Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215459.roa
File: AS215459.roa (raw, json)
Hash identifier: 9zBFC+JVU/bFw2lbSLequsyybqvIwLwdvtHcO1oFp/o=
Subject key identifier: F8:C0:28:58:FD:70:82:AB:0C:0A:D7:B6:3E:96:FA:65:AC:F9:4D:4E
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 2FFC69865A9CE4F8425748495CA500B032831D5F
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215459.roa
Signing time: Wed 29 Jan 2025 00:06:18 +0000
ROA not before: Wed 29 Jan 2025 00:01:18 +0000
ROA not after: Wed 28 Jan 2026 00:06:18 +0000
asID: 215459
IP address blocks: 2a07:54c4:19a0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:fc:69:86:5a:9c:e4:f8:42:57:48:49:5c:a5:00:b0:32:83:1d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Jan 29 00:01:18 2025 GMT
Not After : Jan 28 00:06:18 2026 GMT
Subject: CN=F8C02858FD7082AB0C0AD7B63E96FA65ACF94D4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7f:4e:60:a5:da:46:8d:ec:d7:22:09:b1:5e:
fc:92:e6:2d:39:24:59:27:5f:16:40:eb:fa:3e:c6:
8f:34:6e:a4:23:a6:00:fc:a2:81:b7:ff:08:f0:80:
e8:58:ac:5e:6b:cd:01:7f:49:df:9f:45:89:d5:92:
f7:2e:8a:79:c6:04:92:d3:31:c5:b2:ef:2c:e8:ee:
ad:4c:eb:d3:70:e9:11:58:cd:1c:38:24:33:ee:fa:
84:98:6f:56:9b:30:91:c1:6d:c5:ab:d5:4f:e3:c9:
40:d9:83:ab:5b:19:bf:e3:12:1a:39:17:af:c8:34:
27:2c:da:1f:ec:b7:ae:b3:15:10:3a:20:62:42:53:
21:6a:10:ae:cd:b5:a2:0e:0e:58:6f:61:a4:fc:86:
b5:44:5b:7d:61:e0:4b:5c:63:f3:6a:5b:7c:33:48:
f6:fc:fc:ed:12:e5:0d:9d:8b:dd:9d:6d:93:2f:f9:
2c:7f:67:b5:29:b1:96:65:75:08:e6:32:59:28:60:
13:d7:a6:ff:62:00:c7:77:af:0c:7b:e0:a0:df:df:
36:d0:a7:7b:73:e4:0b:bb:7f:44:37:8e:58:11:d3:
e0:90:62:c1:0f:91:72:fd:06:18:05:6c:9c:10:99:
31:14:68:43:22:13:ac:50:15:b5:52:58:52:95:a1:
8b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:C0:28:58:FD:70:82:AB:0C:0A:D7:B6:3E:96:FA:65:AC:F9:4D:4E
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215459.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c4:19a0::/44
Signature Algorithm: sha256WithRSAEncryption
a6:f7:55:59:2d:6c:32:51:5a:fc:9b:64:5d:3d:a5:2b:be:76:
2b:b3:bc:75:2b:c7:7e:8b:95:6d:c1:e2:0f:28:9f:87:22:df:
ab:7e:22:df:c0:49:d7:54:03:86:e7:28:79:0d:37:79:ef:23:
61:9c:87:97:e6:48:eb:0c:a9:e6:3c:e0:b7:e8:e7:f7:7c:0e:
4a:92:52:5e:c2:71:c5:15:88:0f:35:24:cc:ad:43:19:e6:74:
43:30:3a:e3:77:7e:c8:2c:a7:a0:dd:83:56:97:2d:e9:49:d9:
e1:d7:2f:a0:bc:03:95:2e:6b:48:70:01:0f:55:36:28:7b:62:
77:ac:fb:0c:02:b4:cb:5c:99:fc:1f:fe:cb:50:d7:70:0e:20:
bb:a6:bf:35:af:bb:74:34:73:68:a8:fc:f7:1e:df:a1:61:7f:
72:af:0a:0a:93:46:6d:66:0f:f4:c3:43:ba:4d:d8:03:53:d8:
c8:52:97:d8:4f:6e:b4:b7:8d:c6:7c:da:3f:09:3a:21:d4:a9:
1c:87:1b:23:24:8c:9c:1b:ef:27:5e:13:98:57:ac:29:58:ba:
8a:bf:16:16:7c:80:a0:1d:cd:6f:0f:dd:b6:01:55:36:3f:ee:
55:86:65:3e:c0:a2:fb:36:55:8e:00:b3:b2:19:1d:ab:ee:98:
3a:e7:a4:02
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUL/xphlqc5PhCV0hJXKUAsDKDHV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNTAxMjkwMDAxMThaFw0yNjAxMjgwMDA2MThaMDMxMTAvBgNV
BAMTKEY4QzAyODU4RkQ3MDgyQUIwQzBBRDdCNjNFOTZGQTY1QUNGOTRENEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCof05gpdpGjezXIgmxXvyS5i05
JFknXxZA6/o+xo80bqQjpgD8ooG3/wjwgOhYrF5rzQF/Sd+fRYnVkvcuinnGBJLT
McWy7yzo7q1M69Nw6RFYzRw4JDPu+oSYb1abMJHBbcWr1U/jyUDZg6tbGb/jEho5
F6/INCcs2h/st66zFRA6IGJCUyFqEK7NtaIODlhvYaT8hrVEW31h4EtcY/NqW3wz
SPb8/O0S5Q2di92dbZMv+Sx/Z7UpsZZldQjmMlkoYBPXpv9iAMd3rwx74KDf3zbQ
p3tz5Au7f0Q3jlgR0+CQYsEPkXL9BhgFbJwQmTEUaEMiE6xQFbVSWFKVoYttAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+MAoWP1wgqsMCte2Ppb6Zaz5TU4wHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE1NDU5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgdU
xBmgMA0GCSqGSIb3DQEBCwUAA4IBAQCm91VZLWwyUVr8m2RdPaUrvnYrs7x1K8d+
i5VtweIPKJ+HIt+rfiLfwEnXVAOG5yh5DTd57yNhnIeX5kjrDKnmPOC36Of3fA5K
klJewnHFFYgPNSTMrUMZ5nRDMDrjd37ILKeg3YNWly3pSdnh1y+gvAOVLmtIcAEP
VTYoe2J3rPsMArTLXJn8H/7LUNdwDiC7pr81r7t0NHNoqPz3Ht+hYX9yrwoKk0Zt
Zg/0w0O6TdgDU9jIUpfYT260t43GfNo/CToh1KkchxsjJIycG+8nXhOYV6wpWLqK
vxYWfICgHc1vD922AVU2P+5VhmU+wKL7NlWOALOyGR2r7pg656QC
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:05:56 2025 by rpki-client