Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ce1a59c-1bfd-4b5e-ad34-d3f4f07a46f7.roa
File: 6ce1a59c-1bfd-4b5e-ad34-d3f4f07a46f7.roa (raw, json)
Hash identifier: /srAHt6TbsbcwYgZyL0QqE8Wgl16xmoSb7lWUeOKicw=
Subject key identifier: B3:C6:35:7D:12:1E:7B:77:17:1F:95:B3:95:25:A3:4D:15:D1:C8:20
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 106E6F7659DA73E7D5E8F73F6E38A9D2AE5415CE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ce1a59c-1bfd-4b5e-ad34-d3f4f07a46f7.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:6e:6f:76:59:da:73:e7:d5:e8:f7:3f:6e:38:a9:d2:ae:54:15:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=b289934ee912de72b8466e279544c87cd47d58aeb26618a4a5e1bd51370d10ad, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:11:ab:45:c9:56:16:ba:24:8b:8a:e9:0d:9f:
a6:f8:4c:a6:d4:46:67:5e:19:7e:6d:78:36:cd:ac:
0c:33:39:80:68:8f:31:91:0b:9f:89:a3:c9:60:7b:
2f:1b:f7:87:de:47:8f:ae:6c:0d:04:2c:fd:84:d7:
db:4e:5d:a4:9d:a7:de:86:14:8c:6f:4c:0e:44:42:
3f:51:fd:20:21:ed:98:09:6b:fb:a4:44:64:5d:66:
c8:0e:6d:88:22:69:f9:48:54:a4:ae:65:a4:df:4e:
f4:a1:e4:6e:a4:83:68:f7:de:9d:a9:8f:cb:39:87:
ca:90:96:ad:28:96:9a:21:08:89:c7:03:bb:5d:79:
ee:37:27:0e:ca:2f:63:15:90:21:d9:27:ea:cd:06:
4e:bd:0e:fd:da:54:af:f8:b4:18:20:a6:74:b4:c0:
a1:fb:e3:92:02:64:37:90:05:49:17:37:41:1f:2b:
50:46:f1:43:0a:58:d2:45:cb:bd:a0:6c:12:51:c9:
5d:10:d8:5a:44:95:8f:83:0d:36:b0:cb:7b:98:28:
46:7f:43:51:41:b6:c9:85:25:46:fb:39:46:73:a3:
05:c4:5a:c5:d3:f3:4d:6c:f7:c5:bc:1d:fa:b4:e1:
ff:74:63:7a:67:09:f2:f9:f3:56:b4:bb:4c:96:85:
f8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C6:35:7D:12:1E:7B:77:17:1F:95:B3:95:25:A3:4D:15:D1:C8:20
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ce1a59c-1bfd-4b5e-ad34-d3f4f07a46f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:db:ad:63:c4:fb:b7:a5:bd:5e:b3:b4:07:1f:d9:a3:48:c2:
4a:c1:98:d8:f1:7e:6d:f9:97:78:53:7d:41:4d:ec:d1:63:b4:
33:3c:65:74:80:a4:f0:f5:49:17:a7:26:89:f2:67:8d:96:4b:
c1:08:5b:6e:4a:4f:85:9d:ee:f3:85:46:65:9b:37:c0:e3:86:
28:23:32:4a:54:93:a4:3b:aa:d3:ae:e9:95:e3:38:f8:4b:d5:
d1:f8:74:e4:f3:bb:1c:77:43:23:71:eb:6d:c7:1e:16:df:f6:
6e:33:46:e7:d7:3e:05:8a:6e:b2:01:ed:ac:69:eb:77:39:b8:
0b:df:09:18:61:93:92:48:da:53:d0:3e:5f:6d:de:20:72:a3:
2b:b5:ea:bb:4d:93:e3:63:09:25:04:ae:d5:68:75:06:eb:df:
87:71:36:96:39:7c:1b:c5:c1:09:23:d9:bd:f9:98:7c:03:58:
3a:b7:e9:59:b2:74:29:ac:ac:ed:26:86:19:68:4c:32:9e:87:
e5:c1:15:5b:6d:f3:65:35:3f:7d:ee:5e:92:36:4e:b0:4e:14:
02:73:8d:3b:a3:26:ea:44:6f:89:29:d9:59:68:94:29:78:c1:
f0:d7:08:5a:63:45:25:6d:99:04:4b:dd:6b:a3:6e:46:5c:67:
43:36:4c:7d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEG5vdlnac+fV6Pc/bjip0q5UFc4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyODk5MzRlZTkxMmRlNzJiODQ2NmUyNzk1NDRjODdjZDQ3ZDU4YWViMjY2
MThhNGE1ZTFiZDUxMzcwZDEwYWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALARq0XJVha6JIuK6Q2fpvhMptRGZ14Zfm14Ns2sDDM5gGiPMZELn4mjyWB7
Lxv3h95Hj65sDQQs/YTX205dpJ2n3oYUjG9MDkRCP1H9ICHtmAlr+6REZF1myA5t
iCJp+UhUpK5lpN9O9KHkbqSDaPfenamPyzmHypCWrSiWmiEIiccDu1157jcnDsov
YxWQIdkn6s0GTr0O/dpUr/i0GCCmdLTAofvjkgJkN5AFSRc3QR8rUEbxQwpY0kXL
vaBsElHJXRDYWkSVj4MNNrDLe5goRn9DUUG2yYUlRvs5RnOjBcRaxdPzTWz3xbwd
+rTh/3RjemcJ8vnzVrS7TJaF+EcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSzxjV9
Eh57dxcflbOVJaNNFdHIIDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmNlMWE1OWMtMWJmZC00YjVlLWFkMzQtZDNmNGYwN2E0NmY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEArNutY8T7t6W9XrO0Bx/Zo0jCSsGY2PF+bfmXeFN9
QU3s0WO0MzxldICk8PVJF6cmifJnjZZLwQhbbkpPhZ3u84VGZZs3wOOGKCMySlST
pDuq067pleM4+EvV0fh05PO7HHdDI3HrbcceFt/2bjNG59c+BYpusgHtrGnrdzm4
C98JGGGTkkjaU9A+X23eIHKjK7Xqu02T42MJJQSu1Wh1Buvfh3E2ljl8G8XBCSPZ
vfmYfANYOrfpWbJ0Kays7SaGGWhMMp6H5cEVW23zZTU/fe5ekjZOsE4UAnONO6Mm
6kRviSnZWWiUKXjB8NcIWmNFJW2ZBEvda6NuRlxnQzZMfQ==
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org