Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/760b79cf-4b6a-441d-8cec-518fe8e653f9.roa
File: 760b79cf-4b6a-441d-8cec-518fe8e653f9.roa (raw, json)
Hash identifier: 3pJvfBXpKvSryBS8k1wv5A9LBAhOshnqfcbecIN30gU=
Subject key identifier: A9:B8:90:BA:8A:9D:DC:26:E0:C1:FA:3D:BB:6C:89:E3:59:FC:67:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 425E099DB836CAE7DF020C5E3A37818F46E3E7CA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/760b79cf-4b6a-441d-8cec-518fe8e653f9.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:5e:09:9d:b8:36:ca:e7:df:02:0c:5e:3a:37:81:8f:46:e3:e7:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=e945aa3b4d455d28018b8ca908e3196eeb869dc66bc2ff64cc3eca831537e051, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:17:49:fd:b6:34:2e:ad:c1:7b:ba:98:32:52:
83:a3:b3:f0:01:20:46:99:91:0d:92:7f:29:5d:a4:
1f:eb:1e:17:f5:4c:90:77:65:e9:ac:e1:01:d0:99:
38:83:ca:8b:72:43:13:93:13:79:7a:2e:f6:d5:2f:
7c:e5:40:87:00:a0:02:0e:8c:a4:8c:d8:e4:d6:d1:
c3:d0:ee:97:62:c5:b7:69:ef:49:51:77:49:b8:88:
74:44:59:19:58:da:45:76:46:be:2c:90:4d:60:94:
fc:fe:a9:98:4d:31:45:1e:8d:3b:07:bb:6b:8b:1e:
1b:40:42:36:a2:ba:a8:55:2a:4d:2c:3b:3c:20:d5:
58:fb:45:de:f8:f7:da:dc:db:06:7d:d4:82:a6:5d:
e3:81:1a:45:3f:e2:50:cc:ee:b6:f6:35:4b:2c:ff:
e8:74:1b:ce:77:27:b5:26:f1:73:d7:d4:3d:4a:88:
fb:89:56:1d:87:db:c7:38:4c:13:61:99:a3:83:80:
d5:95:ce:fc:08:69:e0:a7:ab:38:84:8c:f0:2d:8d:
87:f2:c1:a7:9a:98:10:83:01:7d:68:5a:1f:87:05:
15:f4:df:88:e9:ce:f0:b8:15:68:9a:fe:6d:39:60:
ad:86:f1:5a:e9:d8:52:a3:19:e8:d2:ac:11:00:1f:
97:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B8:90:BA:8A:9D:DC:26:E0:C1:FA:3D:BB:6C:89:E3:59:FC:67:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/760b79cf-4b6a-441d-8cec-518fe8e653f9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:38:5b:86:2b:6f:d4:2c:49:74:4f:85:2b:77:c5:45:22:36:
54:1b:1b:1b:c6:96:14:32:bd:41:e2:73:c5:0e:81:3c:dc:0b:
08:27:2d:22:0a:8d:d8:ea:63:a7:bf:27:56:b7:29:5c:11:1e:
8d:74:f1:f2:73:d9:c9:a6:ef:56:20:e0:70:e1:57:b7:98:65:
59:5c:a8:d0:f0:3e:08:6c:58:51:56:7f:8f:43:4a:67:08:0d:
21:79:02:b7:b9:ad:a5:56:50:fa:84:fe:ef:35:64:c7:b8:8d:
df:6f:c2:d4:fe:9b:ae:d0:cc:4a:da:21:73:c3:c9:38:75:30:
bb:6e:8b:5a:48:cc:48:5b:8d:07:4c:20:ff:7b:6d:5a:72:1e:
b0:46:a6:18:24:6c:10:7a:b2:bd:52:c1:7d:1c:67:49:0f:fd:
8c:70:08:58:c1:3a:38:25:45:09:c6:30:7d:fd:a3:f1:4f:43:
ec:90:09:bf:fe:b7:52:94:fb:ca:81:a5:b6:f5:ee:a6:7f:ca:
0b:e8:80:57:53:7c:26:44:3d:bd:1e:04:e7:6f:e3:78:cd:17:
19:c1:88:7e:9a:b2:90:be:5a:e2:d5:85:a2:2d:87:db:27:dc:
2b:ea:30:f5:84:dc:12:fe:d4:9e:a6:34:93:ff:eb:2f:a5:b0:
a9:f9:79:84
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQl4Jnbg2yuffAgxeOjeBj0bj58owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5NDVhYTNiNGQ0NTVkMjgwMThiOGNhOTA4ZTMxOTZlZWI4NjlkYzY2YmMy
ZmY2NGNjM2VjYTgzMTUzN2UwNTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcXSf22NC6twXu6mDJSg6Oz8AEgRpmRDZJ/KV2kH+seF/VMkHdl6azhAdCZ
OIPKi3JDE5MTeXou9tUvfOVAhwCgAg6MpIzY5NbRw9Dul2LFt2nvSVF3SbiIdERZ
GVjaRXZGviyQTWCU/P6pmE0xRR6NOwe7a4seG0BCNqK6qFUqTSw7PCDVWPtF3vj3
2tzbBn3UgqZd44EaRT/iUMzutvY1Syz/6HQbzncntSbxc9fUPUqI+4lWHYfbxzhM
E2GZo4OA1ZXO/Ahp4KerOISM8C2Nh/LBp5qYEIMBfWhaH4cFFfTfiOnO8LgVaJr+
bTlgrYbxWunYUqMZ6NKsEQAflxUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSpuJC6
ip3cJuDB+j27bInjWfxnhjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzYwYjc5Y2YtNGI2YS00NDFkLThjZWMtNTE4ZmU4ZTY1M2Y5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQB9OFuGK2/ULEl0T4Urd8VFIjZUGxsbxpYUMr1B4nPF
DoE83AsIJy0iCo3Y6mOnvydWtylcER6NdPHyc9nJpu9WIOBw4Ve3mGVZXKjQ8D4I
bFhRVn+PQ0pnCA0heQK3ua2lVlD6hP7vNWTHuI3fb8LU/puu0MxK2iFzw8k4dTC7
botaSMxIW40HTCD/e21ach6wRqYYJGwQerK9UsF9HGdJD/2McAhYwTo4JUUJxjB9
/aPxT0PskAm//rdSlPvKgaW29e6mf8oL6IBXU3wmRD29HgTnb+N4zRcZwYh+mrKQ
vlri1YWiLYfbJ9wr6jD1hNwS/tSepjST/+svpbCp+XmE
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:27 2024 by rpki-client on console-ams.rpki-client.org