Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
File: 73817c12-8c1e-4664-9721-3b7c6b416bab.roa (raw, json)
Hash identifier: LiMeOW1bgQkl2pnHbcIHovrGwk5jpdL/GaYcrvxob6s=
Subject key identifier: 94:99:F4:2E:75:85:60:CD:F6:71:BA:62:8A:08:6F:96:A9:D4:76:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6F59D88E76FBC53A3BD63BCF818900615B25DE73
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 143.65.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:59:d8:8e:76:fb:c5:3a:3b:d6:3b:cf:81:89:00:61:5b:25:de:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=a342c3c96e25cf5c930b77894921908e0e2aecaf184127228a052b82bcf2ea4c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:99:dc:ab:20:9d:0b:ae:36:74:0d:a6:14:e9:
be:57:5e:45:20:ff:9a:eb:b6:25:03:5f:c4:44:af:
d2:6d:1f:cb:4f:67:46:30:51:58:27:6a:f4:eb:50:
0b:97:9d:6c:6e:55:36:0a:60:86:f2:f9:ed:e8:f7:
d3:8b:16:98:d7:01:6f:64:5a:cc:43:1a:13:a9:10:
d4:4d:aa:ae:5e:11:52:1a:e5:d9:03:e2:41:e4:f2:
8b:0f:62:fb:b3:8b:6d:36:ae:56:aa:e6:3c:d0:a9:
fb:8e:05:ef:97:ec:ca:8e:25:1d:ab:c3:df:92:87:
c1:d3:62:61:6a:0a:4d:7d:88:8d:8e:ef:dc:e5:83:
c8:49:b2:4a:13:8d:c5:5d:ee:af:60:db:c7:61:06:
6e:02:b1:ed:16:8b:58:39:98:a7:99:5e:90:41:73:
73:b1:9b:ee:b5:d1:f2:68:63:e3:c0:ae:f3:dc:ae:
e1:8a:ca:0d:c9:5a:a1:8f:41:a9:e9:4a:88:db:28:
cd:50:6d:a1:2e:04:56:7e:15:c8:35:f1:c6:34:93:
e8:55:80:a7:66:79:10:ab:1c:83:a7:4d:45:cb:c1:
6d:40:ab:10:ae:20:a8:16:3f:3a:77:21:52:8f:30:
ae:c2:6b:b7:cc:3b:11:0a:8e:e2:a0:bd:fc:c6:e8:
36:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:99:F4:2E:75:85:60:CD:F6:71:BA:62:8A:08:6F:96:A9:D4:76:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.0.0/17
Signature Algorithm: sha256WithRSAEncryption
8b:5a:52:51:42:95:fd:19:86:a0:ec:e3:c6:c9:09:b5:c3:4f:
63:14:8d:cc:47:a2:30:34:56:d4:86:95:9b:5e:fc:cd:dc:81:
b1:f9:61:36:28:20:ce:e2:2c:24:2a:b7:b3:45:c1:fe:03:85:
f9:8d:9f:4d:c3:3d:90:3e:02:cb:79:86:a7:36:69:6b:d7:9f:
28:0c:5b:bf:e5:5e:73:93:26:a0:33:bf:6c:89:30:40:c1:64:
37:54:5f:d1:20:c3:b1:0e:85:d4:54:a9:c1:3d:4a:35:74:5a:
30:8d:7f:4f:c7:99:ee:be:8d:1c:02:fd:b5:d7:aa:40:ad:da:
f6:04:50:12:e3:2f:3b:3f:48:66:d3:25:65:fb:97:94:7a:5e:
db:77:1b:80:86:35:0a:2b:c0:1c:ff:05:09:d7:a7:5b:aa:69:
5b:d3:fb:ef:62:3e:49:9a:23:ac:4b:74:f4:3e:81:2f:c8:5d:
d8:91:93:a9:83:79:38:81:2b:5a:e8:37:ad:4c:1a:3b:21:cf:
93:58:71:c5:08:07:aa:c3:b1:94:1c:66:b4:76:5f:ea:98:f0:
26:dc:3f:4c:a5:a8:b1:54:fc:55:48:29:06:a7:aa:19:71:36:
0e:1f:79:ad:54:a1:2a:19:b9:41:55:a0:7e:7e:66:86:65:44:
5d:07:83:0d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUb1nYjnb7xTo71jvPgYkAYVsl3nMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzNDJjM2M5NmUyNWNmNWM5MzBiNzc4OTQ5MjE5MDhlMGUyYWVjYWYxODQx
MjcyMjhhMDUyYjgyYmNmMmVhNGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJuZ3KsgnQuuNnQNphTpvldeRSD/muu2JQNfxESv0m0fy09nRjBRWCdq9OtQ
C5edbG5VNgpghvL57ej304sWmNcBb2RazEMaE6kQ1E2qrl4RUhrl2QPiQeTyiw9i
+7OLbTauVqrmPNCp+44F75fsyo4lHavD35KHwdNiYWoKTX2IjY7v3OWDyEmyShON
xV3ur2Dbx2EGbgKx7RaLWDmYp5lekEFzc7Gb7rXR8mhj48Cu89yu4YrKDclaoY9B
qelKiNsozVBtoS4EVn4VyDXxxjST6FWAp2Z5EKscg6dNRcvBbUCrEK4gqBY/Onch
Uo8wrsJrt8w7EQqO4qC9/MboNpcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSUmfQu
dYVgzfZxumKKCG+WqdR2SjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzM4MTdjMTItOGMxZS00NjY0LTk3MjEtM2I3YzZiNDE2YmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN
BgkqhkiG9w0BAQsFAAOCAQEAi1pSUUKV/RmGoOzjxskJtcNPYxSNzEeiMDRW1IaV
m178zdyBsflhNiggzuIsJCq3s0XB/gOF+Y2fTcM9kD4Cy3mGpzZpa9efKAxbv+Ve
c5MmoDO/bIkwQMFkN1Rf0SDDsQ6F1FSpwT1KNXRaMI1/T8eZ7r6NHAL9tdeqQK3a
9gRQEuMvOz9IZtMlZfuXlHpe23cbgIY1CivAHP8FCdenW6ppW9P772I+SZojrEt0
9D6BL8hd2JGTqYN5OIErWug3rUwaOyHPk1hxxQgHqsOxlBxmtHZf6pjwJtw/TKWo
sVT8VUgpBqeqGXE2Dh95rVShKhm5QVWgfn5mhmVEXQeDDQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org