Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0481d995-4a3d-4e25-8d0e-33271809f9a9.roa
File: 0481d995-4a3d-4e25-8d0e-33271809f9a9.roa (raw, json)
Hash identifier: 5mbweXqcD66dZQnv9BGO8+D4rE9X87uO6RcMqyiCVpM=
Subject key identifier: 6D:BA:10:9D:20:F8:ED:39:02:1E:BC:BA:8D:8D:E6:FD:DC:0E:5A:59
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E56C048102463DD9C327ED4000342D731B60178
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0481d995-4a3d-4e25-8d0e-33271809f9a9.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:56:c0:48:10:24:63:dd:9c:32:7e:d4:00:03:42:d7:31:b6:01:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=1743503d03f8bcd0ae175e4b1c9499070d1c938299cb36acf19127b111376123, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:55:24:07:e9:66:e4:e6:8c:78:95:97:ed:b3:
32:29:6e:31:76:b9:ee:b1:46:60:20:51:d5:c2:9e:
6d:7e:45:c3:e3:8c:a7:bd:07:f8:8a:06:f4:6f:16:
55:2a:39:a9:72:ba:01:7d:25:68:69:b5:20:66:b7:
d5:09:e5:5a:da:26:d7:9c:a8:e8:5f:77:6e:27:89:
53:1e:60:f9:a7:06:c1:4b:ba:9a:d8:4f:d1:8e:3f:
51:c3:9f:90:11:78:d6:a8:53:65:50:97:19:1f:34:
42:2a:26:72:e0:4e:53:64:8b:2f:35:b1:ac:b7:6d:
52:06:ad:84:82:aa:44:e5:99:2b:d6:75:cf:70:54:
77:e7:56:7b:ad:d8:27:e8:4b:4b:18:03:6e:60:37:
f5:3f:e4:46:5d:d5:f5:bf:bf:98:d2:5f:21:07:a7:
30:81:ad:8b:9e:b0:bc:69:b8:3b:78:11:a8:b5:79:
c8:34:78:89:68:04:42:08:84:46:a4:30:64:50:b4:
66:4b:b5:fa:50:e0:d9:d5:3f:6b:c9:23:70:53:83:
ec:01:91:e6:ec:33:57:da:a5:e8:22:bd:e2:a2:62:
a0:7e:8d:14:df:18:77:f9:89:d3:e7:42:9f:88:85:
b9:2c:1e:33:e7:82:bc:28:7e:d8:a2:9c:43:94:66:
07:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:BA:10:9D:20:F8:ED:39:02:1E:BC:BA:8D:8D:E6:FD:DC:0E:5A:59
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0481d995-4a3d-4e25-8d0e-33271809f9a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:18:c6:41:71:96:5d:86:3a:80:80:ce:78:64:49:98:d6:92:
b0:b6:a8:f3:71:d1:2f:a3:f7:af:c9:63:b7:f8:ff:99:6f:9c:
e0:1b:bc:2f:4a:d6:e3:ef:16:6b:f5:49:29:8d:6d:b3:4d:4b:
11:bf:64:cf:26:13:a1:78:bf:11:f2:63:07:26:3d:6a:a1:a2:
1d:9e:af:86:07:77:49:32:0f:61:33:45:4d:72:48:6d:f6:48:
3d:af:42:a1:15:5a:40:df:40:87:9d:67:e3:dc:50:00:47:5f:
8b:78:ac:c0:8a:6d:3e:2e:fa:7b:a9:d9:fd:1d:29:24:dd:35:
da:ed:1b:47:32:7c:a1:03:e3:e8:5f:ea:d7:b4:44:bc:0e:b9:
f8:10:e7:01:6c:a5:92:33:f2:46:5b:38:fd:63:ea:a6:23:c0:
a9:f5:e9:8d:41:cc:80:e3:05:9f:f4:57:ba:c6:c5:ed:ea:54:
fd:11:29:16:08:40:59:ff:19:85:4e:98:0c:6f:7b:5f:c6:fe:
bf:0c:75:9a:71:05:71:e9:25:4e:56:ca:e6:85:7f:ed:63:47:
0e:4f:6e:53:7b:d8:1c:f5:88:64:fd:8d:e2:35:56:a7:4f:e7:
6f:c4:af:d9:d3:14:e7:5e:c0:c1:23:54:bc:27:b9:ce:05:e6:
31:f0:df:20
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTlbASBAkY92cMn7UAANC1zG2AXgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3NDM1MDNkMDNmOGJjZDBhZTE3NWU0YjFjOTQ5OTA3MGQxYzkzODI5OWNi
MzZhY2YxOTEyN2IxMTEzNzYxMjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBVJAfpZuTmjHiVl+2zMiluMXa57rFGYCBR1cKebX5Fw+OMp70H+IoG9G8W
VSo5qXK6AX0laGm1IGa31QnlWtom15yo6F93bieJUx5g+acGwUu6mthP0Y4/UcOf
kBF41qhTZVCXGR80QiomcuBOU2SLLzWxrLdtUgathIKqROWZK9Z1z3BUd+dWe63Y
J+hLSxgDbmA39T/kRl3V9b+/mNJfIQenMIGti56wvGm4O3gRqLV5yDR4iWgEQgiE
RqQwZFC0Zku1+lDg2dU/a8kjcFOD7AGR5uwzV9ql6CK94qJioH6NFN8Yd/mJ0+dC
n4iFuSweM+eCvCh+2KKcQ5RmB6UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRtuhCd
IPjtOQIevLqNjeb93A5aWTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDQ4MWQ5OTUtNGEzZC00ZTI1LThkMGUtMzMyNzE4MDlmOWE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQAoGMZBcZZdhjqAgM54ZEmY1pKwtqjzcdEvo/evyWO3
+P+Zb5zgG7wvStbj7xZr9UkpjW2zTUsRv2TPJhOheL8R8mMHJj1qoaIdnq+GB3dJ
Mg9hM0VNckht9kg9r0KhFVpA30CHnWfj3FAAR1+LeKzAim0+Lvp7qdn9HSkk3TXa
7RtHMnyhA+PoX+rXtES8Drn4EOcBbKWSM/JGWzj9Y+qmI8Cp9emNQcyA4wWf9Fe6
xsXt6lT9ESkWCEBZ/xmFTpgMb3tfxv6/DHWacQVx6SVOVsrmhX/tY0cOT25Te9gc
9Yhk/Y3iNVanT+dvxK/Z0xTnXsDBI1S8J7nOBeYx8N8g
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org