Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
File: 7dc90e26-05aa-40c8-bbd0-967e095d6485.roa (raw, json)
Hash identifier: SqUuctyxOYYNgWpGb6v3LGG6P6pvRc5PEl9p71PvsOA=
Subject key identifier: FF:A4:8D:E3:50:6D:27:9A:CD:92:7A:2C:C4:B3:78:04:12:B8:F6:7F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 20584C4A758E239845AB571FE6D16302619E8532
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Apr 2024 19:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:58:4c:4a:75:8e:23:98:45:ab:57:1f:e6:d1:63:02:61:9e:85:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=84b65ef9f3ab9c0565e8f0ddaf0dbc740d97e6e76e3b9fb3b694df205752089a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5f:75:0d:a5:39:33:4e:9d:91:87:c4:fc:54:
cc:a6:5c:a5:a8:e1:f9:91:ef:8b:d4:e8:a1:90:75:
94:2d:52:6b:83:e8:46:72:54:f1:60:e9:c2:c1:8d:
dc:ad:95:b3:74:c9:75:c3:a4:73:31:1a:cc:12:93:
09:5e:04:bb:91:a8:1c:29:5e:9f:59:45:0c:ce:dc:
31:f1:e3:01:56:2c:a2:c0:dd:be:64:e8:a3:a0:ac:
af:65:35:37:02:5b:c6:bb:0a:e6:a4:12:06:09:89:
74:8f:25:2f:04:7c:46:e4:58:44:f9:41:97:a5:0d:
a4:ce:4c:9b:ce:5d:65:9a:e8:c5:6f:89:72:89:29:
61:3d:d1:ce:c7:ae:44:62:d3:72:82:c4:ee:c8:bf:
e9:01:78:1d:56:91:80:e3:70:94:a0:c8:b8:a1:6c:
1e:42:81:76:17:0d:e0:4b:2d:b4:3d:85:ad:af:47:
7c:19:44:c7:30:02:49:0e:fa:df:2a:d4:22:4a:b1:
ac:ca:76:a4:0a:f1:ba:53:9a:88:de:7b:7f:22:8c:
05:57:cd:ee:40:57:e5:ec:61:86:fd:bf:85:d5:1d:
c7:9b:2f:56:d2:5b:3b:46:2d:24:20:9b:dc:2c:42:
dd:3b:01:4a:64:ef:bd:98:21:6b:28:56:a7:a7:80:
de:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A4:8D:E3:50:6D:27:9A:CD:92:7A:2C:C4:B3:78:04:12:B8:F6:7F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.0.0/17
Signature Algorithm: sha256WithRSAEncryption
20:43:f4:2e:42:31:43:7d:43:d9:8c:a8:15:81:06:94:3e:cb:
2d:af:9e:e5:a8:00:cd:1e:f6:01:40:be:86:92:3f:6a:00:39:
8e:cf:35:8b:3a:c7:e4:d4:9b:d4:8e:7a:93:1f:5e:6f:d0:38:
35:b1:ef:cf:8f:f2:84:b4:79:7d:b5:af:45:7f:87:01:0e:f0:
ef:b8:c1:18:b8:f2:64:22:3c:63:00:64:6f:82:80:e3:2b:2d:
a7:6f:43:2a:bd:4a:1b:95:6b:bc:e8:a8:eb:ac:6f:1c:77:9a:
66:1c:bc:b9:c1:bc:41:c4:72:f7:b0:6c:a3:d6:ff:c6:9e:d4:
04:f8:c0:f7:6f:ae:ef:54:2b:02:ed:75:e9:6c:e1:13:4d:a5:
47:25:06:c8:a9:f3:14:5c:d6:d7:27:b7:f3:20:69:4e:fe:38:
fe:d1:e1:2f:95:0a:69:26:9d:66:04:aa:b1:93:56:b8:a9:27:
a2:d3:92:6a:cc:54:c6:bf:76:e1:9f:87:47:e7:e7:2f:33:14:
8f:27:7e:73:1d:9d:8c:00:83:97:8a:d7:a5:3f:34:c6:01:8a:
95:bf:54:39:f9:c9:c8:67:9f:d0:ed:f5:36:08:ca:da:1c:9b:
21:59:9b:f2:e2:50:ee:d8:67:65:a4:96:b4:1d:00:7c:a9:8d:
0e:33:e2:2b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIFhMSnWOI5hFq1cf5tFjAmGehTIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0YjY1ZWY5ZjNhYjljMDU2NWU4ZjBkZGFmMGRiYzc0MGQ5N2U2ZTc2ZTNi
OWZiM2I2OTRkZjIwNTc1MjA4OWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpfdQ2lOTNOnZGHxPxUzKZcpajh+ZHvi9TooZB1lC1Sa4PoRnJU8WDpwsGN
3K2Vs3TJdcOkczEazBKTCV4Eu5GoHClen1lFDM7cMfHjAVYsosDdvmToo6Csr2U1
NwJbxrsK5qQSBgmJdI8lLwR8RuRYRPlBl6UNpM5Mm85dZZroxW+JcokpYT3Rzseu
RGLTcoLE7si/6QF4HVaRgONwlKDIuKFsHkKBdhcN4EsttD2Fra9HfBlExzACSQ76
3yrUIkqxrMp2pArxulOaiN57fyKMBVfN7kBX5exhhv2/hdUdx5svVtJbO0YtJCCb
3CxC3TsBSmTvvZghayhWp6eA3nMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT/pI3j
UG0nms2SeizEs3gEErj2fzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2RjOTBlMjYtMDVhYS00MGM4LWJiZDAtOTY3ZTA5NWQ2NDg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN
BgkqhkiG9w0BAQsFAAOCAQEAIEP0LkIxQ31D2YyoFYEGlD7LLa+e5agAzR72AUC+
hpI/agA5js81izrH5NSb1I56kx9eb9A4NbHvz4/yhLR5fbWvRX+HAQ7w77jBGLjy
ZCI8YwBkb4KA4ystp29DKr1KG5VrvOio66xvHHeaZhy8ucG8QcRy97Bso9b/xp7U
BPjA92+u71QrAu116WzhE02lRyUGyKnzFFzW1ye38yBpTv44/tHhL5UKaSadZgSq
sZNWuKknotOSasxUxr924Z+HR+fnLzMUjyd+cx2djACDl4rXpT80xgGKlb9UOfnJ
yGef0O31NgjK2hybIVmb8uJQ7thnZaSWtB0AfKmNDjPiKw==
-----END CERTIFICATE-----
Generated at Tue Apr 16 01:21:46 2024 by rpki-client on console-ams.rpki-client.org