Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
File: 69988e45-d4fb-4896-be53-951c20d12c48.roa (raw, json)
Hash identifier: u8QckAIIMfukVytLHAMHMVSrZsmSy4CJX6SkCjCJegA=
Subject key identifier: 69:C4:C3:A7:23:3C:66:3B:6F:81:91:F2:71:3A:62:91:E7:F6:CF:59
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05F10E4D17DBCC8287FE446DCA80A7F1C52344EF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
Signing time: Fri 27 Sep 2024 00:00:00 +0000
ROA not before: Fri 27 Sep 2024 00:00:00 +0000
ROA not after: Fri 01 Nov 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a11:47c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Oct 2024 21:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:f1:0e:4d:17:db:cc:82:87:fe:44:6d:ca:80:a7:f1:c5:23:44:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:00:00 2024 GMT
Not After : Nov 1 23:59:59 2024 GMT
Subject: serialNumber=40e79c72aeadf9e7c80a003ea80d7663dab09ccecf340a709cd58b0ee938fb0b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:70:a5:11:2f:3c:14:7e:c1:9f:be:6b:55:b3:
01:1c:67:a5:2c:67:2c:0a:4c:fb:e6:e8:25:a2:5c:
95:f8:c0:f1:0e:f2:2f:a8:ad:f8:5a:79:e4:ee:10:
d9:27:01:ef:94:30:31:55:75:96:8f:77:31:17:e8:
79:95:39:6d:d6:59:6f:c0:eb:16:14:6d:ca:fe:82:
09:d9:04:fe:c6:e3:37:c9:c7:34:7e:6e:cf:01:24:
70:49:d0:b2:58:26:d0:d4:75:85:2d:de:d5:a3:3a:
8b:2d:90:4f:5c:d1:58:ab:dc:50:d4:03:63:b7:0e:
48:91:10:a8:7d:73:0f:a4:4c:ca:73:a1:29:e3:ce:
c9:51:a5:ff:39:e0:30:dc:7f:c7:9f:8c:8a:75:9a:
ae:db:aa:47:8c:58:b6:79:0a:a9:b1:49:ac:af:7e:
d3:d4:6c:24:cb:31:53:33:47:02:0b:5f:21:7b:c4:
75:ca:83:2d:6d:26:ac:1f:a5:11:1e:5e:de:6f:51:
b1:a5:e5:89:f0:40:a4:af:f8:38:e1:7b:11:f9:5d:
b7:b5:31:19:c9:e2:19:bd:9c:33:25:21:63:b8:d3:
03:7c:ad:43:83:5d:f5:c1:c2:88:e3:61:b6:f5:2c:
aa:5e:5e:dc:4c:32:96:f2:5c:4b:bc:bf:3e:6f:23:
3b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C4:C3:A7:23:3C:66:3B:6F:81:91:F2:71:3A:62:91:E7:F6:CF:59
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
c9:b1:0a:11:23:cd:53:63:50:1d:c1:d9:bc:e8:c7:37:82:87:
0f:21:96:7a:09:03:40:05:c8:0e:fe:40:05:25:1f:14:60:45:
c1:08:09:02:fc:87:4f:49:c0:ce:40:d3:32:b1:64:90:7b:9f:
98:3e:b2:d0:fa:19:78:15:c1:57:b6:99:68:7e:59:6b:31:e8:
9c:fc:3c:b5:ec:16:ef:ce:48:35:f9:55:e8:97:e1:fe:9e:fb:
75:17:45:04:18:71:66:34:8a:33:7a:cf:66:bc:31:82:ff:61:
71:cc:8f:4e:c4:6c:59:e4:02:80:91:c5:10:96:0e:09:5e:69:
84:8a:cd:2a:09:9d:cc:d7:b4:a8:45:9c:01:df:0e:36:70:47:
96:d1:e6:d5:15:ee:a9:90:39:b7:93:e9:77:9b:31:98:06:bc:
69:fc:3a:c6:a3:53:3e:70:8c:1f:1f:b7:f8:98:26:1d:16:5d:
87:e4:23:88:17:5e:64:a6:33:c9:ee:50:be:ff:24:5d:c1:cb:
13:46:73:3d:82:6f:e5:22:f9:27:b4:09:9c:60:ac:b4:a7:51:
c2:59:74:cc:fa:81:df:0e:e9:6b:c9:0f:a6:4e:04:0f:95:00:
94:4c:e5:ed:f0:5d:d5:4c:38:ed:dd:33:38:72:e9:cb:0f:ad:
fe:b3:b3:c7
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUBfEOTRfbzIKH/kRtyoCn8cUjRO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA5MjcwMDAwMDBaFw0yNDExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwZTc5YzcyYWVhZGY5ZTdjODBhMDAzZWE4MGQ3NjYzZGFiMDljY2VjZjM0
MGE3MDljZDU4YjBlZTkzOGZiMGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9wpREvPBR+wZ++a1WzARxnpSxnLApM++boJaJclfjA8Q7yL6it+Fp55O4Q
2ScB75QwMVV1lo93MRfoeZU5bdZZb8DrFhRtyv6CCdkE/sbjN8nHNH5uzwEkcEnQ
slgm0NR1hS3e1aM6iy2QT1zRWKvcUNQDY7cOSJEQqH1zD6RMynOhKePOyVGl/zng
MNx/x5+MinWartuqR4xYtnkKqbFJrK9+09RsJMsxUzNHAgtfIXvEdcqDLW0mrB+l
ER5e3m9RsaXlifBApK/4OOF7Efldt7UxGcniGb2cMyUhY7jTA3ytQ4Nd9cHCiONh
tvUsql5e3EwylvJcS7y/Pm8jOysCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRpxMOn
IzxmO2+BkfJxOmKR5/bPWTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk5ODhlNDUtZDRmYi00ODk2LWJlNTMtOTUxYzIwZDEyYzQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRR8Aw
DQYJKoZIhvcNAQELBQADggEBAMmxChEjzVNjUB3B2bzoxzeChw8hlnoJA0AFyA7+
QAUlHxRgRcEICQL8h09JwM5A0zKxZJB7n5g+stD6GXgVwVe2mWh+WWsx6Jz8PLXs
Fu/OSDX5VeiX4f6e+3UXRQQYcWY0ijN6z2a8MYL/YXHMj07EbFnkAoCRxRCWDgle
aYSKzSoJnczXtKhFnAHfDjZwR5bR5tUV7qmQObeT6XebMZgGvGn8OsajUz5wjB8f
t/iYJh0WXYfkI4gXXmSmM8nuUL7/JF3ByxNGcz2Cb+Ui+Se0CZxgrLSnUcJZdMz6
gd8O6WvJD6ZOBA+VAJRM5e3wXdVMOO3dMzhy6csPrf6zs8c=
-----END CERTIFICATE-----
Generated at Wed Oct 9 04:20:26 2024 by rpki-client on console-fra.rpki-client.org