Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/52763e98-2920-46fc-8dad-f7cba491e994.roa
File: 52763e98-2920-46fc-8dad-f7cba491e994.roa (raw, json)
Hash identifier: cokEilOB0c28ZI+GCCLrxTbdqi7vyRItNUWEC7DP1EY=
Subject key identifier: AB:1B:C5:A7:E6:AC:91:04:DB:07:54:3C:4C:DB:F3:09:82:60:E0:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 400E3D34B4FF3B5CBC44E762845FFC851BC22530
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/52763e98-2920-46fc-8dad-f7cba491e994.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1200::/39 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:0e:3d:34:b4:ff:3b:5c:bc:44:e7:62:84:5f:fc:85:1b:c2:25:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=09639ea713b39b53b56e055829df6153e4359066a6c1ad78325d17e06e7dca01, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:df:7c:49:78:dd:08:b3:06:6c:ad:8f:de:b1:
9c:05:f5:b6:e8:29:b3:35:66:cc:05:83:80:83:38:
b6:17:51:91:47:24:4a:2f:c1:cf:68:75:78:48:c9:
b8:8c:97:ee:3d:79:41:70:3a:62:86:41:17:7a:c7:
c6:bf:bf:1b:4b:bb:85:4e:25:77:a1:49:63:d4:99:
b2:ac:7d:85:b7:96:1c:e0:06:2e:98:d2:76:9b:75:
6d:52:fa:8f:79:85:f6:dd:e7:3f:8f:38:e7:61:cf:
61:fd:7b:6f:09:29:55:9b:5b:10:bb:6e:87:a2:85:
aa:02:ff:b4:ba:e7:33:84:ef:b4:94:f1:66:84:6a:
61:f1:e3:18:2a:cd:d1:30:60:39:2c:bb:f3:d6:7e:
99:58:70:9e:2e:f7:3e:b7:c2:c6:a0:55:a9:d9:0c:
4e:65:76:70:70:f8:9b:ef:30:e7:14:c8:fd:51:d8:
3b:b5:d9:c1:8d:62:ac:30:07:9b:4d:62:5b:62:10:
12:5c:d6:7c:56:40:67:d0:59:8a:52:9d:4c:28:3e:
96:88:7b:74:73:02:a9:12:f8:c5:b7:37:8f:7b:15:
d9:56:35:b5:71:98:00:93:21:45:7a:e9:d5:ef:cf:
c1:e0:82:87:e9:06:17:c8:98:1f:31:75:d8:c7:c3:
5e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:1B:C5:A7:E6:AC:91:04:DB:07:54:3C:4C:DB:F3:09:82:60:E0:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/52763e98-2920-46fc-8dad-f7cba491e994.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1200::/39
Signature Algorithm: sha256WithRSAEncryption
52:5e:0b:33:8c:fb:8d:3d:e6:68:71:15:66:75:57:e9:99:91:
39:7b:26:c7:e7:83:37:b9:c7:b3:18:9f:a9:a0:7b:66:e3:64:
e4:a1:52:a0:f2:49:6b:11:32:06:b2:77:8e:d3:b9:50:8c:1b:
d3:4d:20:d8:3c:28:00:cd:56:25:3d:71:b2:b6:ab:0b:50:80:
f0:b5:5a:3d:ff:5b:68:d7:47:d9:d5:4d:87:78:8e:13:28:dc:
4f:8c:c8:62:7c:8b:4f:9f:09:4e:1d:a2:99:8a:d9:11:94:62:
fc:35:36:e6:dc:20:44:ac:65:af:b6:86:67:04:8e:98:d8:47:
82:60:bd:48:96:d2:83:a1:2e:96:cc:32:14:dc:9e:e4:c6:3f:
50:e2:b0:dd:3f:11:8b:65:8a:64:b8:20:48:3d:92:18:ad:bc:
5c:7f:30:f6:ce:42:14:13:85:77:b6:48:cc:0d:12:4a:be:79:
e5:37:20:a7:65:d2:05:4f:a0:01:f8:ca:8c:69:d7:34:cb:30:
c2:35:c1:f0:cb:3b:f7:46:98:cd:a9:e6:bf:58:25:1e:4d:3f:
a2:0e:90:c4:7c:77:bf:1c:6d:b1:93:3f:2e:3b:0d:cc:c7:a0:
82:2c:b1:1a:59:91:7a:4e:9d:e8:ce:72:03:4f:6a:9e:64:3e:
9a:9c:73:2a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQA49NLT/O1y8ROdihF/8hRvCJTAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5NjM5ZWE3MTNiMzliNTNiNTZlMDU1ODI5ZGY2MTUzZTQzNTkwNjZhNmMx
YWQ3ODMyNWQxN2UwNmU3ZGNhMDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/ffEl43QizBmytj96xnAX1tugpszVmzAWDgIM4thdRkUckSi/Bz2h1eEjJ
uIyX7j15QXA6YoZBF3rHxr+/G0u7hU4ld6FJY9SZsqx9hbeWHOAGLpjSdpt1bVL6
j3mF9t3nP48452HPYf17bwkpVZtbELtuh6KFqgL/tLrnM4TvtJTxZoRqYfHjGCrN
0TBgOSy789Z+mVhwni73PrfCxqBVqdkMTmV2cHD4m+8w5xTI/VHYO7XZwY1irDAH
m01iW2IQElzWfFZAZ9BZilKdTCg+loh7dHMCqRL4xbc3j3sV2VY1tXGYAJMhRXrp
1e/PweCCh+kGF8iYHzF12MfDXlkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSrG8Wn
5qyRBNsHVDxM2/MJgmDgMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTI3NjNlOTgtMjkyMC00NmZjLThkYWQtZjdjYmE0OTFlOTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGASoBBXgS
MA0GCSqGSIb3DQEBCwUAA4IBAQBSXgszjPuNPeZocRVmdVfpmZE5eybH54M3ucez
GJ+poHtm42TkoVKg8klrETIGsneO07lQjBvTTSDYPCgAzVYlPXGytqsLUIDwtVo9
/1to10fZ1U2HeI4TKNxPjMhifItPnwlOHaKZitkRlGL8NTbm3CBErGWvtoZnBI6Y
2EeCYL1IltKDoS6WzDIU3J7kxj9Q4rDdPxGLZYpkuCBIPZIYrbxcfzD2zkIUE4V3
tkjMDRJKvnnlNyCnZdIFT6AB+MqMadc0yzDCNcHwyzv3RpjNqea/WCUeTT+iDpDE
fHe/HG2xkz8uOw3Mx6CCLLEaWZF6Tp3oznIDT2qeZD6anHMq
-----END CERTIFICATE-----
Generated at Wed May 8 01:49:10 2024 by rpki-client on console-fra.rpki-client.org