Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4c449e-69e4-45a7-85e4-1915d006207d.roa
File: ac4c449e-69e4-45a7-85e4-1915d006207d.roa (raw, json)
Hash identifier: n7FjjjiCYIU0VbaMd5Rh6BRIWlw2QOZ1axirhN1e33c=
Subject key identifier: 77:35:0A:0A:5B:ED:68:6C:B6:FD:32:B7:F0:F0:8B:FF:09:74:15:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 71FC0F46118DE58C91EDF53D9F67A6C20C826F2D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4c449e-69e4-45a7-85e4-1915d006207d.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1080::/41 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:fc:0f:46:11:8d:e5:8c:91:ed:f5:3d:9f:67:a6:c2:0c:82:6f:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=dd28e4db6e7ced7549cf4e2dcb8e8c1bd48f1f1b7a97884ea4afbf50dd6f21dc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:e7:aa:1f:24:da:c5:49:3c:2b:91:f8:5e:52:
a4:60:f5:b8:a8:77:a1:89:39:b0:d2:bb:5d:d8:ef:
7b:97:9c:91:be:53:c3:db:ee:88:92:d3:68:4d:f1:
f9:c9:6e:03:87:83:d0:56:fc:3a:7c:88:de:9f:73:
e1:bc:17:59:4c:7f:80:4b:e9:47:c5:a6:3a:4e:ed:
ef:4b:23:78:77:f8:86:2a:20:f1:50:fd:90:34:b7:
1e:d6:aa:09:c6:a4:38:ff:12:0f:1f:ae:0e:e5:1e:
17:2f:c6:c5:c9:d9:bd:a6:57:38:95:5e:6f:aa:b3:
5d:ea:6c:30:42:1c:cd:f8:7f:3f:1d:e2:7c:68:e7:
0c:64:a7:95:c9:e1:41:a3:2b:90:31:32:f0:1f:05:
97:f5:6e:d0:44:32:95:8b:a1:37:fa:de:39:4f:16:
71:18:2f:f9:ca:3f:32:56:a2:de:a6:13:d0:0d:b6:
94:85:31:93:d6:c2:47:37:44:9f:9c:53:94:c6:c2:
cd:58:e3:74:1b:c4:e0:cf:d6:90:58:5a:1e:d9:90:
7a:6c:2b:5d:ad:a9:90:ce:b2:75:2e:f5:7d:a7:29:
42:3d:bc:81:5e:c6:cd:16:55:86:16:92:00:ff:fd:
94:d4:57:dd:f4:28:89:44:a6:cb:1f:1f:31:ec:f1:
d5:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:35:0A:0A:5B:ED:68:6C:B6:FD:32:B7:F0:F0:8B:FF:09:74:15:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4c449e-69e4-45a7-85e4-1915d006207d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1080::/41
Signature Algorithm: sha256WithRSAEncryption
a7:f2:54:d2:73:45:ca:c7:0d:3d:59:62:d0:2c:9a:65:61:85:
d0:47:df:e5:e1:48:12:d3:f0:13:ea:f4:f7:97:6e:b3:08:ab:
9b:50:59:a9:a2:46:cd:7c:e5:86:24:44:56:a6:0b:a1:56:64:
5c:1d:d3:e8:61:f1:14:4c:7d:d3:16:0b:9f:c6:bc:e6:fe:d5:
34:71:7a:94:ab:dc:78:b1:42:f5:9d:33:97:e8:49:02:6e:1d:
6f:de:82:ec:6f:c8:67:fb:df:e8:7a:df:15:93:26:6c:ea:06:
16:a2:1a:18:1c:c7:09:e1:71:5a:6d:20:51:02:2a:45:2b:8b:
4c:04:8e:6a:69:f2:4d:cb:35:0b:0b:aa:0c:63:4f:74:16:c3:
e3:91:46:2e:55:9c:8e:93:2c:e8:e9:1f:85:dc:0b:de:d9:aa:
91:f1:d1:05:4d:91:50:fd:c5:19:c5:32:6a:a9:ae:f6:22:76:
96:5f:b0:68:1b:3c:01:1c:d3:a7:7d:80:2d:86:78:af:5e:fa:
a0:6c:b2:08:7b:9a:77:f6:01:2d:33:5c:ff:d3:86:25:01:b9:
72:0b:b2:e9:12:af:c8:82:af:95:77:a2:74:29:21:f0:e3:1d:
32:20:cc:17:be:0c:d0:10:7e:76:e6:19:d4:64:a1:b0:70:d8:
34:cb:e8:ee
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcfwPRhGN5YyR7fU9n2emwgyCby0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkMjhlNGRiNmU3Y2VkNzU0OWNmNGUyZGNiOGU4YzFiZDQ4ZjFmMWI3YTk3
ODg0ZWE0YWZiZjUwZGQ2ZjIxZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOvnqh8k2sVJPCuR+F5SpGD1uKh3oYk5sNK7Xdjve5eckb5Tw9vuiJLTaE3x
+cluA4eD0Fb8OnyI3p9z4bwXWUx/gEvpR8WmOk7t70sjeHf4hiog8VD9kDS3Htaq
CcakOP8SDx+uDuUeFy/GxcnZvaZXOJVeb6qzXepsMEIczfh/Px3ifGjnDGSnlcnh
QaMrkDEy8B8Fl/Vu0EQylYuhN/reOU8WcRgv+co/Mlai3qYT0A22lIUxk9bCRzdE
n5xTlMbCzVjjdBvE4M/WkFhaHtmQemwrXa2pkM6ydS71facpQj28gV7GzRZVhhaS
AP/9lNRX3fQoiUSmyx8fMezx1WECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR3NQoK
W+1obLb9Mrfw8Iv/CXQVOzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWM0YzQ0OWUtNjllNC00NWE3LTg1ZTQtMTkxNWQwMDYyMDdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHByoBBXgQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAp/JU0nNFyscNPVli0CyaZWGF0Eff5eFIEtPw
E+r095duswirm1BZqaJGzXzlhiREVqYLoVZkXB3T6GHxFEx90xYLn8a85v7VNHF6
lKvceLFC9Z0zl+hJAm4db96C7G/IZ/vf6HrfFZMmbOoGFqIaGBzHCeFxWm0gUQIq
RSuLTASOamnyTcs1CwuqDGNPdBbD45FGLlWcjpMs6OkfhdwL3tmqkfHRBU2RUP3F
GcUyaqmu9iJ2ll+waBs8ARzTp32ALYZ4r176oGyyCHuad/YBLTNc/9OGJQG5cguy
6RKvyIKvlXeidCkh8OMdMiDMF74M0BB+duYZ1GShsHDYNMvo7g==
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org