Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS59678.roa
File: AS59678.roa (raw, json)
Hash identifier: 3HcpJ6jNXroUgY1egwfVJvfNspstk6TJsaMFswAMfPc=
Subject key identifier: C4:9F:D5:89:22:62:8B:5E:AD:54:EF:FC:C4:75:E5:77:14:EC:85:AA
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 46BFF31A0988D2082F564B97B316DD322DFEE36E
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS59678.roa
Signing time: Tue 20 Aug 2024 02:31:52 +0000
ROA not before: Tue 20 Aug 2024 02:26:52 +0000
ROA not after: Tue 19 Aug 2025 02:31:52 +0000
asID: 59678
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:bf:f3:1a:09:88:d2:08:2f:56:4b:97:b3:16:dd:32:2d:fe:e3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Aug 20 02:26:52 2024 GMT
Not After : Aug 19 02:31:52 2025 GMT
Subject: CN=C49FD58922628B5EAD54EFFCC475E57714EC85AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:54:c6:27:d7:df:41:25:73:9b:bc:dd:df:af:
57:2c:e8:50:e8:73:07:ee:db:75:db:54:73:f5:77:
96:4c:67:1d:96:ee:6a:bd:ed:e2:02:0c:a8:1c:47:
68:4f:80:10:0e:1f:21:fa:87:e0:e0:cb:c4:4b:11:
05:96:d8:a8:27:75:7e:f4:c6:ce:56:0b:44:45:aa:
e1:69:cb:5f:64:5a:ea:e0:6f:15:2f:ad:77:cf:5f:
b5:b5:93:ef:da:1e:9f:9e:f9:fc:6f:48:09:5b:15:
60:51:9a:f7:03:c4:b1:16:85:d4:2c:4c:04:ea:5f:
ce:6c:a4:13:16:95:1e:cd:4e:e9:af:ee:f4:d2:6e:
9a:bf:2d:8c:42:b6:86:d3:b8:7c:7a:4a:2e:cd:c3:
56:9a:d4:02:6b:89:83:e8:f7:7d:11:99:ca:f7:b7:
6c:94:25:24:27:43:30:d1:65:a5:ae:81:3a:79:21:
86:e0:8e:a2:e1:90:0c:d1:ce:93:e1:26:98:07:6f:
c9:b5:de:b2:26:43:d9:f6:a8:1c:e3:95:c7:e3:4a:
28:8f:6d:c6:7d:ef:f9:87:ac:9c:cf:61:25:f6:94:
2f:17:9f:c0:12:03:24:c0:42:89:f6:63:d4:e2:36:
13:80:68:ec:71:6b:50:79:ac:1d:65:a5:66:7b:72:
44:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9F:D5:89:22:62:8B:5E:AD:54:EF:FC:C4:75:E5:77:14:EC:85:AA
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS59678.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
91:20:95:28:ce:a6:c5:a9:7a:4f:90:4d:cc:7f:f3:e4:b5:8c:
6e:e6:5c:85:a4:f9:77:56:71:b0:c8:3f:1a:f2:3c:1a:ca:02:
84:2a:9e:64:24:3a:0d:5b:05:7f:e9:89:be:b2:a5:be:e0:49:
1a:7d:bf:35:f3:aa:08:6b:42:23:6b:f2:0c:85:94:4f:9c:a7:
54:f4:d2:45:d0:4e:f1:2c:c5:37:94:1e:72:95:0c:2c:d9:02:
a6:28:e5:f7:da:81:94:1c:39:49:95:a0:8e:49:cf:9a:d5:17:
ff:2f:03:f9:8c:93:47:d2:c1:d0:dc:d8:e3:84:f6:62:48:72:
08:0f:3f:5c:0e:73:a5:13:91:b7:70:89:ec:09:e4:f6:cf:54:
23:8c:28:36:25:c6:e0:3a:29:3d:a6:ea:78:94:66:80:f7:7b:
a7:7b:7c:50:d8:20:9f:e5:66:f8:31:f7:7e:b7:e6:2b:01:e5:
c8:2a:c5:f0:3d:a9:7a:0e:6a:97:cc:fc:c7:17:43:d2:6f:83:
b5:6b:fa:a2:6c:76:6a:06:d9:49:57:45:d1:71:9f:a1:c8:07:
ee:3c:7d:a6:c7:bc:c4:80:42:89:75:84:56:d2:5b:ee:17:5c:
de:f4:19:7f:12:96:55:9d:fa:eb:64:31:4b:ec:35:58:c6:91:
e0:b4:35:53
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIURr/zGgmI0ggvVkuXsxbdMi3+424wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA4MjAwMjI2NTJaFw0yNTA4MTkwMjMxNTJaMDMxMTAvBgNV
BAMTKEM0OUZENTg5MjI2MjhCNUVBRDU0RUZGQ0M0NzVFNTc3MTRFQzg1QUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8VMYn199BJXObvN3fr1cs6FDo
cwfu23XbVHP1d5ZMZx2W7mq97eICDKgcR2hPgBAOHyH6h+Dgy8RLEQWW2KgndX70
xs5WC0RFquFpy19kWurgbxUvrXfPX7W1k+/aHp+e+fxvSAlbFWBRmvcDxLEWhdQs
TATqX85spBMWlR7NTumv7vTSbpq/LYxCtobTuHx6Si7Nw1aa1AJriYPo930Rmcr3
t2yUJSQnQzDRZaWugTp5IYbgjqLhkAzRzpPhJpgHb8m13rImQ9n2qBzjlcfjSiiP
bcZ97/mHrJzPYSX2lC8Xn8ASAyTAQon2Y9TiNhOAaOxxa1B5rB1lpWZ7ckRvAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUxJ/ViSJii16tVO/8xHXldxTshaowHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTNTk2Nzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqB1TC
sAswDQYJKoZIhvcNAQELBQADggEBAJEglSjOpsWpek+QTcx/8+S1jG7mXIWk+XdW
cbDIPxryPBrKAoQqnmQkOg1bBX/pib6ypb7gSRp9vzXzqghrQiNr8gyFlE+cp1T0
0kXQTvEsxTeUHnKVDCzZAqYo5ffagZQcOUmVoI5Jz5rVF/8vA/mMk0fSwdDc2OOE
9mJIcggPP1wOc6UTkbdwiewJ5PbPVCOMKDYlxuA6KT2m6niUZoD3e6d7fFDYIJ/l
Zvgx93635isB5cgqxfA9qXoOapfM/McXQ9Jvg7Vr+qJsdmoG2UlXRdFxn6HIB+48
fabHvMSAQol1hFbSW+4XXN70GX8SllWd+utkMUvsNVjGkeC0NVM=
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:05:26 2025 by rpki-client