Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbd10abb-63fa-4e02-bbda-3369cb1b837f.roa
File: dbd10abb-63fa-4e02-bbda-3369cb1b837f.roa (raw, json)
Hash identifier: mUIpANBd6ymTvna9S+Mz+FS3aM2GxDGYhRI9leFUhWA=
Subject key identifier: 13:00:10:56:AB:55:9A:A5:39:DF:56:46:6B:4B:DE:22:E0:8C:39:DA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 53F9CD2457B108875530D3970B89CF78F13566EB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbd10abb-63fa-4e02-bbda-3369cb1b837f.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 143.65.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:f9:cd:24:57:b1:08:87:55:30:d3:97:0b:89:cf:78:f1:35:66:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=74952fb3996b7065e353e24e1146c248f7aa229f455eb29386a024cea0f5abee, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a5:fa:ae:49:1c:b2:63:4c:0e:da:32:a7:66:
d4:1a:77:3c:01:c1:52:e1:7b:d0:73:b5:5c:d7:25:
e5:45:4a:f5:59:17:97:10:f5:61:66:5a:1e:11:db:
51:0f:0e:54:54:25:df:a4:5f:cc:96:27:97:ab:56:
e0:2c:bc:d5:3f:96:fd:9a:8e:45:4c:3b:2a:e7:13:
0c:d0:1f:8c:32:d2:08:45:7e:33:7f:cd:57:69:a3:
ce:f3:0d:46:80:19:91:6b:3a:8e:c1:a2:93:91:a2:
6f:46:7c:d6:21:fd:c7:78:b3:cf:f9:97:31:08:e1:
5b:3b:e3:ff:da:f9:36:7d:e7:82:df:23:a3:20:48:
63:91:8b:76:66:6f:46:61:5c:87:3c:80:e4:ce:28:
f3:ce:45:8c:d2:1b:f1:1d:48:cc:66:25:67:33:c0:
98:18:11:6d:39:9a:60:7d:90:0b:29:93:9c:52:c1:
e1:ed:67:de:e1:ec:c7:a1:a1:e3:e1:77:92:69:69:
39:a9:89:9b:82:d2:33:f5:54:75:bf:d2:a4:a1:98:
db:d1:21:b9:76:fd:7b:16:07:1c:2e:4b:45:93:50:
76:64:78:0e:74:e9:76:c0:41:70:af:9a:33:b4:00:
71:a6:5f:49:8b:c9:bc:31:01:ce:6e:ed:6b:6d:d6:
79:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:00:10:56:AB:55:9A:A5:39:DF:56:46:6B:4B:DE:22:E0:8C:39:DA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbd10abb-63fa-4e02-bbda-3369cb1b837f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.0.0/17
Signature Algorithm: sha256WithRSAEncryption
6a:9c:08:16:44:f4:08:ec:4a:df:2a:86:66:7a:56:ca:13:b8:
cc:97:dd:36:43:72:60:a8:41:8a:74:bf:ca:5c:59:84:7b:7c:
b7:2a:9c:a6:9f:79:cb:e6:bd:40:87:4e:5c:10:3c:3c:df:a1:
77:59:35:6f:10:71:9d:d4:d1:f2:99:2f:9c:4c:33:c1:aa:7e:
1a:1f:d7:50:c5:54:33:86:eb:6c:11:69:39:fb:5c:18:01:94:
85:69:1c:fa:92:7d:bd:2b:cb:fb:08:3a:53:bd:e8:4d:49:26:
9c:b6:67:e1:00:99:e4:a0:7e:a8:10:19:5c:59:08:b9:e2:82:
c4:05:ed:cf:75:3b:a7:d6:9a:25:bd:ff:21:99:ab:27:e7:f8:
33:de:56:72:fd:09:b1:28:9a:82:a9:8a:77:37:a1:ff:7b:53:
13:d2:39:3f:20:cd:cb:02:02:22:25:2c:8c:30:17:53:e3:b4:
53:45:bf:10:17:c9:29:00:63:7c:ae:fb:9e:ca:72:47:a1:51:
8f:f5:bc:f9:c6:fa:c6:4c:7c:5e:fa:7c:79:dd:72:e0:6e:f8:
a7:b2:2f:8a:25:f7:91:b1:97:a8:6e:70:f4:e8:e5:48:f2:b7:
92:dc:37:1b:0e:45:87:27:ee:fd:4b:23:57:d5:ca:23:32:b4:
bb:78:00:15
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUU/nNJFexCIdVMNOXC4nPePE1ZuswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0OTUyZmIzOTk2YjcwNjVlMzUzZTI0ZTExNDZjMjQ4ZjdhYTIyOWY0NTVl
YjI5Mzg2YTAyNGNlYTBmNWFiZWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOKl+q5JHLJjTA7aMqdm1Bp3PAHBUuF70HO1XNcl5UVK9VkXlxD1YWZaHhHb
UQ8OVFQl36RfzJYnl6tW4Cy81T+W/ZqORUw7KucTDNAfjDLSCEV+M3/NV2mjzvMN
RoAZkWs6jsGik5Gib0Z81iH9x3izz/mXMQjhWzvj/9r5Nn3ngt8joyBIY5GLdmZv
RmFchzyA5M4o885FjNIb8R1IzGYlZzPAmBgRbTmaYH2QCymTnFLB4e1n3uHsx6Gh
4+F3kmlpOamJm4LSM/VUdb/SpKGY29EhuXb9exYHHC5LRZNQdmR4DnTpdsBBcK+a
M7QAcaZfSYvJvDEBzm7ta23WeSsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQTABBW
q1WapTnfVkZrS94i4Iw52jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGJkMTBhYmItNjNmYS00ZTAyLWJiZGEtMzM2OWNiMWI4MzdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN
BgkqhkiG9w0BAQsFAAOCAQEAapwIFkT0COxK3yqGZnpWyhO4zJfdNkNyYKhBinS/
ylxZhHt8tyqcpp95y+a9QIdOXBA8PN+hd1k1bxBxndTR8pkvnEwzwap+Gh/XUMVU
M4brbBFpOftcGAGUhWkc+pJ9vSvL+wg6U73oTUkmnLZn4QCZ5KB+qBAZXFkIueKC
xAXtz3U7p9aaJb3/IZmrJ+f4M95Wcv0JsSiagqmKdzeh/3tTE9I5PyDNywICIiUs
jDAXU+O0U0W/EBfJKQBjfK77nspyR6FRj/W8+cb6xkx8Xvp8ed1y4G74p7IviiX3
kbGXqG5w9OjlSPK3ktw3Gw5Fhyfu/UsjV9XKIzK0u3gAFQ==
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:14 2024 by rpki-client on console-ams.rpki-client.org