Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
File: 207ef309-dcb5-4264-bf57-0d52fea079cd.roa (raw, json)
Hash identifier: p/iJmqAM5YczLKOKax+p7rfHV/6OVif+2CpgkdyzDXc=
Subject key identifier: AE:63:DA:94:E2:54:96:53:91:2E:C8:F2:3C:62:51:BC:F2:5B:B3:73
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 187BDF631F88F6DDDEA6221AD102AA53C2301B43
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
Signing time: Wed 27 Mar 2024 00:00:00 +0000
ROA not before: Wed 27 Mar 2024 00:00:00 +0000
ROA not after: Wed 01 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 130.24.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:7b:df:63:1f:88:f6:dd:de:a6:22:1a:d1:02:aa:53:c2:30:1b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 27 00:00:00 2024 GMT
Not After : May 1 23:59:59 2024 GMT
Subject: serialNumber=bc2e603c66ae9ba6f3032541eff6fafc2faf0be489f755dff63c05089d0198c3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:75:e2:70:75:1b:99:ec:32:5e:d8:64:58:13:
22:68:38:5a:e8:f5:7a:ac:a7:57:e6:20:e0:2f:83:
d2:cc:22:ab:3a:39:af:b6:72:05:3c:bb:76:98:04:
fb:3b:83:56:9b:47:19:2f:da:ce:d3:0b:12:a0:d0:
93:41:ff:92:47:9e:ee:70:94:6c:57:cf:4f:62:ef:
63:3c:ea:aa:89:ba:f2:76:de:05:a8:e0:b5:56:90:
82:a3:78:1e:87:7e:63:01:83:28:96:65:92:65:54:
2d:b8:23:86:d4:da:30:27:76:43:eb:8b:7d:3b:e8:
83:6b:9f:68:00:fb:55:69:31:90:17:62:ea:ec:1e:
00:54:00:7a:5d:45:1e:77:ce:5a:d5:4b:a4:d0:d4:
64:41:9b:59:72:c3:7d:24:58:8e:b8:30:a6:aa:4b:
11:b7:fc:f4:bb:93:a5:e7:71:f0:63:fb:5c:e5:47:
d1:b7:4e:53:f8:88:7d:cc:5f:81:c1:67:e5:fe:ad:
56:83:e0:f3:4b:ab:bf:85:70:41:9b:01:1e:4d:bf:
a2:52:cc:3d:0f:05:4a:3e:f6:a4:de:0b:0a:c9:c6:
e0:de:ae:a2:56:d4:bf:ff:fa:12:50:e0:26:3f:ba:
68:28:c9:25:b1:10:a0:89:d9:1e:74:b3:57:90:f4:
49:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:63:DA:94:E2:54:96:53:91:2E:C8:F2:3C:62:51:BC:F2:5B:B3:73
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d5:12:f5:39:f9:b6:70:2a:93:7d:91:bf:4d:d5:61:76:45:75:
bb:2b:f7:e1:40:ca:49:20:2b:22:e8:e6:d2:72:6f:2d:bf:cc:
cf:70:a3:91:ac:10:16:6f:f2:70:ef:40:84:5a:24:01:e7:97:
be:dd:9d:07:6c:33:04:98:51:f5:c8:e6:a9:35:bc:08:fd:f3:
dc:9e:1f:a5:c1:d9:b1:4e:e0:f4:60:b6:3a:14:bc:91:49:d6:
4d:80:2c:60:d7:d0:05:fc:05:b6:0e:3e:3a:b5:a2:04:b3:12:
29:0c:18:b0:ec:a9:13:e2:67:da:29:6b:53:3b:fd:e7:c5:0d:
43:7f:a1:9b:aa:e7:28:15:90:17:11:85:e3:c3:48:82:75:85:
7c:f5:54:11:0f:7a:aa:5a:e3:16:02:82:68:21:b2:e8:75:f0:
4c:85:a4:f9:fe:62:46:d7:0c:de:e5:01:0e:96:80:45:90:97:
52:39:70:9b:0e:cb:ad:d4:8e:08:c5:25:2f:fd:f9:c2:a2:a4:
96:33:fd:84:d9:06:82:c7:72:a4:21:4c:c8:7b:34:ea:b4:36:
fa:75:4d:a7:af:84:7f:2d:2b:d9:f7:63:8c:da:9f:f7:3e:dc:
93:bd:be:ee:66:39:53:03:be:5b:e8:d3:ad:32:ab:5e:a7:20:
4b:ad:d4:91
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGHvfYx+I9t3epiIa0QKqU8IwG0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjcwMDAwMDBaFw0yNDA1MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjMmU2MDNjNjZhZTliYTZmMzAzMjU0MWVmZjZmYWZjMmZhZjBiZTQ4OWY3
NTVkZmY2M2MwNTA4OWQwMTk4YzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMF14nB1G5nsMl7YZFgTImg4Wuj1eqynV+Yg4C+D0swiqzo5r7ZyBTy7dpgE
+zuDVptHGS/aztMLEqDQk0H/kkee7nCUbFfPT2LvYzzqqom68nbeBajgtVaQgqN4
Hod+YwGDKJZlkmVULbgjhtTaMCd2Q+uLfTvog2ufaAD7VWkxkBdi6uweAFQAel1F
HnfOWtVLpNDUZEGbWXLDfSRYjrgwpqpLEbf89LuTpedx8GP7XOVH0bdOU/iIfcxf
gcFn5f6tVoPg80urv4VwQZsBHk2/olLMPQ8FSj72pN4LCsnG4N6uolbUv//6ElDg
Jj+6aCjJJbEQoInZHnSzV5D0SfECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSuY9qU
4lSWU5EuyPI8YlG88luzczAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA3ZWYzMDktZGNiNS00MjY0LWJmNTctMGQ1MmZlYTA3OWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G
CSqGSIb3DQEBCwUAA4IBAQDVEvU5+bZwKpN9kb9N1WF2RXW7K/fhQMpJICsi6ObS
cm8tv8zPcKORrBAWb/Jw70CEWiQB55e+3Z0HbDMEmFH1yOapNbwI/fPcnh+lwdmx
TuD0YLY6FLyRSdZNgCxg19AF/AW2Dj46taIEsxIpDBiw7KkT4mfaKWtTO/3nxQ1D
f6GbqucoFZAXEYXjw0iCdYV89VQRD3qqWuMWAoJoIbLodfBMhaT5/mJG1wze5QEO
loBFkJdSOXCbDsut1I4IxSUv/fnCoqSWM/2E2QaCx3KkIUzIezTqtDb6dU2nr4R/
LSvZ92OM2p/3PtyTvb7uZjlTA75b6NOtMqtepyBLrdSR
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:15 2024 by rpki-client on console-ams.rpki-client.org