Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/40a62114-09f8-4383-abc5-a7d805c42d0a.roa
File: 40a62114-09f8-4383-abc5-a7d805c42d0a.roa (raw, json)
Hash identifier: jWP65trEIqVueY32DPJa0WQq3P0gfgOgxMCJ7YJFJ5I=
Subject key identifier: E4:55:9C:D7:05:32:E9:8A:C8:75:A4:B3:02:02:2A:FA:71:29:DF:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4F206A1F623769D71D2875678CB663870E724460
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/40a62114-09f8-4383-abc5-a7d805c42d0a.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 2a11:47c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:20:6a:1f:62:37:69:d7:1d:28:75:67:8c:b6:63:87:0e:72:44:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=24cf2d04d8d390652a13ff2b691b907245ffa9e018f2219ac997713d549b33db, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8f:87:81:cd:7d:7b:9a:46:b0:7f:ef:38:97:
8e:6f:43:cb:f7:a2:6d:79:a7:7e:2f:20:94:fa:e7:
c6:29:fb:76:fb:80:c6:31:cf:6a:c8:62:da:51:9f:
d7:24:7a:fa:97:9b:bf:6a:02:48:2f:98:df:2e:47:
c6:23:85:57:65:82:b3:dd:6a:26:f3:0e:2d:7e:80:
1b:01:57:1f:a3:83:e6:fe:e3:eb:10:50:ae:bc:23:
99:03:ab:a8:e0:92:3c:ff:e9:d7:48:c4:86:aa:1b:
0c:c5:a6:1f:57:28:fa:81:4e:ff:a2:22:e1:8a:64:
a2:7d:5d:b6:83:4b:c0:4f:2b:dc:70:46:22:c5:95:
41:97:4b:b0:ab:22:10:0e:8b:72:2d:bc:04:af:37:
8b:ab:3f:d1:de:db:4c:57:3d:d6:8c:80:a5:48:ca:
59:78:6e:43:53:9d:9e:dc:fb:e3:02:e5:a0:f0:e9:
63:31:0b:cf:cb:6a:9a:77:c9:53:45:94:b9:34:ce:
84:73:03:86:c3:52:9a:47:d7:ba:a0:aa:54:69:70:
f8:fb:00:9c:17:07:1f:bd:41:84:f2:e4:4c:6e:5f:
33:1c:ed:aa:bd:83:ea:a4:90:05:18:95:5f:f7:3b:
e5:6f:1d:24:27:dd:05:b1:35:6f:a7:24:bb:7e:71:
a4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:55:9C:D7:05:32:E9:8A:C8:75:A4:B3:02:02:2A:FA:71:29:DF:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/40a62114-09f8-4383-abc5-a7d805c42d0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
a6:7b:6a:30:6d:55:d5:07:be:a6:9d:b6:ba:26:48:c9:d6:a0:
ce:aa:49:73:60:04:e0:3d:a5:ba:d0:cb:3a:9b:d6:3a:97:ed:
8e:11:ca:0a:1b:ea:3f:92:b3:bb:3a:c7:5b:b5:37:54:fc:f2:
5d:9b:60:53:92:07:f7:a4:75:3d:e6:42:90:37:bf:87:96:c4:
b4:97:e8:55:ab:c3:9e:62:fb:49:81:0d:74:87:d0:10:de:3e:
89:57:e7:05:02:9e:fc:ce:12:24:bf:a9:10:3b:c7:59:8b:39:
9c:94:5f:8b:04:25:63:c6:5d:a4:f6:e8:41:07:7f:d3:ee:dd:
87:61:36:bb:a2:3d:e4:91:6d:eb:a2:37:e6:51:43:b3:58:51:
64:8b:6e:32:5b:ce:3e:4a:ad:b7:1f:86:fe:33:b7:91:39:80:
04:0f:b1:6e:7d:1b:ac:0b:09:d7:ed:dd:97:16:8a:56:9b:cd:
d8:41:81:54:f8:f3:95:55:ed:7f:c2:83:62:ab:e6:2c:d6:2e:
c5:ad:6d:f3:af:f3:99:cb:16:2d:9c:5e:b5:38:9b:0e:4e:a4:
22:5c:0e:7b:f3:c5:e6:fa:1d:e6:58:b7:a8:3b:c4:61:b7:5f:
9a:50:97:df:b6:fe:ec:83:f8:92:91:4e:6e:40:06:83:4d:4b:
d9:80:66:01
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUTyBqH2I3adcdKHVnjLZjhw5yRGAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0Y2YyZDA0ZDhkMzkwNjUyYTEzZmYyYjY5MWI5MDcyNDVmZmE5ZTAxOGYy
MjE5YWM5OTc3MTNkNTQ5YjMzZGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqPh4HNfXuaRrB/7ziXjm9Dy/eibXmnfi8glPrnxin7dvuAxjHPashi2lGf
1yR6+pebv2oCSC+Y3y5HxiOFV2WCs91qJvMOLX6AGwFXH6OD5v7j6xBQrrwjmQOr
qOCSPP/p10jEhqobDMWmH1co+oFO/6Ii4Ypkon1dtoNLwE8r3HBGIsWVQZdLsKsi
EA6Lci28BK83i6s/0d7bTFc91oyApUjKWXhuQ1Odntz74wLloPDpYzELz8tqmnfJ
U0WUuTTOhHMDhsNSmkfXuqCqVGlw+PsAnBcHH71BhPLkTG5fMxztqr2D6qSQBRiV
X/c75W8dJCfdBbE1b6cku35xpHkCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTkVZzX
BTLpish1pLMCAir6cSnf1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDBhNjIxMTQtMDlmOC00MzgzLWFiYzUtYTdkODA1YzQyZDBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRR8Aw
DQYJKoZIhvcNAQELBQADggEBAKZ7ajBtVdUHvqadtromSMnWoM6qSXNgBOA9pbrQ
yzqb1jqX7Y4Rygob6j+Ss7s6x1u1N1T88l2bYFOSB/ekdT3mQpA3v4eWxLSX6FWr
w55i+0mBDXSH0BDePolX5wUCnvzOEiS/qRA7x1mLOZyUX4sEJWPGXaT26EEHf9Pu
3YdhNruiPeSRbeuiN+ZRQ7NYUWSLbjJbzj5Krbcfhv4zt5E5gAQPsW59G6wLCdft
3ZcWilabzdhBgVT485VV7X/Cg2Kr5izWLsWtbfOv85nLFi2cXrU4mw5OpCJcDnvz
xeb6HeZYt6g7xGG3X5pQl9+2/uyD+JKRTm5ABoNNS9mAZgE=
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org