Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e63b278-a6e8-4f35-b37d-e2fe33bb3401.roa
File: 7e63b278-a6e8-4f35-b37d-e2fe33bb3401.roa (raw, json)
Hash identifier: /4dV0HGfGvgW7J+csOsjooDJqFJSDBgfvUtf7Ce9tzY=
Subject key identifier: B8:B6:F6:C9:1B:0D:FE:CA:37:83:EB:BC:A8:DB:94:08:13:7C:86:8D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 348FF6EB0C19FE02F90AC1CD4ADA600D4A3F13DD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e63b278-a6e8-4f35-b37d-e2fe33bb3401.roa
Signing time: Wed 27 Mar 2024 00:00:00 +0000
ROA not before: Wed 27 Mar 2024 00:00:00 +0000
ROA not after: Wed 01 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:8f:f6:eb:0c:19:fe:02:f9:0a:c1:cd:4a:da:60:0d:4a:3f:13:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 27 00:00:00 2024 GMT
Not After : May 1 23:59:59 2024 GMT
Subject: serialNumber=8991b1a6025db248b5bd76483c7a89b4e911921bd306e3132c7be00fb7f3b198, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:33:a8:ba:a9:65:72:93:d2:12:21:c0:ba:07:
87:86:f2:09:e0:74:9b:5d:42:3b:f1:fb:c9:5a:b2:
85:63:31:ee:ac:a9:30:ef:32:26:0d:16:f0:c6:47:
00:4a:8d:1f:d2:ae:e1:52:16:f0:60:a3:b8:3d:45:
b8:a8:3b:71:31:eb:71:48:43:3e:e9:9f:d7:fb:72:
35:f4:29:ba:2c:ad:8e:a6:7b:a3:b5:3b:ba:f6:1b:
39:3e:a7:6f:59:e3:15:f2:50:e6:b5:a9:42:73:ea:
cb:6f:4d:a9:95:5f:3a:1d:33:82:63:98:81:15:1b:
e2:73:d4:2a:75:3e:01:80:29:57:5d:31:a4:6a:a6:
ca:0a:05:35:02:71:c4:35:ec:52:a4:9c:10:8b:f0:
f9:c2:30:85:6c:0e:a7:5b:a1:7d:e3:8e:79:2f:b3:
9a:c7:c5:14:e4:02:01:bf:46:5a:a7:02:e2:5f:3e:
f2:e4:e8:4c:30:19:15:23:55:11:e3:ee:02:92:e9:
0b:90:08:b0:98:48:fe:f3:d8:e4:f7:cb:1c:b0:23:
6e:25:46:6e:df:cd:a1:10:57:c7:07:b9:31:45:5a:
07:01:16:bb:d3:83:af:4d:cb:47:d2:d8:9b:86:a8:
d7:0a:f3:54:b9:de:b0:4b:df:aa:ad:4c:f4:95:97:
7d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B6:F6:C9:1B:0D:FE:CA:37:83:EB:BC:A8:DB:94:08:13:7C:86:8D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e63b278-a6e8-4f35-b37d-e2fe33bb3401.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
02:18:87:44:bb:21:b4:1c:5b:61:72:16:5c:a2:cd:65:22:35:
dc:7f:ec:21:60:81:f1:a4:12:6c:85:64:10:2f:55:66:54:b5:
87:4d:f2:86:e5:7d:e3:6e:80:8a:8b:8a:d8:b5:cc:82:32:92:
70:7d:e6:49:7e:75:82:d3:e5:0d:90:93:2a:3f:76:f9:16:39:
4c:8b:c0:f7:52:83:ae:58:2c:7f:bd:78:dd:60:29:3e:d3:38:
fc:59:61:bb:83:17:12:a1:64:d2:c2:c3:76:67:bf:80:e6:ed:
ca:3e:dd:d6:6e:44:4a:6d:ea:63:c2:b4:dc:07:e5:de:af:07:
dc:b1:42:f0:33:8d:9b:e4:25:9f:f5:65:bc:49:bc:6e:c0:3e:
e6:a8:84:fa:da:ec:0d:e0:34:29:1d:68:a9:6a:37:24:a8:11:
0e:a2:c9:ca:05:a3:2b:e7:2b:08:24:43:a5:95:60:9e:2e:c3:
a7:fd:0c:91:b6:86:a3:7a:d1:5a:e5:fb:99:93:70:3a:6d:48:
2a:c3:18:27:3a:29:f4:da:1b:a2:bc:8a:2e:fe:dc:9b:18:c5:
0f:0e:39:78:b8:75:9d:94:49:ca:7f:a6:5d:47:b0:a8:c6:08:
e1:0b:37:30:86:67:d4:6d:25:ed:f3:80:ef:06:53:5c:ee:9b:
2a:59:21:d4
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUNI/26wwZ/gL5CsHNStpgDUo/E90wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjcwMDAwMDBaFw0yNDA1MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5OTFiMWE2MDI1ZGIyNDhiNWJkNzY0ODNjN2E4OWI0ZTkxMTkyMWJkMzA2
ZTMxMzJjN2JlMDBmYjdmM2IxOTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMszqLqpZXKT0hIhwLoHh4byCeB0m11CO/H7yVqyhWMx7qypMO8yJg0W8MZH
AEqNH9Ku4VIW8GCjuD1FuKg7cTHrcUhDPumf1/tyNfQpuiytjqZ7o7U7uvYbOT6n
b1njFfJQ5rWpQnPqy29NqZVfOh0zgmOYgRUb4nPUKnU+AYApV10xpGqmygoFNQJx
xDXsUqScEIvw+cIwhWwOp1uhfeOOeS+zmsfFFOQCAb9GWqcC4l8+8uToTDAZFSNV
EePuApLpC5AIsJhI/vPY5PfLHLAjbiVGbt/NoRBXxwe5MUVaBwEWu9ODr03LR9LY
m4ao1wrzVLnesEvfqq1M9JWXfUMCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS4tvbJ
Gw3+yjeD67yo25QIE3yGjTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U2M2IyNzgtYTZlOC00ZjM1LWIzN2QtZTJmZTMzYmIzNDAxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBAAIYh0S7IbQcW2FyFlyizWUiNdx/7CFggfGkEmyF
ZBAvVWZUtYdN8oblfeNugIqLiti1zIIyknB95kl+dYLT5Q2Qkyo/dvkWOUyLwPdS
g65YLH+9eN1gKT7TOPxZYbuDFxKhZNLCw3Znv4Dm7co+3dZuREpt6mPCtNwH5d6v
B9yxQvAzjZvkJZ/1ZbxJvG7APuaohPra7A3gNCkdaKlqNySoEQ6iycoFoyvnKwgk
Q6WVYJ4uw6f9DJG2hqN60Vrl+5mTcDptSCrDGCc6KfTaG6K8ii7+3JsYxQ8OOXi4
dZ2UScp/pl1HsKjGCOELNzCGZ9RtJe3zgO8GU1zumypZIdQ=
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:15 2024 by rpki-client on console-ams.rpki-client.org