Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS44487.roa
File: AS44487.roa (raw, json)
Hash identifier: K7OR+duBDKiWVLLGk7WmF5nikeGh95EA1VZJMoNzZ4g=
Subject key identifier: C4:58:82:0D:F0:E0:23:07:E1:63:2A:3A:6C:82:37:E1:A3:C3:B7:D6
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 2BACE0C2D6499DD29250118EFCDCF832624489AD
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS44487.roa
Signing time: Wed 29 Jan 2025 00:06:18 +0000
ROA not before: Wed 29 Jan 2025 00:01:18 +0000
ROA not after: Wed 28 Jan 2026 00:06:18 +0000
asID: 44487
IP address blocks: 2a07:54c1:3400::/39 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:ac:e0:c2:d6:49:9d:d2:92:50:11:8e:fc:dc:f8:32:62:44:89:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Jan 29 00:01:18 2025 GMT
Not After : Jan 28 00:06:18 2026 GMT
Subject: CN=C458820DF0E02307E1632A3A6C8237E1A3C3B7D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4a:04:57:a2:e2:36:35:0c:9f:d6:5f:af:30:
d0:b7:48:37:52:e8:27:d2:3f:c8:e7:84:6b:74:1c:
1c:d9:2b:03:3e:9c:10:44:53:cb:a0:4f:d2:e3:4f:
ea:67:6a:70:0f:15:0e:d0:07:17:c1:6f:4e:eb:0d:
ea:ea:b6:e5:a6:c0:c5:98:57:3a:40:08:1a:0a:0a:
f2:46:91:2f:f3:9f:b3:fc:a6:9e:66:1c:23:9e:b0:
d9:e8:d0:af:3e:8c:05:92:72:03:85:41:76:13:f4:
53:e4:00:17:7e:87:88:5e:4c:fe:bc:41:9c:a5:23:
64:59:2a:ba:d7:39:0b:1e:b2:a5:9a:39:21:b5:28:
b4:d7:b8:f0:54:d4:1a:fd:37:85:aa:58:71:ab:70:
49:a6:22:bd:e4:33:8f:d4:3d:36:da:71:78:b3:96:
08:d2:69:22:8e:97:c1:c1:64:03:b2:64:0c:23:72:
ef:ef:5b:21:9e:ce:ed:0a:c7:85:2d:dc:38:fb:f7:
71:dd:20:0a:5e:03:d9:70:ed:65:ac:a2:df:c1:68:
0e:19:fd:e7:0f:59:5f:b1:21:a4:d2:6a:7e:1f:42:
fe:e9:31:59:ef:50:a9:b0:70:e4:b8:57:8f:e2:01:
d9:00:af:3f:d5:09:d8:a4:11:9c:5b:6d:58:6b:80:
5f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:58:82:0D:F0:E0:23:07:E1:63:2A:3A:6C:82:37:E1:A3:C3:B7:D6
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS44487.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c1:3400::/39
Signature Algorithm: sha256WithRSAEncryption
a7:0b:d2:90:39:e1:9c:ac:12:c2:8a:f4:39:fb:4a:a4:b2:20:
4a:1d:de:30:78:d1:3c:29:b2:22:09:27:88:a2:bf:0b:2f:c5:
b7:0f:fc:30:77:d3:40:b7:27:b4:dd:32:6f:bb:ef:1e:95:e1:
36:f2:dc:81:8c:d7:b8:d7:ce:aa:ae:1a:7c:6a:59:a5:93:d8:
80:5d:7f:6f:bb:19:30:86:38:02:be:8d:62:d5:59:f4:89:3a:
7b:35:1e:2c:73:93:76:48:5a:ec:9b:40:9c:fe:a0:ac:09:a3:
a3:4c:68:7c:69:21:3f:77:f4:fc:42:3e:b4:39:ba:06:1e:78:
b9:73:38:e7:48:6c:15:75:17:42:c4:46:56:42:6a:37:d1:a8:
9b:28:3f:60:98:21:15:fb:dd:b7:54:dc:33:d1:d3:2f:7e:f9:
29:5a:df:eb:30:8f:66:63:cd:1c:d2:03:97:3e:46:4e:53:55:
7a:53:21:3e:c2:02:44:bb:07:35:93:d6:eb:1f:4d:a3:be:dc:
bc:54:14:c2:ec:f2:72:ee:b3:78:f8:38:7e:64:70:a8:bd:47:
50:d0:5a:5b:47:db:10:26:f5:ce:ee:9f:43:14:56:06:3c:5e:
7c:1b:28:55:76:17:ff:7a:c0:f1:59:79:b6:da:cd:fb:8e:b9:
08:d6:ae:21
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUK6zgwtZJndKSUBGO/Nz4MmJEia0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNTAxMjkwMDAxMThaFw0yNjAxMjgwMDA2MThaMDMxMTAvBgNV
BAMTKEM0NTg4MjBERjBFMDIzMDdFMTYzMkEzQTZDODIzN0UxQTNDM0I3RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4SgRXouI2NQyf1l+vMNC3SDdS
6CfSP8jnhGt0HBzZKwM+nBBEU8ugT9LjT+pnanAPFQ7QBxfBb07rDerqtuWmwMWY
VzpACBoKCvJGkS/zn7P8pp5mHCOesNno0K8+jAWScgOFQXYT9FPkABd+h4heTP68
QZylI2RZKrrXOQsesqWaOSG1KLTXuPBU1Br9N4WqWHGrcEmmIr3kM4/UPTbacXiz
lgjSaSKOl8HBZAOyZAwjcu/vWyGezu0Kx4Ut3Dj793HdIApeA9lw7WWsot/BaA4Z
/ecPWV+xIaTSan4fQv7pMVnvUKmwcOS4V4/iAdkArz/VCdikEZxbbVhrgF8bAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUxFiCDfDgIwfhYyo6bII34aPDt9YwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTNDQ0ODcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgEqB1TB
NDANBgkqhkiG9w0BAQsFAAOCAQEApwvSkDnhnKwSwor0OftKpLIgSh3eMHjRPCmy
IgkniKK/Cy/Ftw/8MHfTQLcntN0yb7vvHpXhNvLcgYzXuNfOqq4afGpZpZPYgF1/
b7sZMIY4Ar6NYtVZ9Ik6ezUeLHOTdkha7JtAnP6grAmjo0xofGkhP3f0/EI+tDm6
Bh54uXM450hsFXUXQsRGVkJqN9Gomyg/YJghFfvdt1TcM9HTL375KVrf6zCPZmPN
HNIDlz5GTlNVelMhPsICRLsHNZPW6x9No77cvFQUwuzycu6zePg4fmRwqL1HUNBa
W0fbECb1zu6fQxRWBjxefBsoVXYX/3rA8Vl5ttrN+465CNauIQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:04:47 2025 by rpki-client