Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f7f4c52-3c37-4945-a2de-eb95981a27af.roa
File: 2f7f4c52-3c37-4945-a2de-eb95981a27af.roa (raw, json)
Hash identifier: HsRvzHCI5UJFx2XtQly/s7aH8eEwtgwi/9ImGbvWHxI=
Subject key identifier: D8:79:3F:B4:97:4C:00:38:E9:13:7B:8B:10:69:43:40:BC:DF:1A:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3DFDB84CAD2112F5A7505F5CD8D87A3ABC060A95
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f7f4c52-3c37-4945-a2de-eb95981a27af.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:fd:b8:4c:ad:21:12:f5:a7:50:5f:5c:d8:d8:7a:3a:bc:06:0a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=d2b247b86b5cce931dfbe454a06970234ac61c9486c2c5cbbb760729c559ce67, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:32:fb:4e:8d:28:1a:ff:7d:2a:2e:fc:2c:2d:
28:57:1c:f2:ee:96:e5:cf:6e:48:8b:0b:bb:65:4c:
7b:c8:45:5f:8b:7b:63:04:7a:6b:2f:d2:a9:b6:02:
15:ff:5b:a0:53:ad:14:f3:63:3e:cf:ee:ca:51:74:
c1:24:f6:08:fe:28:6c:e7:89:a5:09:17:07:4d:5f:
80:d8:2e:72:6c:7a:ff:ee:69:37:b3:e7:ea:1c:4b:
94:f6:d4:08:b3:29:47:62:9f:d7:3a:08:5f:b9:d9:
ee:97:dc:04:c5:42:db:4c:0c:db:5f:50:ee:0a:23:
2f:60:52:09:6d:dd:1d:23:d0:7e:14:77:c7:cb:09:
38:b3:20:ce:9b:c9:ad:87:bf:e2:b4:b3:73:1b:43:
58:23:ce:f9:99:71:fa:d9:be:96:e0:88:ee:fc:7e:
14:a1:4b:50:d8:e7:c8:18:52:49:d7:38:56:6a:8b:
6d:01:a4:3d:3d:8e:64:07:70:f5:ce:42:c4:f5:94:
10:ac:23:9a:e0:cb:84:09:51:62:b2:46:82:b0:93:
ef:eb:b6:cd:1b:c3:d0:aa:ac:76:58:81:70:e0:eb:
e7:93:c0:68:ab:58:09:8b:9b:06:22:7e:a2:cd:a0:
9c:6f:80:6d:72:e0:85:09:ad:f4:fb:4a:58:bb:fc:
e2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:79:3F:B4:97:4C:00:38:E9:13:7B:8B:10:69:43:40:BC:DF:1A:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2f7f4c52-3c37-4945-a2de-eb95981a27af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
8d:0b:7e:0e:8f:57:5e:7a:25:1f:93:23:58:9f:fe:c5:af:77:
f0:c2:bc:79:e2:b0:f0:eb:b2:d9:2c:3c:b9:ee:67:e9:f8:29:
be:7f:55:10:23:2c:b3:af:71:01:8f:40:be:97:75:4b:99:1a:
94:5b:ff:f6:a0:e9:b2:d9:ba:72:36:39:7b:d2:fb:ac:41:65:
fe:c9:00:30:7d:12:16:75:e2:f6:ef:ff:ce:3b:e3:48:3e:51:
58:de:07:6f:0c:ce:fb:e0:27:e4:2e:d2:f3:f1:3b:6f:11:c0:
70:7f:d2:11:e2:5f:c9:6f:32:7f:65:e5:a1:9d:16:74:14:77:
2d:80:7f:49:37:7f:70:f6:be:cf:68:0a:07:9f:3f:e2:b0:be:
a9:f7:6f:d1:6b:e3:15:44:ea:df:e1:4d:94:f3:0b:97:0a:e3:
38:dc:ca:95:06:a7:07:69:35:ae:a6:08:8c:fd:8e:52:fc:c1:
70:41:46:dc:0e:8a:26:2a:0c:2f:73:b2:39:a8:a5:5b:aa:4a:
f9:33:1f:17:da:48:9d:62:44:b9:54:71:15:b9:61:db:1a:30:
e5:9a:52:e0:85:1f:5c:21:99:1d:7a:b4:46:03:71:16:29:00:
37:ac:fa:15:43:a1:36:af:8c:9f:86:85:59:b3:d4:6c:e6:c3:
8b:de:62:e0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPf24TK0hEvWnUF9c2Nh6OrwGCpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyYjI0N2I4NmI1Y2NlOTMxZGZiZTQ1NGEwNjk3MDIzNGFjNjFjOTQ4NmMy
YzVjYmJiNzYwNzI5YzU1OWNlNjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUy+06NKBr/fSou/CwtKFcc8u6W5c9uSIsLu2VMe8hFX4t7YwR6ay/SqbYC
Ff9boFOtFPNjPs/uylF0wST2CP4obOeJpQkXB01fgNgucmx6/+5pN7Pn6hxLlPbU
CLMpR2Kf1zoIX7nZ7pfcBMVC20wM219Q7gojL2BSCW3dHSPQfhR3x8sJOLMgzpvJ
rYe/4rSzcxtDWCPO+Zlx+tm+luCI7vx+FKFLUNjnyBhSSdc4VmqLbQGkPT2OZAdw
9c5CxPWUEKwjmuDLhAlRYrJGgrCT7+u2zRvD0KqsdliBcODr55PAaKtYCYubBiJ+
os2gnG+AbXLghQmt9PtKWLv84sMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTYeT+0
l0wAOOkTe4sQaUNAvN8aSzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmY3ZjRjNTItM2MzNy00OTQ1LWEyZGUtZWI5NTk4MWEyN2FmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAjQt+Do9XXnolH5MjWJ/+xa938MK8eeKw8Ouy2Sw8
ue5n6fgpvn9VECMss69xAY9Avpd1S5kalFv/9qDpstm6cjY5e9L7rEFl/skAMH0S
FnXi9u//zjvjSD5RWN4HbwzO++An5C7S8/E7bxHAcH/SEeJfyW8yf2XloZ0WdBR3
LYB/STd/cPa+z2gKB58/4rC+qfdv0WvjFUTq3+FNlPMLlwrjONzKlQanB2k1rqYI
jP2OUvzBcEFG3A6KJioML3OyOailW6pK+TMfF9pInWJEuVRxFblh2xow5ZpS4IUf
XCGZHXq0RgNxFikAN6z6FUOhNq+Mn4aFWbPUbObDi95i4A==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org