Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
File: 383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa (raw, json)
Hash identifier: mP0SJu2sPhPKSLXZfcQFVQTg56LAvYaGYDzbo6HOtYk=
Subject key identifier: 81:BE:46:E9:51:02:66:6F:A7:8F:68:69:0D:55:FF:3A:BC:4E:DC:87
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 42CB5F57CD7F1ACA689FA00A35484606C48E0A97
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:cb:5f:57:cd:7f:1a:ca:68:9f:a0:0a:35:48:46:06:c4:8e:0a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=942539cd7b87aeadf14a1a2cee119e92a9ff899c06d4a819744f8bb2ab5321e7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:26:f2:61:a8:c1:18:e0:8b:54:74:1c:fb:e4:
21:e0:ee:cd:a1:f8:47:3c:01:27:60:21:b5:ec:ea:
84:62:56:aa:23:bb:86:47:54:50:7c:43:61:cd:8b:
18:d9:6e:42:00:f2:82:7e:02:93:5e:ca:18:e4:e1:
6d:69:33:a4:cb:60:04:f1:10:9c:bb:57:15:09:8a:
0c:b4:21:fe:88:91:c8:28:d5:05:cc:80:eb:2e:00:
68:22:e9:d7:c8:e9:ef:ea:9f:92:bc:19:e3:5a:18:
dd:96:cf:66:24:5a:53:f2:00:43:e6:f4:ed:c1:8e:
e4:be:ca:9c:83:de:82:d3:24:a3:33:9a:87:0b:37:
3e:ab:85:d6:78:67:3a:b1:b6:b1:d8:04:57:59:ff:
d6:33:0a:3b:a2:81:6a:4e:89:5c:75:dd:ad:76:ab:
57:04:06:50:dd:d4:4b:8a:18:88:9d:6e:87:8f:73:
20:c3:52:c0:d7:17:7d:24:6a:6c:61:5d:a6:fb:bb:
ff:49:ec:9e:8a:80:f7:d4:26:69:e1:01:4d:01:21:
ff:77:64:e7:59:cb:53:d2:c0:6b:56:04:10:9a:9b:
d5:f4:06:57:41:43:0d:8c:b0:3c:0a:44:1b:20:78:
9a:74:6d:56:22:c3:a9:cb:aa:3a:68:3a:f1:02:65:
2f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:BE:46:E9:51:02:66:6F:A7:8F:68:69:0D:55:FF:3A:BC:4E:DC:87
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:1e:72:38:13:44:2a:2d:63:31:0d:0b:f2:90:80:13:3c:87:
91:b5:b6:34:a9:a8:13:ee:a8:37:a0:82:58:a9:eb:e8:35:1f:
76:25:1e:d9:77:98:8b:97:d9:95:31:4d:28:80:41:46:c4:20:
30:d4:13:9b:3e:22:78:04:cb:a5:ec:cf:44:01:eb:3e:03:39:
43:29:13:cc:ba:19:91:98:cb:8d:8e:2a:f7:54:e7:e2:84:a4:
48:0b:d7:bb:e2:e6:79:f6:d6:f7:f2:40:56:83:13:a5:83:19:
75:87:5c:cb:3a:77:6f:f8:4a:92:8c:14:35:12:62:f9:e0:0c:
b8:b3:9a:4e:60:61:dc:12:91:db:73:df:fd:6f:0a:5e:f4:9a:
c4:a4:01:6c:b0:06:46:1e:34:97:54:9b:3b:39:4e:81:6f:3b:
27:5e:fc:26:65:da:ba:42:8f:81:8d:8d:62:93:a6:d2:40:0e:
35:02:55:55:9d:16:06:68:51:ee:8e:74:fc:ac:1e:9d:a9:f4:
d3:37:db:13:b8:79:fa:9c:af:23:9e:ce:cd:37:06:52:84:d5:
4e:cc:e8:89:d4:57:9f:81:c8:b9:31:0d:f8:9f:9c:d0:8e:ff:
5d:0d:a2:98:2d:bd:9f:57:4f:49:40:ca:c0:2b:2e:28:00:60:
9c:76:bb:47
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQstfV81/Gspon6AKNUhGBsSOCpcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0MjUzOWNkN2I4N2FlYWRmMTRhMWEyY2VlMTE5ZTkyYTlmZjg5OWMwNmQ0
YTgxOTc0NGY4YmIyYWI1MzIxZTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0m8mGowRjgi1R0HPvkIeDuzaH4RzwBJ2AhtezqhGJWqiO7hkdUUHxDYc2L
GNluQgDygn4Ck17KGOThbWkzpMtgBPEQnLtXFQmKDLQh/oiRyCjVBcyA6y4AaCLp
18jp7+qfkrwZ41oY3ZbPZiRaU/IAQ+b07cGO5L7KnIPegtMkozOahws3PquF1nhn
OrG2sdgEV1n/1jMKO6KBak6JXHXdrXarVwQGUN3US4oYiJ1uh49zIMNSwNcXfSRq
bGFdpvu7/0nsnoqA99QmaeEBTQEh/3dk51nLU9LAa1YEEJqb1fQGV0FDDYywPApE
GyB4mnRtViLDqcuqOmg68QJlLwUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSBvkbp
UQJmb6ePaGkNVf86vE7chzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzgzYzFmNmQtNGUwZS00ZTMzLWEyY2UtZjQ5Mzg2ZGNjMWYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQAzHnI4E0QqLWMxDQvykIATPIeRtbY0qagT7qg3oIJY
qevoNR92JR7Zd5iLl9mVMU0ogEFGxCAw1BObPiJ4BMul7M9EAes+AzlDKRPMuhmR
mMuNjir3VOfihKRIC9e74uZ59tb38kBWgxOlgxl1h1zLOndv+EqSjBQ1EmL54Ay4
s5pOYGHcEpHbc9/9bwpe9JrEpAFssAZGHjSXVJs7OU6BbzsnXvwmZdq6Qo+BjY1i
k6bSQA41AlVVnRYGaFHujnT8rB6dqfTTN9sTuHn6nK8jns7NNwZShNVOzOiJ1Fef
gci5MQ34n5zQjv9dDaKYLb2fV09JQMrAKy4oAGCcdrtH
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:21 2024 by rpki-client on console-ams.rpki-client.org