Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/169b9704-81cc-41e4-bd90-8654798de7b1.roa
File: 169b9704-81cc-41e4-bd90-8654798de7b1.roa (raw, json)
Hash identifier: YUIwxUT+K/mOzAFcrpsq5Rjdqv+5DluCm9H2KnIowQ8=
Subject key identifier: 3C:A4:96:F3:5F:57:DB:69:CE:E6:32:9A:0E:91:7C:33:FE:C1:7E:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 69B6B960A3810DB57A300DC4BE756E23BED46839
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/169b9704-81cc-41e4-bd90-8654798de7b1.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:b6:b9:60:a3:81:0d:b5:7a:30:0d:c4:be:75:6e:23:be:d4:68:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=0972fe4c083259a70440e1d2045ee36a9cf087ea50335b960b5424d740d3de54, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:db:95:7a:d5:8e:ef:92:b8:98:39:2f:71:b3:
89:89:54:90:e6:33:c9:f8:dd:83:4f:17:bb:7e:10:
3b:44:49:fc:b0:36:ce:8c:45:4c:f0:83:55:3b:e7:
2b:bb:a2:8a:d2:70:33:46:af:28:5b:61:61:e7:fa:
ca:b3:4f:67:09:a0:61:cb:c3:6b:15:1b:2d:77:e0:
f5:e5:71:e9:3c:31:42:54:62:b1:89:c0:c2:18:c3:
7c:92:af:00:84:18:bd:2e:36:5d:0a:89:1f:01:16:
1c:c1:d4:6d:07:f8:01:37:4d:45:f3:b8:c1:de:0d:
37:11:4c:b4:8f:b0:03:09:bd:52:71:3a:65:14:12:
77:96:9a:d3:a8:af:21:01:35:e7:1d:6d:9e:c8:fa:
dc:df:8a:0c:6e:5a:ef:34:3f:31:68:d7:f9:30:9b:
d7:e3:ed:89:1e:83:b2:b9:65:f9:0f:a1:1f:72:5f:
60:37:3e:6a:26:b6:ef:1a:dd:a3:ce:98:f7:b1:6d:
99:51:db:af:05:91:fb:26:e6:73:0b:63:3c:01:62:
b5:17:95:82:16:47:3c:fb:04:d9:36:fc:12:c9:dd:
79:3b:ac:0d:f3:81:fa:1e:75:e0:01:ab:8a:bc:94:
25:47:b5:3b:c9:10:23:b4:b6:44:8e:ab:4a:f2:79:
7f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A4:96:F3:5F:57:DB:69:CE:E6:32:9A:0E:91:7C:33:FE:C1:7E:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/169b9704-81cc-41e4-bd90-8654798de7b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:83:f0:a0:7e:8e:3d:4c:10:02:72:7f:9c:f9:00:bf:d3:02:
e4:da:b2:db:5a:4d:9a:59:89:1d:4e:5a:c0:6a:04:54:11:5d:
d3:c0:d9:bd:09:bf:e8:7a:96:74:d3:4f:dd:3e:7c:ec:ed:57:
a2:49:8a:bd:dd:ad:62:cd:eb:2d:9f:84:e0:2a:d5:1b:db:b7:
37:e0:52:19:0e:aa:f1:e9:05:7b:98:2c:c4:40:c2:b9:1f:1e:
62:8b:66:ae:8a:70:21:1d:44:56:e8:5e:9a:4b:41:6b:a0:51:
c9:6e:1d:56:d2:69:67:c1:56:c1:bd:66:d2:5f:67:cb:f2:8f:
dc:86:73:67:5a:8b:3f:31:b7:17:46:c7:9a:13:9c:94:68:99:
d4:d5:e9:01:b1:3b:90:be:0a:f1:bf:ae:5d:49:65:ef:a2:9a:
69:7b:56:6c:02:e3:a7:60:3b:0b:19:ff:05:46:ae:13:50:21:
fd:4c:68:78:a5:d0:14:10:fb:78:31:5b:95:69:16:f2:ce:9a:
7d:a3:75:c7:07:20:ab:ed:90:6a:4c:f6:f4:fe:1a:ae:9a:13:
d9:24:73:54:50:52:f6:37:de:f2:89:f0:96:86:d2:ca:cb:be:
b6:a1:ab:39:08:1c:cd:2f:76:e1:e3:20:81:03:58:30:59:d6:
19:59:c5:c3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaba5YKOBDbV6MA3EvnVuI77UaDkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5NzJmZTRjMDgzMjU5YTcwNDQwZTFkMjA0NWVlMzZhOWNmMDg3ZWE1MDMz
NWI5NjBiNTQyNGQ3NDBkM2RlNTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnblXrVju+SuJg5L3GziYlUkOYzyfjdg08Xu34QO0RJ/LA2zoxFTPCDVTvn
K7uiitJwM0avKFthYef6yrNPZwmgYcvDaxUbLXfg9eVx6TwxQlRisYnAwhjDfJKv
AIQYvS42XQqJHwEWHMHUbQf4ATdNRfO4wd4NNxFMtI+wAwm9UnE6ZRQSd5aa06iv
IQE15x1tnsj63N+KDG5a7zQ/MWjX+TCb1+PtiR6Dsrll+Q+hH3JfYDc+aia27xrd
o86Y97FtmVHbrwWR+ybmcwtjPAFitReVghZHPPsE2Tb8EsndeTusDfOB+h514AGr
iryUJUe1O8kQI7S2RI6rSvJ5fz8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ8pJbz
X1fbac7mMpoOkXwz/sF+iDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTY5Yjk3MDQtODFjYy00MWU0LWJkOTAtODY1NDc5OGRlN2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQByg/Cgfo49TBACcn+c+QC/0wLk2rLbWk2aWYkdTlrA
agRUEV3TwNm9Cb/oepZ000/dPnzs7VeiSYq93a1izestn4TgKtUb27c34FIZDqrx
6QV7mCzEQMK5Hx5ii2auinAhHURW6F6aS0FroFHJbh1W0mlnwVbBvWbSX2fL8o/c
hnNnWos/MbcXRseaE5yUaJnU1ekBsTuQvgrxv65dSWXvopppe1ZsAuOnYDsLGf8F
Rq4TUCH9TGh4pdAUEPt4MVuVaRbyzpp9o3XHByCr7ZBqTPb0/hqumhPZJHNUUFL2
N97yifCWhtLKy762oas5CBzNL3bh4yCBA1gwWdYZWcXD
-----END CERTIFICATE-----
Generated at Wed Apr 17 01:27:23 2024 by rpki-client on console-ams.rpki-client.org