Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4bca83db-5d32-4ce3-8caa-b8a7b1d238d3.roa
File: 4bca83db-5d32-4ce3-8caa-b8a7b1d238d3.roa (raw, json)
Hash identifier: k106UX+FX8dS88y6XYbsvLOBYuIXv+6KNjGgoSUKa48=
Subject key identifier: 1B:21:D9:C3:FF:01:E9:EC:1D:35:28:25:16:68:CB:07:71:FD:0A:EB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7921E96DD103ED43EF084639AE7527BC6E258E6B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4bca83db-5d32-4ce3-8caa-b8a7b1d238d3.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:21:e9:6d:d1:03:ed:43:ef:08:46:39:ae:75:27:bc:6e:25:8e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=7e65f4854b2346fb07b7d0b89582a74ba6ad6a46354b4d2fd61d0d8f11629f9b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:65:f1:8a:51:44:b5:b5:99:ec:14:4e:70:ca:
02:c7:83:83:68:d6:3c:78:ec:76:2b:cf:7e:88:0f:
c6:77:e2:14:c5:b5:7f:ee:54:a3:57:91:c3:62:9d:
e0:57:f4:16:db:22:da:e1:58:7f:95:1f:f6:f1:1c:
a1:7a:21:b7:ca:11:1c:46:ca:fb:71:d6:a2:c4:c0:
2b:db:3d:ac:c5:40:c7:4e:2f:22:1a:8b:91:15:29:
0a:13:9a:86:05:7a:7d:fb:ab:1f:ff:d7:22:6e:3e:
cc:f5:5b:80:23:62:22:ca:1b:90:35:bb:51:5f:56:
b5:bb:5e:61:27:cc:2b:bd:76:78:f4:e8:43:bb:2b:
ce:6a:20:30:fb:b7:44:6c:8b:62:70:57:e0:10:d7:
b8:b2:d8:4c:34:2b:10:07:57:ab:44:e6:e8:1a:cc:
bb:db:5d:d8:c0:17:a0:27:60:d1:fd:36:bd:31:2a:
9f:48:8e:0a:db:53:a5:89:0c:47:22:52:38:00:b7:
78:0c:c0:9a:cb:a9:e2:93:ec:0b:15:9a:17:86:25:
b9:70:26:a7:cb:4a:5f:6f:d7:ff:eb:87:35:0d:fa:
eb:35:e8:8f:51:66:02:82:94:d7:50:15:f1:f2:c6:
c2:55:00:1d:94:13:8a:17:0f:a7:0e:f4:9d:83:00:
68:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:21:D9:C3:FF:01:E9:EC:1D:35:28:25:16:68:CB:07:71:FD:0A:EB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4bca83db-5d32-4ce3-8caa-b8a7b1d238d3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
61:87:d8:58:eb:b9:65:93:46:6e:90:26:43:29:81:7a:2d:37:
f4:db:9a:fd:63:8a:07:93:65:da:8b:72:c6:30:19:e6:08:55:
94:98:08:57:69:63:44:e2:fc:80:1d:f0:50:d8:29:82:1e:04:
b6:2c:36:1f:58:f2:24:c2:d2:2e:fd:45:cf:ab:44:38:8c:54:
1a:e8:08:ff:01:b9:10:31:41:4f:9d:a3:1e:8d:72:ed:ba:97:
8c:9b:64:2b:af:a6:40:b1:c3:f4:09:8b:91:e1:d2:09:85:47:
cc:30:d0:45:03:2e:a4:f9:d8:f1:fb:4b:a2:95:46:86:c2:20:
d0:16:bb:ad:04:1b:88:ec:d4:e7:f0:e3:4d:cd:89:19:02:bb:
ab:f7:01:6a:40:8c:51:87:2c:06:be:2a:df:e8:7e:43:38:c7:
84:00:80:39:1a:1d:e2:68:22:5f:f0:23:b4:ac:b8:ab:bf:8d:
ce:8e:7f:0c:d4:5a:d1:2f:36:44:be:c2:50:60:e0:db:f5:70:
59:7f:ee:df:7d:46:75:b4:dd:43:82:e7:9d:f5:d9:9b:1f:ca:
ad:1b:86:f2:c2:d9:1b:2c:7c:7e:4c:04:20:02:98:90:bc:21:
cf:8a:c5:e1:0e:ce:18:f1:b3:2c:27:97:d2:2c:18:83:f1:13:
77:4d:a5:ba
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeSHpbdED7UPvCEY5rnUnvG4ljmswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlNjVmNDg1NGIyMzQ2ZmIwN2I3ZDBiODk1ODJhNzRiYTZhZDZhNDYzNTRi
NGQyZmQ2MWQwZDhmMTE2MjlmOWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJl8YpRRLW1mewUTnDKAseDg2jWPHjsdivPfogPxnfiFMW1f+5Uo1eRw2Kd
4Ff0Ftsi2uFYf5Uf9vEcoXoht8oRHEbK+3HWosTAK9s9rMVAx04vIhqLkRUpChOa
hgV6ffurH//XIm4+zPVbgCNiIsobkDW7UV9WtbteYSfMK712ePToQ7srzmogMPu3
RGyLYnBX4BDXuLLYTDQrEAdXq0Tm6BrMu9td2MAXoCdg0f02vTEqn0iOCttTpYkM
RyJSOAC3eAzAmsup4pPsCxWaF4YluXAmp8tKX2/X/+uHNQ366zXoj1FmAoKU11AV
8fLGwlUAHZQTihcPpw70nYMAaK0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQbIdnD
/wHp7B01KCUWaMsHcf0K6zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGJjYTgzZGItNWQzMi00Y2UzLThjYWEtYjhhN2IxZDIzOGQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAYYfYWOu5ZZNGbpAmQymBei039Nua/WOKB5Nl2oty
xjAZ5ghVlJgIV2ljROL8gB3wUNgpgh4Etiw2H1jyJMLSLv1Fz6tEOIxUGugI/wG5
EDFBT52jHo1y7bqXjJtkK6+mQLHD9AmLkeHSCYVHzDDQRQMupPnY8ftLopVGhsIg
0Ba7rQQbiOzU5/DjTc2JGQK7q/cBakCMUYcsBr4q3+h+QzjHhACAORod4mgiX/Aj
tKy4q7+Nzo5/DNRa0S82RL7CUGDg2/VwWX/u331GdbTdQ4LnnfXZmx/KrRuG8sLZ
Gyx8fkwEIAKYkLwhz4rF4Q7OGPGzLCeX0iwYg/ETd02lug==
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:59:31 2024 by rpki-client on console-ams.rpki-client.org