Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1bc4930f-9a4b-43f1-82b8-562990ca472e.roa
File: 1bc4930f-9a4b-43f1-82b8-562990ca472e.roa (raw, json)
Hash identifier: AgbyU2tHAKyZl9AtCADVDWP650A/VaoYu3j1veApFwY=
Subject key identifier: 88:F4:BA:2E:68:1E:46:A4:F7:2B:B3:FA:55:2B:14:BD:C5:EC:C2:42
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7183C8E06EF36F9118C52814FB28CA79CE436929
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1bc4930f-9a4b-43f1-82b8-562990ca472e.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:83:c8:e0:6e:f3:6f:91:18:c5:28:14:fb:28:ca:79:ce:43:69:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=3f835931e1fb3320c5674678d5a6fae2869a8b872661bf33e9493be9c65f4cb0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0c:86:a5:e6:ed:c5:50:85:75:2d:cb:5c:4e:
6c:df:58:c5:53:cf:31:c0:23:d6:da:55:6d:08:5c:
2a:f0:6b:6e:63:5b:56:66:1f:23:f3:44:28:d5:2c:
ce:c8:da:d4:f5:b0:61:9e:f5:47:3d:2a:68:fb:ed:
31:c9:a1:26:80:c1:fd:b8:77:f0:bf:17:84:3e:c8:
13:65:d6:8f:2e:7c:d7:2d:5e:9b:1a:ae:a6:79:c5:
89:d7:1b:8f:3e:6a:f4:6b:68:43:33:4d:a3:ad:19:
5d:c1:e8:04:3a:e3:b0:ab:85:9b:be:f4:ff:2f:93:
7a:9d:8a:d5:39:b0:6a:bd:f6:81:57:98:3e:37:a3:
48:28:9a:6a:68:62:9a:e8:e6:ee:b3:23:ee:34:8e:
85:c4:82:c7:f1:a4:1c:96:f1:ce:0f:52:8e:90:09:
79:83:e4:a7:b2:0d:e5:b6:c2:9a:b3:0f:10:44:56:
c8:6d:37:ac:79:84:1a:64:32:39:6b:95:07:00:07:
e8:79:63:0e:65:a7:d4:9f:c6:0a:1c:4f:28:89:b7:
3a:b6:24:25:cf:63:ec:de:02:cf:51:a3:e5:c7:73:
19:d5:88:72:0f:93:14:fc:05:b8:28:26:89:9c:56:
55:ff:07:18:e1:9b:62:30:7f:b1:8e:f9:7e:3e:f2:
79:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F4:BA:2E:68:1E:46:A4:F7:2B:B3:FA:55:2B:14:BD:C5:EC:C2:42
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1bc4930f-9a4b-43f1-82b8-562990ca472e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:8c:81:94:16:e8:8a:b1:07:4e:e1:69:d5:4a:db:4f:93:df:
99:e2:8c:42:6b:e9:5c:fd:68:83:38:bc:40:8b:03:f9:4b:31:
0c:29:39:9a:f2:9c:c1:a7:a2:ef:a0:60:f8:9e:f2:75:84:b6:
cf:23:dd:97:62:e3:dd:44:cb:f8:af:7a:c4:1d:36:b4:41:5b:
f8:3e:86:c2:70:80:69:42:ef:a5:55:b0:bd:62:8e:a7:d1:34:
2e:22:ff:74:70:3a:2f:b4:47:dd:de:ce:30:4e:27:9b:87:14:
44:58:a2:26:45:93:83:ad:1e:22:b3:68:95:03:ed:c3:4d:ff:
29:61:fa:56:32:30:c2:4f:4f:fd:9b:18:2e:f3:64:47:c1:35:
e2:17:d7:45:c6:d7:2d:dc:54:9a:35:3e:4c:e5:e6:ea:be:a9:
5c:53:b1:b6:df:6a:81:f1:db:d9:d4:54:7b:41:1b:6f:ba:64:
03:54:15:25:47:2b:75:da:96:74:92:19:db:3f:87:a1:ff:6f:
39:07:56:7e:7e:1d:94:8a:58:9d:a8:06:e4:fa:11:7c:43:af:
28:a6:6c:95:41:60:c1:8d:86:54:15:bb:cb:fa:75:90:78:bc:
ab:da:d0:d3:f0:40:3d:89:6f:20:08:9a:0b:fc:28:cb:13:b9:
40:9e:a3:20
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcYPI4G7zb5EYxSgU+yjKec5DaSkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmODM1OTMxZTFmYjMzMjBjNTY3NDY3OGQ1YTZmYWUyODY5YThiODcyNjYx
YmYzM2U5NDkzYmU5YzY1ZjRjYjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO4MhqXm7cVQhXUty1xObN9YxVPPMcAj1tpVbQhcKvBrbmNbVmYfI/NEKNUs
zsja1PWwYZ71Rz0qaPvtMcmhJoDB/bh38L8XhD7IE2XWjy581y1emxqupnnFidcb
jz5q9GtoQzNNo60ZXcHoBDrjsKuFm770/y+Tep2K1Tmwar32gVeYPjejSCiaamhi
mujm7rMj7jSOhcSCx/GkHJbxzg9SjpAJeYPkp7IN5bbCmrMPEERWyG03rHmEGmQy
OWuVBwAH6HljDmWn1J/GChxPKIm3OrYkJc9j7N4Cz1Gj5cdzGdWIcg+TFPwFuCgm
iZxWVf8HGOGbYjB/sY75fj7yebkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSI9Lou
aB5GpPcrs/pVKxS9xezCQjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWJjNDkzMGYtOWE0Yi00M2YxLTgyYjgtNTYyOTkwY2E0NzJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQBfjIGUFuiKsQdO4WnVSttPk9+Z4oxCa+lc/WiDOLxA
iwP5SzEMKTma8pzBp6LvoGD4nvJ1hLbPI92XYuPdRMv4r3rEHTa0QVv4PobCcIBp
Qu+lVbC9Yo6n0TQuIv90cDovtEfd3s4wTiebhxREWKImRZODrR4is2iVA+3DTf8p
YfpWMjDCT0/9mxgu82RHwTXiF9dFxtct3FSaNT5M5ebqvqlcU7G232qB8dvZ1FR7
QRtvumQDVBUlRyt12pZ0khnbP4eh/285B1Z+fh2UilidqAbk+hF8Q68opmyVQWDB
jYZUFbvL+nWQeLyr2tDT8EA9iW8gCJoL/CjLE7lAnqMg
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org