Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS209861.roa
File: AS209861.roa (raw, json)
Hash identifier: UlvemBTV6g1C2G/fZxM0E3sN+cETX+dsNIgP5QQNeQc=
Subject key identifier: B6:2F:E2:6C:94:DA:9A:23:3C:E1:AA:10:64:12:37:B0:48:F0:50:45
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 335CE8558882CA557A628826B774459E65BD4384
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS209861.roa
Signing time: Tue 20 Aug 2024 02:31:57 +0000
ROA not before: Tue 20 Aug 2024 02:26:57 +0000
ROA not after: Tue 19 Aug 2025 02:31:57 +0000
asID: 209861
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:5c:e8:55:88:82:ca:55:7a:62:88:26:b7:74:45:9e:65:bd:43:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Aug 20 02:26:57 2024 GMT
Not After : Aug 19 02:31:57 2025 GMT
Subject: CN=B62FE26C94DA9A233CE1AA10641237B048F05045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5e:ee:f5:6d:35:76:df:43:d2:1a:7c:c5:36:
5f:99:77:dd:bd:bd:59:96:e3:23:79:a5:96:6e:9e:
be:1c:d6:54:47:b9:1b:21:41:df:3d:88:f3:1a:4d:
fd:2f:f2:f1:8e:ce:57:51:e7:e4:ce:01:96:30:13:
1d:d1:6d:10:57:8d:06:e1:db:36:6b:99:1d:53:cc:
be:b9:5e:c6:eb:2a:55:07:f3:af:cb:fd:29:84:87:
89:28:32:23:46:4f:eb:b2:b0:22:a6:dc:07:4c:76:
b5:ec:d7:f0:65:a6:58:dd:30:bb:bb:c2:4b:2e:4c:
06:81:37:0c:4e:c3:3d:1a:f5:0c:77:09:6f:b5:e7:
f5:ce:c4:04:82:a2:24:a0:79:48:a7:5d:08:59:18:
28:61:33:b9:2a:b3:cb:87:01:37:df:70:e0:7b:ca:
4d:a5:9d:55:ae:c6:a7:2a:42:ab:a0:0f:34:d7:c1:
98:ed:7e:d8:41:11:58:da:e8:58:05:2a:54:5a:ab:
22:37:3c:31:f8:f5:a1:21:7f:a6:fa:7a:cb:7c:e3:
3f:3c:4e:d4:77:92:69:5a:5b:6c:b7:6d:64:3f:a2:
0e:4e:70:56:3b:ec:a1:13:78:f7:57:02:6e:7d:e2:
c5:d6:2c:f7:f4:a3:e1:4e:8d:86:34:84:4e:e2:ff:
15:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:2F:E2:6C:94:DA:9A:23:3C:E1:AA:10:64:12:37:B0:48:F0:50:45
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS209861.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
85:6a:b7:6e:0d:fd:aa:06:f2:9a:34:9b:b2:46:d7:b5:38:f3:
6d:79:a3:c6:14:39:1a:cd:50:e8:d4:40:91:0a:c4:97:5c:91:
4b:43:38:bb:65:b6:d3:ad:16:77:a8:3a:e4:f7:08:df:50:f5:
09:aa:6e:50:62:39:2e:5c:05:2a:ac:70:fd:b1:92:2d:5b:8c:
31:18:96:9b:a1:ff:71:17:76:89:48:cd:de:f8:76:41:97:54:
6d:f1:eb:49:42:87:be:a7:c4:e8:40:01:11:3f:a4:4b:d7:05:
41:33:61:d7:db:a7:3a:94:ca:42:a3:07:5a:26:64:02:1f:b5:
bf:01:cf:aa:10:c6:0a:9c:b8:5a:e7:18:20:c5:b4:5a:58:e9:
0d:03:89:74:56:c1:78:cf:48:e8:cc:0c:32:22:74:3f:14:d9:
dd:ac:75:25:f3:48:70:29:74:b8:70:14:ed:e4:8e:50:5d:a0:
11:7c:1a:62:bf:c6:80:c2:ff:6d:b2:e8:a6:bb:aa:82:54:d7:
d0:af:9b:ac:1a:0f:72:0b:98:dd:65:fd:7d:a6:e1:c8:d0:bc:
69:4b:6a:41:fb:df:5b:df:da:cb:e1:f3:a0:95:48:08:e9:4e:
e6:85:87:c4:45:11:63:4b:af:1d:0b:bb:a1:a8:97:cd:3f:71:
e0:0f:67:2d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUM1zoVYiCylV6Yogmt3RFnmW9Q4QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA4MjAwMjI2NTdaFw0yNTA4MTkwMjMxNTdaMDMxMTAvBgNV
BAMTKEI2MkZFMjZDOTREQTlBMjMzQ0UxQUExMDY0MTIzN0IwNDhGMDUwNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPXu71bTV230PSGnzFNl+Zd929
vVmW4yN5pZZunr4c1lRHuRshQd89iPMaTf0v8vGOzldR5+TOAZYwEx3RbRBXjQbh
2zZrmR1TzL65XsbrKlUH86/L/SmEh4koMiNGT+uysCKm3AdMdrXs1/BlpljdMLu7
wksuTAaBNwxOwz0a9Qx3CW+15/XOxASCoiSgeUinXQhZGChhM7kqs8uHATffcOB7
yk2lnVWuxqcqQqugDzTXwZjtfthBEVja6FgFKlRaqyI3PDH49aEhf6b6est84z88
TtR3kmlaW2y3bWQ/og5OcFY77KETePdXAm594sXWLPf0o+FOjYY0hE7i/xVdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUti/ibJTamiM84aoQZBI3sEjwUEUwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjA5ODYxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
wrALMA0GCSqGSIb3DQEBCwUAA4IBAQCFarduDf2qBvKaNJuyRte1OPNteaPGFDka
zVDo1ECRCsSXXJFLQzi7ZbbTrRZ3qDrk9wjfUPUJqm5QYjkuXAUqrHD9sZItW4wx
GJabof9xF3aJSM3e+HZBl1Rt8etJQoe+p8ToQAERP6RL1wVBM2HX26c6lMpCowda
JmQCH7W/Ac+qEMYKnLha5xggxbRaWOkNA4l0VsF4z0jozAwyInQ/FNndrHUl80hw
KXS4cBTt5I5QXaARfBpiv8aAwv9tsuimu6qCVNfQr5usGg9yC5jdZf19puHI0Lxp
S2pB+99b39rL4fOglUgI6U7mhYfERRFjS68dC7uhqJfNP3HgD2ct
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:05:53 2025 by rpki-client