Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json)
Hash identifier: 0tWerDOXfkxUG2jboQhrBvw2PhTwalf0I+DcZBKdgT4=
Subject key identifier: 35:6F:CC:41:E0:B9:11:82:2A:C9:FF:9B:3F:96:96:34:3D:49:51:5E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C0BFB27FF56644555450406E00CB04CAD22DD6A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:0b:fb:27:ff:56:64:45:55:45:04:06:e0:0c:b0:4c:ad:22:dd:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=4e09aff24476704fd26ee638d6af5bd21fdef981a77c4ef56aa505b88c573340, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4a:b8:a8:33:2d:cc:b4:01:99:0a:9f:c5:2d:
5f:56:4e:a7:79:fb:61:9b:08:fb:e0:c3:f4:2a:3e:
a8:1d:7f:50:4c:c0:32:e1:29:f4:0b:cf:f7:ed:49:
e5:39:0a:30:3a:aa:ce:cc:d8:e6:b4:c8:7d:bf:78:
18:99:aa:e5:0d:75:16:fd:90:6a:d7:22:70:f0:19:
b5:15:f4:72:a1:c6:93:fd:76:22:3d:2b:6f:fc:4e:
5c:de:4e:73:10:e2:80:41:1e:3c:15:f8:2c:53:e1:
49:7c:80:cb:98:a4:9b:1d:3c:51:62:6c:0c:68:df:
8b:c1:d3:4d:2c:b9:ff:c5:a5:ac:73:fd:de:5d:b7:
d2:4a:77:a2:ec:5f:4c:6d:f9:c6:ea:83:9c:ae:6d:
8f:5d:2c:d7:59:e8:9c:8f:2c:93:ac:a0:24:2e:74:
7e:73:59:89:54:fe:25:0b:1e:42:e3:70:d3:8c:a4:
27:76:ca:64:ae:70:a9:01:12:ca:07:cf:3d:8e:54:
24:e3:ed:0f:11:c9:bc:f4:03:fa:81:8d:39:12:0c:
a8:50:7a:6c:28:40:dd:68:b3:7c:75:c6:37:93:bc:
80:10:40:12:02:da:ff:b1:0d:ec:fa:d2:b5:5e:2d:
81:16:2c:1b:91:92:80:7a:7a:83:49:a0:4e:ff:ce:
6d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:6F:CC:41:E0:B9:11:82:2A:C9:FF:9B:3F:96:96:34:3D:49:51:5E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
d5:d0:c7:d1:6f:23:62:63:ed:80:26:2d:15:3e:58:cd:25:f2:
d0:f9:f9:4b:c2:17:86:64:d7:11:3a:c1:5d:7d:da:70:b1:24:
68:66:66:ae:11:dd:5b:f9:ec:1a:d9:81:76:7b:a8:09:23:19:
25:89:02:81:a2:ad:31:9d:87:28:c1:a0:db:f1:af:c4:ad:7a:
6d:4a:97:a6:01:75:c2:b9:ef:e4:7e:c6:3a:45:a4:f1:b2:6c:
7e:e9:12:67:b2:c1:ed:b1:28:8c:b6:5d:b7:3a:e0:01:73:89:
6c:d5:38:e0:c6:81:89:1d:5f:d0:9b:41:0c:6f:ab:02:86:58:
60:01:dd:f1:bf:29:e9:05:a7:d2:38:7c:05:55:80:70:14:66:
d5:85:4c:c2:a5:c8:1c:1d:b0:a0:df:1b:64:ae:49:5a:e9:73:
bd:00:ec:aa:56:39:a5:c0:b9:95:1a:02:10:76:84:f9:65:45:
91:6c:79:a8:b0:16:16:17:fe:18:ba:8e:5f:6d:f1:00:6e:df:
3a:63:d4:89:38:ad:4d:f4:3c:41:f8:76:3f:09:f7:0b:9c:e4:
55:ce:73:53:67:ab:ef:7c:6a:97:49:ae:df:5e:4e:41:e0:b7:
a2:d8:45:a2:55:1e:c5:9c:70:9b:33:3e:ea:73:b0:4d:4c:7c:
9a:32:7a:2e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbAv7J/9WZEVVRQQG4AywTK0i3WowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlMDlhZmYyNDQ3NjcwNGZkMjZlZTYzOGQ2YWY1YmQyMWZkZWY5ODFhNzdj
NGVmNTZhYTUwNWI4OGM1NzMzNDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1KuKgzLcy0AZkKn8UtX1ZOp3n7YZsI++DD9Co+qB1/UEzAMuEp9AvP9+1J
5TkKMDqqzszY5rTIfb94GJmq5Q11Fv2QatcicPAZtRX0cqHGk/12Ij0rb/xOXN5O
cxDigEEePBX4LFPhSXyAy5ikmx08UWJsDGjfi8HTTSy5/8WlrHP93l230kp3ouxf
TG35xuqDnK5tj10s11nonI8sk6ygJC50fnNZiVT+JQseQuNw04ykJ3bKZK5wqQES
ygfPPY5UJOPtDxHJvPQD+oGNORIMqFB6bChA3WizfHXGN5O8gBBAEgLa/7EN7PrS
tV4tgRYsG5GSgHp6g0mgTv/ObZ8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ1b8xB
4LkRgirJ/5s/lpY0PUlRXjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEA1dDH0W8jYmPtgCYtFT5YzSXy0Pn5S8IXhmTXETrB
XX3acLEkaGZmrhHdW/nsGtmBdnuoCSMZJYkCgaKtMZ2HKMGg2/GvxK16bUqXpgF1
wrnv5H7GOkWk8bJsfukSZ7LB7bEojLZdtzrgAXOJbNU44MaBiR1f0JtBDG+rAoZY
YAHd8b8p6QWn0jh8BVWAcBRm1YVMwqXIHB2woN8bZK5JWulzvQDsqlY5pcC5lRoC
EHaE+WVFkWx5qLAWFhf+GLqOX23xAG7fOmPUiTitTfQ8Qfh2Pwn3C5zkVc5zU2er
73xql0mu315OQeC3othFolUexZxwmzM+6nOwTUx8mjJ6Lg==
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org