Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/169b9704-81cc-41e4-bd90-8654798de7b1.roa
File: 169b9704-81cc-41e4-bd90-8654798de7b1.roa (raw, json)
Hash identifier: m78fP7vAzoa6I0air9byEb3U6arfVX4QtpeObgffuiU=
Subject key identifier: E1:10:F2:C8:FE:2D:24:30:06:7D:35:1D:F8:EB:1B:8D:26:A4:A2:49
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2A08400B5500CE915C17EF5A2D16C68DAABC16DC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/169b9704-81cc-41e4-bd90-8654798de7b1.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:08:40:0b:55:00:ce:91:5c:17:ef:5a:2d:16:c6:8d:aa:bc:16:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=cc951580c8c1301069d97b10b9d4862f0a367d7d2e91993584806999d08ff65f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:43:4c:30:60:40:b4:15:63:80:16:10:8a:e6:
25:86:a1:7e:15:49:92:63:f3:0b:03:57:91:e2:be:
b3:71:2a:03:9c:95:b9:84:62:06:20:d9:92:4f:6e:
d7:7a:49:ee:02:c6:ba:b5:7a:92:c3:68:92:9b:40:
66:64:01:09:ce:3a:d8:79:95:02:ac:72:84:04:6c:
f5:3c:de:2a:33:69:96:6e:cc:56:de:08:20:4c:ac:
9b:a8:7d:72:f3:95:a6:13:b6:d1:60:44:1d:24:b5:
45:58:8e:ff:e4:56:60:3a:f2:2c:5a:ff:0a:be:0f:
33:9e:7c:46:59:44:dc:c3:b4:3d:62:dc:3b:46:ca:
f4:93:60:00:6d:90:36:ae:5a:39:3a:32:af:48:60:
6f:b0:a8:66:30:74:38:14:c3:73:e5:ec:d0:b1:30:
c3:f2:99:bb:ef:7c:89:21:02:86:65:88:a2:8f:67:
47:9e:c8:1e:32:26:04:6c:c1:ba:8e:06:c4:d2:ec:
ec:2a:18:a5:50:a0:40:7b:03:cd:1c:5d:ab:f5:f0:
d8:3d:eb:a2:b6:ca:55:2c:eb:a5:30:8d:9b:5a:d5:
23:3e:de:e8:d5:ac:81:0b:90:7b:ed:63:a3:e9:77:
8e:5d:c0:80:c0:9f:31:8b:c5:19:cf:6e:e6:3a:fa:
07:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:10:F2:C8:FE:2D:24:30:06:7D:35:1D:F8:EB:1B:8D:26:A4:A2:49
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/169b9704-81cc-41e4-bd90-8654798de7b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ba:5f:e9:6a:be:49:30:29:87:87:9f:19:1c:e1:0f:2d:da:b1:
dd:09:77:1f:27:fd:4e:3d:a7:c2:0e:d0:42:c7:12:33:03:85:
26:1d:fe:dd:1f:01:db:76:58:f9:b4:9f:aa:0c:45:5a:ed:dd:
fb:e4:f5:c9:07:6a:0a:2f:51:ba:3c:d8:02:d0:c1:ee:bf:93:
f9:47:b3:1c:3a:17:0b:97:3f:40:9d:8c:af:0a:ca:1e:fc:f3:
0e:de:b0:4d:50:39:ec:9b:1e:ae:fe:79:7e:13:50:bb:4c:1e:
92:df:da:9c:b5:45:a1:c0:1b:e1:af:f1:4f:6f:6a:47:26:d3:
56:0d:5d:8d:68:37:bc:7c:36:b6:1f:84:39:32:de:5a:fc:3a:
08:ad:a5:18:d5:2e:08:e2:57:3f:37:03:2e:78:19:3e:41:24:
3f:f5:64:d8:f3:f5:84:b3:f2:83:75:e5:d6:4f:d9:ea:e2:1e:
b5:df:c3:55:b1:de:a1:b9:cc:eb:18:4a:93:25:ce:df:6a:bf:
89:a1:d0:d1:e3:6a:a5:c3:69:a1:1b:f8:b3:a8:f8:03:6d:6c:
99:d4:1b:d5:01:bd:82:91:2b:e4:e7:54:c1:c1:6b:a2:3f:22:
42:0d:48:c7:4b:70:9d:14:bc:54:bd:1c:55:4f:18:42:c4:66:
78:cf:35:00
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKghAC1UAzpFcF+9aLRbGjaq8FtwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjOTUxNTgwYzhjMTMwMTA2OWQ5N2IxMGI5ZDQ4NjJmMGEzNjdkN2QyZTkx
OTkzNTg0ODA2OTk5ZDA4ZmY2NWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhDTDBgQLQVY4AWEIrmJYahfhVJkmPzCwNXkeK+s3EqA5yVuYRiBiDZkk9u
13pJ7gLGurV6ksNokptAZmQBCc462HmVAqxyhARs9TzeKjNplm7MVt4IIEysm6h9
cvOVphO20WBEHSS1RViO/+RWYDryLFr/Cr4PM558RllE3MO0PWLcO0bK9JNgAG2Q
Nq5aOToyr0hgb7CoZjB0OBTDc+Xs0LEww/KZu+98iSEChmWIoo9nR57IHjImBGzB
uo4GxNLs7CoYpVCgQHsDzRxdq/Xw2D3rorbKVSzrpTCNm1rVIz7e6NWsgQuQe+1j
o+l3jl3AgMCfMYvFGc9u5jr6B0ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBThEPLI
/i0kMAZ9NR346xuNJqSiSTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTY5Yjk3MDQtODFjYy00MWU0LWJkOTAtODY1NDc5OGRlN2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQC6X+lqvkkwKYeHnxkc4Q8t2rHdCXcfJ/1OPafCDtBC
xxIzA4UmHf7dHwHbdlj5tJ+qDEVa7d375PXJB2oKL1G6PNgC0MHuv5P5R7McOhcL
lz9AnYyvCsoe/PMO3rBNUDnsmx6u/nl+E1C7TB6S39qctUWhwBvhr/FPb2pHJtNW
DV2NaDe8fDa2H4Q5Mt5a/DoIraUY1S4I4lc/NwMueBk+QSQ/9WTY8/WEs/KDdeXW
T9nq4h6138NVsd6huczrGEqTJc7far+JodDR42qlw2mhG/izqPgDbWyZ1BvVAb2C
kSvk51TBwWuiPyJCDUjHS3CdFLxUvRxVTxhCxGZ4zzUA
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org