Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa
File: 5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa (raw, json)
Hash identifier: Hg0L0+3lMmKmhvITP1d32JD5xGeem4qTLoOe/ZCaA08=
Subject key identifier: 1B:B9:4E:23:52:FF:51:F4:75:AC:30:8A:0A:47:29:01:48:C5:8C:E1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 50E4E21DC5000C3C41EFCB82633924EAF574D3B3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a11:47c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:e4:e2:1d:c5:00:0c:3c:41:ef:cb:82:63:39:24:ea:f5:74:d3:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=da342e57d03f3b67475d8edf8bde26b87a9c66ae3fa4be7ceb5c7462d936c1dd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:aa:91:d3:33:a9:70:e1:26:07:98:7d:f6:77:
fe:2f:44:ba:3a:49:a1:78:ce:75:12:0e:22:57:42:
25:0b:fb:35:0f:5c:56:8c:2b:4f:64:ae:2d:f5:8d:
75:2f:65:d6:ab:04:f0:40:52:02:e6:c7:af:68:e5:
0e:7d:95:dc:53:b3:87:51:b4:ad:fc:50:39:33:5c:
c5:76:13:bc:57:a1:f2:16:f1:4a:96:50:8e:22:58:
2b:cd:55:23:4d:02:68:42:0f:59:1f:66:84:2b:48:
bc:da:da:b4:1f:e9:ee:11:43:ad:04:5f:3e:be:e9:
a1:d4:29:71:0e:ee:6b:f5:c0:b7:53:12:b8:b6:06:
6b:13:aa:68:e3:9b:52:de:55:f0:38:9a:3b:9c:c4:
df:e3:55:2c:54:b4:4a:42:2b:69:1e:a0:5a:3c:19:
9c:d4:4f:8d:f4:c0:e9:c9:7a:96:d0:06:1f:12:f9:
1a:cd:44:0a:cf:d2:e5:4a:3e:2a:44:4a:58:5b:6d:
e7:eb:17:6e:63:d2:6a:a3:9c:08:f1:17:7b:69:78:
29:9e:ee:77:e0:e0:a5:f6:7b:bc:fe:7e:98:ed:67:
f2:b3:cd:9e:ea:8b:4e:1a:cb:1c:e5:b6:72:88:eb:
df:76:04:b6:12:34:1f:90:00:f6:a2:0d:cd:b3:b4:
34:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:B9:4E:23:52:FF:51:F4:75:AC:30:8A:0A:47:29:01:48:C5:8C:E1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
16:3a:bd:1a:eb:2e:0f:69:ae:b5:7b:dc:88:9d:73:5a:52:25:
d2:22:eb:89:1f:36:4c:61:02:bc:2e:92:e2:c4:5a:8e:14:ad:
bd:cc:a2:89:2f:5e:75:af:69:d3:f2:23:59:48:6a:02:cc:3e:
68:b7:d3:f9:90:5c:38:a8:4e:57:45:f4:ef:c7:96:38:ab:04:
8a:95:b0:fe:25:a4:2a:60:db:c1:7d:11:fa:86:d2:f1:44:1f:
10:e4:af:45:f5:84:69:71:cb:05:9a:d3:72:1a:ea:bf:8e:17:
03:b6:51:93:6e:3a:3a:5a:ba:0e:65:a5:38:84:38:31:51:d3:
e1:0f:55:bd:45:ec:49:7d:2d:c1:51:4b:f5:98:52:a2:eb:42:
36:ef:de:32:69:4c:2f:43:0d:e9:26:70:4c:2e:c9:42:f6:c7:
b7:68:7c:4d:0e:d5:b4:ff:e6:a0:36:61:9d:a8:97:c2:46:c0:
01:f4:6b:98:51:39:63:9a:b8:7b:1e:c1:68:f1:56:e7:5f:09:
c3:83:9a:b1:2b:84:0f:5a:08:e0:02:92:ca:11:22:ab:fe:36:
36:81:6f:0c:c2:b7:e4:e6:8f:25:7b:cd:84:ad:08:6d:d6:be:
a0:b9:11:40:71:f6:0b:b3:18:01:c3:df:29:b5:58:24:62:a2:
a1:1c:79:df
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUUOTiHcUADDxB78uCYzkk6vV007MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhMzQyZTU3ZDAzZjNiNjc0NzVkOGVkZjhiZGUyNmI4N2E5YzY2YWUzZmE0
YmU3Y2ViNWM3NDYyZDkzNmMxZGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2qkdMzqXDhJgeYffZ3/i9EujpJoXjOdRIOIldCJQv7NQ9cVowrT2SuLfWN
dS9l1qsE8EBSAubHr2jlDn2V3FOzh1G0rfxQOTNcxXYTvFeh8hbxSpZQjiJYK81V
I00CaEIPWR9mhCtIvNratB/p7hFDrQRfPr7podQpcQ7ua/XAt1MSuLYGaxOqaOOb
Ut5V8DiaO5zE3+NVLFS0SkIraR6gWjwZnNRPjfTA6cl6ltAGHxL5Gs1ECs/S5Uo+
KkRKWFtt5+sXbmPSaqOcCPEXe2l4KZ7ud+DgpfZ7vP5+mO1n8rPNnuqLThrLHOW2
cojr33YEthI0H5AA9qINzbO0NM0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQbuU4j
Uv9R9HWsMIoKRykBSMWM4TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWVmNDg2YzAtNmIxNS00MjllLThiNTYtNWZiNWJjOTQ5MGU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRR8Aw
DQYJKoZIhvcNAQELBQADggEBABY6vRrrLg9prrV73Iidc1pSJdIi64kfNkxhArwu
kuLEWo4Urb3MookvXnWvadPyI1lIagLMPmi30/mQXDioTldF9O/HljirBIqVsP4l
pCpg28F9EfqG0vFEHxDkr0X1hGlxywWa03Ia6r+OFwO2UZNuOjpaug5lpTiEODFR
0+EPVb1F7El9LcFRS/WYUqLrQjbv3jJpTC9DDekmcEwuyUL2x7dofE0O1bT/5qA2
YZ2ol8JGwAH0a5hROWOauHsewWjxVudfCcODmrErhA9aCOACksoRIqv+NjaBbwzC
t+TmjyV7zYStCG3WvqC5EUBx9guzGAHD3ym1WCRioqEced8=
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org