Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa
File: 73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa (raw, json)
Hash identifier: D3VfVuARoZhED8zmg2RC3yXveykEOWFzx6vcalG4qMY=
Subject key identifier: 52:4A:B7:4C:B4:90:7F:83:7B:99:59:EB:52:3A:76:75:DC:25:C7:83
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 106312B116D34B9A2816337F5550574EAB2B6562
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:63:12:b1:16:d3:4b:9a:28:16:33:7f:55:50:57:4e:ab:2b:65:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=993a0d549223a34d769b99003657920a87d1a7947f71667dc39ec40102f1b0f0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ca:bf:fe:43:79:6e:e7:39:1a:7a:d1:49:94:
2c:e3:1c:85:70:14:59:ef:e8:29:46:1a:a9:90:de:
16:c4:56:75:50:90:6e:0c:c0:5a:3c:28:0a:38:ff:
b4:ce:d7:1c:26:9f:67:cc:ab:c8:3d:ca:13:32:7c:
90:71:3f:30:7a:19:63:9a:38:3f:4b:56:e3:e9:40:
9e:87:98:24:d2:db:11:cd:91:72:bc:9e:f4:4f:83:
59:dc:4f:82:12:31:ea:aa:c3:5a:f2:c9:8b:89:a3:
e6:65:51:a9:83:96:66:8b:22:83:a4:7d:f5:a7:c8:
82:3d:51:dd:40:c3:fa:5c:af:e6:bd:6b:ed:ce:d0:
ec:4f:89:7d:14:6a:50:80:ac:a3:ac:6d:82:e4:10:
26:c5:cc:0f:3e:1d:7a:ec:fa:09:c6:6e:42:01:d9:
da:7f:b9:49:d3:72:4b:55:58:64:3f:12:90:92:79:
1d:f8:33:84:75:30:14:57:c7:f2:40:26:69:59:08:
74:69:cb:ec:54:b8:71:e4:cc:0e:96:71:06:16:d0:
c0:f5:8b:da:fc:7d:a8:fb:55:45:4a:78:38:61:1d:
f1:1a:d1:d6:1e:47:33:b3:76:7d:f1:ec:c3:9e:ce:
63:05:17:a0:53:a4:b8:61:af:71:8e:44:d9:4c:47:
11:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:4A:B7:4C:B4:90:7F:83:7B:99:59:EB:52:3A:76:75:DC:25:C7:83
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:71:c0:d0:39:b7:b2:7a:4c:68:fa:f3:62:46:12:ed:30:db:
3b:03:de:31:ee:6b:89:41:3a:e0:f9:85:fb:a5:08:45:68:3e:
28:03:a1:30:79:fb:ac:cb:de:fd:d7:c3:52:b6:d9:99:b1:15:
88:cd:24:5b:92:af:aa:33:ee:18:64:58:d9:2c:bf:b5:0d:f8:
7f:88:f1:26:25:0a:69:8d:2d:04:c0:eb:14:84:ea:0f:80:71:
b4:be:6c:a6:cc:d0:24:5f:39:e5:28:cf:1e:b9:b9:88:bf:23:
6c:88:7e:0b:d9:74:dc:73:ed:53:0f:2e:58:04:0b:cd:7c:8c:
79:21:d5:77:8b:d1:a3:22:a9:da:8b:7a:54:e4:b8:49:2d:b2:
cf:11:4c:da:5f:3a:a0:ae:a0:43:74:3a:3a:34:30:d2:47:69:
e7:c0:9a:04:cf:28:a1:5d:15:48:6d:18:d5:ff:18:2a:39:c0:
60:80:d0:8e:b8:7f:09:ce:9f:24:0d:7f:ae:5e:54:28:13:c5:
40:8c:70:d1:a3:2c:67:da:a5:cf:b6:45:d9:06:05:f6:bf:7d:
16:fc:a9:92:dd:1d:be:93:a6:5f:97:ae:4c:83:f3:85:55:f5:
70:80:d3:8c:5e:f8:80:61:5c:0c:69:f2:e4:1e:3e:6b:0d:ac:
53:eb:49:f2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEGMSsRbTS5ooFjN/VVBXTqsrZWIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5M2EwZDU0OTIyM2EzNGQ3NjliOTkwMDM2NTc5MjBhODdkMWE3OTQ3Zjcx
NjY3ZGMzOWVjNDAxMDJmMWIwZjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXKv/5DeW7nORp60UmULOMchXAUWe/oKUYaqZDeFsRWdVCQbgzAWjwoCjj/
tM7XHCafZ8yryD3KEzJ8kHE/MHoZY5o4P0tW4+lAnoeYJNLbEc2Rcrye9E+DWdxP
ghIx6qrDWvLJi4mj5mVRqYOWZosig6R99afIgj1R3UDD+lyv5r1r7c7Q7E+JfRRq
UICso6xtguQQJsXMDz4deuz6CcZuQgHZ2n+5SdNyS1VYZD8SkJJ5HfgzhHUwFFfH
8kAmaVkIdGnL7FS4ceTMDpZxBhbQwPWL2vx9qPtVRUp4OGEd8RrR1h5HM7N2ffHs
w57OYwUXoFOkuGGvcY5E2UxHEe0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRSSrdM
tJB/g3uZWetSOnZ13CXHgzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzNlZTI0NzItN2NhZi00N2I1LWIyZmYtMTVhYjZmNTQxMjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQA6ccDQObeyekxo+vNiRhLtMNs7A94x7muJQTrg+YX7
pQhFaD4oA6Ewefusy97918NSttmZsRWIzSRbkq+qM+4YZFjZLL+1Dfh/iPEmJQpp
jS0EwOsUhOoPgHG0vmymzNAkXznlKM8eubmIvyNsiH4L2XTcc+1TDy5YBAvNfIx5
IdV3i9GjIqnai3pU5LhJLbLPEUzaXzqgrqBDdDo6NDDSR2nnwJoEzyihXRVIbRjV
/xgqOcBggNCOuH8Jzp8kDX+uXlQoE8VAjHDRoyxn2qXPtkXZBgX2v30W/KmS3R2+
k6Zfl65Mg/OFVfVwgNOMXviAYVwMafLkHj5rDaxT60ny
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:18 2024 by rpki-client on console-fra.rpki-client.org