Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f2663f97-3b6a-42cf-aecf-39cdbb344d60.roa
File: f2663f97-3b6a-42cf-aecf-39cdbb344d60.roa (raw, json)
Hash identifier: B92yJGMo4Ty/MxVLMlrq8eb5o+XKW+X2quGBjiOtomI=
Subject key identifier: 59:7A:B9:22:9C:A0:DE:FE:0E:4B:5E:89:A4:98:1B:EE:52:57:C0:69
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 62DDB1B446934AA4B1AE599F1DFA8E60E23A3A87
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f2663f97-3b6a-42cf-aecf-39cdbb344d60.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:dd:b1:b4:46:93:4a:a4:b1:ae:59:9f:1d:fa:8e:60:e2:3a:3a:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=9b6c7598bfcba9739a252761371088435e587faa28a1fad03c4ea14a45414f4a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a7:2b:6c:86:8a:92:b2:d3:05:3d:b3:41:02:
8d:c2:d6:30:2d:ec:54:d5:60:2f:2e:4f:23:41:b3:
57:8d:8c:b1:94:6e:6e:70:06:88:80:96:44:b6:94:
d4:56:b7:fc:7f:1a:d4:27:56:3a:48:cd:c1:99:ef:
c0:eb:79:4e:3c:c7:28:fe:66:ea:65:22:39:08:25:
b9:fa:60:e1:a5:5d:b6:39:81:39:6b:df:c2:50:6c:
c4:2d:8a:09:bd:87:9c:9b:72:b9:98:2d:22:a9:e3:
c0:8c:48:83:f3:48:c4:62:8d:fa:10:10:b1:35:d2:
51:35:b3:3c:f0:22:04:94:dc:84:90:0a:82:9d:3e:
4b:b6:d9:0d:70:65:e5:df:94:ff:ce:c5:ea:04:ce:
d3:13:fb:c4:a1:3b:fb:13:7e:12:e0:4f:5a:73:40:
19:30:66:27:af:63:0b:6b:24:cb:b6:42:e9:a9:02:
a7:6d:12:cb:4e:ed:14:cf:53:44:d2:47:b0:60:b4:
f7:e9:70:27:e2:3a:cd:53:b9:d9:89:3e:23:d5:be:
6b:34:e0:e6:8f:21:fd:f0:6e:28:76:1e:ec:f1:5a:
2b:e8:a2:09:9d:70:fd:06:e2:c1:37:87:4c:a7:ed:
a0:4f:98:4d:c4:e2:5b:05:72:6b:90:94:b6:88:92:
12:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:7A:B9:22:9C:A0:DE:FE:0E:4B:5E:89:A4:98:1B:EE:52:57:C0:69
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f2663f97-3b6a-42cf-aecf-39cdbb344d60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
7a:60:42:3c:65:07:2a:aa:2b:13:49:2b:82:ba:68:3f:11:4f:
7d:98:a7:0a:35:e9:b4:2d:f9:db:ae:a8:ff:d5:68:05:5a:da:
49:3a:ae:45:90:2f:f4:b6:be:4a:7a:39:20:d0:bd:97:de:d6:
c2:52:f8:d5:a6:ce:d7:85:e0:68:87:e9:78:30:1c:10:4e:28:
86:07:ab:76:2a:5c:07:7a:43:48:8b:5d:e8:c7:29:d6:d6:55:
83:c9:55:22:2f:c4:ad:5c:89:46:5b:e0:cc:75:6f:18:67:0a:
4b:6c:67:f5:b8:41:8f:7a:0d:ba:51:5a:cc:d9:7b:6f:89:2c:
24:2d:b3:f2:51:ac:42:39:31:0a:63:a5:88:ee:1e:48:64:31:
47:97:dc:05:08:f9:b9:12:ed:bb:6f:31:57:4c:1c:e5:b7:ce:
25:1b:bf:62:b1:91:1e:ba:70:ec:50:f9:8f:73:b6:bc:77:d4:
fb:15:8d:af:44:60:26:a0:e8:4c:9a:a1:b6:1b:2b:61:7f:26:
42:00:35:3b:bc:5c:72:48:fe:dd:b6:70:bb:a1:1f:12:a4:a1:
67:5e:6c:e2:13:e5:67:d7:1c:7f:40:67:a9:f5:f3:99:1a:96:
06:5a:31:39:6b:9a:00:76:41:77:dc:08:79:27:e0:e0:4f:07:
5d:82:f5:84
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYt2xtEaTSqSxrlmfHfqOYOI6OocwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDliNmM3NTk4YmZjYmE5NzM5YTI1Mjc2MTM3MTA4ODQzNWU1ODdmYWEyOGEx
ZmFkMDNjNGVhMTRhNDU0MTRmNGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAManK2yGipKy0wU9s0ECjcLWMC3sVNVgLy5PI0GzV42MsZRubnAGiICWRLaU
1Fa3/H8a1CdWOkjNwZnvwOt5TjzHKP5m6mUiOQglufpg4aVdtjmBOWvfwlBsxC2K
Cb2HnJtyuZgtIqnjwIxIg/NIxGKN+hAQsTXSUTWzPPAiBJTchJAKgp0+S7bZDXBl
5d+U/87F6gTO0xP7xKE7+xN+EuBPWnNAGTBmJ69jC2sky7ZC6akCp20Sy07tFM9T
RNJHsGC09+lwJ+I6zVO52Yk+I9W+azTg5o8h/fBuKHYe7PFaK+iiCZ1w/QbiwTeH
TKftoE+YTcTiWwVya5CUtoiSEgcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRZerki
nKDe/g5LXomkmBvuUlfAaTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjI2NjNmOTctM2I2YS00MmNmLWFlY2YtMzljZGJiMzQ0ZDYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEAemBCPGUHKqorE0krgrpoPxFPfZinCjXptC35266o
/9VoBVraSTquRZAv9La+Sno5INC9l97WwlL41abO14XgaIfpeDAcEE4ohgerdipc
B3pDSItd6Mcp1tZVg8lVIi/ErVyJRlvgzHVvGGcKS2xn9bhBj3oNulFazNl7b4ks
JC2z8lGsQjkxCmOliO4eSGQxR5fcBQj5uRLtu28xV0wc5bfOJRu/YrGRHrpw7FD5
j3O2vHfU+xWNr0RgJqDoTJqhthsrYX8mQgA1O7xcckj+3bZwu6EfEqShZ15s4hPl
Z9ccf0BnqfXzmRqWBloxOWuaAHZBd9wIeSfg4E8HXYL1hA==
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:14 2024 by rpki-client on console-ams.rpki-client.org