Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
File: e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa (raw, json)
Hash identifier: gUn8mrxxy0/dSdpUKwBB9JLFawmvSlMriM7umN4qGLY=
Subject key identifier: 7D:EC:EF:D2:E5:45:E8:CF:BD:07:4D:12:61:1E:AF:88:FC:08:E7:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1450C160124AE2DB7AD29F02B7A0282401481832
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1040::/42 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:50:c1:60:12:4a:e2:db:7a:d2:9f:02:b7:a0:28:24:01:48:18:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=6a744d7bfe4c2096590a06d5e03db071a393f2d5880aa749475efe6084a4e5b9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e6:26:ca:6d:05:93:b2:2c:74:fb:7a:d1:27:
ac:bf:45:21:d6:3e:98:7f:d4:f5:c3:f9:11:2a:29:
77:5f:73:41:9a:a7:c9:dc:68:c3:f4:de:9c:60:63:
a7:d8:2e:b0:95:76:83:a0:39:f9:ee:56:39:c3:46:
92:a9:24:aa:8c:06:57:b9:7f:4b:b7:c9:3c:67:23:
73:b7:53:06:6f:4e:8c:1a:6c:75:33:40:b3:42:53:
04:39:4a:49:99:c9:6e:31:4a:50:2a:53:38:b4:01:
28:73:d7:44:c8:8f:bc:b4:03:83:5d:3d:1d:4f:25:
cb:c2:c5:b0:74:91:62:0b:62:15:04:16:0e:73:15:
a9:1b:7f:63:54:d4:20:5d:c5:8d:d7:1b:55:09:14:
52:dd:2a:ef:74:0c:b3:8b:2a:1d:9f:79:ae:70:e3:
06:e6:46:db:74:ce:ba:6a:14:03:1a:74:14:f5:71:
35:ca:45:d9:32:c8:ac:4e:e8:c6:d5:1e:35:d8:23:
16:4c:da:59:07:4f:0a:b4:da:de:8e:25:bb:21:d5:
e3:ac:ff:00:f6:c0:f5:30:a9:cc:42:45:83:d7:53:
4e:e0:08:5e:61:cd:4f:45:02:f0:bd:62:81:ef:38:
27:61:02:e7:54:0b:4d:ca:47:15:40:f6:52:cc:be:
ed:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:EC:EF:D2:E5:45:E8:CF:BD:07:4D:12:61:1E:AF:88:FC:08:E7:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1040::/42
Signature Algorithm: sha256WithRSAEncryption
60:29:36:b0:bf:ee:73:d1:54:a5:2c:bf:96:4b:04:47:1c:74:
bf:3a:55:fc:2c:a2:30:92:6d:5b:18:10:45:3f:ff:ae:97:b6:
18:1f:50:9f:90:e6:5b:ac:d1:c8:84:57:d4:2e:19:b8:24:53:
64:d9:b4:5d:65:e1:ef:16:5b:82:2b:92:76:1b:9b:b5:fd:7d:
f6:bd:78:da:b9:b6:a9:3b:5c:b1:04:0e:43:30:3d:62:7f:74:
84:0a:fc:95:b5:af:9a:d5:19:04:db:9f:3b:0b:35:db:b0:fc:
4a:8a:24:6f:55:8c:8e:ba:c2:61:da:d9:9e:d5:c9:66:16:75:
17:44:7d:36:e0:f5:48:b1:8e:ee:66:70:27:90:e8:b6:32:ec:
3b:ff:ce:7c:0c:d5:1a:f2:2a:ee:a8:f9:04:49:ff:ef:5a:f1:
1d:88:b8:26:04:6c:86:f7:6e:25:f6:a2:2a:a5:01:ed:f6:e4:
37:85:f2:d1:37:21:56:5d:8d:92:40:0f:60:71:23:b4:c8:52:
16:0e:5b:fd:a5:2e:45:23:bf:44:68:75:81:fd:e9:6f:65:fe:
9d:ed:b8:46:e3:80:cd:d0:3b:36:99:3b:c0:de:cd:92:98:e9:
69:45:47:00:10:35:2b:cf:d5:a1:9b:ee:65:d3:56:d0:1a:51:
f1:58:3e:15
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFFDBYBJK4tt60p8Ct6AoJAFIGDIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhNzQ0ZDdiZmU0YzIwOTY1OTBhMDZkNWUwM2RiMDcxYTM5M2YyZDU4ODBh
YTc0OTQ3NWVmZTYwODRhNGU1YjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfmJsptBZOyLHT7etEnrL9FIdY+mH/U9cP5ESopd19zQZqnydxow/TenGBj
p9gusJV2g6A5+e5WOcNGkqkkqowGV7l/S7fJPGcjc7dTBm9OjBpsdTNAs0JTBDlK
SZnJbjFKUCpTOLQBKHPXRMiPvLQDg109HU8ly8LFsHSRYgtiFQQWDnMVqRt/Y1TU
IF3FjdcbVQkUUt0q73QMs4sqHZ95rnDjBuZG23TOumoUAxp0FPVxNcpF2TLIrE7o
xtUeNdgjFkzaWQdPCrTa3o4luyHV46z/APbA9TCpzEJFg9dTTuAIXmHNT0UC8L1i
ge84J2EC51QLTcpHFUD2Usy+7esCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR97O/S
5UXoz70HTRJhHq+I/AjnJDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTBkZjQyY2MtMWM3MC00ZTViLTkzZGEtM2Y2NmNlZjkzYTg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBioBBXgQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAYCk2sL/uc9FUpSy/lksERxx0vzpV/CyiMJJt
WxgQRT//rpe2GB9Qn5DmW6zRyIRX1C4ZuCRTZNm0XWXh7xZbgiuSdhubtf199r14
2rm2qTtcsQQOQzA9Yn90hAr8lbWvmtUZBNufOws127D8Sookb1WMjrrCYdrZntXJ
ZhZ1F0R9NuD1SLGO7mZwJ5DotjLsO//OfAzVGvIq7qj5BEn/71rxHYi4JgRshvdu
JfaiKqUB7fbkN4Xy0TchVl2NkkAPYHEjtMhSFg5b/aUuRSO/RGh1gf3pb2X+ne24
RuOAzdA7Npk7wN7NkpjpaUVHABA1K8/VoZvuZdNW0BpR8Vg+FQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org