Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f4d4070b-fb20-4536-8c71-53420a83e347.roa
File: f4d4070b-fb20-4536-8c71-53420a83e347.roa (raw, json)
Hash identifier: 0FGJBAs0qyXRLIxagcEyPcrvGAnVyOt1c7hcru4vjf4=
Subject key identifier: 84:17:A1:A3:53:C3:E2:80:8B:05:62:46:65:8D:5E:F3:32:05:16:30
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26951CBDDD6FF58807429085C86DC22FA25A9B8F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f4d4070b-fb20-4536-8c71-53420a83e347.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:95:1c:bd:dd:6f:f5:88:07:42:90:85:c8:6d:c2:2f:a2:5a:9b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=2feb0835d5d65e124a9f52a65f86e1038dece17aaac48bf12e3357ec3fa250b1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8f:63:16:71:96:37:1f:05:72:f3:51:ec:e1:
20:b7:5e:0f:be:2f:98:76:29:16:d1:24:5d:35:5e:
2e:a3:84:14:79:5e:9a:7a:2c:3f:7a:ac:f8:ca:df:
3f:cd:1c:bb:57:0a:2e:d1:41:ce:11:3d:f6:95:6b:
4d:f7:bf:4c:4b:f0:6e:c3:79:e3:f2:ca:be:86:13:
20:08:61:4c:c8:19:47:0f:f1:f1:ce:30:6f:68:98:
e7:75:16:98:21:d3:30:b1:fc:25:c4:06:12:86:5c:
49:df:cd:1b:20:a7:b2:7b:b2:5b:49:6b:d4:23:2b:
86:1b:75:02:fd:5d:72:2b:f9:16:0e:cb:70:0f:e0:
97:40:e3:96:75:e9:c5:4f:9f:b2:dc:5a:ef:c3:0b:
71:ef:7b:34:53:3f:3d:6e:71:8e:38:fb:13:e3:bd:
7a:f4:15:67:22:04:93:8a:b6:cf:7e:a8:75:da:7d:
cf:a1:da:ce:1c:c1:b9:70:ee:59:c6:21:4f:9e:d9:
22:04:1f:c5:fd:28:f4:b2:6f:64:8a:23:5d:62:c4:
0b:8f:d0:ba:68:2c:4c:ff:52:aa:e3:88:ce:c2:26:
ec:9d:43:dc:a6:5b:b0:3a:06:24:07:2c:43:3a:09:
a5:cc:aa:30:a8:91:f7:af:1e:42:0b:83:f2:ad:a0:
7b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:17:A1:A3:53:C3:E2:80:8B:05:62:46:65:8D:5E:F3:32:05:16:30
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f4d4070b-fb20-4536-8c71-53420a83e347.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c5:d6:1a:4e:b4:2a:79:1f:e0:30:2d:ca:68:ec:fd:8b:b9:60:
f6:99:19:b5:ce:24:78:e7:39:4f:71:24:cc:70:45:a1:17:96:
05:d3:0d:ef:d3:99:ff:8b:2b:2e:a4:f5:f1:a7:2f:8d:b3:cf:
46:38:46:5b:6c:cd:7a:eb:4d:17:53:04:30:7c:c8:cd:9f:36:
ef:de:11:1e:13:88:c2:d8:18:f2:f0:81:0d:71:f2:c2:50:a6:
f5:1f:c3:0c:33:39:24:f3:bf:fe:9b:57:50:8f:90:b4:c7:29:
91:50:04:0d:4e:04:25:25:52:a4:fd:88:4c:b2:96:21:50:19:
e5:43:aa:c6:6e:17:37:88:12:c1:9d:57:84:1f:f5:17:1b:d4:
d3:17:cd:f6:9e:a1:95:68:b7:be:a2:a6:cd:b0:85:57:ce:d7:
e1:d3:c7:62:f7:80:3a:c9:69:f2:c7:82:dd:2c:24:b5:4c:0a:
85:1f:f7:b3:a1:2f:c6:0f:4a:f6:4a:f8:21:29:0f:0f:c2:b8:
85:d3:7d:b7:03:02:1d:d3:31:5b:6a:5e:24:99:d0:2a:b1:56:
37:b0:f0:3c:f3:9a:c7:e0:19:de:16:94:f8:05:4a:44:ad:51:
bf:ee:fa:9d:16:86:27:4d:43:7c:b5:8d:bf:d3:01:fa:1c:3a:
12:ea:ad:4a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJpUcvd1v9YgHQpCFyG3CL6Jam48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmZWIwODM1ZDVkNjVlMTI0YTlmNTJhNjVmODZlMTAzOGRlY2UxN2FhYWM0
OGJmMTJlMzM1N2VjM2ZhMjUwYjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOPYxZxljcfBXLzUezhILdeD74vmHYpFtEkXTVeLqOEFHlemnosP3qs+Mrf
P80cu1cKLtFBzhE99pVrTfe/TEvwbsN54/LKvoYTIAhhTMgZRw/x8c4wb2iY53UW
mCHTMLH8JcQGEoZcSd/NGyCnsnuyW0lr1CMrhht1Av1dciv5Fg7LcA/gl0DjlnXp
xU+fstxa78MLce97NFM/PW5xjjj7E+O9evQVZyIEk4q2z36oddp9z6HazhzBuXDu
WcYhT57ZIgQfxf0o9LJvZIojXWLEC4/QumgsTP9SquOIzsIm7J1D3KZbsDoGJAcs
QzoJpcyqMKiR968eQguD8q2ge8UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSEF6Gj
U8PigIsFYkZljV7zMgUWMDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjRkNDA3MGItZmIyMC00NTM2LThjNzEtNTM0MjBhODNlMzQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQDF1hpOtCp5H+AwLcpo7P2LuWD2mRm1ziR45zlPcSTM
cEWhF5YF0w3v05n/iysupPXxpy+Ns89GOEZbbM16600XUwQwfMjNnzbv3hEeE4jC
2Bjy8IENcfLCUKb1H8MMMzkk87/+m1dQj5C0xymRUAQNTgQlJVKk/YhMspYhUBnl
Q6rGbhc3iBLBnVeEH/UXG9TTF832nqGVaLe+oqbNsIVXztfh08di94A6yWnyx4Ld
LCS1TAqFH/ezoS/GD0r2SvghKQ8PwriF0323AwId0zFbal4kmdAqsVY3sPA885rH
4BneFpT4BUpErVG/7vqdFoYnTUN8tY2/0wH6HDoS6q1K
-----END CERTIFICATE-----
Generated at Sun May 5 00:12:19 2024 by rpki-client on console-fra.rpki-client.org