Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ae34828-513c-4833-b505-1b83f25fa93e.roa
File: 6ae34828-513c-4833-b505-1b83f25fa93e.roa (raw, json)
Hash identifier: 3b+7A8JC/Llrx57J1p1zsRnMnTpNd+A9AlTG6FG6sAM=
Subject key identifier: 90:EA:57:A9:AD:08:AB:EB:9C:19:E4:5A:09:AB:78:BA:C0:B2:8F:F6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B2BCA9F4BCE26D92EDF53F561A287FCDF55E95F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ae34828-513c-4833-b505-1b83f25fa93e.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 57.85.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:2b:ca:9f:4b:ce:26:d9:2e:df:53:f5:61:a2:87:fc:df:55:e9:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=84e1d08c6e4de68610759c051ec4992200db381c72b6dbdcacac29fae4866f15, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7d:c0:a5:c1:2c:2e:ce:45:5a:a8:36:05:be:
ee:5b:21:72:97:46:2b:e6:20:64:f5:37:8a:21:09:
aa:54:7a:76:f2:b5:c9:9c:44:09:3e:86:fe:c8:dd:
b7:cc:5d:90:14:7f:2e:c7:8f:da:26:1c:1e:aa:eb:
1d:15:48:e7:bb:a6:ea:51:f0:b2:b4:42:29:28:4a:
a5:ab:12:36:69:4d:ad:0b:b5:96:de:fc:1f:7d:bb:
f0:7b:86:58:e7:8a:15:d7:05:50:db:cb:a5:2b:b2:
22:c4:19:34:65:5e:52:8b:c8:a5:79:29:66:c4:34:
c3:47:0f:09:96:0d:38:f0:4f:b5:65:dc:87:49:f2:
a9:f7:e6:a4:bc:0e:48:dc:77:87:c2:fe:c4:2c:82:
e0:f0:5a:07:82:4c:ea:0f:2c:81:3a:35:07:54:bf:
ad:02:05:7c:74:01:e7:06:fc:0e:28:48:37:44:62:
b8:ce:46:c3:24:76:f7:02:5a:b9:9b:48:ce:e6:cc:
da:49:85:e9:74:f6:4b:a7:b3:74:30:77:2d:5a:d2:
7a:af:ad:39:62:fa:fc:41:88:4d:ff:6e:37:f0:a3:
c3:e9:2d:48:11:d0:67:42:81:85:2d:bc:c1:26:25:
d8:ea:e8:d5:ea:7e:cc:9d:c3:7a:63:06:6f:cd:77:
b3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:EA:57:A9:AD:08:AB:EB:9C:19:E4:5A:09:AB:78:BA:C0:B2:8F:F6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ae34828-513c-4833-b505-1b83f25fa93e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:3b:96:06:6f:5d:aa:16:f6:f9:8b:d3:64:99:f5:23:72:2e:
0d:73:57:99:87:2d:17:dc:6c:66:03:57:b7:96:6d:13:6d:31:
9e:47:c6:dc:07:19:67:75:68:47:dc:49:ce:dc:c8:95:0a:9c:
64:a9:77:ce:10:b2:7b:f5:78:9b:c4:6d:af:ec:48:d1:66:f8:
7b:e2:07:61:42:61:5c:aa:a1:17:0c:ad:fa:72:06:4d:fc:2b:
0d:e5:dd:85:2e:eb:f6:75:91:a2:35:b1:96:53:e0:98:cf:e6:
66:04:83:ca:5a:ad:80:05:65:20:97:eb:db:9e:24:b0:65:3f:
de:d1:a6:39:ce:7e:2e:58:db:a6:e8:79:89:48:a7:12:93:5e:
30:e1:de:48:fc:42:4d:be:73:03:9d:4a:40:3f:f3:99:61:8d:
06:7b:75:ff:43:48:ae:4e:35:09:73:b8:7f:45:e8:30:75:96:
3a:35:d6:c8:47:2c:6b:8d:4b:68:93:7a:4a:b4:66:b3:13:7b:
64:ca:57:a2:7e:57:61:c2:5f:b2:e9:ee:e3:22:f3:42:3a:e1:
e1:4c:5a:5f:7c:a8:2b:e3:46:05:94:a7:86:86:a0:b0:8d:03:
2b:5d:f1:f9:18:78:60:b1:42:99:82:66:3b:43:e6:ef:a0:57:
c3:e2:4f:b8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeyvKn0vOJtku31P1YaKH/N9V6V8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0ZTFkMDhjNmU0ZGU2ODYxMDc1OWMwNTFlYzQ5OTIyMDBkYjM4MWM3MmI2
ZGJkY2FjYWMyOWZhZTQ4NjZmMTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANB9wKXBLC7ORVqoNgW+7lshcpdGK+YgZPU3iiEJqlR6dvK1yZxECT6G/sjd
t8xdkBR/LseP2iYcHqrrHRVI57um6lHwsrRCKShKpasSNmlNrQu1lt78H3278HuG
WOeKFdcFUNvLpSuyIsQZNGVeUovIpXkpZsQ0w0cPCZYNOPBPtWXch0nyqffmpLwO
SNx3h8L+xCyC4PBaB4JM6g8sgTo1B1S/rQIFfHQB5wb8DihIN0RiuM5GwyR29wJa
uZtIzubM2kmF6XT2S6ezdDB3LVrSeq+tOWL6/EGITf9uN/Cjw+ktSBHQZ0KBhS28
wSYl2Oro1ep+zJ3DemMGb813s0cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSQ6lep
rQir65wZ5FoJq3i6wLKP9jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmFlMzQ4MjgtNTEzYy00ODMzLWI1MDUtMWI4M2YyNWZhOTNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlVMA0G
CSqGSIb3DQEBCwUAA4IBAQCUO5YGb12qFvb5i9NkmfUjci4Nc1eZhy0X3GxmA1e3
lm0TbTGeR8bcBxlndWhH3EnO3MiVCpxkqXfOELJ79XibxG2v7EjRZvh74gdhQmFc
qqEXDK36cgZN/CsN5d2FLuv2dZGiNbGWU+CYz+ZmBIPKWq2ABWUgl+vbniSwZT/e
0aY5zn4uWNum6HmJSKcSk14w4d5I/EJNvnMDnUpAP/OZYY0Ge3X/Q0iuTjUJc7h/
RegwdZY6NdbIRyxrjUtok3pKtGazE3tkyleifldhwl+y6e7jIvNCOuHhTFpffKgr
40YFlKeGhqCwjQMrXfH5GHhgsUKZgmY7Q+bvoFfD4k+4
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:44 2024 by rpki-client on console-ams.rpki-client.org