Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa
File: 7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa (raw, json)
Hash identifier: Ogrgm8HfzdZreGV+u9Pm7kbNEAoOdqKdZLA7YwptZZQ=
Subject key identifier: 19:CE:64:A9:21:76:6C:42:A5:EB:DD:61:5C:6D:75:BC:B0:F1:CF:13
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05C99DB3069D815A333CD14ACD1FEE7DF61F5A69
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa
Signing time: Fri 14 Jun 2024 00:00:00 +0000
ROA not before: Fri 14 Jun 2024 00:00:00 +0000
ROA not after: Fri 19 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:c9:9d:b3:06:9d:81:5a:33:3c:d1:4a:cd:1f:ee:7d:f6:1f:5a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 14 00:00:00 2024 GMT
Not After : Jul 19 23:59:59 2024 GMT
Subject: serialNumber=fb15d4de473ae0fe3b32bf939fe54028e8c7b4c600f8425d9ba9a1d20be73d4e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a3:48:74:02:2f:3e:65:dc:2c:4d:16:6b:9e:
53:0e:a6:46:f8:03:f8:53:5f:da:55:1b:04:b3:39:
9e:de:a2:af:1b:a2:f6:e9:df:a9:48:97:8c:8b:4c:
75:e4:f5:8c:5b:b9:9e:5f:f6:36:32:16:f5:f8:d2:
75:b0:76:e9:65:36:34:7f:d6:81:b7:19:80:84:fd:
5f:fc:9c:d8:47:7c:51:61:28:e9:54:49:58:5a:fd:
54:b1:20:b7:03:57:ab:fd:bf:cd:02:dc:86:f4:09:
99:b9:53:e5:dd:e6:b9:09:74:6f:9f:83:2d:87:ad:
07:de:50:e8:e6:61:62:27:15:78:96:f4:42:fc:2d:
41:27:a9:ee:78:a8:be:0d:10:28:b2:dd:80:ba:75:
b4:03:a5:7c:0f:2d:4f:4e:6a:dd:b6:19:4d:9b:15:
99:5b:db:27:8c:e1:1c:36:29:92:53:0e:be:1e:ca:
09:e3:88:e3:1b:b9:86:9a:5a:1b:22:33:dd:6b:70:
21:71:f4:06:5d:81:3d:b5:46:59:d8:f9:54:14:b8:
cf:12:71:e8:62:b5:ce:9a:39:80:35:8e:08:44:b5:
eb:54:a5:c1:68:f4:97:52:7a:44:1f:57:c4:f2:bd:
ae:d6:a3:52:5d:a2:e8:d1:94:b6:14:d5:62:79:71:
1b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:CE:64:A9:21:76:6C:42:A5:EB:DD:61:5C:6D:75:BC:B0:F1:CF:13
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:99:03:86:43:d6:de:cb:f2:27:67:dc:43:2a:3a:8c:c3:f3:
1c:1e:1f:2f:f5:54:f8:a9:f9:93:ec:f7:d0:0c:5b:8d:79:b9:
bc:77:65:a1:78:64:af:3d:bb:f2:86:d9:30:99:93:af:92:e9:
47:ae:a7:d7:21:96:21:66:a0:22:78:30:47:5a:69:c1:0f:ec:
7d:2a:63:bd:a5:f5:49:f9:d5:ee:53:e9:4d:21:75:be:50:6d:
fb:ea:c1:aa:53:d6:d1:08:7d:ce:96:a0:42:8a:97:58:6c:95:
2d:f4:12:86:d3:91:56:c9:83:f5:f4:cc:ff:7e:cb:c6:33:82:
84:33:97:0e:69:39:2e:0d:73:fd:1a:a8:67:ae:5d:e2:2f:6d:
b0:29:79:5e:f2:37:6b:87:79:a4:17:0b:4b:58:f6:87:85:1f:
cd:24:5c:bf:d4:29:be:18:fe:92:c5:f0:6d:0b:72:0e:9b:bd:
71:c5:60:41:9d:f2:bc:02:06:8a:15:8a:d7:23:e3:cb:ab:9b:
26:51:60:ae:45:62:5f:8c:7e:50:39:96:ae:e5:94:55:80:5f:
ad:4e:7a:78:51:07:12:d4:e8:d2:9d:57:32:62:19:3d:f1:77:
5c:c4:a5:86:b4:7a:1f:67:41:07:bd:8c:7d:7f:1c:96:fc:cd:
1e:eb:9e:50
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBcmdswadgVozPNFKzR/uffYfWmkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTQwMDAwMDBaFw0yNDA3MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiMTVkNGRlNDczYWUwZmUzYjMyYmY5MzlmZTU0MDI4ZThjN2I0YzYwMGY4
NDI1ZDliYTlhMWQyMGJlNzNkNGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6jSHQCLz5l3CxNFmueUw6mRvgD+FNf2lUbBLM5nt6irxui9unfqUiXjItM
deT1jFu5nl/2NjIW9fjSdbB26WU2NH/WgbcZgIT9X/yc2Ed8UWEo6VRJWFr9VLEg
twNXq/2/zQLchvQJmblT5d3muQl0b5+DLYetB95Q6OZhYicVeJb0QvwtQSep7nio
vg0QKLLdgLp1tAOlfA8tT05q3bYZTZsVmVvbJ4zhHDYpklMOvh7KCeOI4xu5hppa
GyIz3WtwIXH0Bl2BPbVGWdj5VBS4zxJx6GK1zpo5gDWOCES161SlwWj0l1J6RB9X
xPK9rtajUl2i6NGUthTVYnlxG9ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQZzmSp
IXZsQqXr3WFcbXW8sPHPEzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2ZiZDYwNWItZDRlNS00YjE0LTllYzAtZTFiMmY0ZmZiNTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQBLmQOGQ9bey/InZ9xDKjqMw/McHh8v9VT4qfmT7PfQ
DFuNebm8d2WheGSvPbvyhtkwmZOvkulHrqfXIZYhZqAieDBHWmnBD+x9KmO9pfVJ
+dXuU+lNIXW+UG376sGqU9bRCH3OlqBCipdYbJUt9BKG05FWyYP19Mz/fsvGM4KE
M5cOaTkuDXP9Gqhnrl3iL22wKXle8jdrh3mkFwtLWPaHhR/NJFy/1Cm+GP6SxfBt
C3IOm71xxWBBnfK8AgaKFYrXI+PLq5smUWCuRWJfjH5QOZau5ZRVgF+tTnp4UQcS
1OjSnVcyYhk98XdcxKWGtHofZ0EHvYx9fxyW/M0e655Q
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org