Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa
File: 75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa (raw, json)
Hash identifier: vMEMghIGwz5okjYcS43AgJrS654VE+o7Wyn2RGr3EjA=
Subject key identifier: 3C:8E:C2:69:5E:5B:97:25:9C:4B:D0:03:31:A8:C3:FB:51:EA:8A:0E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 274E07EEDFD8E7B6036BFD43A5BE2E6CB675C0DB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578:1400::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:4e:07:ee:df:d8:e7:b6:03:6b:fd:43:a5:be:2e:6c:b6:75:c0:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=86df16065c8bb5dc7d1a3f36dbea89b7125c89333e55a0949fcd64e1a8252246, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:82:71:18:03:97:52:c5:42:fd:27:19:36:2e:
af:ba:76:ea:eb:99:b5:f4:9d:14:32:f0:d1:69:61:
4f:3f:a4:0a:d2:d9:d2:c8:64:02:ca:a5:04:39:f7:
c8:38:ad:e3:62:1e:86:0a:30:65:b3:f4:a4:40:45:
21:6b:6c:76:85:fc:d8:c6:23:8d:af:ac:bb:d2:88:
27:ac:fe:58:7c:2e:5b:42:77:a5:71:72:f5:c9:44:
6c:68:0c:7a:4c:51:22:e9:4b:9a:51:44:83:66:d1:
35:8f:55:ba:d9:fb:d6:d7:b7:e9:e1:36:40:ae:55:
56:e0:29:be:83:5e:d1:87:fe:33:5d:cf:05:1b:ff:
e3:da:6f:7d:b8:79:80:d5:72:b1:68:2b:16:a3:d0:
41:0b:b7:42:b8:1d:60:2a:1f:6b:15:40:b4:f0:21:
ec:71:8a:57:7c:d2:1f:88:42:58:e6:5c:33:3e:d1:
69:9d:1d:a1:8b:b0:e5:dc:d6:a5:c7:94:88:60:8d:
57:dd:c4:61:ee:0b:ed:ab:05:46:11:cb:1b:34:61:
19:26:ff:0e:35:68:2f:57:0f:83:75:dc:b8:f7:c8:
01:a7:e1:ad:3e:9a:04:eb:5f:5f:03:95:03:49:f2:
fb:54:3f:d4:f2:f8:61:1f:72:90:a6:23:ed:dc:eb:
dd:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:8E:C2:69:5E:5B:97:25:9C:4B:D0:03:31:A8:C3:FB:51:EA:8A:0E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1400::/38
Signature Algorithm: sha256WithRSAEncryption
61:a9:b0:56:22:18:71:51:df:69:31:30:07:fd:6c:96:84:b8:
4e:a1:72:d1:ac:26:28:9d:69:cd:49:90:46:89:c4:5f:36:c3:
a3:2c:22:4e:b7:e9:6c:d8:8f:20:71:4d:43:c6:3b:5d:37:f6:
60:7e:79:91:76:eb:e8:40:e2:a7:7e:74:00:4b:46:31:39:d6:
ee:ed:90:53:d4:f7:83:59:b5:98:d3:ee:8d:cf:c6:d1:d6:ac:
89:ed:4e:f1:7c:27:9f:bb:ca:cb:b2:c5:48:56:af:c7:9b:19:
1b:48:a0:49:38:f7:e0:76:52:49:f1:db:4a:33:85:46:7d:e7:
77:99:fc:c8:4c:f4:4c:39:dc:f2:81:73:d2:9b:43:ed:9e:eb:
dd:91:59:f1:a9:bd:d2:59:f7:87:2b:b0:f9:39:f1:ee:6d:ff:
86:5e:77:27:36:00:2c:42:69:3d:6b:1c:fb:dd:e8:c2:e9:f4:
b7:41:54:37:03:1b:54:fe:0f:0e:a2:69:13:54:05:56:42:83:
50:30:d4:d5:cc:39:ff:a7:06:a7:22:c1:22:36:c8:42:16:ae:
92:0c:8b:87:08:06:b2:91:16:47:d7:5c:93:41:ac:b1:20:34:
ba:ef:95:34:8c:51:dc:7e:ba:26:a2:8e:0b:0e:96:73:17:7f:
0d:60:8b:71
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJ04H7t/Y57YDa/1Dpb4ubLZ1wNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2ZGYxNjA2NWM4YmI1ZGM3ZDFhM2YzNmRiZWE4OWI3MTI1Yzg5MzMzZTU1
YTA5NDlmY2Q2NGUxYTgyNTIyNDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqCcRgDl1LFQv0nGTYur7p26uuZtfSdFDLw0WlhTz+kCtLZ0shkAsqlBDn3
yDit42IehgowZbP0pEBFIWtsdoX82MYjja+su9KIJ6z+WHwuW0J3pXFy9clEbGgM
ekxRIulLmlFEg2bRNY9Vutn71te36eE2QK5VVuApvoNe0Yf+M13PBRv/49pvfbh5
gNVysWgrFqPQQQu3QrgdYCofaxVAtPAh7HGKV3zSH4hCWOZcMz7RaZ0doYuw5dzW
pceUiGCNV93EYe4L7asFRhHLGzRhGSb/DjVoL1cPg3XcuPfIAafhrT6aBOtfXwOV
A0ny+1Q/1PL4YR9ykKYj7dzr3R0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8jsJp
XluXJZxL0AMxqMP7UeqKDjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzVkMTZkOTYtOWU1Ny00Y2MwLTgzZGYtMmMwMTFjY2M4ZGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioBBXgU
MA0GCSqGSIb3DQEBCwUAA4IBAQBhqbBWIhhxUd9pMTAH/WyWhLhOoXLRrCYonWnN
SZBGicRfNsOjLCJOt+ls2I8gcU1DxjtdN/ZgfnmRduvoQOKnfnQAS0YxOdbu7ZBT
1PeDWbWY0+6Nz8bR1qyJ7U7xfCefu8rLssVIVq/HmxkbSKBJOPfgdlJJ8dtKM4VG
fed3mfzITPRMOdzygXPSm0PtnuvdkVnxqb3SWfeHK7D5OfHubf+GXncnNgAsQmk9
axz73ejC6fS3QVQ3AxtU/g8OomkTVAVWQoNQMNTVzDn/pwanIsEiNshCFq6SDIuH
CAaykRZH11yTQayxIDS675U0jFHcfromoo4LDpZzF38NYItx
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:15 2024 by rpki-client on console-ams.rpki-client.org