Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
File: 9d2253ee-c082-458b-b16d-cb41103c4262.roa (raw, json)
Hash identifier: Ba2h8FNb3MFnCK71ak1OSDf7BiUF7m1l2MPiQg+/BCg=
Subject key identifier: 5A:9D:60:5C:A6:30:6B:F6:33:B1:A1:6F:68:8F:DB:52:19:9A:FE:64
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 18481DC183E3EDB444681353AB5CC0A7960B68F9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1400::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:48:1d:c1:83:e3:ed:b4:44:68:13:53:ab:5c:c0:a7:96:0b:68:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=8a73198f862399e4e7227381b7318b1e6afdb29ba7a7c810b2e4faa8b2e9079f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:41:6a:9a:86:d8:de:b9:b1:99:13:7e:68:0b:
94:40:1f:9f:61:93:4b:2f:65:9a:39:cc:59:ca:fb:
75:35:0e:7e:4b:34:57:87:e4:15:81:12:cf:7a:90:
0e:bd:85:78:78:7a:4e:be:8f:cd:77:4d:8a:89:d5:
90:86:cd:1c:65:2b:d3:f5:d9:15:d0:f2:c4:7f:05:
ea:c5:c7:b2:59:10:73:cf:37:d9:b9:5e:c4:1f:72:
b5:ca:41:f8:6d:67:28:7e:be:8c:4b:df:8e:0d:05:
05:f5:11:25:4c:9b:bd:d0:f7:bf:7d:6e:96:cb:1d:
42:25:eb:ba:f1:66:10:37:7d:16:7d:49:d4:cc:ff:
86:5a:05:22:b8:15:6d:d7:14:98:2a:9b:02:f4:5d:
91:0b:c8:0c:16:be:8c:c5:ff:81:de:af:f1:5e:0f:
5c:3a:5c:bc:26:98:eb:81:5c:32:99:69:a2:70:78:
20:f0:e7:b0:84:4e:12:54:71:d2:e5:9b:0a:6e:f4:
39:08:34:30:8a:9a:55:39:f4:2f:24:71:e7:ba:e0:
d2:05:9c:91:6f:80:a0:b9:47:49:e8:c3:bb:db:8b:
fa:e6:d8:fb:b5:58:44:1c:9c:d0:1f:9b:3d:fc:b8:
88:31:da:52:72:7f:91:2b:16:be:65:60:08:58:b4:
be:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:9D:60:5C:A6:30:6B:F6:33:B1:A1:6F:68:8F:DB:52:19:9A:FE:64
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1400::/38
Signature Algorithm: sha256WithRSAEncryption
b4:5a:fe:a1:ea:60:fa:c3:89:53:83:d5:3e:ca:bc:0d:67:ff:
37:37:f5:26:d6:09:a2:51:02:2e:83:0c:d5:76:5a:42:60:12:
ee:5c:18:02:b1:e1:3e:54:d9:70:fb:86:75:93:ed:f0:7a:6a:
6a:19:4d:d8:92:52:95:13:14:b2:cc:b1:5d:22:1f:17:d9:2e:
52:ce:ef:df:4d:9c:1e:40:7f:04:67:cc:85:f8:4a:9c:d2:97:
90:95:07:24:af:ad:91:8a:22:42:c4:c7:e0:d2:5e:73:22:dd:
03:d5:eb:b0:f5:1f:27:45:08:bc:65:8a:32:80:3b:26:de:ad:
36:b7:12:52:a5:6a:3f:ea:69:b8:95:36:0e:09:ad:b2:e9:db:
cf:e2:db:b4:51:16:c6:53:d3:d2:8b:f4:08:c5:0c:08:c5:b5:
37:93:28:5e:5c:29:57:49:89:3a:fe:61:62:95:7a:33:b8:8d:
5b:56:ed:52:20:86:25:f2:6f:c4:62:8a:68:e7:3f:87:da:e4:
e3:46:ba:16:90:14:01:e1:22:b7:c0:d1:76:0a:2c:87:df:dd:
22:0b:a0:b5:a3:d4:0b:eb:a5:97:64:21:b2:24:91:94:f3:78:
53:3c:20:cb:0b:8f:bb:e3:f2:77:6d:c3:43:4a:85:cf:5a:12:
c4:22:11:4d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGEgdwYPj7bREaBNTq1zAp5YLaPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhNzMxOThmODYyMzk5ZTRlNzIyNzM4MWI3MzE4YjFlNmFmZGIyOWJhN2E3
YzgxMGIyZTRmYWE4YjJlOTA3OWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJhBapqG2N65sZkTfmgLlEAfn2GTSy9lmjnMWcr7dTUOfks0V4fkFYESz3qQ
Dr2FeHh6Tr6PzXdNionVkIbNHGUr0/XZFdDyxH8F6sXHslkQc8832blexB9ytcpB
+G1nKH6+jEvfjg0FBfURJUybvdD3v31ulssdQiXruvFmEDd9Fn1J1Mz/hloFIrgV
bdcUmCqbAvRdkQvIDBa+jMX/gd6v8V4PXDpcvCaY64FcMplponB4IPDnsIROElRx
0uWbCm70OQg0MIqaVTn0LyRx57rg0gWckW+AoLlHSejDu9uL+ubY+7VYRByc0B+b
Pfy4iDHaUnJ/kSsWvmVgCFi0vrsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRanWBc
pjBr9jOxoW9oj9tSGZr+ZDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWQyMjUzZWUtYzA4Mi00NThiLWIxNmQtY2I0MTEwM2M0MjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioBBXgU
MA0GCSqGSIb3DQEBCwUAA4IBAQC0Wv6h6mD6w4lTg9U+yrwNZ/83N/Um1gmiUQIu
gwzVdlpCYBLuXBgCseE+VNlw+4Z1k+3wempqGU3YklKVExSyzLFdIh8X2S5Szu/f
TZweQH8EZ8yF+Eqc0peQlQckr62RiiJCxMfg0l5zIt0D1euw9R8nRQi8ZYoygDsm
3q02txJSpWo/6mm4lTYOCa2y6dvP4tu0URbGU9PSi/QIxQwIxbU3kyheXClXSYk6
/mFilXozuI1bVu1SIIYl8m/EYopo5z+H2uTjRroWkBQB4SK3wNF2CiyH390iC6C1
o9QL66WXZCGyJJGU83hTPCDLC4+74/J3bcNDSoXPWhLEIhFN
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org