Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f44216c-6452-466e-be4f-93ae1547f6d1.roa
File: 7f44216c-6452-466e-be4f-93ae1547f6d1.roa (raw, json)
Hash identifier: gicusol2WAfTdlZFhylVGo46oePDNRrei7Bx9w/i0LU=
Subject key identifier: 19:91:E9:BC:8A:F5:73:87:26:C3:3B:60:6D:67:44:13:1C:80:04:2C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1BB9D661C7B18039A016147FAA677403FFBB5037
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f44216c-6452-466e-be4f-93ae1547f6d1.roa
Signing time: Tue 22 Oct 2024 00:00:00 +0000
ROA not before: Tue 22 Oct 2024 00:00:00 +0000
ROA not after: Tue 26 Nov 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Oct 2024 17:14:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:b9:d6:61:c7:b1:80:39:a0:16:14:7f:aa:67:74:03:ff:bb:50:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:00:00 2024 GMT
Not After : Nov 26 23:59:59 2024 GMT
Subject: serialNumber=25c79b3ef13a63fe1df34c7badff56dc2aa72ce63a349147901d40bf782cc372, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bc:be:95:cd:d8:e1:b3:f1:a1:de:f1:2a:a5:
8a:ec:06:48:4a:01:20:e7:70:19:33:a0:ca:0c:2d:
5f:89:42:90:8e:2b:3d:3b:7c:e7:3d:34:ec:b3:7e:
8c:e6:e8:73:4f:4f:76:f7:d8:9d:b2:4b:bf:7a:e6:
57:c6:6e:c2:bc:74:a6:7a:83:25:64:39:8d:2c:17:
2e:fb:b2:76:f5:d1:2d:a4:5f:28:96:de:63:f2:3e:
e5:c5:6c:dc:ab:cf:7b:22:8a:66:22:de:74:5c:a8:
92:90:e2:e7:ce:64:74:49:5d:5a:38:6e:05:c1:b1:
a2:36:b5:2a:46:a2:41:0e:39:a1:e2:c9:ad:43:27:
51:f4:d3:a4:5e:60:0c:d1:49:a1:e9:82:b3:a9:82:
14:31:31:21:3d:34:5f:ed:04:25:7d:f5:40:ae:e2:
4f:17:71:f7:47:53:28:cc:1d:e2:b2:7f:5a:a4:0a:
56:0c:3a:b1:9a:a7:25:fd:86:5e:29:21:04:e9:9c:
a5:31:6a:8f:03:6d:0f:ab:7e:73:b4:f5:47:69:4b:
55:3c:e1:d4:f0:e7:a5:fa:fc:ee:0b:58:a3:4b:b7:
25:54:91:0e:21:67:92:98:58:aa:0e:ab:e4:a2:49:
6f:73:f8:24:2a:f8:83:11:11:7c:eb:11:f9:94:dd:
73:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:91:E9:BC:8A:F5:73:87:26:C3:3B:60:6D:67:44:13:1C:80:04:2C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f44216c-6452-466e-be4f-93ae1547f6d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/36
Signature Algorithm: sha256WithRSAEncryption
43:aa:64:b3:eb:26:22:0d:80:b3:7e:7d:9a:07:94:b1:5c:9c:
98:17:e4:a9:60:66:7a:42:56:68:f6:99:ed:84:18:be:a0:e4:
2f:0c:2f:4a:30:62:33:2b:ad:56:87:95:3d:a1:1c:84:8b:d4:
9b:de:3f:ab:df:15:98:30:d3:9c:05:b0:3d:e5:b3:dc:68:36:
d8:de:63:76:60:82:d3:63:96:56:73:d8:9d:25:76:6a:aa:66:
fb:17:ac:64:b1:36:9f:0a:7d:67:fb:e8:56:a6:ea:95:ff:dc:
27:a5:31:a8:c5:36:61:69:a2:50:fc:84:f1:0e:fd:ec:0b:a5:
a2:83:89:40:b0:a7:b9:f9:48:61:9f:c2:22:6c:c5:3c:a1:8e:
28:bc:7b:c9:fd:bf:d5:37:89:d3:a6:11:a2:79:2e:9b:c9:a2:
a6:87:0e:0a:1e:86:46:6e:e7:1a:c0:24:3d:37:7f:f9:53:57:
ae:b5:c7:40:96:f2:d2:33:ee:ff:85:e0:16:5a:cb:2c:8d:ff:
c7:d1:d6:5d:e4:11:e1:cf:3c:07:a0:bd:78:1e:6e:c5:59:aa:
95:b0:80:2e:59:5e:37:e6:0c:68:5f:b2:2f:c1:36:4b:eb:a8:
63:a6:0a:ec:a0:0c:4d:0a:a4:4a:0f:7e:4a:ff:5f:9f:e0:62:
8f:ac:40:7b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG7nWYcexgDmgFhR/qmd0A/+7UDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEwMjIwMDAwMDBaFw0yNDExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1Yzc5YjNlZjEzYTYzZmUxZGYzNGM3YmFkZmY1NmRjMmFhNzJjZTYzYTM0
OTE0NzkwMWQ0MGJmNzgyY2MzNzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJi8vpXN2OGz8aHe8SqliuwGSEoBIOdwGTOgygwtX4lCkI4rPTt85z007LN+
jOboc09PdvfYnbJLv3rmV8Zuwrx0pnqDJWQ5jSwXLvuydvXRLaRfKJbeY/I+5cVs
3KvPeyKKZiLedFyokpDi585kdEldWjhuBcGxoja1KkaiQQ45oeLJrUMnUfTTpF5g
DNFJoemCs6mCFDExIT00X+0EJX31QK7iTxdx90dTKMwd4rJ/WqQKVgw6sZqnJf2G
XikhBOmcpTFqjwNtD6t+c7T1R2lLVTzh1PDnpfr87gtYo0u3JVSRDiFnkphYqg6r
5KJJb3P4JCr4gxERfOsR+ZTdc2cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZkem8
ivVzhybDO2BtZ0QTHIAELDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y0NDIxNmMtNjQ1Mi00NjZlLWJlNGYtOTNhZTE1NDdmNmQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoBBXgA
MA0GCSqGSIb3DQEBCwUAA4IBAQBDqmSz6yYiDYCzfn2aB5SxXJyYF+SpYGZ6QlZo
9pnthBi+oOQvDC9KMGIzK61Wh5U9oRyEi9Sb3j+r3xWYMNOcBbA95bPcaDbY3mN2
YILTY5ZWc9idJXZqqmb7F6xksTafCn1n++hWpuqV/9wnpTGoxTZhaaJQ/ITxDv3s
C6Wig4lAsKe5+Uhhn8IibMU8oY4ovHvJ/b/VN4nTphGieS6byaKmhw4KHoZGbuca
wCQ9N3/5U1eutcdAlvLSM+7/heAWWsssjf/H0dZd5BHhzzwHoL14Hm7FWaqVsIAu
WV435gxoX7IvwTZL66hjpgrsoAxNCqRKD35K/1+f4GKPrEB7
-----END CERTIFICATE-----
Generated at Thu Oct 24 21:09:44 2024 by rpki-client on console-ams.rpki-client.org