Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
File: 44c4496c-63e1-49fc-828b-d77f94e0a789.roa (raw, json)
Hash identifier: peGqpuY60l+myJmQA0F+GWByQf2YKE5yg+HfJoAGnoM=
Subject key identifier: AF:80:0F:82:77:17:73:7C:A6:2C:74:94:4D:65:1F:B1:7B:86:98:1A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 49605FC9E840161C8065FC6E57FACADD3789397E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
Signing time: Mon 25 Nov 2024 00:00:00 +0000
ROA not before: Mon 25 Nov 2024 00:00:00 +0000
ROA not after: Mon 30 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 16:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:60:5f:c9:e8:40:16:1c:80:65:fc:6e:57:fa:ca:dd:37:89:39:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 25 00:00:00 2024 GMT
Not After : Dec 30 23:59:59 2024 GMT
Subject: serialNumber=88d455643925b30dbb95c0df5d6e5016011429b735f0e70adab4c88cb0ba90ea, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:af:9c:0d:2e:0f:8b:82:77:73:6e:4b:dc:2c:
0f:26:d9:58:bc:3a:dd:90:35:92:1c:22:52:14:31:
31:89:90:aa:de:e0:9c:13:da:a5:0c:88:8b:c9:04:
d4:b0:32:c0:22:27:34:e2:53:00:1f:b8:42:09:e3:
3a:e9:bf:61:fe:fe:2d:96:e5:b8:96:ab:78:87:f8:
64:cb:39:44:c5:de:b1:5f:b6:c3:a3:38:9d:f2:be:
17:02:80:04:7d:85:cc:83:2f:14:b1:0b:18:e8:37:
81:72:ae:f5:56:ee:6c:94:b3:76:bf:75:a4:86:ce:
55:ca:d3:10:e2:ef:09:0f:fb:78:28:61:ea:0b:1b:
79:77:59:61:78:8f:51:0c:9d:5a:77:06:57:d4:52:
74:a9:97:f2:2e:a2:c8:4f:bc:ed:05:6a:5d:77:a3:
67:b6:f8:4d:d7:21:1a:82:57:2e:e0:da:7a:9e:37:
aa:71:0f:07:78:36:ca:64:c0:23:47:de:12:e3:7a:
20:dd:e4:72:95:bd:21:3f:82:98:7e:f0:68:be:59:
b4:d6:bd:c1:c3:bb:93:63:93:3b:f2:a2:3b:7e:9f:
de:80:b7:9b:8b:93:0c:75:c9:58:d4:57:d7:a3:61:
38:b1:05:47:f1:78:2c:77:fa:17:5a:75:f0:74:d2:
3c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:80:0F:82:77:17:73:7C:A6:2C:74:94:4D:65:1F:B1:7B:86:98:1A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
c9:cd:e3:ed:d7:a5:42:63:1b:9b:15:d0:42:ed:4f:97:45:3d:
bc:d3:40:ed:84:0e:65:9a:7c:9d:80:b7:0f:ef:7c:ce:aa:ae:
35:9c:6c:76:33:37:c6:4f:3a:5a:ad:ce:44:69:85:67:47:e0:
3a:37:28:af:85:05:1b:3c:eb:4d:69:a2:ac:cc:4a:17:06:34:
b4:d3:f2:b1:b0:f9:36:02:99:b8:cc:01:0d:27:1f:7c:43:b1:
83:fe:23:8e:ab:d2:ca:78:6e:84:47:b9:13:a4:0b:c4:92:65:
99:3a:81:cc:f1:ab:2a:b9:c0:cc:d3:32:6c:e2:8a:c2:36:32:
68:24:21:29:a1:62:4e:ed:fa:5b:9a:1e:e8:fb:ee:67:f3:f5:
7b:4a:e7:cc:b0:8d:06:0a:d1:a3:56:dc:21:a5:a7:97:de:c2:
df:99:3f:9c:31:11:e0:a8:12:67:06:d7:b9:18:2a:2d:1f:42:
37:26:67:50:4f:ea:41:ac:ea:d1:d7:3f:b4:50:2c:8d:14:e9:
c5:e1:fd:e6:03:9c:26:38:4f:ce:42:90:58:63:3c:6b:ec:c4:
e3:20:d7:bb:25:5d:ac:89:4d:13:51:1f:42:8a:22:9f:7f:96:
8a:cc:06:63:85:df:2a:9d:4e:6c:17:31:cc:3d:b7:fe:32:2b:
d8:4f:ba:bf
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSWBfyehAFhyAZfxuV/rK3TeJOX4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjUwMDAwMDBaFw0yNDEyMzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4ZDQ1NTY0MzkyNWIzMGRiYjk1YzBkZjVkNmU1MDE2MDExNDI5YjczNWYw
ZTcwYWRhYjRjODhjYjBiYTkwZWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWvnA0uD4uCd3NuS9wsDybZWLw63ZA1khwiUhQxMYmQqt7gnBPapQyIi8kE
1LAywCInNOJTAB+4QgnjOum/Yf7+LZbluJareIf4ZMs5RMXesV+2w6M4nfK+FwKA
BH2FzIMvFLELGOg3gXKu9VbubJSzdr91pIbOVcrTEOLvCQ/7eChh6gsbeXdZYXiP
UQydWncGV9RSdKmX8i6iyE+87QVqXXejZ7b4TdchGoJXLuDaep43qnEPB3g2ymTA
I0feEuN6IN3kcpW9IT+CmH7waL5ZtNa9wcO7k2OTO/KiO36f3oC3m4uTDHXJWNRX
16NhOLEFR/F4LHf6F1p18HTSPMECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSvgA+C
dxdzfKYsdJRNZR+xe4aYGjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRjNDQ5NmMtNjNlMS00OWZjLTgyOGItZDc3Zjk0ZTBhNzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAyc3j7delQmMbmxXQQu1Pl0U9vNNA7YQOZZp8nYC3
D+98zqquNZxsdjM3xk86Wq3ORGmFZ0fgOjcor4UFGzzrTWmirMxKFwY0tNPysbD5
NgKZuMwBDScffEOxg/4jjqvSynhuhEe5E6QLxJJlmTqBzPGrKrnAzNMybOKKwjYy
aCQhKaFiTu36W5oe6PvuZ/P1e0rnzLCNBgrRo1bcIaWnl97C35k/nDER4KgSZwbX
uRgqLR9CNyZnUE/qQazq0dc/tFAsjRTpxeH95gOcJjhPzkKQWGM8a+zE4yDXuyVd
rIlNE1EfQooin3+WiswGY4XfKp1ObBcxzD23/jIr2E+6vw==
-----END CERTIFICATE-----
Generated at Tue Dec 10 22:27:40 2024 by rpki-client on console-ams.rpki-client.org