Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
File: e1a46896-dfc0-4be1-91be-62fd0626c291.roa (raw, json)
Hash identifier: FNZdlWppguRI1jg2MZWl9FatfCeXyxmrwORxk4EOJvo=
Subject key identifier: A6:61:E7:D8:0C:F5:06:17:AE:9E:23:CA:B6:C3:38:FC:8D:00:C4:02
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7C3DD38B0D302CDE55545B46ED1EF4C1A776C5CA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:3d:d3:8b:0d:30:2c:de:55:54:5b:46:ed:1e:f4:c1:a7:76:c5:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=62bfcde8ec92f70d46eb065fd90b8785da5969af4e59590ba0058f327eb18bdb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:f2:47:10:28:92:f8:b5:5d:b1:4b:bd:e6:31:
1b:62:19:c4:78:67:db:78:e0:76:0d:16:29:48:32:
07:14:eb:ee:7a:17:22:d5:92:34:2c:29:a9:e7:9f:
b7:e9:97:01:37:a5:db:a1:13:c7:7e:a9:df:06:69:
ec:82:e7:f7:ab:a1:5c:01:e7:d2:46:c3:56:ed:66:
2b:de:5f:e1:3b:56:13:dc:50:60:f5:67:a4:cc:ed:
f9:7e:30:21:59:fb:38:5a:e8:f1:ab:5f:b3:97:17:
6f:ec:ab:dc:68:95:3c:44:a8:37:7a:ff:9b:81:99:
a8:d9:09:06:59:28:bb:c5:9e:10:f1:d1:ec:f9:6b:
ad:8e:35:9e:68:de:28:94:22:8e:7c:c5:2d:c6:e2:
4b:27:2f:2b:f0:c8:6b:5c:ac:22:29:09:25:b6:ff:
79:fa:42:c7:d3:f6:0d:1f:e7:41:08:79:dd:b3:ae:
a1:c9:03:0c:f5:96:9a:1a:69:11:0c:83:d8:35:59:
00:c6:cf:55:da:5f:a4:56:be:7e:14:ec:17:a0:60:
68:79:33:9d:ef:a8:88:d7:60:6a:aa:32:20:cd:e3:
1d:e6:e3:67:5e:02:73:a7:86:a1:bb:c4:82:5a:37:
7f:bb:ae:6c:9c:87:bb:a8:18:fc:67:6b:17:90:80:
b5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:61:E7:D8:0C:F5:06:17:AE:9E:23:CA:B6:C3:38:FC:8D:00:C4:02
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:b1:71:0b:3a:61:b0:79:2f:da:ec:9f:82:f4:96:59:b5:b2:
a6:ea:b5:03:5b:e2:68:b4:06:d3:9d:31:87:33:72:17:8d:5b:
42:ae:37:14:1b:52:09:c2:22:c1:97:99:8f:6d:f0:cc:70:5a:
ad:3c:1b:2f:71:f7:18:65:52:c0:8f:d1:13:c6:e5:3d:ee:c3:
e9:2f:6b:36:1b:2f:0f:c3:4a:9c:42:74:7d:42:6b:2d:20:43:
77:35:0e:31:b6:de:43:3f:ab:75:09:09:dd:12:45:ea:a5:2c:
18:97:e9:83:92:c9:3d:68:01:d1:60:4a:bb:2d:e9:99:8d:40:
4a:de:6b:bc:6b:1a:11:46:71:eb:aa:33:87:a9:4f:18:92:8a:
5f:c0:bc:f1:97:26:64:98:10:68:f8:ae:09:17:b4:5e:f3:20:
90:ae:32:c3:be:74:c7:34:b4:ab:43:07:06:e3:a4:44:92:38:
c7:1f:ee:1d:cc:ad:5b:38:7b:3d:e0:af:c2:45:15:38:48:fd:
a5:16:60:ba:42:18:6a:71:32:58:96:12:f1:47:2c:7b:09:09:
54:33:cb:a5:9c:ad:60:5b:b9:0a:ec:f0:71:cb:45:a2:2f:41:
c3:32:e7:7e:6f:57:70:1d:28:f8:a3:91:e4:03:f1:ee:16:34:
d8:fd:34:4f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfD3Tiw0wLN5VVFtG7R70wad2xcowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyYmZjZGU4ZWM5MmY3MGQ0NmViMDY1ZmQ5MGI4Nzg1ZGE1OTY5YWY0ZTU5
NTkwYmEwMDU4ZjMyN2ViMThiZGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPPyRxAokvi1XbFLveYxG2IZxHhn23jgdg0WKUgyBxTr7noXItWSNCwpqeef
t+mXATel26ETx36p3wZp7ILn96uhXAHn0kbDVu1mK95f4TtWE9xQYPVnpMzt+X4w
IVn7OFro8atfs5cXb+yr3GiVPESoN3r/m4GZqNkJBlkou8WeEPHR7PlrrY41nmje
KJQijnzFLcbiSycvK/DIa1ysIikJJbb/efpCx9P2DR/nQQh53bOuockDDPWWmhpp
EQyD2DVZAMbPVdpfpFa+fhTsF6BgaHkzne+oiNdgaqoyIM3jHebjZ14Cc6eGobvE
glo3f7uubJyHu6gY/GdrF5CAtcMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSmYefY
DPUGF66eI8q2wzj8jQDEAjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFhNDY4OTYtZGZjMC00YmUxLTkxYmUtNjJmZDA2MjZjMjkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQAlsXELOmGweS/a7J+C9JZZtbKm6rUDW+JotAbTnTGH
M3IXjVtCrjcUG1IJwiLBl5mPbfDMcFqtPBsvcfcYZVLAj9ETxuU97sPpL2s2Gy8P
w0qcQnR9QmstIEN3NQ4xtt5DP6t1CQndEkXqpSwYl+mDksk9aAHRYEq7LemZjUBK
3mu8axoRRnHrqjOHqU8YkopfwLzxlyZkmBBo+K4JF7Re8yCQrjLDvnTHNLSrQwcG
46REkjjHH+4dzK1bOHs94K/CRRU4SP2lFmC6QhhqcTJYlhLxRyx7CQlUM8ulnK1g
W7kK7PBxy0WiL0HDMud+b1dwHSj4o5HkA/HuFjTY/TRP
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:40 2024 by rpki-client on console-ams.rpki-client.org