Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa
File: ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa (raw, json)
Hash identifier: sqtP0qPHN88HPYd3hzXyex7D+n6KXJowqhEWWRos2g0=
Subject key identifier: 88:C7:55:ED:17:A7:DC:C3:2E:C1:1D:2D:1E:E4:9C:9F:6C:7B:2E:F6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0B1868D87E650531ACBD4D8B97FAC38AC110A788
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:18:68:d8:7e:65:05:31:ac:bd:4d:8b:97:fa:c3:8a:c1:10:a7:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=b5a1910afd4ab5b5f73eef338a4714a4aadee072c1a27bc9c13e34306fc43993, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:af:1e:6c:06:2a:55:13:68:78:73:b7:f5:3b:
35:88:a6:08:05:4e:7c:46:0d:eb:74:63:85:4c:90:
c8:8f:bd:b8:a7:bc:fe:c7:b9:05:a7:50:81:cf:54:
b2:b5:e2:b2:1e:f5:ff:e4:a0:5d:95:e3:4d:70:44:
b4:d6:a9:10:49:57:8d:ab:c8:64:32:1f:97:22:36:
ee:39:f8:db:de:4c:17:1c:62:c0:aa:3a:0c:69:d6:
9d:76:e9:3e:75:f3:b2:da:55:ee:11:77:35:20:ee:
3f:d8:de:bd:b6:7e:0f:97:6c:d5:ff:fe:16:ac:73:
b5:6d:5b:06:ce:80:85:23:a2:e6:d7:5f:68:45:6c:
42:12:1f:a2:7b:56:04:b2:46:38:db:23:54:bd:7d:
59:d4:bf:0c:3d:d7:ba:ac:75:41:2b:0b:08:fe:0f:
dd:c8:7a:e8:25:5a:aa:ec:d4:cf:63:f0:06:73:c9:
19:cc:a4:cd:b9:ed:f3:df:f3:17:e5:fc:08:20:dc:
58:ea:d5:a3:21:85:be:74:e7:c0:10:6f:4d:e2:b3:
7f:c0:ae:78:c1:90:58:8d:e4:22:7b:6b:17:f8:5a:
2b:cb:b8:d6:c2:06:e2:94:b8:f7:e7:8a:f5:bc:d2:
b6:c4:39:8a:b0:29:a4:07:ce:ad:ca:3b:87:45:47:
1e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C7:55:ED:17:A7:DC:C3:2E:C1:1D:2D:1E:E4:9C:9F:6C:7B:2E:F6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
15:0f:f1:5c:81:ea:bc:b8:f1:f3:82:f0:a8:0a:f9:1e:36:a1:
5c:24:0b:01:f1:5e:7b:8e:23:62:cc:1c:fc:a2:df:6e:c0:be:
42:d9:e9:2c:e5:d7:9c:a1:b3:18:e5:c1:81:26:7a:a5:bd:1f:
d2:5a:c7:16:d4:e6:86:f9:f9:2a:b8:63:88:36:07:37:5e:2f:
a9:83:86:5d:c0:42:5b:4e:b7:8f:5f:1d:e8:2e:e4:5f:0e:5d:
17:23:67:0f:97:33:ac:b1:53:a8:26:d0:88:87:ff:b7:04:d7:
1c:0e:90:78:b8:72:8e:32:c3:60:e3:69:1c:ca:2f:52:df:fd:
7d:f1:0c:13:8c:6c:ae:55:82:47:46:14:68:e9:50:74:7e:f3:
05:9d:0e:b7:74:d3:f3:b1:0e:d5:4c:c8:cc:29:15:49:16:35:
56:ef:44:84:76:df:1b:b8:4a:cd:2d:5e:5f:05:a4:da:92:12:
bc:6d:18:93:4c:9f:eb:72:30:ba:b3:6b:b5:c1:59:fd:e8:88:
75:b4:42:16:cb:ce:66:1d:3a:8d:b4:aa:e3:eb:bd:3f:f5:96:
04:e8:78:ea:0b:ac:40:b5:9a:a4:b5:fa:00:ae:f2:24:7e:cf:
d6:3f:13:0a:3a:42:4b:af:13:ac:ae:62:97:53:69:af:7b:fb:
b1:aa:e8:fe
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCxho2H5lBTGsvU2Ll/rDisEQp4gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1YTE5MTBhZmQ0YWI1YjVmNzNlZWYzMzhhNDcxNGE0YWFkZWUwNzJjMWEy
N2JjOWMxM2UzNDMwNmZjNDM5OTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOvHmwGKlUTaHhzt/U7NYimCAVOfEYN63RjhUyQyI+9uKe8/se5BadQgc9U
srXish71/+SgXZXjTXBEtNapEElXjavIZDIflyI27jn4295MFxxiwKo6DGnWnXbp
PnXzstpV7hF3NSDuP9jevbZ+D5ds1f/+FqxztW1bBs6AhSOi5tdfaEVsQhIfontW
BLJGONsjVL19WdS/DD3Xuqx1QSsLCP4P3ch66CVaquzUz2PwBnPJGcykzbnt89/z
F+X8CCDcWOrVoyGFvnTnwBBvTeKzf8CueMGQWI3kIntrF/haK8u41sIG4pS49+eK
9bzStsQ5irAppAfOrco7h0VHHtECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSIx1Xt
F6fcwy7BHS0e5JyfbHsu9jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWU4YjNhNWMtZWIxNC00Zjc2LTkyYjktYTliNDNhN2I4YWEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQAVD/Fcgeq8uPHzgvCoCvkeNqFcJAsB8V57jiNizBz8
ot9uwL5C2eks5decobMY5cGBJnqlvR/SWscW1OaG+fkquGOINgc3Xi+pg4ZdwEJb
TrePXx3oLuRfDl0XI2cPlzOssVOoJtCIh/+3BNccDpB4uHKOMsNg42kcyi9S3/19
8QwTjGyuVYJHRhRo6VB0fvMFnQ63dNPzsQ7VTMjMKRVJFjVW70SEdt8buErNLV5f
BaTakhK8bRiTTJ/rcjC6s2u1wVn96Ih1tEIWy85mHTqNtKrj670/9ZYE6HjqC6xA
tZqktfoArvIkfs/WPxMKOkJLrxOsrmKXU2mve/uxquj+
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org