Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e8d7cac-ae2e-40be-bde9-b89060079661.roa
File: 9e8d7cac-ae2e-40be-bde9-b89060079661.roa (raw, json)
Hash identifier: TOybM5GeaAK9MnnVJw3SCvNf7v+oU2QlQiBMspOQfQ8=
Subject key identifier: 96:BD:24:D0:1E:B4:FF:DC:4E:1B:1A:44:0B:63:74:95:D7:E9:A2:B0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 45099F9CEF2470D9786AE58822346762E8CCEEAC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e8d7cac-ae2e-40be-bde9-b89060079661.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:09:9f:9c:ef:24:70:d9:78:6a:e5:88:22:34:67:62:e8:cc:ee:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=e1be74ca1748a96353391236ef105b6c57b3d99858c1b88fdc7b725e2fcba880, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:60:b5:6e:a2:12:91:07:26:ce:d5:de:17:02:
4f:a4:1c:c7:3c:0d:51:46:f5:25:78:7f:5f:a4:dd:
74:13:20:de:c4:54:e1:32:59:91:e9:0f:c1:ab:0d:
cb:1e:ed:e8:f7:0f:0a:39:36:18:eb:0d:3e:57:bf:
8b:e5:f9:32:e3:f9:f0:f9:c6:e9:79:d2:59:ed:29:
09:48:61:94:6b:ad:be:04:d5:4f:de:41:42:df:de:
ab:58:88:b1:a3:05:68:cc:6e:5b:fc:34:46:68:03:
76:24:af:2e:6a:78:b6:c1:f6:7d:c6:3d:67:e7:43:
e4:d2:03:0c:f3:6e:09:91:f7:23:66:23:e2:26:2f:
4c:21:c9:4e:26:b2:f3:6a:9f:44:ca:c3:16:37:51:
b7:e8:03:f3:c2:91:62:71:11:e6:24:b2:c1:84:7b:
3f:dc:c3:5f:c3:6e:6c:33:e0:0a:34:16:fd:67:03:
47:0b:bf:4a:c4:24:7e:07:bd:85:20:be:8c:f5:02:
de:73:f9:ed:f0:29:df:13:c1:d4:ad:2c:b5:82:68:
97:ae:b6:a4:4c:d3:e4:cf:9d:b8:85:26:e6:3f:b1:
7b:eb:02:45:5a:a3:c4:7d:79:a0:85:54:b2:14:7e:
f2:ad:22:62:ac:a3:a0:8b:e0:ec:fa:07:4d:7b:da:
d0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BD:24:D0:1E:B4:FF:DC:4E:1B:1A:44:0B:63:74:95:D7:E9:A2:B0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e8d7cac-ae2e-40be-bde9-b89060079661.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1100::/40
Signature Algorithm: sha256WithRSAEncryption
65:b4:96:ca:ee:95:5c:41:6f:c7:22:07:65:a6:44:35:d2:5d:
96:e0:54:bc:be:92:99:22:f5:c3:2f:a7:ef:44:ae:79:8f:db:
f4:f1:1c:eb:bb:5b:cf:91:05:ad:c6:84:15:33:71:88:f0:98:
08:2c:2f:d6:9f:f6:d4:96:a1:19:8e:2b:3d:92:22:52:3d:53:
ea:f0:ed:21:4a:fc:14:fc:44:c4:c7:92:ac:cc:e5:78:e1:0f:
57:5b:b8:22:e5:25:b4:98:92:76:9d:2f:10:38:1e:0b:61:92:
9a:7c:a6:17:90:b0:09:61:2f:ce:a0:7d:2e:ef:68:84:e0:03:
df:ae:79:b4:63:c4:30:39:77:1c:67:de:89:22:08:7a:40:f8:
06:51:ea:81:83:9d:12:48:2c:fc:58:4c:cf:16:9b:5c:e9:14:
df:0d:8a:59:cb:30:fa:41:0f:71:42:d2:49:63:7d:88:c2:9d:
49:e0:80:29:f6:de:2e:ae:2f:ae:cd:34:6f:19:b7:e0:dc:43:
7b:cd:5c:0f:28:c3:52:4b:3e:36:5c:b9:39:b7:9b:57:77:34:
f7:e4:d3:35:16:a4:cd:fc:96:c0:c7:b3:02:c7:85:4a:bf:db:
75:23:8f:3c:07:f2:e6:c8:81:66:17:49:0b:38:0f:11:b4:11:
d2:01:b1:7f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURQmfnO8kcNl4auWIIjRnYujM7qwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxYmU3NGNhMTc0OGE5NjM1MzM5MTIzNmVmMTA1YjZjNTdiM2Q5OTg1OGMx
Yjg4ZmRjN2I3MjVlMmZjYmE4ODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5gtW6iEpEHJs7V3hcCT6QcxzwNUUb1JXh/X6TddBMg3sRU4TJZkekPwasN
yx7t6PcPCjk2GOsNPle/i+X5MuP58PnG6XnSWe0pCUhhlGutvgTVT95BQt/eq1iI
saMFaMxuW/w0RmgDdiSvLmp4tsH2fcY9Z+dD5NIDDPNuCZH3I2Yj4iYvTCHJTiay
82qfRMrDFjdRt+gD88KRYnER5iSywYR7P9zDX8NubDPgCjQW/WcDRwu/SsQkfge9
hSC+jPUC3nP57fAp3xPB1K0stYJol662pEzT5M+duIUm5j+xe+sCRVqjxH15oIVU
shR+8q0iYqyjoIvg7PoHTXva0N0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSWvSTQ
HrT/3E4bGkQLY3SV1+misDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWU4ZDdjYWMtYWUyZS00MGJlLWJkZTktYjg5MDYwMDc5NjYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoBBXgR
MA0GCSqGSIb3DQEBCwUAA4IBAQBltJbK7pVcQW/HIgdlpkQ10l2W4FS8vpKZIvXD
L6fvRK55j9v08Rzru1vPkQWtxoQVM3GI8JgILC/Wn/bUlqEZjis9kiJSPVPq8O0h
SvwU/ETEx5KszOV44Q9XW7gi5SW0mJJ2nS8QOB4LYZKafKYXkLAJYS/OoH0u72iE
4APfrnm0Y8QwOXccZ96JIgh6QPgGUeqBg50SSCz8WEzPFptc6RTfDYpZyzD6QQ9x
QtJJY32Iwp1J4IAp9t4uri+uzTRvGbfg3EN7zVwPKMNSSz42XLk5t5tXdzT35NM1
FqTN/JbAx7MCx4VKv9t1I488B/LmyIFmF0kLOA8RtBHSAbF/
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org