Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
File: 16337db0-8420-40f0-982b-9d50c20f4e08.roa (raw, json)
Hash identifier: /Full7e+05cl7Kf+2R4mHX1UKo6vwgZyk6y+S1afpHA=
Subject key identifier: 28:16:60:19:DA:33:EE:5F:31:FA:47:D8:1A:4E:6D:92:04:9E:5E:E5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F45DAB81507D0CC1FAD713C1C409FB0D8347C80
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:45:da:b8:15:07:d0:cc:1f:ad:71:3c:1c:40:9f:b0:d8:34:7c:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=f7bf79dccc0867841a2280bb3043f56f421461243fd36a19076be6db8bfb33c6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8f:56:33:dd:48:bd:4c:cf:bf:d4:73:06:f7:
27:a5:3d:3b:33:90:b8:ab:8e:df:88:e6:51:27:4d:
c1:6a:9b:a5:80:12:0c:ed:63:45:ff:62:6b:54:cf:
98:40:cd:77:55:22:4d:f5:a8:28:bb:f1:67:5a:dd:
f8:9c:d6:74:e8:79:d7:3f:1f:84:6f:dc:6c:d2:ed:
8e:ea:4e:b2:5a:b4:41:53:4b:e6:38:af:45:01:9a:
a9:f9:cd:6b:6b:01:3e:5e:a4:03:be:c7:cf:0d:d7:
15:fc:24:74:36:65:fc:19:7c:94:c9:ba:30:48:76:
11:96:64:90:ee:95:a9:2c:18:a6:a1:46:a0:f1:3b:
cd:ec:6a:09:90:0e:50:a6:26:bc:d3:d0:03:03:b0:
f1:70:d9:6f:f0:c2:de:0f:99:90:f1:d8:53:b4:6c:
5c:f4:de:e7:8a:4e:37:70:f6:43:ad:93:5d:c7:4d:
a6:44:93:1e:85:82:45:12:0d:09:d0:dd:31:19:5e:
cb:af:2b:1d:3c:a3:74:16:e4:e1:eb:e6:de:d6:e7:
b5:e4:6d:b1:0c:8e:31:c7:c8:81:73:2d:76:cb:3b:
4c:f5:4a:69:2f:18:5b:a6:68:61:8f:79:ba:2c:2b:
ff:d0:b5:70:f1:e7:8f:b6:e1:aa:0c:af:93:8f:d0:
02:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:16:60:19:DA:33:EE:5F:31:FA:47:D8:1A:4E:6D:92:04:9E:5E:E5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:f5:6d:e7:1a:c4:49:5d:e2:30:45:8d:15:f7:ea:3d:80:5b:
f2:19:97:1c:79:39:16:ca:2a:f7:09:59:08:93:e3:c2:e3:62:
2b:77:f6:f4:0b:35:c2:8c:16:01:9d:ce:0f:76:e3:a7:94:87:
66:25:5d:06:1c:f6:1d:b8:6d:6a:48:dc:52:ea:7b:fb:d5:07:
52:b5:22:ce:9b:a8:67:9f:ed:1c:9f:df:80:e0:10:40:59:02:
00:f1:af:78:71:af:59:05:06:00:de:da:3b:ed:e3:df:5b:24:
41:66:5e:0c:53:6c:ae:55:ed:dc:f9:75:ca:c8:8d:ee:14:72:
bd:c7:98:55:65:f3:81:83:c8:92:ac:6f:99:ba:f1:bc:92:0c:
bb:60:8a:df:6d:00:8a:11:c7:50:c1:9e:71:e1:f6:6b:bd:2a:
05:01:48:6f:40:8a:c7:21:8b:8a:e7:9d:67:24:88:97:6e:de:
31:39:8c:f8:d6:1e:15:df:21:c7:69:40:df:e6:69:9c:44:b8:
70:e8:07:bb:a5:c6:41:84:c6:d5:61:20:23:16:23:22:7e:35:
ce:66:aa:85:69:a7:14:8a:86:93:f3:0a:bf:5a:b3:32:1a:04:
4a:da:a0:49:c4:07:10:02:a2:de:80:3c:90:57:43:5c:f9:59:
f9:42:94:6b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUP0XauBUH0MwfrXE8HECfsNg0fIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3YmY3OWRjY2MwODY3ODQxYTIyODBiYjMwNDNmNTZmNDIxNDYxMjQzZmQz
NmExOTA3NmJlNmRiOGJmYjMzYzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2PVjPdSL1Mz7/Ucwb3J6U9OzOQuKuO34jmUSdNwWqbpYASDO1jRf9ia1TP
mEDNd1UiTfWoKLvxZ1rd+JzWdOh51z8fhG/cbNLtjupOslq0QVNL5jivRQGaqfnN
a2sBPl6kA77Hzw3XFfwkdDZl/Bl8lMm6MEh2EZZkkO6VqSwYpqFGoPE7zexqCZAO
UKYmvNPQAwOw8XDZb/DC3g+ZkPHYU7RsXPTe54pON3D2Q62TXcdNpkSTHoWCRRIN
CdDdMRley68rHTyjdBbk4evm3tbnteRtsQyOMcfIgXMtdss7TPVKaS8YW6ZoYY95
uiwr/9C1cPHnj7bhqgyvk4/QAtMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQoFmAZ
2jPuXzH6R9gaTm2SBJ5e5TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTYzMzdkYjAtODQyMC00MGYwLTk4MmItOWQ1MGMyMGY0ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEAjfVt5xrESV3iMEWNFffqPYBb8hmXHHk5Fsoq9wlZ
CJPjwuNiK3f29As1wowWAZ3OD3bjp5SHZiVdBhz2HbhtakjcUup7+9UHUrUizpuo
Z5/tHJ/fgOAQQFkCAPGveHGvWQUGAN7aO+3j31skQWZeDFNsrlXt3Pl1ysiN7hRy
vceYVWXzgYPIkqxvmbrxvJIMu2CK320AihHHUMGeceH2a70qBQFIb0CKxyGLiued
ZySIl27eMTmM+NYeFd8hx2lA3+ZpnES4cOgHu6XGQYTG1WEgIxYjIn41zmaqhWmn
FIqGk/MKv1qzMhoEStqgScQHEAKi3oA8kFdDXPlZ+UKUaw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org