Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
File: 73817c12-8c1e-4664-9721-3b7c6b416bab.roa (raw, json)
Hash identifier: EKjXEbEYOt6f90fBAxiaA4FjnLG2SBgzBS8Avhx87ZE=
Subject key identifier: E6:12:D2:A6:AB:F6:F5:12:78:02:1B:42:F8:79:1E:15:92:80:CA:FA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0AB37D58F95A939AA827EEEB7715E89BA1F207CF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 143.65.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:b3:7d:58:f9:5a:93:9a:a8:27:ee:eb:77:15:e8:9b:a1:f2:07:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=9461a370f912047f686b15d07e844ca0e4f36d9c5bcc1835a6f6fcc757cef21f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:83:4a:c9:aa:7b:bd:f7:2c:ce:31:0d:0e:b0:
4b:2d:d5:5e:96:45:54:e4:88:37:83:8f:a9:d8:ac:
a1:8f:ba:07:bd:fd:ec:37:5b:d9:81:f5:51:d3:35:
4d:0b:77:61:77:8d:66:32:8a:3d:64:f0:50:b3:9b:
74:63:68:c8:a3:39:4c:8a:cd:33:69:f8:99:4d:49:
30:38:3e:17:57:ab:15:32:75:93:d9:cc:fe:0e:ce:
fe:99:35:d6:88:be:80:2e:20:2b:c4:f7:a0:a8:3a:
61:c1:89:b0:89:18:c0:10:e6:75:db:1f:49:11:f1:
f7:09:43:c9:54:e2:5d:ed:86:88:f4:94:7a:ce:62:
32:44:29:81:07:16:a9:71:fa:9e:5c:1e:3d:0c:aa:
7a:45:90:8e:d1:41:af:ef:e4:db:3c:eb:fc:20:19:
c7:cd:d5:9a:d4:fc:6e:50:ce:f5:28:91:fd:60:e8:
d6:61:4e:a9:ee:89:29:97:e9:48:64:2a:48:c3:91:
5c:a4:e8:40:fe:91:f2:8f:2b:98:69:dd:5b:e3:60:
a1:cd:d3:50:87:0b:e5:ce:62:5c:d2:e2:82:d4:d4:
58:0d:4d:8b:51:18:1a:9d:2c:ff:0b:58:a2:c6:52:
63:fc:d5:c8:8f:ca:c4:e0:c2:8c:bf:c7:1f:cf:c2:
8d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:12:D2:A6:AB:F6:F5:12:78:02:1B:42:F8:79:1E:15:92:80:CA:FA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.0.0/17
Signature Algorithm: sha256WithRSAEncryption
72:44:c2:46:a7:8b:93:cd:37:1d:c3:f4:e4:fd:58:ee:87:9c:
22:a4:9c:4c:37:98:d7:e1:d0:1f:d4:b0:13:32:b4:14:be:9b:
7b:47:ae:bf:ff:ec:01:d5:43:81:8d:07:be:02:02:33:fd:24:
3e:d8:79:75:d2:0f:16:1b:66:cb:d0:9a:9c:a2:0a:94:57:b4:
a6:ea:7f:57:49:91:77:b4:b3:79:09:c4:6d:0b:be:3d:a2:bc:
c7:1b:0b:1b:be:cd:e9:26:06:9d:8b:1b:1c:96:5d:10:1e:1a:
3e:c4:53:25:b8:b3:31:03:11:4d:dd:dc:ef:d5:c1:90:8b:56:
1a:10:cf:15:74:87:60:38:04:4e:42:1a:dd:72:7b:9b:d2:9f:
72:9d:e5:f2:33:19:9f:da:01:bc:84:5d:c4:6e:54:36:36:a2:
18:2e:35:b4:e4:65:39:e6:3e:42:35:9b:76:99:62:50:51:50:
b1:6d:c7:86:b4:63:61:e4:08:61:d1:95:88:eb:a5:70:b4:55:
57:92:b1:44:17:17:e1:e2:25:c5:7e:52:27:10:f3:88:16:bc:
57:40:39:5f:bb:b3:5f:b6:ea:b3:56:f4:94:0d:0c:0d:45:81:
f4:e3:e5:d0:cb:92:a0:5d:e8:70:ae:94:28:e2:57:e0:30:73:
d9:47:7f:48
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCrN9WPlak5qoJ+7rdxXom6HyB88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0NjFhMzcwZjkxMjA0N2Y2ODZiMTVkMDdlODQ0Y2EwZTRmMzZkOWM1YmNj
MTgzNWE2ZjZmY2M3NTdjZWYyMWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJSDSsmqe733LM4xDQ6wSy3VXpZFVOSIN4OPqdisoY+6B7397Ddb2YH1UdM1
TQt3YXeNZjKKPWTwULObdGNoyKM5TIrNM2n4mU1JMDg+F1erFTJ1k9nM/g7O/pk1
1oi+gC4gK8T3oKg6YcGJsIkYwBDmddsfSRHx9wlDyVTiXe2GiPSUes5iMkQpgQcW
qXH6nlwePQyqekWQjtFBr+/k2zzr/CAZx83VmtT8blDO9SiR/WDo1mFOqe6JKZfp
SGQqSMORXKToQP6R8o8rmGndW+Ngoc3TUIcL5c5iXNLigtTUWA1Ni1EYGp0s/wtY
osZSY/zVyI/KxODCjL/HH8/CjbkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTmEtKm
q/b1EngCG0L4eR4VkoDK+jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzM4MTdjMTItOGMxZS00NjY0LTk3MjEtM2I3YzZiNDE2YmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN
BgkqhkiG9w0BAQsFAAOCAQEAckTCRqeLk803HcP05P1Y7oecIqScTDeY1+HQH9Sw
EzK0FL6be0euv//sAdVDgY0HvgICM/0kPth5ddIPFhtmy9CanKIKlFe0pup/V0mR
d7SzeQnEbQu+PaK8xxsLG77N6SYGnYsbHJZdEB4aPsRTJbizMQMRTd3c79XBkItW
GhDPFXSHYDgETkIa3XJ7m9Kfcp3l8jMZn9oBvIRdxG5UNjaiGC41tORlOeY+QjWb
dpliUFFQsW3HhrRjYeQIYdGViOulcLRVV5KxRBcX4eIlxX5SJxDziBa8V0A5X7uz
X7bqs1b0lA0MDUWB9OPl0MuSoF3ocK6UKOJX4DBz2Ud/SA==
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org