Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e4c2934-9e54-49b6-bb41-7c76b504d78c.roa
File: 2e4c2934-9e54-49b6-bb41-7c76b504d78c.roa (raw, json)
Hash identifier: bbsDTi8pNrBxfBFH7PNHN9DCz8dDMssie5iV6qavB78=
Subject key identifier: 01:6A:C6:F0:70:2C:C2:91:25:7D:BA:65:A5:53:C0:50:A9:15:30:E9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7917EF81EDEEA362B708EF7CE817620583518897
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e4c2934-9e54-49b6-bb41-7c76b504d78c.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1080::/41 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:17:ef:81:ed:ee:a3:62:b7:08:ef:7c:e8:17:62:05:83:51:88:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=eb5efbde933180335a769f89f61b3e159d8584b2ebabe257266962054b7278aa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1f:a4:8b:c3:dd:7f:83:13:c0:eb:df:8e:91:
e7:d6:0e:df:7e:b6:4b:63:40:dd:fb:a8:67:9c:44:
06:c5:ee:f9:3f:74:7d:87:7a:56:8f:9f:ca:31:f4:
3f:a0:6c:94:49:a6:04:b3:83:4e:75:57:73:d6:df:
72:75:18:a2:0e:a1:fe:82:b3:af:b4:0e:bb:1d:2a:
10:a7:af:d8:ac:40:2a:aa:5d:e0:a8:08:bc:27:25:
bc:22:01:d8:ee:1f:71:66:c2:27:d8:e9:c3:71:15:
ed:26:25:38:af:73:86:88:b1:46:3e:53:8a:ec:6f:
de:e4:90:2e:89:76:b9:6d:4d:98:b5:cc:4b:99:6a:
df:22:67:b4:28:87:fc:d1:d1:cb:a2:05:10:18:83:
09:54:9a:b7:81:91:75:32:23:60:d8:fe:25:cc:bb:
e4:db:21:f3:ef:06:d0:3c:6a:47:d4:c2:25:ca:3a:
58:79:2a:8e:37:de:f6:b5:fc:98:11:75:46:90:0c:
12:01:c9:ee:06:c0:92:f5:35:a1:c3:df:82:f6:59:
b8:6a:ae:1f:aa:ce:af:94:26:ce:9c:f5:18:f3:fb:
9e:ab:f3:30:7e:75:4c:00:28:a2:0a:1e:b4:ef:98:
6c:1c:7d:e5:40:cc:75:58:4d:6d:58:1a:ec:64:6d:
62:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:6A:C6:F0:70:2C:C2:91:25:7D:BA:65:A5:53:C0:50:A9:15:30:E9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e4c2934-9e54-49b6-bb41-7c76b504d78c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1080::/41
Signature Algorithm: sha256WithRSAEncryption
51:60:97:1f:8d:ce:05:d3:25:0d:7b:f4:15:da:0d:d9:1a:49:
2d:4d:b1:db:5a:75:55:c5:aa:b0:e0:2d:5b:d2:14:00:1b:c5:
2b:6c:a6:7a:ae:23:9c:b1:0e:69:4d:0c:30:71:f8:cb:9a:0c:
29:b2:48:4a:74:b8:38:b9:53:b9:c3:ad:df:46:72:ba:6d:cd:
d5:d4:11:42:00:ac:42:96:ef:b2:66:0b:15:b2:39:55:0c:8a:
07:68:7b:58:b6:98:ad:bf:24:46:fa:8b:d9:0e:60:86:fc:6d:
86:9e:cb:04:3b:97:3d:64:72:85:2a:7e:7d:84:c0:ea:54:3a:
ce:49:84:c8:22:6b:12:b1:c5:44:e6:5f:08:81:52:44:9d:86:
20:ce:a2:38:81:47:0a:9c:d9:ce:a6:35:4a:1c:72:5b:4e:71:
c7:ae:38:cd:1f:6b:c9:31:e5:32:d8:c5:13:2c:5f:28:a1:e4:
93:73:85:ff:b5:06:13:0f:74:39:2f:a9:ec:f2:08:bf:8f:6c:
84:32:bd:e0:7b:6d:5c:8b:0b:aa:c2:6c:16:08:e9:e4:dd:ac:
a9:8a:ac:e8:45:14:be:f6:54:83:9b:9b:4a:b6:b3:4f:47:57:
59:f9:56:3b:a7:7d:91:55:36:e2:ba:a2:35:0c:90:1a:ea:91:
ed:d1:36:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeRfvge3uo2K3CO986BdiBYNRiJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGViNWVmYmRlOTMzMTgwMzM1YTc2OWY4OWY2MWIzZTE1OWQ4NTg0YjJlYmFi
ZTI1NzI2Njk2MjA1NGI3Mjc4YWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEfpIvD3X+DE8Dr346R59YO3362S2NA3fuoZ5xEBsXu+T90fYd6Vo+fyjH0
P6BslEmmBLODTnVXc9bfcnUYog6h/oKzr7QOux0qEKev2KxAKqpd4KgIvCclvCIB
2O4fcWbCJ9jpw3EV7SYlOK9zhoixRj5Tiuxv3uSQLol2uW1NmLXMS5lq3yJntCiH
/NHRy6IFEBiDCVSat4GRdTIjYNj+Jcy75Nsh8+8G0DxqR9TCJco6WHkqjjfe9rX8
mBF1RpAMEgHJ7gbAkvU1ocPfgvZZuGquH6rOr5Qmzpz1GPP7nqvzMH51TAAoogoe
tO+YbBx95UDMdVhNbVga7GRtYokCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQBasbw
cCzCkSV9umWlU8BQqRUw6TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmU0YzI5MzQtOWU1NC00OWI2LWJiNDEtN2M3NmI1MDRkNzhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHByoBBXgQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAUWCXH43OBdMlDXv0FdoN2RpJLU2x21p1VcWq
sOAtW9IUABvFK2ymeq4jnLEOaU0MMHH4y5oMKbJISnS4OLlTucOt30Zyum3N1dQR
QgCsQpbvsmYLFbI5VQyKB2h7WLaYrb8kRvqL2Q5ghvxthp7LBDuXPWRyhSp+fYTA
6lQ6zkmEyCJrErHFROZfCIFSRJ2GIM6iOIFHCpzZzqY1ShxyW05xx644zR9ryTHl
MtjFEyxfKKHkk3OF/7UGEw90OS+p7PIIv49shDK94HttXIsLqsJsFgjp5N2sqYqs
6EUUvvZUg5ubSrazT0dXWflWO6d9kVU24rqiNQyQGuqR7dE2rg==
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org