Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78625106-b4d3-4e4b-85c7-6ccffe0f72da.roa
File: 78625106-b4d3-4e4b-85c7-6ccffe0f72da.roa (raw, json)
Hash identifier: 4qyB8oYxNHTvWwZCA/Jn0A9ecHyi3AL9lLocX2prP58=
Subject key identifier: 87:28:73:A5:0C:FA:8A:25:8B:AD:03:CB:37:B8:0B:73:65:6B:36:28
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C2B2942C34DFB8EDB32AAB3CE56172327A43DD7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78625106-b4d3-4e4b-85c7-6ccffe0f72da.roa
Signing time: Tue 13 Aug 2024 00:00:00 +0000
ROA not before: Tue 13 Aug 2024 00:00:00 +0000
ROA not after: Tue 17 Sep 2024 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:2b:29:42:c3:4d:fb:8e:db:32:aa:b3:ce:56:17:23:27:a4:3d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 13 00:00:00 2024 GMT
Not After : Sep 17 23:59:59 2024 GMT
Subject: serialNumber=adc7d47455a8712b03ddb9aae4c2b682efeeef3425224b8a96f812cd9a34190b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:5d:4d:9c:73:52:f9:f5:3e:24:85:90:6d:40:
70:ea:23:de:61:7d:5a:73:ea:bc:c1:5b:a7:b7:42:
f5:7c:70:40:51:72:52:79:65:ca:9a:5a:3e:11:72:
44:e2:67:c4:14:e4:55:30:c5:20:72:34:5e:16:4a:
20:14:72:eb:f3:7a:77:50:73:c7:b1:f6:e5:02:fb:
88:ae:9a:64:9b:b8:88:31:b3:0b:7f:a9:ff:9f:35:
69:1e:cb:d2:d6:58:ce:c5:83:1e:e4:65:16:60:97:
3f:0f:82:46:c2:e9:39:24:89:c2:b3:47:09:a2:4b:
dc:98:cd:55:e9:01:51:2d:50:09:35:c7:fc:5e:13:
78:ba:32:29:75:66:d4:9d:a2:dd:32:2b:10:2b:37:
24:e4:71:f0:95:bf:6b:cc:c7:f7:51:90:b3:ae:fe:
3b:de:85:11:51:21:c6:4c:df:6e:44:cd:0d:b8:5d:
f1:13:c4:ab:73:22:97:93:01:ec:6f:40:b4:52:54:
e8:ea:b5:75:13:24:be:0a:63:c5:ac:32:d9:85:03:
a0:48:ee:3a:26:32:e2:b0:c5:b5:d1:19:1e:2b:8e:
d5:00:b5:0b:38:9f:0c:1b:5d:63:0e:45:bb:00:21:
3d:ac:6f:06:05:5c:64:82:c3:bd:cb:e3:db:74:75:
7b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:28:73:A5:0C:FA:8A:25:8B:AD:03:CB:37:B8:0B:73:65:6B:36:28
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78625106-b4d3-4e4b-85c7-6ccffe0f72da.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/18
Signature Algorithm: sha256WithRSAEncryption
87:47:a3:dc:ea:f4:0a:03:5d:04:b5:20:04:63:c9:8f:9a:5e:
02:b7:22:ea:2e:c2:89:c8:e4:60:b2:59:38:53:34:ca:7a:fe:
f0:b2:64:66:e6:ca:79:23:ad:80:fc:81:7d:e8:56:a1:b1:3f:
e2:cd:07:5f:b6:56:9c:5a:10:ed:31:64:fb:ca:d1:ea:63:fe:
af:6e:69:b6:12:b0:38:6c:de:4c:ff:8d:b8:b5:74:1a:90:72:
cc:68:39:7a:7e:54:f4:c2:00:ca:17:4c:20:b2:89:5c:e9:1e:
df:ad:ad:cd:0c:75:b2:51:c7:7d:3b:1b:f2:1d:a0:fe:47:a2:
35:96:23:c4:94:e7:a7:75:30:b4:93:14:5d:69:b9:69:85:a8:
b3:05:36:bb:64:71:66:8c:dd:03:da:33:34:61:dc:9f:eb:ff:
26:e7:7d:29:a8:19:bb:31:4a:45:5d:7c:9c:88:de:22:31:7a:
81:7e:80:39:d3:b2:89:45:d0:1f:e6:a0:9b:44:a3:43:29:e6:
ef:27:0c:fe:cc:bb:5b:58:ef:3a:7e:de:b1:04:f8:31:dd:05:
1c:f6:ef:9c:27:2f:27:20:db:c4:2e:d2:e7:aa:9d:50:1a:75:
84:61:a6:75:c3:85:89:27:f2:ef:20:05:60:4f:ce:bb:75:a1:
88:dc:f9:27
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDCspQsNN+47bMqqzzlYXIyekPdcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA4MTMwMDAwMDBaFw0yNDA5MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkYzdkNDc0NTVhODcxMmIwM2RkYjlhYWU0YzJiNjgyZWZlZWVmMzQyNTIy
NGI4YTk2ZjgxMmNkOWEzNDE5MGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPddTZxzUvn1PiSFkG1AcOoj3mF9WnPqvMFbp7dC9XxwQFFyUnllyppaPhFy
ROJnxBTkVTDFIHI0XhZKIBRy6/N6d1Bzx7H25QL7iK6aZJu4iDGzC3+p/581aR7L
0tZYzsWDHuRlFmCXPw+CRsLpOSSJwrNHCaJL3JjNVekBUS1QCTXH/F4TeLoyKXVm
1J2i3TIrECs3JORx8JW/a8zH91GQs67+O96FEVEhxkzfbkTNDbhd8RPEq3Mil5MB
7G9AtFJU6Oq1dRMkvgpjxawy2YUDoEjuOiYy4rDFtdEZHiuO1QC1CzifDBtdYw5F
uwAhPaxvBgVcZILDvcvj23R1e1MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSHKHOl
DPqKJYutA8s3uAtzZWs2KDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Nzg2MjUxMDYtYjRkMy00ZTRiLTg1YzctNmNjZmZlMGY3MmRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAh0ej3Or0CgNdBLUgBGPJj5peArci6i7CicjkYLJZ
OFM0ynr+8LJkZubKeSOtgPyBfehWobE/4s0HX7ZWnFoQ7TFk+8rR6mP+r25pthKw
OGzeTP+NuLV0GpByzGg5en5U9MIAyhdMILKJXOke362tzQx1slHHfTsb8h2g/kei
NZYjxJTnp3UwtJMUXWm5aYWoswU2u2RxZozdA9ozNGHcn+v/Jud9KagZuzFKRV18
nIjeIjF6gX6AOdOyiUXQH+agm0SjQynm7ycM/sy7W1jvOn7esQT4Md0FHPbvnCcv
JyDbxC7S56qdUBp1hGGmdcOFiSfy7yAFYE/Ou3WhiNz5Jw==
-----END CERTIFICATE-----
Generated at Sat Sep 7 19:20:21 2024 by rpki-client on console-ams.rpki-client.org