Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa
File: 19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa (raw, json)
Hash identifier: qSde9NTjvkX/E5ktfY0r8yXP84A2AnOhCpCSNhgEa+Y=
Subject key identifier: 79:79:52:32:F1:ED:EC:01:4D:D8:5F:A8:FA:02:7E:29:35:29:94:D9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 225561CCC71C2CC7E7341FD9B28C58610D48D578
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1200::/39 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:55:61:cc:c7:1c:2c:c7:e7:34:1f:d9:b2:8c:58:61:0d:48:d5:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=0315c94966020e3491bf2b84916515b1151516c69fc56ab15f646fda0407f3fe, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f5:d4:3d:74:7a:37:0c:90:7d:e8:b8:b3:9b:
dc:e6:25:9d:2b:75:36:bf:e8:b0:82:6e:47:9b:5b:
27:55:bc:f5:0e:69:1e:5c:7b:45:cd:37:4f:c6:96:
a9:71:62:b8:61:5e:10:19:b0:19:64:04:d8:1e:0e:
c6:d3:a4:3e:2e:5d:a3:2b:11:d4:f3:95:97:e7:12:
3a:47:cc:13:c4:34:f0:08:f8:80:19:33:19:5b:89:
19:9c:34:c6:ad:8c:35:70:fd:cc:88:6d:c1:0d:a1:
87:30:97:a4:98:82:f3:38:43:b4:32:49:3d:e4:f0:
4d:0e:b1:34:a2:3b:09:41:cd:ae:40:12:28:be:9d:
71:4b:f5:3d:5d:3d:c9:0b:a2:f0:f3:5a:16:dd:cc:
0f:81:1b:9b:1a:fc:a4:c8:fe:43:02:a4:82:47:2c:
92:a9:91:33:ea:e2:84:bf:de:0b:76:69:4c:6d:ec:
16:af:64:99:41:35:ee:5f:10:1b:79:df:0e:7e:76:
fc:bb:d7:07:83:d4:18:b7:cb:8a:8b:4b:07:22:8f:
cb:3d:d6:dd:67:7e:de:ff:97:0c:f1:3f:6c:39:68:
2d:79:8b:a4:53:0c:c8:61:61:40:89:16:5e:ed:ba:
42:91:11:83:0f:49:92:0c:4f:71:7a:13:db:c6:fd:
97:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:79:52:32:F1:ED:EC:01:4D:D8:5F:A8:FA:02:7E:29:35:29:94:D9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1200::/39
Signature Algorithm: sha256WithRSAEncryption
07:5b:c0:6d:2e:76:83:00:fc:5f:15:60:6c:9c:6b:19:fc:df:
1a:de:ef:af:16:f8:39:f9:0a:3b:ea:8d:28:fb:af:22:bf:4a:
bc:a5:2a:b2:5d:af:d9:c6:b3:11:0c:06:c4:1f:36:f4:2d:61:
06:19:7f:a4:fd:f8:93:d2:1e:d0:c7:b5:a2:bd:da:1a:c7:b9:
9e:d4:2e:3a:35:7c:73:fd:7e:f1:08:b5:a7:aa:0e:37:83:3b:
39:40:46:66:8e:cb:ba:46:5e:b0:ab:73:fb:75:e9:f3:d6:43:
68:cb:f8:ce:2f:de:05:af:83:c5:be:29:29:a3:07:20:bc:09:
fa:45:ca:13:77:39:c0:ea:2e:c6:e5:ed:23:2b:7e:45:c9:67:
2b:24:3a:33:c0:81:1e:9d:c0:db:0e:4d:d1:ce:5f:9b:cb:2f:
df:4e:7c:64:2a:65:8f:b9:d9:b6:16:a5:22:0f:28:67:5a:91:
cf:04:cc:7f:de:92:8e:12:0a:3b:71:1f:a9:a8:9b:f0:fc:62:
1e:01:c3:08:9e:fd:a6:c9:a1:86:b2:ca:c6:b8:74:ef:cb:35:
73:e5:4e:88:5a:53:d1:d1:5f:eb:2f:cc:18:ff:97:57:3a:d2:
7d:ed:8c:31:5f:3e:f7:a5:1f:5c:2b:f7:4f:31:44:26:c4:f7:
7d:08:8c:a0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIlVhzMccLMfnNB/ZsoxYYQ1I1XgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzMTVjOTQ5NjYwMjBlMzQ5MWJmMmI4NDkxNjUxNWIxMTUxNTE2YzY5ZmM1
NmFiMTVmNjQ2ZmRhMDQwN2YzZmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKX11D10ejcMkH3ouLOb3OYlnSt1Nr/osIJuR5tbJ1W89Q5pHlx7Rc03T8aW
qXFiuGFeEBmwGWQE2B4OxtOkPi5doysR1POVl+cSOkfME8Q08Aj4gBkzGVuJGZw0
xq2MNXD9zIhtwQ2hhzCXpJiC8zhDtDJJPeTwTQ6xNKI7CUHNrkASKL6dcUv1PV09
yQui8PNaFt3MD4Ebmxr8pMj+QwKkgkcskqmRM+rihL/eC3ZpTG3sFq9kmUE17l8Q
G3nfDn52/LvXB4PUGLfLiotLByKPyz3W3Wd+3v+XDPE/bDloLXmLpFMMyGFhQIkW
Xu26QpERgw9JkgxPcXoT28b9l5MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR5eVIy
8e3sAU3YX6j6An4pNSmU2TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTljOWVlZDUtY2RkMi00ZTNhLTg3ODUtODAwZWM0ZjllMDIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGASoBBXgS
MA0GCSqGSIb3DQEBCwUAA4IBAQAHW8BtLnaDAPxfFWBsnGsZ/N8a3u+vFvg5+Qo7
6o0o+68iv0q8pSqyXa/ZxrMRDAbEHzb0LWEGGX+k/fiT0h7Qx7Wivdoax7me1C46
NXxz/X7xCLWnqg43gzs5QEZmjsu6Rl6wq3P7denz1kNoy/jOL94Fr4PFvikpowcg
vAn6RcoTdznA6i7G5e0jK35FyWcrJDozwIEencDbDk3Rzl+byy/fTnxkKmWPudm2
FqUiDyhnWpHPBMx/3pKOEgo7cR+pqJvw/GIeAcMInv2myaGGssrGuHTvyzVz5U6I
WlPR0V/rL8wY/5dXOtJ97YwxXz73pR9cK/dPMUQmxPd9CIyg
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:27 2024 by rpki-client on console-ams.rpki-client.org