Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/34e19faa-5cf1-4226-b61a-b6161eba0791.roa
File: 34e19faa-5cf1-4226-b61a-b6161eba0791.roa (raw, json)
Hash identifier: 0/sQgpcuRskmE+VBg8Hi092l0Tvkx/CnGHsi1nSJyvI=
Subject key identifier: 2F:2A:CC:10:6D:5F:61:6E:74:E3:89:26:62:BA:14:B6:BD:2D:01:67
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B6812BAEC0ADD01F275F9275641ECDDCA6647
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/34e19faa-5cf1-4226-b61a-b6161eba0791.roa
Signing time: Wed 27 Mar 2024 00:00:00 +0000
ROA not before: Wed 27 Mar 2024 00:00:00 +0000
ROA not after: Wed 01 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 62.230.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Mar 2024 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:68:12:ba:ec:0a:dd:01:f2:75:f9:27:56:41:ec:dd:ca:66:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 27 00:00:00 2024 GMT
Not After : May 1 23:59:59 2024 GMT
Subject: serialNumber=8e714f26a841990106cbc0bdd85c592df74913fbb373f67aeeb4ffc877bc1736, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e7:74:62:08:f1:d1:fb:49:5a:12:5d:74:11:
31:73:24:d0:4e:a7:09:65:d4:76:c1:fa:f9:05:5c:
bd:3d:ef:e5:3d:45:29:31:05:44:5d:3a:4e:c8:27:
e8:36:ef:62:67:0c:10:b0:c4:4f:ff:62:16:75:30:
95:07:57:55:e2:75:41:2d:2f:2d:99:77:35:b7:ab:
4d:b9:18:4c:f4:1c:ec:12:35:78:32:9e:90:67:e7:
08:79:4a:e0:b5:2d:93:f8:82:38:8d:4a:7c:6b:92:
ff:cc:8b:ef:09:87:61:c7:be:6c:2d:da:64:92:4a:
bc:c1:ad:b2:82:31:97:5d:f4:2c:2a:ca:e9:69:c6:
54:38:37:29:79:5e:ba:4c:8b:1d:96:16:bb:5a:15:
96:12:dd:0c:45:e6:7f:a8:98:9a:03:75:f1:7b:3f:
5b:06:f9:7b:b7:21:64:e7:71:f7:5b:cd:3d:bd:8b:
4b:a5:93:cb:f8:97:72:48:34:47:3f:16:fb:c9:0a:
c2:5e:b3:bd:91:2a:6f:77:f5:b2:20:e0:9a:45:49:
ef:f9:17:57:b8:a6:d1:b4:7f:48:a6:80:1c:ce:10:
2f:47:95:3d:6b:ce:d8:9a:e5:a5:95:15:37:3a:62:
f4:4e:18:cf:bb:f3:87:a3:df:f4:01:15:35:e4:df:
5f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:2A:CC:10:6D:5F:61:6E:74:E3:89:26:62:BA:14:B6:BD:2D:01:67
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/34e19faa-5cf1-4226-b61a-b6161eba0791.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.230.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c4:08:41:89:49:9f:05:de:48:3d:55:6f:4b:93:96:da:02:7e:
73:d7:42:8d:f7:5d:0c:6e:f7:fd:b0:01:40:d5:0f:8b:f7:ce:
38:a7:bd:a1:2b:ec:c2:be:e0:23:99:af:d9:d2:59:b7:62:33:
1d:f6:bf:ae:98:da:3f:f6:53:32:d0:cc:ff:8c:fc:a7:66:16:
12:ff:6b:17:b0:e2:b1:2f:d6:5e:67:06:72:c9:f2:43:23:dd:
3a:a8:0b:fc:45:14:88:47:c7:2a:5e:59:47:7d:ce:07:bc:fb:
f3:1c:eb:c1:90:03:ef:26:1c:20:ec:35:20:77:3c:32:1d:62:
1f:2d:4d:15:e1:56:0d:db:d5:43:ab:87:5f:d2:73:30:4b:e6:
68:05:8b:1a:cd:ce:81:7d:d5:26:80:f4:8e:50:b8:fc:7f:0e:
74:ab:c4:b2:57:11:dc:cf:51:a4:b2:c3:19:eb:4b:41:01:38:
77:40:10:82:41:24:b7:ed:cb:2c:c1:6a:59:e2:53:74:25:ae:
cc:58:2d:40:8d:aa:33:9c:e8:a6:c8:dd:ef:e7:a5:80:27:e9:
fa:4b:0f:02:b4:e5:ed:43:57:4f:dc:4e:c8:22:2c:9d:b5:8c:
c0:e3:33:87:49:49:c4:a0:8e:38:6f:3d:e5:4a:b3:80:7d:0b:
43:ab:50:90
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgITe2gSuuwK3QHydfknVkHs3cpmRzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0NTNmNDc0NjM1NGUyYWQxNWNlN2ViZDhkYzIxZjk2YzBl
NWM4N2NmMB4XDTI0MDMyNzAwMDAwMFoXDTI0MDUwMTIzNTk1OVowejFJMEcGA1UE
BRNAOGU3MTRmMjZhODQxOTkwMTA2Y2JjMGJkZDg1YzU5MmRmNzQ5MTNmYmIzNzNm
NjdhZWViNGZmYzg3N2JjMTczNjEtMCsGA1UEAxMkYzMzNjQxMWEtNjY1MS00ZjEz
LThlZjktZGU2ODFjN2M5NDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5+d0Ygjx0ftJWhJddBExcyTQTqcJZdR2wfr5BVy9Pe/lPUUpMQVEXTpOyCfo
Nu9iZwwQsMRP/2IWdTCVB1dV4nVBLS8tmXc1t6tNuRhM9BzsEjV4Mp6QZ+cIeUrg
tS2T+II4jUp8a5L/zIvvCYdhx75sLdpkkkq8wa2ygjGXXfQsKsrpacZUODcpeV66
TIsdlha7WhWWEt0MReZ/qJiaA3Xxez9bBvl7tyFk53H3W809vYtLpZPL+JdySDRH
Pxb7yQrCXrO9kSpvd/WyIOCaRUnv+RdXuKbRtH9IpoAczhAvR5U9a87YmuWllRU3
OmL0ThjPu/OHo9/0ARU15N9fTwIDAQABo4ICIDCCAhwwHQYDVR0OBBYEFC8qzBBt
X2FudOOJJmK6FLa9LQFnMB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfP
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9L
dEZjNS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy8z
NGUxOWZhYS01Y2YxLTQyMjYtYjYxYS1iNjE2MWViYTA3OTEucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4
OGMvX2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAPuYwDQYJ
KoZIhvcNAQELBQADggEBAMQIQYlJnwXeSD1Vb0uTltoCfnPXQo33XQxu9/2wAUDV
D4v3zjinvaEr7MK+4COZr9nSWbdiMx32v66Y2j/2UzLQzP+M/KdmFhL/axew4rEv
1l5nBnLJ8kMj3TqoC/xFFIhHxypeWUd9zge8+/Mc68GQA+8mHCDsNSB3PDIdYh8t
TRXhVg3b1UOrh1/SczBL5mgFixrNzoF91SaA9I5QuPx/DnSrxLJXEdzPUaSywxnr
S0EBOHdAEIJBJLftyyzBalniU3QlrsxYLUCNqjOc6KbI3e/npYAn6fpLDwK05e1D
V0/cTsgiLJ21jMDjM4dJScSgjjhvPeVKs4B9C0OrUJA=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:20 2024 by rpki-client on console-fra.rpki-client.org