Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa
File: 5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa (raw, json)
Hash identifier: oXQgfU1GeNKdOZDdQ8VrBu3ZmEhL3xW67YW/An/W6kk=
Subject key identifier: 5B:C1:16:2A:59:E4:FB:A9:AF:F1:68:6D:79:5A:0F:EB:11:32:A4:92
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3D233C928122AACFADF8038BE991AE253E192EE4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a11:47c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:23:3c:92:81:22:aa:cf:ad:f8:03:8b:e9:91:ae:25:3e:19:2e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=262c634f669446b9f278e7ec0d154b84b8f460defb7052e2e8b167ddb49d9358, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:01:47:9f:20:b8:9b:03:d8:1b:d0:c5:3a:ad:
c3:d8:a6:e8:74:65:2d:27:6f:31:49:87:0d:03:9c:
5e:ac:7f:73:95:84:bb:42:ed:f2:9b:05:fd:7e:57:
09:49:c1:09:e0:12:f3:89:26:0e:5b:b1:3e:8f:17:
36:fa:b7:5a:55:b3:72:1c:35:5e:ca:18:f3:83:0b:
c3:f8:12:ce:e6:15:44:00:4a:8a:fd:62:ff:af:6d:
fa:ab:cb:44:2a:7f:87:7c:53:00:6b:cc:d1:c6:3c:
1d:13:67:66:cb:a1:9e:25:bc:b0:39:96:7a:b8:a2:
e4:f0:7f:e1:72:c8:b4:31:73:d6:93:9c:e3:f1:2e:
48:b5:c2:ac:bf:c3:f3:03:bf:79:4b:0e:1f:d2:d9:
1d:64:91:33:55:87:5b:10:a9:51:f9:c5:24:14:a3:
5d:c2:48:4e:fc:5d:39:4c:cf:0c:af:25:62:b0:fa:
ff:28:8f:0e:59:b9:4d:d5:5f:95:70:3e:f3:f5:55:
4f:f9:89:03:ba:05:15:e4:82:bf:76:77:1a:85:9e:
7b:31:0d:81:48:9e:8c:1f:11:45:2b:d8:ad:94:1b:
d3:18:90:41:00:53:c9:35:3d:a6:99:f1:82:57:11:
05:a4:b4:36:37:93:98:52:8f:b8:e2:d2:f5:cb:1e:
67:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:C1:16:2A:59:E4:FB:A9:AF:F1:68:6D:79:5A:0F:EB:11:32:A4:92
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ef486c0-6b15-429e-8b56-5fb5bc9490e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:f9:79:50:5d:3e:d7:96:48:4b:47:b9:ad:b2:0c:1d:c7:b8:
8e:8f:7a:db:87:75:d4:0e:37:e8:d3:16:17:0c:89:0d:18:26:
17:9b:ed:20:b5:4e:9d:d5:02:35:ed:08:b3:e8:ba:73:f4:8a:
30:fe:e5:8d:e5:bb:83:d0:c0:aa:e4:bc:9e:2a:8b:7b:42:5e:
3d:e6:fa:94:c5:32:96:ce:2f:6b:34:94:14:83:6e:6a:42:61:
89:b3:24:ec:09:07:9c:85:b4:d7:a5:7a:53:b6:1f:2b:7a:48:
a8:e8:e4:bb:f2:2e:e9:60:36:1d:4c:ef:b2:fa:dd:8a:70:d2:
f0:6b:6d:70:23:2e:ae:4b:e9:d3:71:7e:b3:f4:dc:75:3f:ed:
bc:ae:4a:84:f0:8f:a1:0f:4f:17:96:f4:96:6e:24:3e:81:29:
34:ea:b1:fc:0e:b7:9f:53:fd:c9:e4:08:6a:7e:45:83:55:14:
60:76:bb:6e:59:73:d8:ce:a4:6c:2a:3a:2e:2f:f6:d3:a6:00:
e3:d1:17:f4:2c:05:ce:59:9a:5e:f6:94:68:15:4a:d8:45:b5:
01:4f:68:dc:13:50:e5:03:b8:c2:8a:3c:92:90:db:1c:66:69:
c1:ca:e0:cf:d6:af:08:a5:1e:75:19:b5:c9:fe:a2:49:9d:b9:
f7:e2:a7:d6
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUPSM8koEiqs+t+AOL6ZGuJT4ZLuQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2MmM2MzRmNjY5NDQ2YjlmMjc4ZTdlYzBkMTU0Yjg0YjhmNDYwZGVmYjcw
NTJlMmU4YjE2N2RkYjQ5ZDkzNTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALABR58guJsD2BvQxTqtw9im6HRlLSdvMUmHDQOcXqx/c5WEu0Lt8psF/X5X
CUnBCeAS84kmDluxPo8XNvq3WlWzchw1XsoY84MLw/gSzuYVRABKiv1i/69t+qvL
RCp/h3xTAGvM0cY8HRNnZsuhniW8sDmWerii5PB/4XLItDFz1pOc4/EuSLXCrL/D
8wO/eUsOH9LZHWSRM1WHWxCpUfnFJBSjXcJITvxdOUzPDK8lYrD6/yiPDlm5TdVf
lXA+8/VVT/mJA7oFFeSCv3Z3GoWeezENgUiejB8RRSvYrZQb0xiQQQBTyTU9ppnx
glcRBaS0NjeTmFKPuOLS9cseZz8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRbwRYq
WeT7qa/xaG15Wg/rETKkkjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWVmNDg2YzAtNmIxNS00MjllLThiNTYtNWZiNWJjOTQ5MGU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRR8Aw
DQYJKoZIhvcNAQELBQADggEBAEz5eVBdPteWSEtHua2yDB3HuI6PetuHddQON+jT
FhcMiQ0YJheb7SC1Tp3VAjXtCLPounP0ijD+5Y3lu4PQwKrkvJ4qi3tCXj3m+pTF
MpbOL2s0lBSDbmpCYYmzJOwJB5yFtNelelO2Hyt6SKjo5LvyLulgNh1M77L63Ypw
0vBrbXAjLq5L6dNxfrP03HU/7byuSoTwj6EPTxeW9JZuJD6BKTTqsfwOt59T/cnk
CGp+RYNVFGB2u25Zc9jOpGwqOi4v9tOmAOPRF/QsBc5Zml72lGgVSthFtQFPaNwT
UOUDuMKKPJKQ2xxmacHK4M/WrwilHnUZtcn+okmduffip9Y=
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:44 2024 by rpki-client on console-ams.rpki-client.org