Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71d66127-3f22-4413-8fe7-9d46d7fe6626.roa
File: 71d66127-3f22-4413-8fe7-9d46d7fe6626.roa (raw, json)
Hash identifier: flI7J2H1fcAEB5XIN/dbBnsrbIanRwNgQcgxqd0tvSc=
Subject key identifier: F3:1C:B1:DD:36:AE:60:E2:DC:E0:4D:68:E1:31:58:6A:FF:F5:B5:4F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 457C7BE89522839FE6C2C966623E64FAEE148406
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71d66127-3f22-4413-8fe7-9d46d7fe6626.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:7c:7b:e8:95:22:83:9f:e6:c2:c9:66:62:3e:64:fa:ee:14:84:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=9ccc43f7f179e4d298f2fbc3b16355d6ddf20746e0eb2037c666b61962da65da, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8d:e7:99:be:e3:60:b1:b1:11:ae:1a:f5:25:
d6:f8:1e:56:0e:9d:3c:12:dd:39:a0:99:13:12:9b:
b8:05:60:ae:01:08:eb:9b:6a:03:73:1c:18:13:1e:
ee:27:f4:fc:a5:18:5e:90:e5:59:9c:d3:37:7b:c7:
85:03:31:ab:c8:85:85:35:93:7f:b6:f3:3e:49:71:
56:87:d5:35:1b:2b:77:17:fc:89:61:f6:f9:18:21:
87:5d:8d:81:db:cd:2d:e6:39:86:19:9c:92:55:f1:
68:44:ab:34:b5:30:ea:fe:a9:47:4f:84:89:73:cd:
30:5c:30:7d:85:83:4c:35:b2:db:f4:f0:49:5e:a8:
be:99:8b:d4:9f:2e:f9:d8:35:5d:eb:a8:5b:8d:60:
78:8f:44:c1:e2:ba:01:a9:da:31:eb:c1:b2:e5:7e:
64:56:1b:30:d0:40:b2:ed:55:ed:48:65:a7:64:a7:
61:7a:a9:8f:53:7f:16:35:8d:23:c8:9e:b4:67:88:
ba:98:a6:94:4c:ba:52:88:64:8e:d7:f3:0c:5d:7d:
ed:31:67:68:4a:07:ae:7d:37:e7:42:d8:8e:01:eb:
85:7c:70:a4:a8:16:1b:0c:e9:eb:eb:d3:c6:8c:6d:
c3:e1:b4:34:e1:0d:7e:9d:2c:01:fb:e6:78:80:b8:
9c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:1C:B1:DD:36:AE:60:E2:DC:E0:4D:68:E1:31:58:6A:FF:F5:B5:4F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71d66127-3f22-4413-8fe7-9d46d7fe6626.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:8d:ff:d8:a2:34:22:06:da:01:c6:54:fe:6e:33:c7:1f:08:
62:53:b6:df:1b:a2:a8:68:c6:8e:6c:fb:5b:0f:3b:19:7d:0d:
93:e4:b9:fc:95:73:be:86:49:c7:05:b1:81:81:91:95:ef:09:
d9:4a:10:31:02:58:6b:d3:59:ea:43:d3:d6:c8:55:20:66:a5:
d2:15:ae:90:07:2b:ff:d0:1e:58:1b:91:16:6e:a3:37:7b:f1:
6b:b0:45:f1:b2:3c:e1:66:d8:cc:be:16:53:26:52:38:97:76:
a1:18:4e:44:4e:e2:c2:2c:fc:2f:7c:98:51:40:17:61:67:91:
ab:d0:fb:11:9a:40:ef:aa:57:09:bd:25:ce:fd:89:c9:c1:7a:
a0:9a:5d:ea:73:44:2d:97:23:0d:1a:b1:43:71:8a:04:31:28:
99:48:22:88:89:d1:52:ed:92:d7:0e:87:51:4c:de:ed:d0:72:
c9:5a:c8:c9:45:83:8a:d5:8a:93:38:1e:bc:1c:a2:b4:b0:98:
7e:ee:a5:d4:95:2a:26:0e:3f:e5:84:0f:af:b2:eb:4f:c8:13:
51:97:17:5b:1e:22:67:90:78:db:e6:d4:e6:48:25:8c:6b:5a:
80:52:31:6a:3f:e4:24:7f:d1:b6:7f:a9:0d:b2:02:34:30:9f:
2d:fd:a2:61
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURXx76JUig5/mwslmYj5k+u4UhAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDljY2M0M2Y3ZjE3OWU0ZDI5OGYyZmJjM2IxNjM1NWQ2ZGRmMjA3NDZlMGVi
MjAzN2M2NjZiNjE5NjJkYTY1ZGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWN55m+42CxsRGuGvUl1vgeVg6dPBLdOaCZExKbuAVgrgEI65tqA3McGBMe
7if0/KUYXpDlWZzTN3vHhQMxq8iFhTWTf7bzPklxVofVNRsrdxf8iWH2+Rghh12N
gdvNLeY5hhmcklXxaESrNLUw6v6pR0+EiXPNMFwwfYWDTDWy2/TwSV6ovpmL1J8u
+dg1XeuoW41geI9EweK6AanaMevBsuV+ZFYbMNBAsu1V7Uhlp2SnYXqpj1N/FjWN
I8ietGeIupimlEy6UohkjtfzDF197TFnaEoHrn0350LYjgHrhXxwpKgWGwzp6+vT
xoxtw+G0NOENfp0sAfvmeIC4nIcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTzHLHd
Nq5g4tzgTWjhMVhq//W1TzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzFkNjYxMjctM2YyMi00NDEzLThmZTctOWQ0NmQ3ZmU2NjI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQBHjf/YojQiBtoBxlT+bjPHHwhiU7bfG6KoaMaObPtb
DzsZfQ2T5Ln8lXO+hknHBbGBgZGV7wnZShAxAlhr01nqQ9PWyFUgZqXSFa6QByv/
0B5YG5EWbqM3e/FrsEXxsjzhZtjMvhZTJlI4l3ahGE5ETuLCLPwvfJhRQBdhZ5Gr
0PsRmkDvqlcJvSXO/YnJwXqgml3qc0QtlyMNGrFDcYoEMSiZSCKIidFS7ZLXDodR
TN7t0HLJWsjJRYOK1YqTOB68HKK0sJh+7qXUlSomDj/lhA+vsutPyBNRlxdbHiJn
kHjb5tTmSCWMa1qAUjFqP+Qkf9G2f6kNsgI0MJ8t/aJh
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org