Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0481d995-4a3d-4e25-8d0e-33271809f9a9.roa
File: 0481d995-4a3d-4e25-8d0e-33271809f9a9.roa (raw, json)
Hash identifier: eEEoD88txLVTWtp3doY+o87tSydRZ8xfzm0hQgWkjBY=
Subject key identifier: 9A:92:48:01:C4:D2:1A:65:97:D3:5D:FF:23:F7:9E:8B:DB:17:4C:63
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 52F8FDC88D2A6276CFA8E5AFBEC556799CA672A5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0481d995-4a3d-4e25-8d0e-33271809f9a9.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 14618
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Mar 2024 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:f8:fd:c8:8d:2a:62:76:cf:a8:e5:af:be:c5:56:79:9c:a6:72:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=50087a0bb25c0f8ed6f35ff02e47d345bef343a1bf66923a059c1596030c74c1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:35:77:08:de:ac:d2:0f:9f:84:2c:5a:8e:31:
6b:e8:f7:e2:ca:c5:84:d7:11:e5:bb:04:00:73:70:
f3:bc:d4:b1:41:05:4d:06:4e:95:1d:b9:43:43:12:
54:25:be:a7:ee:3d:e8:9c:bb:ae:53:68:a5:90:1e:
46:ae:95:c6:b9:8b:86:35:c1:74:a6:30:48:55:57:
24:5b:4c:2c:d7:ab:cf:76:d7:a0:e1:cc:8e:67:b9:
2b:5c:72:ec:f0:ee:97:74:92:aa:ae:d9:3c:c0:ce:
10:b6:b2:42:50:39:f4:4f:16:30:6f:f7:3b:ac:ee:
f2:1b:00:22:c6:ec:87:3d:41:e4:4d:64:0b:ba:30:
ae:ae:44:85:f8:0e:5c:43:00:0c:33:f0:82:9a:bd:
32:12:0c:62:88:b5:cc:e2:77:31:b6:da:8e:3a:a0:
bc:dc:9f:db:82:15:c8:dc:58:df:64:ba:c2:d1:b4:
8b:ca:58:6d:ce:88:a4:14:32:e1:2d:0c:7e:fa:75:
8a:3a:e2:a6:06:0f:13:c5:b4:56:b0:1a:03:3e:7c:
cd:a5:30:cb:40:72:81:fa:57:43:e3:db:24:41:a2:
7e:7a:ed:8f:0b:77:6a:c8:a5:12:b2:98:8a:0f:f5:
37:e8:66:76:cb:5e:b7:68:ac:c6:5b:88:6b:fa:e1:
33:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:92:48:01:C4:D2:1A:65:97:D3:5D:FF:23:F7:9E:8B:DB:17:4C:63
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0481d995-4a3d-4e25-8d0e-33271809f9a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
37:1c:63:c7:01:22:72:1c:a3:be:99:8c:52:6d:ce:25:45:18:
c1:b7:6e:ca:cf:e3:c5:6d:7d:fd:2b:e0:83:f7:97:d6:02:a5:
cd:4d:5e:62:63:31:3b:51:e0:e4:24:aa:38:67:56:67:cb:ae:
c0:01:50:c6:ac:1d:b1:53:dc:54:2b:80:31:71:44:71:62:45:
33:51:64:94:65:ed:2f:45:2d:3d:8a:57:8c:63:c3:4f:71:a7:
82:6d:1a:0a:8f:d6:c7:02:62:d1:c4:e8:ac:2b:63:94:c9:a9:
59:5b:9f:07:55:04:ab:48:df:e8:30:35:b1:2c:85:67:b4:3a:
22:d4:2a:12:6f:0b:2b:fa:b2:95:16:3b:6b:c4:fe:d8:5e:e1:
96:b7:74:43:c7:f6:95:25:7e:b4:8e:69:3e:21:d1:03:06:6f:
49:d0:96:f0:ce:30:d4:bd:48:16:91:e2:98:cb:cf:c4:eb:35:
6e:ca:db:96:27:7c:53:1f:07:7b:7e:c7:57:50:fd:75:bb:1c:
b9:a5:41:97:dc:02:0b:a0:f3:55:ab:66:8d:d7:9a:d1:2a:1e:
b6:49:71:ab:11:ed:55:81:11:6c:0c:f3:b9:11:25:80:92:ca:
24:00:86:9b:20:6e:c8:c5:99:cd:6f:5e:05:d5:b1:43:77:c2:
a1:33:4d:ba
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUvj9yI0qYnbPqOWvvsVWeZymcqUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwMDg3YTBiYjI1YzBmOGVkNmYzNWZmMDJlNDdkMzQ1YmVmMzQzYTFiZjY2
OTIzYTA1OWMxNTk2MDMwYzc0YzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPI1dwjerNIPn4QsWo4xa+j34srFhNcR5bsEAHNw87zUsUEFTQZOlR25Q0MS
VCW+p+496Jy7rlNopZAeRq6VxrmLhjXBdKYwSFVXJFtMLNerz3bXoOHMjme5K1xy
7PDul3SSqq7ZPMDOELayQlA59E8WMG/3O6zu8hsAIsbshz1B5E1kC7owrq5EhfgO
XEMADDPwgpq9MhIMYoi1zOJ3MbbajjqgvNyf24IVyNxY32S6wtG0i8pYbc6IpBQy
4S0Mfvp1ijripgYPE8W0VrAaAz58zaUwy0BygfpXQ+PbJEGifnrtjwt3asilErKY
ig/1N+hmdstet2isxluIa/rhM58CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSakkgB
xNIaZZfTXf8j956L2xdMYzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDQ4MWQ5OTUtNGEzZC00ZTI1LThkMGUtMzMyNzE4MDlmOWE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQA3HGPHASJyHKO+mYxSbc4lRRjBt27Kz+PFbX39K+CD
95fWAqXNTV5iYzE7UeDkJKo4Z1Zny67AAVDGrB2xU9xUK4AxcURxYkUzUWSUZe0v
RS09ileMY8NPcaeCbRoKj9bHAmLRxOisK2OUyalZW58HVQSrSN/oMDWxLIVntDoi
1CoSbwsr+rKVFjtrxP7YXuGWt3RDx/aVJX60jmk+IdEDBm9J0JbwzjDUvUgWkeKY
y8/E6zVuytuWJ3xTHwd7fsdXUP11uxy5pUGX3AILoPNVq2aN15rRKh62SXGrEe1V
gRFsDPO5ESWAksokAIabIG7IxZnNb14F1bFDd8KhM026
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:06:39 2024 by rpki-client on console-ams.rpki-client.org