Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f4a66bb-3bbf-4f2d-81a1-89005f1bb7bd.roa
File: 5f4a66bb-3bbf-4f2d-81a1-89005f1bb7bd.roa (raw, json)
Hash identifier: hoWIuVogWMTumAG59p8hu8befzoIvPjTPjhLK9gqPzw=
Subject key identifier: 42:AF:89:7F:81:16:99:7F:F8:DE:D5:33:C3:DC:11:F0:B5:1F:14:3A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 54C7BFEA2342F862DADDD0B817C1C209D73EB779
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f4a66bb-3bbf-4f2d-81a1-89005f1bb7bd.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1020::/43 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:c7:bf:ea:23:42:f8:62:da:dd:d0:b8:17:c1:c2:09:d7:3e:b7:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=a9204ea8c3591b65367983fd7ebf262fd66527a21b1b6dd86dff3ad256da312b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b3:b0:4a:43:3f:73:20:b6:54:30:05:85:a8:
3e:14:29:da:a2:b4:aa:6e:eb:6f:75:87:4b:c5:24:
a7:b9:a9:36:91:a4:94:a4:0b:18:97:d6:f6:e6:26:
03:e8:c6:a1:20:d3:97:0e:4e:84:97:56:b5:cc:8c:
a6:08:20:17:b8:bd:77:3e:71:d0:07:e1:61:9e:75:
ce:36:1c:77:6f:d3:2a:9e:72:dc:5d:40:cd:26:9e:
31:63:09:51:28:a1:40:14:77:41:e0:25:32:0c:e4:
85:85:9f:82:08:1d:7f:ba:1c:cd:78:69:92:d9:47:
a8:19:ea:ba:ef:8f:ff:1f:55:87:eb:67:58:cf:4e:
da:07:e7:6e:8b:43:e9:44:01:87:85:80:1d:53:c0:
4e:03:76:f7:04:1e:2d:d8:97:c7:2d:03:51:f3:5e:
74:1c:07:f7:43:55:5e:ac:38:cc:a4:6a:cf:31:2e:
2f:d0:d5:26:b3:b1:0d:d5:1d:89:dc:a3:bc:76:de:
70:17:9c:7a:53:66:07:aa:fb:3d:57:43:0e:37:51:
6b:59:3d:c1:2e:ca:8c:64:be:86:40:11:19:c2:f3:
d8:8c:cb:9e:b1:5b:87:9f:54:f7:35:35:f3:ea:a1:
bd:c4:be:60:d9:2b:c7:8e:89:89:d7:e7:30:c3:52:
d6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:AF:89:7F:81:16:99:7F:F8:DE:D5:33:C3:DC:11:F0:B5:1F:14:3A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f4a66bb-3bbf-4f2d-81a1-89005f1bb7bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1020::/43
Signature Algorithm: sha256WithRSAEncryption
52:7e:53:0a:34:c0:ba:57:39:ec:6f:0f:30:44:d1:f1:22:5c:
63:92:6b:7c:a7:53:7f:fd:da:90:24:16:78:0c:ec:27:f3:ce:
39:f8:fa:84:b9:c5:dd:5e:74:e5:03:40:72:09:b2:71:79:8e:
7f:ef:2e:b1:8d:94:49:e0:a2:30:0a:fa:a9:2d:20:99:cb:10:
e9:c2:a9:29:73:be:53:bf:fd:9d:0b:34:15:26:a6:d1:c3:69:
9b:c5:29:1b:bd:a8:59:20:ed:1f:1d:a0:d5:dd:15:3d:10:44:
df:a4:75:6d:e3:0c:9a:19:2d:83:f6:81:b7:0a:b2:94:e5:3d:
6c:c9:32:3e:9f:75:41:eb:3a:c2:3f:7a:67:ab:7b:49:d8:f1:
0c:6a:e3:6d:5c:2f:7e:18:7c:4b:a3:2d:05:00:12:15:f5:42:
34:1a:c2:df:f5:4b:4a:51:01:69:be:3c:62:6e:d1:a7:f9:f2:
7c:ea:09:04:b1:9b:54:6e:b7:b4:9b:b0:17:90:17:1b:03:67:
61:9f:09:c8:4f:27:c6:15:7e:a4:93:8a:75:28:a9:a0:47:ca:
ce:9d:dc:c6:43:a1:ee:f1:7e:90:56:a4:b2:9f:b7:a2:4d:a9:
49:c4:7c:f4:62:20:7e:87:2e:1f:8f:a7:40:e8:a8:4a:09:3a:
1f:f6:65:32
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVMe/6iNC+GLa3dC4F8HCCdc+t3kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5MjA0ZWE4YzM1OTFiNjUzNjc5ODNmZDdlYmYyNjJmZDY2NTI3YTIxYjFi
NmRkODZkZmYzYWQyNTZkYTMxMmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOzsEpDP3MgtlQwBYWoPhQp2qK0qm7rb3WHS8Ukp7mpNpGklKQLGJfW9uYm
A+jGoSDTlw5OhJdWtcyMpgggF7i9dz5x0AfhYZ51zjYcd2/TKp5y3F1AzSaeMWMJ
USihQBR3QeAlMgzkhYWfgggdf7oczXhpktlHqBnquu+P/x9Vh+tnWM9O2gfnbotD
6UQBh4WAHVPATgN29wQeLdiXxy0DUfNedBwH90NVXqw4zKRqzzEuL9DVJrOxDdUd
idyjvHbecBecelNmB6r7PVdDDjdRa1k9wS7KjGS+hkARGcLz2IzLnrFbh59U9zU1
8+qhvcS+YNkrx46JidfnMMNS1kECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRCr4l/
gRaZf/je1TPD3BHwtR8UOjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWY0YTY2YmItM2JiZi00ZjJkLTgxYTEtODkwMDVmMWJiN2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBSoBBXgQ
IDANBgkqhkiG9w0BAQsFAAOCAQEAUn5TCjTAulc57G8PMETR8SJcY5JrfKdTf/3a
kCQWeAzsJ/POOfj6hLnF3V505QNAcgmycXmOf+8usY2USeCiMAr6qS0gmcsQ6cKp
KXO+U7/9nQs0FSam0cNpm8UpG72oWSDtHx2g1d0VPRBE36R1beMMmhktg/aBtwqy
lOU9bMkyPp91Qes6wj96Z6t7SdjxDGrjbVwvfhh8S6MtBQASFfVCNBrC3/VLSlEB
ab48Ym7Rp/nyfOoJBLGbVG63tJuwF5AXGwNnYZ8JyE8nxhV+pJOKdSipoEfKzp3c
xkOh7vF+kFaksp+3ok2pScR89GIgfocuH4+nQOioSgk6H/ZlMg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org