:1e:6c:34:
9f:03:6a:82:1c:e7:8b:d1:80:da:31:4f:b7:13:e0:
9a:0d:30:cc:f4:35:fe:79:56:2f:d2:62:91:a7:f1:
79:4f:55:32:30:22:91:d9:36:2b:14:b0:5c:9f:ed:
0e:06:b9:de:07:17:90:eb:46:e1:78:9a:85:78:67:
42:55:55:2e:e1:b4:4c:f3:0e:2c:75:01:55:09:5a:
f1:91:55:42:e5:81:ee:4e:9e:23:21:db:9d:88:d7:
cf:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:37:9C:E1:8F:95:90:45:9F:C2:A0:01:B7:17:24:9D:F2:75:27:34
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS204005.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
6e:83:f1:c2:15:d6:d6:83:69:7a:77:f4:01:28:66:c7:9b:8a:
65:7d:6f:d1:dc:6b:3a:53:84:7b:41:d3:7f:69:4d:e7:9e:f5:
48:d9:5c:38:25:f4:06:b8:9e:b3:4f:ae:05:d3:b6:02:0f:2e:
69:1c:85:d3:4f:f0:7b:19:af:d1:6c:49:ac:a9:51:a3:ae:b5:
17:54:67:4f:e9:8e:a6:b8:85:01:d3:f4:18:a5:68:33:34:1a:
cb:05:26:3d:22:47:f4:24:fc:9a:62:ff:62:2f:1d:30:3e:92:
8e:21:3a:58:e9:3f:9f:d8:70:c7:0e:45:c1:95:93:32:3a:74:
1c:aa:1d:4f:d2:2c:25:1f:2f:49:68:cd:dd:2e:1c:42:69:ec:
b7:fe:f7:bf:d5:f9:ab:f3:eb:f0:7d:e7:0b:8f:62:9b:00:26:
48:46:3d:99:7d:39:86:06:f0:b7:64:a8:c2:6b:db:dc:ac:56:
5f:53:97:a5:f1:4d:d4:07:df:8e:35:ff:8a:51:57:44:9f:c9:
bd:da:91:54:42:e2:22:cf:57:ca:58:d6:a9:dd:46:e8:23:e4:
cd:b3:1d:cb:c3:d3:f5:cf:99:24:ae:7d:ae:aa:77:8d:21:ff:
6c:48:08:65:40:82:07:da:99:59:1c:93:2f:3a:27:29:ea:88:
df:da:93:97
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWonq8dv4FM29uz8zNpEuEwxxNtAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNTA1MjgxODE1NTJaFw0yNjA1MjcxODIwNTJaMDMxMTAvBgNV
BAMTKEIzMzc5Q0UxOEY5NTkwNDU5RkMyQTAwMUI3MTcyNDlERjI3NTI3MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaZ6F9099PnDXa3gTwTpvZkuIP
fvBtJiKdnZFN0khadNNEkq6nebPBscSjQX2gerPIXe3MoXbGxO1K6KTtqzQ3aJnH
FYjd+qGAWalhyskykRTThrji1E7SDCR33wr+Duv8cMxDX7Bp5NVh5TeevCIyg4gK
sh3PhgLeFjcWJsipodvyE7F9xExf6qAkAurOAZ51bnej8H2D6+Omc8tNTbU4zB5s
NJ8DaoIc54vRgNoxT7cT4JoNMMz0Nf55Vi/SYpGn8XlPVTIwIpHZNisUsFyf7Q4G
ud4HF5DrRuF4moV4Z0JVVS7htEzzDix1AVUJWvGRVULlge5OniMh252I188hAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUszec4Y+VkEWfwqABtxcknfJ1JzQwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjA0MDA1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
wrALMA0GCSqGSIb3DQEBCwUAA4IBAQBug/HCFdbWg2l6d/QBKGbHm4plfW/R3Gs6
U4R7QdN/aU3nnvVI2Vw4JfQGuJ6zT64F07YCDy5pHIXTT/B7Ga/RbEmsqVGjrrUX
VGdP6Y6muIUB0/QYpWgzNBrLBSY9Ikf0JPyaYv9iLx0wPpKOITpY6T+f2HDHDkXB
lZMyOnQcqh1P0iwlHy9JaM3dLhxCaey3/ve/1fmr8+vwfecLj2KbACZIRj2ZfTmG
BvC3ZKjCa9vcrFZfU5el8U3UB9+ONf+KUVdEn8m92pFUQuIiz1fKWNap3UboI+TN
sx3Lw9P1z5kkrn2uqneNIf9sSAhlQIIH2plZHJMvOicp6ojf2pOX
-----END CERTIFICATE-----
Generated at Sun Aug 31 01:22:41 2025 by rpki-client