Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
File: 47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa (raw, json)
Hash identifier: w6AjCF/RyLDqXJzZxGOyyrdrn9B0GCaEAuxU4Q91mUA=
Subject key identifier: EE:F0:D7:84:35:34:5B:46:1D:F1:EC:99:61:04:A6:F4:69:42:F0:7A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 643F9CABE54843A841AE773632AE4C4586421469
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:3f:9c:ab:e5:48:43:a8:41:ae:77:36:32:ae:4c:45:86:42:14:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=8dff7aa468162486fc10ef9d0f36b77c1db6311c4e6e4110855443b4ec2239d5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4c:02:af:fa:54:f9:2e:07:7e:c7:1d:35:99:
3a:1f:1a:bf:d5:6f:58:5b:ec:38:eb:a8:f0:47:3b:
80:f5:e2:c5:c0:63:7c:01:c5:7b:86:20:bb:38:f8:
0a:52:d4:5e:20:87:57:af:97:db:c5:0c:ac:94:cc:
7a:e8:08:00:14:dc:b9:19:11:3b:8f:79:37:e8:b6:
6e:99:6b:ff:ea:22:29:e0:d4:16:55:29:b4:ef:20:
6a:c9:a2:40:88:82:17:37:1b:7c:24:82:6c:04:ed:
12:90:86:e7:7d:14:d3:a0:8d:9d:fc:5e:0b:16:10:
cd:e3:0b:8d:a6:a4:96:6a:bb:d3:4c:69:72:35:d3:
c8:20:1f:95:2e:39:ba:6f:9a:32:0b:e3:3c:42:7d:
be:83:4d:ae:7a:c8:bb:f1:db:e0:5a:01:67:04:17:
67:74:d5:b1:d8:4c:3b:8b:e8:63:e7:05:25:b5:2b:
2a:c8:fd:39:db:2d:8f:fe:7c:fe:6d:0c:e0:e6:13:
81:b7:c1:f6:fc:0c:4e:e4:33:c8:93:6d:63:e8:2c:
8d:26:90:09:af:0f:89:ab:f6:f8:7c:09:96:4f:5c:
0c:63:b9:d8:c8:8e:93:c1:8d:dd:05:c7:9a:47:be:
1a:69:14:f4:fa:fe:1d:3c:37:f7:a7:3d:a1:4c:7b:
83:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:F0:D7:84:35:34:5B:46:1D:F1:EC:99:61:04:A6:F4:69:42:F0:7A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
25:b4:dc:bd:ae:ed:a5:27:a0:00:42:15:22:ce:31:13:e2:0f:
3a:39:03:39:ad:2f:35:09:be:c6:5a:de:e1:cd:c9:d4:fc:e0:
c7:07:60:aa:ef:b5:6b:6d:49:52:e4:5a:81:39:6c:81:2e:68:
72:d5:5d:b7:0b:ef:40:3e:3f:0b:7f:f9:9d:14:cf:69:de:9e:
0b:19:91:5c:ec:6f:f9:de:5c:66:c1:8e:c1:87:e9:74:07:a0:
44:23:9a:1e:7d:4e:70:e4:43:3d:00:c3:01:6f:32:5c:0b:69:
d4:da:ca:9b:18:20:84:d9:6f:80:3b:27:4b:ad:d5:39:a4:08:
23:06:bd:78:63:9c:ef:b7:92:78:87:3c:66:65:3c:a9:4c:f8:
54:4e:59:f4:02:3d:6e:3b:f9:ed:86:37:75:39:d2:c8:69:6b:
b9:59:8a:26:38:e6:4b:a8:dc:f3:12:02:02:28:6e:2b:34:64:
32:64:a3:c1:41:bc:b4:c0:8a:a3:e7:e5:2b:e2:0e:50:2d:2a:
85:d5:ec:f4:21:a4:6c:cc:a1:5b:cf:30:6a:8e:62:bf:29:ae:
f2:82:2f:45:97:3c:f6:50:59:23:90:80:40:2e:49:9f:cd:ea:
a4:52:d0:c3:d1:c5:3f:61:26:6f:ff:24:54:d9:80:ea:5e:28:
e6:f5:be:86
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZD+cq+VIQ6hBrnc2Mq5MRYZCFGkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkZmY3YWE0NjgxNjI0ODZmYzEwZWY5ZDBmMzZiNzdjMWRiNjMxMWM0ZTZl
NDExMDg1NTQ0M2I0ZWMyMjM5ZDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRMAq/6VPkuB37HHTWZOh8av9VvWFvsOOuo8Ec7gPXixcBjfAHFe4Yguzj4
ClLUXiCHV6+X28UMrJTMeugIABTcuRkRO495N+i2bplr/+oiKeDUFlUptO8gasmi
QIiCFzcbfCSCbATtEpCG530U06CNnfxeCxYQzeMLjaaklmq700xpcjXTyCAflS45
um+aMgvjPEJ9voNNrnrIu/Hb4FoBZwQXZ3TVsdhMO4voY+cFJbUrKsj9Odstj/58
/m0M4OYTgbfB9vwMTuQzyJNtY+gsjSaQCa8Piav2+HwJlk9cDGO52MiOk8GN3QXH
mke+GmkU9Pr+HTw396c9oUx7g3ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTu8NeE
NTRbRh3x7JlhBKb0aULwejAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDdlM2MzNWItNjJjZC00MTM5LWE5N2MtN2JmMGNlNDQwOTdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAJbTcva7tpSegAEIVIs4xE+IPOjkDOa0vNQm+xlre
4c3J1Pzgxwdgqu+1a21JUuRagTlsgS5octVdtwvvQD4/C3/5nRTPad6eCxmRXOxv
+d5cZsGOwYfpdAegRCOaHn1OcORDPQDDAW8yXAtp1NrKmxgghNlvgDsnS63VOaQI
Iwa9eGOc77eSeIc8ZmU8qUz4VE5Z9AI9bjv57YY3dTnSyGlruVmKJjjmS6jc8xIC
AihuKzRkMmSjwUG8tMCKo+flK+IOUC0qhdXs9CGkbMyhW88wao5ivymu8oIvRZc8
9lBZI5CAQC5Jn83qpFLQw9HFP2Emb/8kVNmA6l4o5vW+hg==
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:18 2024 by rpki-client on console-fra.rpki-client.org