Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS54009.roa
File: AS54009.roa (raw, json)
Hash identifier: uGeIQ1+6/dQgA+7bjYi6kAxvdCBtHbqntZ/5mAnQPxI=
Subject key identifier: D1:9B:A3:CD:7F:A5:FC:3E:20:12:DE:36:3B:7F:A7:17:23:12:7E:0D
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 79324CA7677BBBD612C51B245D5D4F595DF56966
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS54009.roa
Signing time: Tue 20 Aug 2024 02:31:52 +0000
ROA not before: Tue 20 Aug 2024 02:26:52 +0000
ROA not after: Tue 19 Aug 2025 02:31:52 +0000
asID: 54009
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:32:4c:a7:67:7b:bb:d6:12:c5:1b:24:5d:5d:4f:59:5d:f5:69:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Aug 20 02:26:52 2024 GMT
Not After : Aug 19 02:31:52 2025 GMT
Subject: CN=D19BA3CD7FA5FC3E2012DE363B7FA71723127E0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a9:87:07:46:1a:09:86:64:39:13:21:02:08:
e1:d0:41:e8:0c:04:19:f8:dc:a1:02:63:05:e6:b6:
13:cb:fd:d6:c0:7c:32:15:55:57:08:80:1b:46:3e:
2c:0d:80:4e:4a:d2:cd:31:84:d6:13:dc:ec:c5:e8:
2c:f8:af:2b:21:55:eb:3a:db:69:e0:36:49:3f:70:
06:54:e7:87:51:89:1e:47:f5:d7:d9:f6:df:16:95:
84:26:7a:8b:11:f0:66:f5:d3:a9:c8:0e:0f:29:5e:
d0:cf:0b:f7:9d:19:34:a8:53:45:46:43:26:d1:86:
45:4d:97:cf:9b:1f:3c:1e:53:5d:b2:fe:9d:2e:44:
80:bb:33:64:fc:e4:4a:ba:c1:eb:44:79:b5:dd:52:
78:36:89:24:dc:da:70:06:33:41:07:cd:dd:2e:c1:
ca:8a:f4:e7:92:fb:67:ad:45:ed:c8:64:3c:36:9e:
da:2b:43:db:fc:59:7c:7c:a5:a5:fe:62:ec:51:52:
c6:da:8f:6a:0d:4d:be:7c:29:52:81:05:18:7f:56:
9c:8f:e4:a7:6f:f0:0e:18:86:89:fa:c7:4d:a9:12:
52:d7:d7:88:8d:06:6c:ee:f2:db:27:ff:da:91:5d:
36:8a:58:10:f1:77:41:36:68:eb:72:e9:33:31:4f:
db:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:9B:A3:CD:7F:A5:FC:3E:20:12:DE:36:3B:7F:A7:17:23:12:7E:0D
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS54009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
60:7d:fe:62:0b:0a:5f:e5:f9:63:0a:58:ac:91:b8:c2:d5:05:
05:1f:34:65:ae:cc:5a:2e:2a:04:fa:2a:13:e6:da:59:ef:d5:
d9:d9:db:f7:d5:fa:1a:25:c0:42:a5:74:88:cb:1b:96:ce:22:
a0:e5:4b:24:e3:d8:4d:35:31:66:7b:2d:d1:b6:70:d0:48:e0:
c0:07:3c:56:50:c4:67:b4:73:fa:f0:b9:45:9b:bf:6f:60:96:
57:68:2f:59:0a:c1:b1:55:80:77:30:47:4d:f3:16:f0:42:c6:
3a:3f:03:49:d8:6b:cc:66:93:55:27:1a:cd:76:70:e3:b4:ad:
9f:9b:82:87:a0:eb:1b:01:cd:b0:67:f2:99:15:0a:fd:03:2b:
73:4c:b0:89:1e:6b:a3:39:ac:07:d2:99:c2:77:2d:a4:08:f0:
07:98:9a:ce:f3:b9:42:0d:bd:b7:5a:28:3e:1b:4b:67:01:d9:
65:b0:d0:bf:e6:89:96:df:cb:36:05:e0:1e:bc:0f:ce:cf:eb:
b0:12:9f:a9:a9:d1:34:47:61:e1:c2:a0:f4:97:1a:04:58:9f:
c8:66:43:f6:99:45:1c:5d:bb:ab:0b:87:d6:65:84:e5:6d:86:
6d:cd:2c:09:fd:45:f9:4c:dc:86:b6:b5:d0:2a:54:b3:3c:cd:
f6:1a:73:6f
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUeTJMp2d7u9YSxRskXV1PWV31aWYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA4MjAwMjI2NTJaFw0yNTA4MTkwMjMxNTJaMDMxMTAvBgNV
BAMTKEQxOUJBM0NEN0ZBNUZDM0UyMDEyREUzNjNCN0ZBNzE3MjMxMjdFMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZqYcHRhoJhmQ5EyECCOHQQegM
BBn43KECYwXmthPL/dbAfDIVVVcIgBtGPiwNgE5K0s0xhNYT3OzF6Cz4ryshVes6
22ngNkk/cAZU54dRiR5H9dfZ9t8WlYQmeosR8Gb106nIDg8pXtDPC/edGTSoU0VG
QybRhkVNl8+bHzweU12y/p0uRIC7M2T85Eq6wetEebXdUng2iSTc2nAGM0EHzd0u
wcqK9OeS+2etRe3IZDw2ntorQ9v8WXx8paX+YuxRUsbaj2oNTb58KVKBBRh/VpyP
5Kdv8A4Yhon6x02pElLX14iNBmzu8tsn/9qRXTaKWBDxd0E2aOty6TMxT9thAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU0ZujzX+l/D4gEt42O3+nFyMSfg0wHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTNTQwMDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqB1TC
sAswDQYJKoZIhvcNAQELBQADggEBAGB9/mILCl/l+WMKWKyRuMLVBQUfNGWuzFou
KgT6KhPm2lnv1dnZ2/fV+holwEKldIjLG5bOIqDlSyTj2E01MWZ7LdG2cNBI4MAH
PFZQxGe0c/rwuUWbv29glldoL1kKwbFVgHcwR03zFvBCxjo/A0nYa8xmk1UnGs12
cOO0rZ+bgoeg6xsBzbBn8pkVCv0DK3NMsIkea6M5rAfSmcJ3LaQI8AeYms7zuUIN
vbdaKD4bS2cB2WWw0L/miZbfyzYF4B68D87P67ASn6mp0TRHYeHCoPSXGgRYn8hm
Q/aZRRxdu6sLh9ZlhOVthm3NLAn9RflM3Ia2tdAqVLM8zfYac28=
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:04:46 2025 by rpki-client