Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f98cf399-52e9-47a9-a65e-9953c8a44c49.roa
File: f98cf399-52e9-47a9-a65e-9953c8a44c49.roa (raw, json)
Hash identifier: crfNC1P3LQI+821Z54nvi+oGPbt68i03z9vf8BzixFU=
Subject key identifier: AC:C9:7C:D5:33:18:17:07:EC:F8:46:BB:87:B0:AE:38:A9:F7:A8:B3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 730953368E75FCE028CCF8D9139514749A8EF8DF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f98cf399-52e9-47a9-a65e-9953c8a44c49.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 194.52.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:09:53:36:8e:75:fc:e0:28:cc:f8:d9:13:95:14:74:9a:8e:f8:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=09eca3b0861d4b1579fe3a3b680ba9dac63f39fcc59816a6cc2aac9685786378, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ec:c4:7c:fe:f2:03:b6:c6:9a:5b:cc:e6:b7:
e4:c8:b8:77:fd:f8:dc:61:57:8d:20:c0:c9:95:8e:
83:21:5b:45:8e:d1:69:12:4f:39:a9:b0:a5:74:cb:
5b:64:5d:b3:9c:97:d8:17:02:3b:0e:b2:7b:67:2b:
07:bf:c4:f6:14:91:20:e2:16:23:b6:54:a7:52:58:
10:2f:30:6a:4b:fe:e1:25:bb:92:5e:f4:1f:c9:e3:
d5:1c:a7:33:eb:c9:6e:f8:6b:71:1b:fd:18:55:c2:
37:28:ea:1f:c9:64:61:12:87:04:bc:87:08:7f:cd:
d7:19:1b:48:bf:59:3c:12:68:95:ec:d2:9e:98:66:
b1:6a:3e:48:8f:c7:5d:0c:6d:e9:cd:75:01:e2:d4:
89:e1:74:23:c7:63:6c:e9:21:8b:ca:aa:a5:cb:00:
a4:3b:d3:d4:33:58:ca:45:74:bb:4e:79:1e:eb:3a:
43:c2:e8:0c:50:a8:fa:de:e7:ff:9e:c2:27:60:54:
f9:8d:8c:6a:cf:85:ca:40:59:43:f2:cf:4b:43:d3:
d1:7e:26:d6:fa:10:31:ae:fa:20:cf:24:cf:9f:69:
92:c7:33:98:dc:24:e6:17:c5:cf:e4:a0:27:b9:21:
3a:ec:51:64:4f:9e:f8:7f:c2:15:14:45:8c:99:3f:
5e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C9:7C:D5:33:18:17:07:EC:F8:46:BB:87:B0:AE:38:A9:F7:A8:B3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f98cf399-52e9-47a9-a65e-9953c8a44c49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.52.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:25:4d:60:fc:01:b3:1e:2f:9c:5b:27:8f:ed:30:6d:17:6f:
07:cf:1c:ee:57:92:93:a8:2e:52:ef:c8:e5:a9:f9:6b:fc:0e:
0b:89:da:61:ea:35:4b:7a:a7:b1:dc:15:b0:d6:ee:2b:04:bd:
66:c6:cb:59:b0:99:d4:72:4e:66:69:17:2b:da:20:9e:3f:0d:
ca:21:fa:fd:98:25:23:69:d7:67:b8:2c:03:42:9f:6b:48:09:
ad:36:3c:25:28:f6:a9:6e:c0:04:38:00:0f:3b:8a:ff:43:9e:
72:6e:de:52:fb:5c:b4:04:d6:fa:69:4c:52:2c:3a:ba:81:a1:
30:62:b6:ff:b3:e4:58:c5:0f:a6:cf:ea:de:76:99:5a:a2:89:
17:18:80:41:3b:6f:1f:34:28:ba:b3:8b:da:cd:a3:1f:61:f9:
3d:1e:e5:96:b8:3d:27:09:ce:fa:a6:c9:bf:b1:e0:d3:e3:b7:
74:a4:e2:31:3d:38:3e:b0:65:27:ed:c5:8c:ac:71:f0:ac:9b:
d2:6e:d8:5a:f2:ed:9d:a6:fd:eb:37:48:68:3f:7d:07:a5:91:
a8:9d:d1:96:8b:0f:70:7d:b8:3d:99:e6:10:2a:de:0f:4d:94:
43:01:88:de:f6:4e:83:c8:ed:ef:32:a8:99:f6:a1:08:20:db:
9e:4f:53:b8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcwlTNo51/OAozPjZE5UUdJqO+N8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5ZWNhM2IwODYxZDRiMTU3OWZlM2EzYjY4MGJhOWRhYzYzZjM5ZmNjNTk4
MTZhNmNjMmFhYzk2ODU3ODYzNzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLsxHz+8gO2xppbzOa35Mi4d/343GFXjSDAyZWOgyFbRY7RaRJPOamwpXTL
W2Rds5yX2BcCOw6ye2crB7/E9hSRIOIWI7ZUp1JYEC8wakv+4SW7kl70H8nj1Ryn
M+vJbvhrcRv9GFXCNyjqH8lkYRKHBLyHCH/N1xkbSL9ZPBJolezSnphmsWo+SI/H
XQxt6c11AeLUieF0I8djbOkhi8qqpcsApDvT1DNYykV0u055Hus6Q8LoDFCo+t7n
/57CJ2BU+Y2Mas+FykBZQ/LPS0PT0X4m1voQMa76IM8kz59pksczmNwk5hfFz+Sg
J7khOuxRZE+e+H/CFRRFjJk/XrMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSsyXzV
MxgXB+z4RruHsK44qfeoszAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Zjk4Y2YzOTktNTJlOS00N2E5LWE2NWUtOTk1M2M4YTQ0YzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMI0MA0G
CSqGSIb3DQEBCwUAA4IBAQCXJU1g/AGzHi+cWyeP7TBtF28HzxzuV5KTqC5S78jl
qflr/A4Lidph6jVLeqex3BWw1u4rBL1mxstZsJnUck5maRcr2iCePw3KIfr9mCUj
addnuCwDQp9rSAmtNjwlKPapbsAEOAAPO4r/Q55ybt5S+1y0BNb6aUxSLDq6gaEw
Yrb/s+RYxQ+mz+redplaookXGIBBO28fNCi6s4vazaMfYfk9HuWWuD0nCc76psm/
seDT47d0pOIxPTg+sGUn7cWMrHHwrJvSbtha8u2dpv3rN0hoP30HpZGondGWiw9w
fbg9meYQKt4PTZRDAYje9k6DyO3vMqiZ9qEIINueT1O4
-----END CERTIFICATE-----
Generated at Sat May 4 22:06:51 2024 by rpki-client on console-ams.rpki-client.org