Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/169b9704-81cc-41e4-bd90-8654798de7b1.roa
File: 169b9704-81cc-41e4-bd90-8654798de7b1.roa (raw, json)
Hash identifier: IKegmaa/DmMMzzIlxS48JxN8sh3YFUZbLMxXC6Yfxx8=
Subject key identifier: E2:29:C9:25:58:9A:10:B0:7D:46:78:72:6B:3A:9E:00:A4:20:95:CA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 10BD324880FBD7D36160ACC3CE2434CEB26A2735
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/169b9704-81cc-41e4-bd90-8654798de7b1.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:bd:32:48:80:fb:d7:d3:61:60:ac:c3:ce:24:34:ce:b2:6a:27:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=c53d45adae268b62d2400f8875b0f4f9a6777c83ba2cb32090e4b4bbf1068f96, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1f:3b:70:63:8b:28:86:5a:84:05:29:cf:1e:
32:63:62:12:d1:81:1d:37:98:2c:37:a9:a8:67:a3:
34:21:0b:0c:d6:45:ef:a6:c3:a3:ed:a4:82:84:c6:
82:92:3b:f2:42:42:e2:2e:10:da:1a:8f:f6:83:1a:
9d:28:9b:e4:24:05:04:59:d9:db:1a:b1:c5:ac:e5:
6d:27:8c:94:3d:dc:a9:87:41:66:4e:28:67:82:d8:
f2:b1:47:77:b0:92:3e:9e:d2:3a:5c:f5:ee:2b:59:
f4:f2:8b:54:32:e5:10:7d:57:42:ad:f5:48:89:3d:
0b:57:0f:5b:d8:eb:23:91:6f:50:b1:84:a2:96:2b:
d5:3d:89:82:c1:56:89:e5:00:87:ae:09:38:2d:bc:
64:40:6c:20:95:b8:1f:9c:92:a9:91:7e:ed:d1:d0:
47:d6:90:58:ac:a9:ad:78:ab:97:43:e9:94:3c:7c:
f0:d3:5f:df:38:b7:d9:da:47:63:65:93:0e:2b:75:
92:fd:80:85:59:e8:d5:ad:5b:74:e3:5a:b0:70:09:
d2:d5:75:cf:cb:35:65:c7:a4:9c:f4:04:78:62:24:
35:2b:d2:5d:fd:57:78:ba:76:ed:19:61:1f:02:15:
3c:28:a8:42:5c:43:1b:2e:60:7c:a2:02:3d:c3:e0:
99:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:29:C9:25:58:9A:10:B0:7D:46:78:72:6B:3A:9E:00:A4:20:95:CA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/169b9704-81cc-41e4-bd90-8654798de7b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:cc:77:f2:0a:f6:5a:85:a9:73:25:64:02:8c:2d:a2:f1:06:
f3:b9:e1:c2:c2:4b:e1:af:1a:79:ca:51:96:36:bb:ab:c8:ef:
17:84:fb:2e:99:1a:2e:7e:bf:26:10:e9:d6:a7:fa:ed:35:c8:
6d:19:ea:4a:2b:4a:ed:e0:17:a8:4b:3f:b7:89:ed:b8:e1:62:
6f:99:14:4d:aa:dc:55:c3:d5:82:68:5f:ad:c2:b0:3f:97:d2:
c7:f5:c9:59:9d:d0:7d:6e:54:68:ed:a6:99:2b:e4:58:3f:5c:
df:20:50:51:36:27:7a:f4:1a:0c:8e:36:d8:a9:9f:50:28:05:
4f:1f:1e:f3:88:16:62:37:95:18:d0:1c:54:15:5b:c6:d0:9d:
34:29:35:bf:42:ba:2c:63:35:1e:87:85:10:cd:76:5e:83:b9:
f3:0d:2b:65:5c:35:58:a7:05:fb:dd:31:ea:95:8a:03:33:8a:
26:2b:15:47:3a:89:9c:ed:3d:7b:65:51:22:8d:75:b7:80:c8:
2e:c6:cd:99:d0:a2:e8:28:2a:46:40:73:03:e7:8d:72:3f:3d:
f1:86:07:a4:9e:7a:e1:a7:7b:55:5b:16:b2:c7:fa:86:cd:fd:
08:b4:65:a2:02:3a:35:e4:74:86:2a:b5:8b:32:38:dd:4c:91:
01:48:ae:18
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEL0ySID719NhYKzDziQ0zrJqJzUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1M2Q0NWFkYWUyNjhiNjJkMjQwMGY4ODc1YjBmNGY5YTY3NzdjODNiYTJj
YjMyMDkwZTRiNGJiZjEwNjhmOTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0fO3BjiyiGWoQFKc8eMmNiEtGBHTeYLDepqGejNCELDNZF76bDo+2kgoTG
gpI78kJC4i4Q2hqP9oManSib5CQFBFnZ2xqxxazlbSeMlD3cqYdBZk4oZ4LY8rFH
d7CSPp7SOlz17itZ9PKLVDLlEH1XQq31SIk9C1cPW9jrI5FvULGEopYr1T2JgsFW
ieUAh64JOC28ZEBsIJW4H5ySqZF+7dHQR9aQWKyprXirl0PplDx88NNf3zi32dpH
Y2WTDit1kv2AhVno1a1bdONasHAJ0tV1z8s1ZceknPQEeGIkNSvSXf1XeLp27Rlh
HwIVPCioQlxDGy5gfKICPcPgmTUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTiKckl
WJoQsH1GeHJrOp4ApCCVyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTY5Yjk3MDQtODFjYy00MWU0LWJkOTAtODY1NDc5OGRlN2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQBdzHfyCvZahalzJWQCjC2i8QbzueHCwkvhrxp5ylGW
NruryO8XhPsumRoufr8mEOnWp/rtNchtGepKK0rt4BeoSz+3ie244WJvmRRNqtxV
w9WCaF+twrA/l9LH9clZndB9blRo7aaZK+RYP1zfIFBRNid69BoMjjbYqZ9QKAVP
Hx7ziBZiN5UY0BxUFVvG0J00KTW/QrosYzUeh4UQzXZeg7nzDStlXDVYpwX73THq
lYoDM4omKxVHOomc7T17ZVEijXW3gMguxs2Z0KLoKCpGQHMD541yPz3xhgeknnrh
p3tVWxayx/qGzf0ItGWiAjo15HSGKrWLMjjdTJEBSK4Y
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org