Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a4f9b1d-c483-4904-8d04-be1592cba27d.roa
File: 9a4f9b1d-c483-4904-8d04-be1592cba27d.roa (raw, json)
Hash identifier: ZKz5iImRE+Uislj8LiAiE62FuHNB39ob3GUdf1lgGYc=
Subject key identifier: 9C:7E:C4:99:CF:A8:C2:A7:3A:0A:1B:E5:87:48:97:87:A6:3E:57:19
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6139045619183C1C90C404009E088AE31411524F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a4f9b1d-c483-4904-8d04-be1592cba27d.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:39:04:56:19:18:3c:1c:90:c4:04:00:9e:08:8a:e3:14:11:52:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=aad66a27785684a5e7a3cdbbc6eb597dfea5ae8d64a483ca4076a873c3b13ab9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:76:f3:47:e3:50:3a:24:70:ec:7f:a2:37:49:
f8:69:38:0a:55:2b:bb:fe:bf:4f:3c:d2:1d:4f:84:
72:ac:21:8d:4b:0f:d8:d1:7f:3a:bc:03:61:f0:a7:
8c:ae:0d:45:1e:d6:b2:3f:6a:35:5e:26:47:a6:2f:
94:27:d4:60:42:83:b7:d9:b1:70:d5:ce:b4:3a:66:
3b:0d:a9:56:5c:96:a6:1f:e0:77:85:8e:04:5e:b9:
41:6d:99:6f:49:29:0e:5c:f1:ce:d9:fd:ed:16:7a:
99:a6:81:74:41:1e:76:34:c4:51:8f:42:bd:e3:58:
27:c1:e9:b2:bd:40:4d:f4:8a:26:a0:90:57:7d:29:
73:65:03:04:2c:30:7a:c9:fc:5c:84:92:cd:db:6d:
51:b1:af:70:38:8c:c4:01:45:d6:7e:9c:aa:b0:fd:
bf:da:68:63:d2:ca:3d:31:8b:48:c6:77:31:f1:c8:
7b:d8:79:58:f2:2e:0d:74:0e:b8:85:75:e0:2f:4a:
99:a9:ac:62:7e:55:d3:38:ff:76:03:a4:53:1f:4b:
a1:2e:d9:f4:d4:5e:d2:34:e8:59:83:a7:14:2c:7c:
dc:c6:6c:82:30:a9:31:25:28:5c:af:ca:97:7f:85:
19:f0:08:77:a3:36:d3:d5:59:79:9b:69:64:8f:95:
b4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:7E:C4:99:CF:A8:C2:A7:3A:0A:1B:E5:87:48:97:87:A6:3E:57:19
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a4f9b1d-c483-4904-8d04-be1592cba27d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c4:db:15:b8:66:03:a2:68:f4:88:a2:36:18:dc:82:03:79:56:
61:09:e0:13:35:b8:82:7a:09:35:f5:a7:24:0e:14:68:42:92:
b1:10:97:50:8e:35:29:6b:6b:be:a1:01:d6:d8:b2:87:ca:d3:
d4:bd:93:5a:40:1d:20:70:0e:1a:fe:54:fd:64:5f:94:a9:4c:
80:f1:e8:11:5a:22:a0:35:23:21:7d:bb:8d:b3:2f:d0:ac:a5:
92:76:7d:08:5f:ef:11:1b:b7:e8:34:79:cd:73:50:e2:a9:d6:
08:63:87:1c:d3:64:28:88:90:5c:b8:cd:9e:f7:3c:9f:5a:32:
76:c3:fd:d2:95:23:0e:98:26:06:b1:db:03:c6:d7:bd:12:0c:
96:a5:f0:18:7b:cd:9b:66:df:1b:80:70:5d:5d:92:9f:ff:f4:
61:24:24:b0:bc:f3:c2:fd:da:11:81:3d:e3:e4:9b:12:b8:f1:
ea:a8:a0:5c:04:26:90:18:f2:7c:6f:7f:c8:b1:8d:01:9a:49:
87:c1:28:d7:a2:db:03:46:c1:bf:0a:fe:32:4f:fd:8d:f2:95:
c8:7d:ad:36:b0:1f:ba:91:02:8d:ff:58:7f:c8:a5:f3:ff:c1:
eb:6c:71:e6:2b:dc:63:24:0d:88:6c:ce:58:87:9a:b0:d6:7e:
20:10:86:f6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYTkEVhkYPByQxAQAngiK4xQRUk8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhZDY2YTI3Nzg1Njg0YTVlN2EzY2RiYmM2ZWI1OTdkZmVhNWFlOGQ2NGE0
ODNjYTQwNzZhODczYzNiMTNhYjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMF280fjUDokcOx/ojdJ+Gk4ClUru/6/TzzSHU+EcqwhjUsP2NF/OrwDYfCn
jK4NRR7Wsj9qNV4mR6YvlCfUYEKDt9mxcNXOtDpmOw2pVlyWph/gd4WOBF65QW2Z
b0kpDlzxztn97RZ6maaBdEEedjTEUY9CveNYJ8Hpsr1ATfSKJqCQV30pc2UDBCww
esn8XISSzdttUbGvcDiMxAFF1n6cqrD9v9poY9LKPTGLSMZ3MfHIe9h5WPIuDXQO
uIV14C9KmamsYn5V0zj/dgOkUx9LoS7Z9NRe0jToWYOnFCx83MZsgjCpMSUoXK/K
l3+FGfAId6M209VZeZtpZI+VtJsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBScfsSZ
z6jCpzoKG+WHSJeHpj5XGTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWE0ZjliMWQtYzQ4My00OTA0LThkMDQtYmUxNTkyY2JhMjdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQDE2xW4ZgOiaPSIojYY3IIDeVZhCeATNbiCegk19ack
DhRoQpKxEJdQjjUpa2u+oQHW2LKHytPUvZNaQB0gcA4a/lT9ZF+UqUyA8egRWiKg
NSMhfbuNsy/QrKWSdn0IX+8RG7foNHnNc1DiqdYIY4cc02QoiJBcuM2e9zyfWjJ2
w/3SlSMOmCYGsdsDxte9EgyWpfAYe82bZt8bgHBdXZKf//RhJCSwvPPC/doRgT3j
5JsSuPHqqKBcBCaQGPJ8b3/IsY0BmkmHwSjXotsDRsG/Cv4yT/2N8pXIfa02sB+6
kQKN/1h/yKXz/8HrbHHmK9xjJA2IbM5Yh5qw1n4gEIb2
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org