Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
File: 43c182d6-87cf-4ea0-9709-b661212b9631.roa (raw, json)
Hash identifier: xFac3g4Uce8lR8oHn6iDj7t5WoBl8QLgR233iuHgPaY=
Subject key identifier: 5D:51:F4:DD:D6:7E:B8:0D:E2:F7:5D:A6:99:77:B4:9E:81:AD:3D:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 028C364CA22E0619E7F6988399D0635B07277132
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:8c:36:4c:a2:2e:06:19:e7:f6:98:83:99:d0:63:5b:07:27:71:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=5069bdbacb7dc8f23248066f52173d8c9799170157a1a91c11db5362dd349a6f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:04:e8:33:a1:55:a7:5f:58:08:b8:e7:15:71:
84:93:45:e2:9d:bd:9d:93:15:5d:7f:93:28:ea:8e:
b3:f4:82:d3:d0:bd:33:32:4c:e3:59:9e:63:83:72:
16:0f:f9:0f:65:ec:34:5a:23:ee:ce:e2:f3:30:00:
48:52:90:db:56:a8:23:64:9b:9b:63:fc:03:ab:30:
7a:39:c0:2d:1c:5e:27:8d:b2:09:ad:25:e3:e6:2f:
8e:32:cb:8c:94:ec:3f:c6:75:88:4c:55:8d:01:dd:
66:b8:aa:5a:9d:53:e4:05:6c:ae:f2:4f:a9:ab:52:
e4:a0:7f:f1:00:90:c7:9f:ed:87:b0:fe:88:49:fa:
f3:67:44:07:a1:7a:85:64:74:b9:9f:58:53:1b:f2:
b3:53:9e:a4:40:bf:23:d9:e5:90:0b:10:39:e9:84:
21:59:6e:3a:29:f3:39:ef:cb:ea:df:75:3f:6a:9d:
f9:9e:e2:04:2b:43:47:03:56:42:f0:ff:ac:17:76:
73:21:a0:a1:41:e9:0d:ae:4a:fc:17:bc:64:10:bc:
85:13:55:88:cd:c8:62:3f:5c:6e:50:47:e1:2d:62:
33:79:01:47:11:b9:0f:8b:c7:db:c4:d9:a5:24:98:
cd:53:59:58:45:41:0f:4b:c6:a3:e0:c3:e4:5b:fe:
ca:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:51:F4:DD:D6:7E:B8:0D:E2:F7:5D:A6:99:77:B4:9E:81:AD:3D:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/17
Signature Algorithm: sha256WithRSAEncryption
4c:3d:94:2e:25:8d:46:79:6b:9a:b5:89:e6:da:37:76:30:30:
96:4e:da:35:1b:af:30:e2:c1:8d:c8:0e:9c:21:39:5b:f4:e5:
3d:18:24:3a:ab:24:48:c6:bf:07:fe:f2:09:b5:e2:8a:1a:2e:
d7:a1:aa:41:d7:d2:a4:ba:61:e1:e6:ec:9b:5d:e8:a5:f1:1e:
bd:68:46:2d:b4:15:68:21:83:64:9e:05:38:be:3e:10:7a:e6:
ab:f5:f3:d9:2c:43:11:3d:29:5b:0b:8b:87:c8:25:cd:bf:4e:
3d:0d:57:9e:99:77:0a:50:8b:a9:32:b5:19:b9:4c:65:49:c8:
21:da:0c:83:b4:bd:ce:c8:ed:f6:f4:43:da:e4:0a:25:03:99:
de:fb:8c:e0:a4:07:be:59:3f:b4:f5:99:63:6d:37:a6:f5:0c:
96:6b:d4:31:54:09:b5:2e:e3:a4:2a:f4:9a:d4:3d:57:48:68:
4f:c7:fc:20:34:76:44:32:26:22:38:2d:07:53:5b:91:5e:c3:
73:a3:60:dd:61:4e:4b:4c:83:c7:e2:fa:7e:69:29:fe:bb:8c:
0f:a7:63:45:cb:d1:45:97:bc:fc:f9:69:f6:11:c6:51:29:4f:
0f:a7:5c:69:d9:c7:bf:b2:e9:df:4a:62:77:d3:b3:fa:95:53:
b3:fd:b0:ca
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAow2TKIuBhnn9piDmdBjWwcncTIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwNjliZGJhY2I3ZGM4ZjIzMjQ4MDY2ZjUyMTczZDhjOTc5OTE3MDE1N2Ex
YTkxYzExZGI1MzYyZGQzNDlhNmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcE6DOhVadfWAi45xVxhJNF4p29nZMVXX+TKOqOs/SC09C9MzJM41meY4Ny
Fg/5D2XsNFoj7s7i8zAASFKQ21aoI2Sbm2P8A6swejnALRxeJ42yCa0l4+YvjjLL
jJTsP8Z1iExVjQHdZriqWp1T5AVsrvJPqatS5KB/8QCQx5/th7D+iEn682dEB6F6
hWR0uZ9YUxvys1OepEC/I9nlkAsQOemEIVluOinzOe/L6t91P2qd+Z7iBCtDRwNW
QvD/rBd2cyGgoUHpDa5K/Be8ZBC8hRNViM3IYj9cblBH4S1iM3kBRxG5D4vH28TZ
pSSYzVNZWEVBD0vGo+DD5Fv+ysUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRdUfTd
1n64DeL3XaaZd7Sega09iDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDNjMTgyZDYtODdjZi00ZWEwLTk3MDktYjY2MTIxMmI5NjMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN
BgkqhkiG9w0BAQsFAAOCAQEATD2ULiWNRnlrmrWJ5to3djAwlk7aNRuvMOLBjcgO
nCE5W/TlPRgkOqskSMa/B/7yCbXiihou16GqQdfSpLph4ebsm13opfEevWhGLbQV
aCGDZJ4FOL4+EHrmq/Xz2SxDET0pWwuLh8glzb9OPQ1Xnpl3ClCLqTK1GblMZUnI
IdoMg7S9zsjt9vRD2uQKJQOZ3vuM4KQHvlk/tPWZY203pvUMlmvUMVQJtS7jpCr0
mtQ9V0hoT8f8IDR2RDImIjgtB1NbkV7Dc6Ng3WFOS0yDx+L6fmkp/ruMD6djRcvR
RZe8/Plp9hHGUSlPD6dcadnHv7Lp30pid9Oz+pVTs/2wyg==
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:21 2024 by rpki-client on console-ams.rpki-client.org