Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
File: 238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa (raw, json)
Hash identifier: FlTtyMkoMQejaPbviFXkdVp6Bo5l637HCWGaDro8x3I=
Subject key identifier: 94:C8:E7:E8:94:17:24:51:59:4C:53:BC:8A:48:EB:F1:11:B1:E0:B2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 38D91B5767083367CCE729CF95266F5FCE0B8682
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:d9:1b:57:67:08:33:67:cc:e7:29:cf:95:26:6f:5f:ce:0b:86:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=cc177a1d8edc4bdb4f7ea1c9384ab1903db2da03421494aca894f204ad5cf5bc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:64:97:58:c9:7f:78:87:2b:f8:05:97:cc:cc:
a7:1a:97:fc:6f:3e:e9:6b:00:ae:97:64:24:7f:c9:
39:02:7e:30:6d:05:eb:4b:89:ea:5b:a5:a7:20:29:
eb:75:74:26:fd:45:3c:b2:15:9e:7b:5e:1c:31:3c:
b0:4c:5b:f7:64:8e:69:a5:fb:d6:f1:8e:ae:76:ab:
b1:b1:dc:c5:2d:27:22:cd:b0:e2:6f:5d:7b:72:e7:
8d:e4:03:03:ec:ed:9c:14:7d:e8:21:00:fc:b0:a4:
d1:e3:cf:3a:ef:77:4a:7a:3f:61:a5:ed:06:c2:1a:
d8:6e:e3:b5:a1:59:66:a6:65:d1:61:08:79:1a:a4:
b6:26:5a:a7:2c:79:da:7e:b4:40:cb:c1:dd:9d:27:
c2:10:30:62:22:ea:f7:a5:89:3e:1b:aa:d9:d0:af:
90:c9:75:c4:04:3d:6d:ea:c9:84:bf:b5:5f:51:0a:
7d:7a:7e:f0:a5:3e:73:4c:13:f4:39:43:a1:7b:45:
05:d7:3a:86:a5:83:3b:69:36:3a:31:2a:5e:96:72:
80:48:23:a5:fc:10:67:64:1d:dd:df:68:14:1d:4c:
99:bb:e2:f1:45:e4:34:c2:c2:ab:60:49:9b:58:05:
2b:7b:32:bb:15:3a:06:44:f3:e6:74:c2:85:b3:0b:
4f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C8:E7:E8:94:17:24:51:59:4C:53:BC:8A:48:EB:F1:11:B1:E0:B2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
31:15:9d:28:b0:a3:df:4c:cb:44:a1:1a:b6:d6:98:9b:1c:8c:
87:ba:a7:43:de:c7:5c:3e:9c:ff:45:6c:a4:85:b6:35:c3:23:
eb:44:43:7b:1c:da:19:57:05:64:fe:71:b4:f7:be:17:c6:e6:
7c:cb:f6:50:ff:b8:8f:e2:45:49:8b:d9:67:bd:71:2e:67:f1:
06:72:f2:51:76:1b:88:b9:a3:5d:95:0a:b5:52:a0:23:ad:e0:
70:7e:35:16:c7:6b:e3:aa:71:a7:08:2a:5b:78:e0:3f:19:d7:
b8:63:50:2e:9e:e7:c8:4b:42:c6:aa:a8:f6:a0:3c:a5:5a:4f:
19:5c:c2:29:c9:8c:36:04:a8:ab:44:8d:15:d0:20:c0:25:e0:
2b:b2:81:ed:d8:a7:90:8c:25:4a:b7:2a:d0:c1:9a:f9:d9:1b:
da:04:df:60:bb:ad:36:ea:88:be:65:56:77:c7:30:1a:6e:14:
32:b0:a4:6a:fa:fc:55:ec:a4:ed:b4:10:53:6d:c2:e4:d9:9b:
0c:38:8b:6e:2e:a3:ee:7c:0e:b8:82:0a:d8:c3:40:3c:69:95:
6b:15:17:78:ae:a7:0f:52:73:74:13:80:6c:3d:e2:b5:88:20:
de:9c:51:88:c6:ad:90:9f:c7:cc:cf:06:16:9d:d3:e0:1e:44:
13:e3:ee:84
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUONkbV2cIM2fM5ynPlSZvX84LhoIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjMTc3YTFkOGVkYzRiZGI0ZjdlYTFjOTM4NGFiMTkwM2RiMmRhMDM0MjE0
OTRhY2E4OTRmMjA0YWQ1Y2Y1YmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNkl1jJf3iHK/gFl8zMpxqX/G8+6WsArpdkJH/JOQJ+MG0F60uJ6lulpyAp
63V0Jv1FPLIVnnteHDE8sExb92SOaaX71vGOrnarsbHcxS0nIs2w4m9de3LnjeQD
A+ztnBR96CEA/LCk0ePPOu93Sno/YaXtBsIa2G7jtaFZZqZl0WEIeRqktiZapyx5
2n60QMvB3Z0nwhAwYiLq96WJPhuq2dCvkMl1xAQ9berJhL+1X1EKfXp+8KU+c0wT
9DlDoXtFBdc6hqWDO2k2OjEqXpZygEgjpfwQZ2Qd3d9oFB1Mmbvi8UXkNMLCq2BJ
m1gFK3syuxU6BkTz5nTChbMLTxsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSUyOfo
lBckUVlMU7yKSOvxEbHgsjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjM4ZGJmYmItMGUxOC00NWUwLWJhOTEtNmU4OGJiNTA4MDJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQAxFZ0osKPfTMtEoRq21pibHIyHuqdD3sdcPpz/RWyk
hbY1wyPrREN7HNoZVwVk/nG0974XxuZ8y/ZQ/7iP4kVJi9lnvXEuZ/EGcvJRdhuI
uaNdlQq1UqAjreBwfjUWx2vjqnGnCCpbeOA/Gde4Y1AunufIS0LGqqj2oDylWk8Z
XMIpyYw2BKirRI0V0CDAJeArsoHt2KeQjCVKtyrQwZr52RvaBN9gu6026oi+ZVZ3
xzAabhQysKRq+vxV7KTttBBTbcLk2ZsMOItuLqPufA64ggrYw0A8aZVrFRd4rqcP
UnN0E4BsPeK1iCDenFGIxq2Qn8fMzwYWndPgHkQT4+6E
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org