Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214930.roa
File: AS214930.roa (raw, json)
Hash identifier: 8z+uOfH6Jkk77lIcACB4aPe1YwBxpZBieJa+kDEV67A=
Subject key identifier: 90:A1:83:13:58:F3:17:99:96:2B:C4:BF:CF:2B:4E:89:A8:5C:4D:46
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 74D728DBC56FDE3646D1BB81E18339C7B52AA6D4
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214930.roa
Signing time: Wed 30 Apr 2025 17:16:43 +0000
ROA not before: Wed 30 Apr 2025 17:11:43 +0000
ROA not after: Wed 29 Apr 2026 17:16:43 +0000
asID: 214930
IP address blocks: 2a07:54c1:c400::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:d7:28:db:c5:6f:de:36:46:d1:bb:81:e1:83:39:c7:b5:2a:a6:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Apr 30 17:11:43 2025 GMT
Not After : Apr 29 17:16:43 2026 GMT
Subject: CN=90A1831358F31799962BC4BFCF2B4E89A85C4D46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8f:6b:02:01:2d:e8:7c:40:ed:10:eb:99:e5:
a2:79:6a:65:38:db:c0:4a:cd:b7:34:6f:96:3d:e2:
3e:5b:42:70:72:4a:12:51:f9:1b:c6:61:cd:0b:b3:
45:7f:5e:2d:5b:26:53:b2:ed:8b:05:b4:9b:e5:76:
13:e4:9c:b5:5b:0b:6d:3b:c4:cd:67:b7:8a:e1:ca:
cb:14:e4:f1:38:85:53:e4:7d:6c:80:e6:bb:1e:97:
c1:45:40:ad:14:48:17:26:d1:f7:39:4b:e9:0a:ac:
e1:64:39:2c:cb:57:91:89:4f:be:0e:72:26:2c:e9:
a1:78:8d:89:ba:eb:ca:9a:06:6d:41:b1:ec:2c:38:
d8:18:86:10:db:31:45:07:f0:05:c8:21:a4:86:fa:
fb:f3:38:f1:66:4a:ea:e0:26:88:1b:c0:f2:2d:e9:
a5:50:2b:a9:b1:a7:d6:dc:10:fa:b7:77:21:bf:0b:
a1:f2:db:3a:c0:03:7e:8e:72:e7:b3:ed:d1:58:53:
a1:b3:13:5c:2a:06:f5:04:aa:b9:57:20:a3:cc:2f:
40:36:d7:09:1b:5a:25:d4:b7:38:74:85:5f:39:3f:
6c:c2:53:cd:fd:01:e0:d4:cb:25:7e:2c:05:64:30:
79:1f:80:0c:1f:5f:fc:1f:05:8c:7b:16:2a:75:80:
f2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A1:83:13:58:F3:17:99:96:2B:C4:BF:CF:2B:4E:89:A8:5C:4D:46
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214930.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c1:c400::/40
Signature Algorithm: sha256WithRSAEncryption
03:fc:8b:2a:26:72:6d:8a:be:fe:62:40:23:de:c9:cd:23:89:
fb:9a:7c:fa:9d:37:ca:96:99:ed:e2:5c:11:b4:7f:cc:7b:5b:
b6:fb:ed:c3:75:3f:ff:f7:18:76:c6:39:de:2f:d3:4f:7d:89:
bf:4b:e5:05:ff:09:1a:3a:6b:6b:b1:44:df:4f:d0:36:80:86:
e7:52:27:ac:b5:75:52:7f:4e:53:72:24:14:f6:94:36:cd:e3:
c0:af:c1:f2:54:32:34:4e:56:39:5b:55:91:fc:84:80:a2:9e:
9f:e3:cb:13:74:0a:5b:aa:d5:ae:7f:37:4a:22:cd:20:b5:de:
a4:6b:13:d7:76:70:82:dc:a3:26:35:0c:5f:d2:2f:5a:ac:93:
da:03:2f:e2:88:56:cd:8c:5d:52:c3:35:4c:15:54:09:22:58:
df:18:44:77:a5:a2:08:32:d1:1e:92:a0:50:1d:64:69:4a:5b:
ec:f1:02:50:b1:b7:2c:ff:9c:16:e1:e7:f9:5f:ba:31:a7:3f:
c8:0f:82:ef:c9:4b:b9:16:3b:7d:d1:82:0e:9b:b8:c2:dc:05:
51:ae:45:96:ef:e3:76:f5:d2:00:38:5b:28:eb:63:c6:38:69:
88:32:9e:ba:7f:8b:d6:d7:b9:a4:f4:e2:e9:52:d2:e9:e1:87:
18:af:2c:de
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUdNco28Vv3jZG0buB4YM5x7UqptQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNTA0MzAxNzExNDNaFw0yNjA0MjkxNzE2NDNaMDMxMTAvBgNV
BAMTKDkwQTE4MzEzNThGMzE3OTk5NjJCQzRCRkNGMkI0RTg5QTg1QzRENDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMj2sCAS3ofEDtEOuZ5aJ5amU4
28BKzbc0b5Y94j5bQnByShJR+RvGYc0Ls0V/Xi1bJlOy7YsFtJvldhPknLVbC207
xM1nt4rhyssU5PE4hVPkfWyA5rsel8FFQK0USBcm0fc5S+kKrOFkOSzLV5GJT74O
ciYs6aF4jYm668qaBm1BsewsONgYhhDbMUUH8AXIIaSG+vvzOPFmSurgJogbwPIt
6aVQK6mxp9bcEPq3dyG/C6Hy2zrAA36Ocuez7dFYU6GzE1wqBvUEqrlXIKPML0A2
1wkbWiXUtzh0hV85P2zCU839AeDUyyV+LAVkMHkfgAwfX/wfBYx7Fip1gPLhAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUkKGDE1jzF5mWK8S/zytOiahcTUYwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE0OTMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU
wcQwDQYJKoZIhvcNAQELBQADggEBAAP8iyomcm2Kvv5iQCPeyc0jifuafPqdN8qW
me3iXBG0f8x7W7b77cN1P//3GHbGOd4v0099ib9L5QX/CRo6a2uxRN9P0DaAhudS
J6y1dVJ/TlNyJBT2lDbN48CvwfJUMjROVjlbVZH8hICinp/jyxN0Cluq1a5/N0oi
zSC13qRrE9d2cILcoyY1DF/SL1qsk9oDL+KIVs2MXVLDNUwVVAkiWN8YRHeloggy
0R6SoFAdZGlKW+zxAlCxtyz/nBbh5/lfujGnP8gPgu/JS7kWO33Rgg6buMLcBVGu
RZbv43b10gA4WyjrY8Y4aYgynrp/i9bXuaT04ulS0unhhxivLN4=
-----END CERTIFICATE-----
Generated at Sun Aug 31 01:20:09 2025 by rpki-client