Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa
File: 43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa (raw, json)
Hash identifier: KCscK8o6vVyFOLcFt/htrDFfscLkafmlM6Om8dIVzMI=
Subject key identifier: 61:BB:19:06:C5:C4:8B:F2:B3:9C:59:B7:15:92:53:F2:86:76:E8:F9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6834851143C281FF7A5113201C3C33ED4CF4AF4A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:34:85:11:43:c2:81:ff:7a:51:13:20:1c:3c:33:ed:4c:f4:af:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=31c017dbd9175bb5599f62620131ae728ccf92caa99ec6e644a8ade1a0b4ccf9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ce:25:ad:16:4f:ad:d5:6d:3c:61:8c:d6:23:
8c:d7:1a:2e:da:ab:a8:8f:5f:1b:0d:fa:80:d1:05:
72:8d:38:d1:f0:65:c7:de:b3:75:be:ea:5a:03:8c:
23:d6:57:c4:da:10:7c:45:04:a4:85:28:63:da:86:
7a:42:19:79:c9:54:e7:a4:01:8c:49:16:de:c8:00:
b9:a7:63:84:80:96:9b:ef:95:5b:00:05:72:9d:67:
6c:f1:85:ba:24:29:0d:2e:eb:49:80:1a:29:e9:93:
9c:f4:fd:85:52:7c:3a:d3:36:aa:d3:82:ac:4e:e6:
2a:5e:cb:60:22:1f:ed:c3:14:dc:ae:f3:6f:3d:e8:
71:d8:3c:40:dd:f8:9f:95:e8:9d:b8:f8:17:21:86:
4a:26:ce:d8:84:e5:12:e1:90:a5:ab:ff:13:b0:24:
fd:4c:7e:4e:7d:12:d5:84:07:14:c2:e8:3c:18:0e:
8c:26:6d:72:c0:78:aa:fa:6d:18:17:78:7d:d4:b0:
75:91:5f:ab:b6:65:7c:43:94:1e:ed:05:7c:48:b3:
39:d2:03:23:d0:0f:4f:aa:2f:47:d3:32:2c:61:01:
6f:7d:15:9a:eb:b4:76:fe:b7:8f:d0:bf:1c:ee:cf:
9b:19:de:89:f3:a8:ea:33:7d:67:85:e1:6a:ae:97:
94:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:BB:19:06:C5:C4:8B:F2:B3:9C:59:B7:15:92:53:F2:86:76:E8:F9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:01:af:af:44:aa:83:e8:65:da:7a:bd:81:63:8c:6e:1f:68:
60:59:d8:69:5e:c5:82:cd:cf:58:fe:bc:ae:dd:f9:80:ad:b2:
3c:20:f0:e1:01:44:17:31:0a:60:cc:93:2b:64:8a:87:d6:69:
95:13:b5:a3:42:db:11:9a:b3:c5:1f:17:d0:b7:2c:a0:28:af:
f7:f3:65:b2:0c:7f:64:d0:e0:e3:36:89:34:39:69:48:cd:c0:
f3:f3:a6:8d:95:d1:09:c4:a4:40:d1:9f:6c:b0:bc:c9:9c:d3:
2c:ab:33:d2:92:4a:db:29:4d:d0:e6:90:d8:15:e9:ee:c3:ec:
7a:18:64:51:ac:a5:80:56:00:82:2d:d9:f6:a9:d9:13:70:21:
12:9c:77:71:50:d7:66:85:28:e7:2c:df:08:5f:ac:4c:b0:46:
43:13:02:3b:6d:5f:79:19:4e:8d:c6:53:7b:eb:d2:20:d4:04:
c5:dd:79:35:4f:24:dc:47:db:e0:6a:d2:fc:22:ec:1c:90:f5:
00:e5:92:c8:86:a1:80:9a:9f:1c:eb:d4:d1:34:99:b4:0f:dc:
b5:95:5e:34:6f:ea:04:c7:e7:75:82:c2:45:cf:2b:30:3b:f5:
1d:2b:5d:f3:c5:33:a7:66:58:24:06:bf:e3:4b:60:d6:39:e3:
25:0e:d3:06
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaDSFEUPCgf96URMgHDwz7Uz0r0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxYzAxN2RiZDkxNzViYjU1OTlmNjI2MjAxMzFhZTcyOGNjZjkyY2FhOTll
YzZlNjQ0YThhZGUxYTBiNGNjZjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXOJa0WT63VbTxhjNYjjNcaLtqrqI9fGw36gNEFco040fBlx96zdb7qWgOM
I9ZXxNoQfEUEpIUoY9qGekIZeclU56QBjEkW3sgAuadjhICWm++VWwAFcp1nbPGF
uiQpDS7rSYAaKemTnPT9hVJ8OtM2qtOCrE7mKl7LYCIf7cMU3K7zbz3ocdg8QN34
n5Xonbj4FyGGSibO2ITlEuGQpav/E7Ak/Ux+Tn0S1YQHFMLoPBgOjCZtcsB4qvpt
GBd4fdSwdZFfq7ZlfEOUHu0FfEizOdIDI9APT6ovR9MyLGEBb30Vmuu0dv63j9C/
HO7PmxneifOo6jN9Z4Xhaq6XlB0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRhuxkG
xcSL8rOcWbcVklPyhnbo+TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDNiNGY1ZTEtMDVlZC00YzJjLTk2YTktMTY1MzQ4ODM1ZThjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQAeAa+vRKqD6GXaer2BY4xuH2hgWdhpXsWCzc9Y/ryu
3fmArbI8IPDhAUQXMQpgzJMrZIqH1mmVE7WjQtsRmrPFHxfQtyygKK/382WyDH9k
0ODjNok0OWlIzcDz86aNldEJxKRA0Z9ssLzJnNMsqzPSkkrbKU3Q5pDYFenuw+x6
GGRRrKWAVgCCLdn2qdkTcCESnHdxUNdmhSjnLN8IX6xMsEZDEwI7bV95GU6NxlN7
69Ig1ATF3Xk1TyTcR9vgatL8IuwckPUA5ZLIhqGAmp8c69TRNJm0D9y1lV40b+oE
x+d1gsJFzyswO/UdK13zxTOnZlgkBr/jS2DWOeMlDtMG
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:15 2024 by rpki-client on console-ams.rpki-client.org