Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
File: 5112f144-85b1-4c62-8729-84d86ff353a1.roa (raw, json)
Hash identifier: KilAdfENuQpJpe9tndWkPQcGZX5Ah5wb9uGGcWts9cU=
Subject key identifier: 35:55:9A:42:37:4F:95:CE:78:6B:CF:06:54:72:79:2B:19:36:10:5C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 02C3980D22D635A08591EF4C76D88B8E88E33268
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:c3:98:0d:22:d6:35:a0:85:91:ef:4c:76:d8:8b:8e:88:e3:32:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=5541635b67fecf5cc851f4821d355389c57e05f314d473693002cb7f26b2ff4b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8d:c4:f5:96:af:e0:32:32:b3:68:4c:83:21:
89:b4:78:27:4c:3f:19:18:66:7a:77:d4:9e:c4:36:
2e:28:6d:ee:c8:86:9c:ee:f4:ba:c3:12:0f:ab:a4:
fe:aa:a8:46:ec:1d:ec:77:69:6e:82:f4:c5:fb:7e:
4d:4e:6b:6b:52:d1:c9:70:51:97:22:78:49:2d:11:
22:95:ef:da:49:fc:01:59:45:cb:5d:94:01:7a:ce:
5c:4a:0d:6d:fe:bb:ed:b9:61:ee:f2:45:dc:e5:6e:
92:76:dc:50:bd:ca:74:89:9b:4c:be:94:c8:fe:c9:
f0:71:dc:48:61:7d:ec:1a:17:dd:c9:40:b4:e5:67:
ec:df:10:9a:9e:a0:df:ac:68:b2:04:2b:f4:f6:6a:
ba:ae:32:a4:78:bc:1c:4c:0d:2b:c2:6e:f4:4f:3c:
82:1c:17:e0:b8:f8:b4:e9:9d:0f:dc:49:65:8b:11:
15:a0:64:58:1e:6c:dd:30:86:ce:b5:13:70:2b:a6:
01:95:4c:f1:18:f9:40:b4:70:93:ac:e7:b9:f4:3b:
f0:18:5e:ea:46:8b:e4:6c:53:c9:a1:a3:48:5c:d8:
d7:55:85:db:d7:43:2c:0e:c7:35:b0:fa:ad:b0:d3:
09:77:36:5a:43:f8:fb:e5:b5:85:05:9c:c8:e3:2a:
77:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:55:9A:42:37:4F:95:CE:78:6B:CF:06:54:72:79:2B:19:36:10:5C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
37:21:4d:27:9c:e4:33:aa:f6:8f:a7:7d:55:59:83:aa:8f:c3:
68:e4:f3:ab:a6:23:26:a2:d4:55:71:ba:1b:ec:30:a5:10:76:
f0:1d:c4:64:01:62:28:06:8d:b0:e4:12:33:d5:ef:71:b2:bb:
2c:71:eb:92:09:43:de:27:12:24:a2:3e:37:2b:62:3b:0d:9c:
d5:24:ca:45:1e:a7:43:89:4d:46:ef:58:58:1e:5d:a2:a3:d7:
c6:39:12:1c:81:9a:33:5b:47:26:f3:b5:3d:52:b2:0b:09:4f:
c7:e1:4b:48:9f:9a:fd:0f:94:b3:53:f0:6a:9c:03:61:18:4d:
90:a1:6b:d4:66:28:80:f4:08:5e:5d:50:e3:31:6f:71:de:e7:
b8:1c:38:99:31:94:23:13:2f:45:7f:c8:38:60:44:36:66:e9:
c4:1b:6b:8a:4b:90:84:74:4d:1f:0e:e2:a5:7d:aa:64:82:e1:
36:e4:2f:56:d3:49:b1:73:c3:4e:b8:69:2a:0e:a2:25:36:5f:
fc:e9:8c:c4:72:93:e1:3f:1b:e6:7c:33:ed:74:1b:08:30:0f:
84:02:50:9d:5b:3a:95:53:15:00:6f:96:3b:51:ef:18:49:81:
63:7c:35:ad:e2:57:63:40:d6:6d:b7:05:97:0f:c6:72:33:d0:
34:c7:a5:7d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAsOYDSLWNaCFke9MdtiLjojjMmgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1NDE2MzViNjdmZWNmNWNjODUxZjQ4MjFkMzU1Mzg5YzU3ZTA1ZjMxNGQ0
NzM2OTMwMDJjYjdmMjZiMmZmNGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCNxPWWr+AyMrNoTIMhibR4J0w/GRhmenfUnsQ2Liht7siGnO70usMSD6uk
/qqoRuwd7HdpboL0xft+TU5ra1LRyXBRlyJ4SS0RIpXv2kn8AVlFy12UAXrOXEoN
bf677blh7vJF3OVuknbcUL3KdImbTL6UyP7J8HHcSGF97BoX3clAtOVn7N8Qmp6g
36xosgQr9PZquq4ypHi8HEwNK8Ju9E88ghwX4Lj4tOmdD9xJZYsRFaBkWB5s3TCG
zrUTcCumAZVM8Rj5QLRwk6znufQ78Bhe6kaL5GxTyaGjSFzY11WF29dDLA7HNbD6
rbDTCXc2WkP4++W1hQWcyOMqdxsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ1VZpC
N0+VznhrzwZUcnkrGTYQXDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTExMmYxNDQtODViMS00YzYyLTg3MjktODRkODZmZjM1M2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEANyFNJ5zkM6r2j6d9VVmDqo/DaOTzq6YjJqLUVXG6
G+wwpRB28B3EZAFiKAaNsOQSM9XvcbK7LHHrkglD3icSJKI+NytiOw2c1STKRR6n
Q4lNRu9YWB5doqPXxjkSHIGaM1tHJvO1PVKyCwlPx+FLSJ+a/Q+Us1PwapwDYRhN
kKFr1GYogPQIXl1Q4zFvcd7nuBw4mTGUIxMvRX/IOGBENmbpxBtrikuQhHRNHw7i
pX2qZILhNuQvVtNJsXPDTrhpKg6iJTZf/OmMxHKT4T8b5nwz7XQbCDAPhAJQnVs6
lVMVAG+WO1HvGEmBY3w1reJXY0DWbbcFlw/GcjPQNMelfQ==
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org