Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS206216.roa
File: AS206216.roa (raw, json)
Hash identifier: dP/nuMD9xWjN6UpeYP6FlcttKUbhQ6IRkqr/+XZxChw=
Subject key identifier: 89:B1:EA:50:16:1D:50:51:07:BF:53:7A:22:F3:A6:A1:0B:04:48:4C
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 53EBA325ED600F2C90176137ED5AFC18C9DEC276
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS206216.roa
Signing time: Tue 20 Aug 2024 02:31:53 +0000
ROA not before: Tue 20 Aug 2024 02:26:53 +0000
ROA not after: Tue 19 Aug 2025 02:31:53 +0000
asID: 206216
IP address blocks: 2a07:54c4:174f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:eb:a3:25:ed:60:0f:2c:90:17:61:37:ed:5a:fc:18:c9:de:c2:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Aug 20 02:26:53 2024 GMT
Not After : Aug 19 02:31:53 2025 GMT
Subject: CN=89B1EA50161D505107BF537A22F3A6A10B04484C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d4:2e:36:70:a9:b9:98:74:b4:9b:fe:d2:da:
45:e9:18:a4:20:c6:37:37:31:39:10:bd:09:2a:61:
ce:b0:bf:05:42:39:a4:0c:f2:35:90:a9:10:22:5a:
54:f7:fa:e0:64:9b:5e:2c:d4:7b:8c:99:5a:9a:5d:
af:cc:38:d1:25:96:7d:3f:08:94:4b:33:8f:3b:3b:
1f:be:46:4a:94:b8:d4:d0:c2:da:27:6d:51:37:82:
c1:2a:fe:aa:64:0a:f6:99:99:47:63:af:25:dc:fc:
1e:8e:dc:e2:34:b7:97:60:55:7a:07:55:4c:bb:5b:
5b:35:91:03:7d:63:1e:80:ab:fc:8d:29:1b:d4:bc:
27:9b:b6:0e:0c:bb:ea:cd:e1:be:9b:1b:87:74:20:
c7:38:02:02:fd:90:50:62:9d:74:06:ab:a6:79:2f:
8f:23:63:d8:00:81:13:6b:b9:f5:7d:52:b9:77:4d:
77:f1:21:55:64:7e:ed:82:6f:18:e3:57:38:70:98:
f7:81:8a:b8:d6:e0:af:c0:42:cb:c4:90:94:d3:48:
7f:29:62:78:eb:7b:17:3b:d8:61:0a:33:a3:04:83:
86:d6:c7:43:9a:a3:22:3f:b7:1c:92:d4:90:ee:38:
cc:ff:32:f2:45:6e:59:01:14:40:6d:99:9e:a9:a7:
3f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B1:EA:50:16:1D:50:51:07:BF:53:7A:22:F3:A6:A1:0B:04:48:4C
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS206216.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c4:174f::/48
Signature Algorithm: sha256WithRSAEncryption
6c:22:61:51:05:4b:8f:00:de:12:ec:96:0f:21:bd:28:c3:21:
98:9e:a7:72:f6:89:cf:ee:e8:97:84:8e:3a:61:70:b7:5e:a5:
21:f6:76:8f:c7:e9:34:de:59:c7:0e:fe:8b:98:ab:a1:62:ef:
d2:4c:fb:bf:27:33:a2:87:a4:74:2e:ba:2f:bf:1d:ec:e8:2d:
88:e3:f6:56:e7:bd:8b:3f:a6:40:f1:29:2c:ca:f6:d9:ba:fb:
ee:34:3f:07:91:bf:64:6c:14:f1:48:95:f3:16:02:0e:e9:f2:
78:2d:30:83:2e:50:17:25:61:13:ad:0d:f9:2a:ac:3a:f1:c5:
e6:10:76:66:0e:a3:a5:d8:26:b2:23:55:8e:8b:13:cc:34:c0:
e5:30:eb:cf:6e:51:62:d4:84:a2:6e:f7:2a:18:7c:fc:ef:1c:
8d:31:07:43:0a:b2:15:14:e4:d3:4e:d5:4a:2a:cc:60:d3:7b:
db:29:87:0d:22:57:a5:b1:e8:a7:eb:6f:0e:e5:b1:b8:26:85:
5b:cf:90:4c:ad:20:9b:fd:cb:a0:4e:58:a7:e4:ff:2e:f5:4d:
1e:cf:37:4c:30:fd:ee:45:db:b5:05:ce:38:91:5e:54:71:13:
71:60:26:d7:45:d5:03:bc:e2:5c:39:ac:3f:81:b1:02:2e:7d:
0d:c0:54:e1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUU+ujJe1gDyyQF2E37Vr8GMnewnYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA4MjAwMjI2NTNaFw0yNTA4MTkwMjMxNTNaMDMxMTAvBgNV
BAMTKDg5QjFFQTUwMTYxRDUwNTEwN0JGNTM3QTIyRjNBNkExMEIwNDQ4NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC71C42cKm5mHS0m/7S2kXpGKQg
xjc3MTkQvQkqYc6wvwVCOaQM8jWQqRAiWlT3+uBkm14s1HuMmVqaXa/MONElln0/
CJRLM487Ox++RkqUuNTQwtonbVE3gsEq/qpkCvaZmUdjryXc/B6O3OI0t5dgVXoH
VUy7W1s1kQN9Yx6Aq/yNKRvUvCebtg4Mu+rN4b6bG4d0IMc4AgL9kFBinXQGq6Z5
L48jY9gAgRNrufV9Url3TXfxIVVkfu2CbxjjVzhwmPeBirjW4K/AQsvEkJTTSH8p
Ynjrexc72GEKM6MEg4bWx0OaoyI/txyS1JDuOMz/MvJFblkBFEBtmZ6ppz9VAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUibHqUBYdUFEHv1N6IvOmoQsESEwwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjA2MjE2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
xBdPMA0GCSqGSIb3DQEBCwUAA4IBAQBsImFRBUuPAN4S7JYPIb0owyGYnqdy9onP
7uiXhI46YXC3XqUh9naPx+k03lnHDv6LmKuhYu/STPu/JzOih6R0Lrovvx3s6C2I
4/ZW572LP6ZA8SksyvbZuvvuND8Hkb9kbBTxSJXzFgIO6fJ4LTCDLlAXJWETrQ35
Kqw68cXmEHZmDqOl2CayI1WOixPMNMDlMOvPblFi1ISibvcqGHz87xyNMQdDCrIV
FOTTTtVKKsxg03vbKYcNIlelsein628O5bG4JoVbz5BMrSCb/cugTlin5P8u9U0e
zzdMMP3uRdu1Bc44kV5UcRNxYCbXRdUDvOJcOaw/gbECLn0NwFTh
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:07:12 2025 by rpki-client