Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
File: 47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa (raw, json)
Hash identifier: diSjIqZ9GtUljyQn6KMwlzas/w4JPlo8OS1hsplPeXY=
Subject key identifier: 71:D0:00:9E:47:2B:A6:F0:21:23:1F:F4:59:D1:D3:6B:D1:99:80:FF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 387E1A66F4E0B93831D2D14AAD35455104F6FB34
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:7e:1a:66:f4:e0:b9:38:31:d2:d1:4a:ad:35:45:51:04:f6:fb:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=fb9f4927ec4547ca22a62f8da21b48b405df602a772ee0db1bcb9f4bf447fef4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:eb:e0:02:96:01:6a:a3:48:9c:0b:6b:44:e0:
c2:21:c9:8d:48:e4:31:1a:9c:65:b6:95:b8:1f:d3:
25:40:73:1f:4a:f2:4a:ff:43:a4:72:fa:0c:15:e3:
f7:6f:c9:6e:99:6a:72:13:be:8c:c7:1f:95:f5:09:
f8:6f:4f:42:f1:e0:dc:3b:c3:0d:92:56:12:a3:c3:
3d:4e:20:d6:53:e1:b0:66:0a:e5:10:5a:7f:4e:26:
d2:9b:15:6c:bf:13:37:e8:b9:c3:05:3c:b2:52:0a:
8b:d5:a6:6b:db:25:21:37:f1:8c:1f:3d:b0:6e:86:
c8:de:91:e6:0d:9a:7e:2e:37:4f:b5:00:c0:3c:10:
d3:de:7e:8d:a1:59:08:bd:dd:f8:23:a4:0b:79:a7:
48:91:ca:3e:89:d5:2c:fc:fc:f4:dc:5e:ff:84:7f:
ae:d8:fa:d6:eb:eb:55:b8:b7:d8:31:e7:2f:4d:de:
c6:ac:d2:2f:cd:15:6c:bd:69:3f:1c:24:c5:45:ff:
75:77:51:86:a0:46:f3:85:e1:0e:37:b9:43:99:f8:
73:21:24:db:a5:a0:0a:13:5d:39:1d:7f:93:68:ef:
0d:34:93:ef:4c:72:12:13:4e:dc:fc:5a:95:dc:52:
ee:98:e4:49:9b:ad:2f:04:df:57:4e:4f:bf:32:1d:
09:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D0:00:9E:47:2B:A6:F0:21:23:1F:F4:59:D1:D3:6B:D1:99:80:FF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
9d:45:30:f9:25:ea:a5:2e:1a:6c:bb:9a:30:4e:f0:8a:fb:1c:
56:d2:5a:39:12:e2:ac:96:ff:c3:cd:86:44:47:d8:05:77:37:
b8:61:9c:4e:3e:8e:b6:c7:b6:ea:3c:70:96:e3:f0:86:af:6b:
12:b6:ae:01:06:d4:98:6d:04:27:79:3a:26:b7:38:3f:9d:e5:
39:44:4f:4a:1e:92:52:2d:d9:48:d6:ba:3e:36:9e:0b:e4:bc:
d6:12:99:9a:c0:d4:3a:c8:55:d7:d7:fb:3a:e6:d5:6a:8d:60:
cf:53:6c:11:82:6d:f0:4e:51:f1:b8:e8:e8:ea:eb:93:c8:0f:
65:b0:22:12:01:62:b8:ef:a7:23:1a:d2:ba:b8:f3:1a:7a:64:
7e:6e:82:a9:6a:7b:dd:2a:dd:49:41:3d:f0:57:f4:7c:59:55:
be:37:1c:b7:0d:d2:ca:8f:5e:b1:ea:b2:65:93:23:c6:bd:98:
50:77:18:b3:31:de:bc:e6:9f:92:fd:56:56:38:f6:3b:b3:d5:
17:70:02:fe:bb:33:46:e5:cb:88:95:44:b8:b8:1e:1f:67:6e:
4c:7d:2d:1a:04:e5:fa:fb:a3:18:f2:30:a9:c3:27:fa:39:ff:
76:eb:c5:77:1d:7b:6b:c9:26:de:02:e7:92:6f:47:fd:5f:48:
9e:d3:bb:fc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOH4aZvTguTgx0tFKrTVFUQT2+zQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiOWY0OTI3ZWM0NTQ3Y2EyMmE2MmY4ZGEyMWI0OGI0MDVkZjYwMmE3NzJl
ZTBkYjFiY2I5ZjRiZjQ0N2ZlZjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHr4AKWAWqjSJwLa0TgwiHJjUjkMRqcZbaVuB/TJUBzH0rySv9DpHL6DBXj
92/JbplqchO+jMcflfUJ+G9PQvHg3DvDDZJWEqPDPU4g1lPhsGYK5RBaf04m0psV
bL8TN+i5wwU8slIKi9Wma9slITfxjB89sG6GyN6R5g2afi43T7UAwDwQ095+jaFZ
CL3d+COkC3mnSJHKPonVLPz89Nxe/4R/rtj61uvrVbi32DHnL03exqzSL80VbL1p
PxwkxUX/dXdRhqBG84XhDje5Q5n4cyEk26WgChNdOR1/k2jvDTST70xyEhNO3Pxa
ldxS7pjkSZutLwTfV05PvzIdCZ8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRx0ACe
Ryum8CEjH/RZ0dNr0ZmA/zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDdlM2MzNWItNjJjZC00MTM5LWE5N2MtN2JmMGNlNDQwOTdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAnUUw+SXqpS4abLuaME7wivscVtJaORLirJb/w82G
REfYBXc3uGGcTj6Otse26jxwluPwhq9rErauAQbUmG0EJ3k6Jrc4P53lOURPSh6S
Ui3ZSNa6PjaeC+S81hKZmsDUOshV19f7OubVao1gz1NsEYJt8E5R8bjo6Orrk8gP
ZbAiEgFiuO+nIxrSurjzGnpkfm6CqWp73SrdSUE98Ff0fFlVvjcctw3Syo9eseqy
ZZMjxr2YUHcYszHevOafkv1WVjj2O7PVF3AC/rszRuXLiJVEuLgeH2duTH0tGgTl
+vujGPIwqcMn+jn/duvFdx17a8km3gLnkm9H/V9IntO7/A==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org