Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
File: 7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa (raw, json)
Hash identifier: qUgRmJZN/D9phgkAGPEfXTjCBhxLRrM+ffZyVRTunNE=
Subject key identifier: 82:36:FD:EF:0B:9E:23:24:04:95:44:9D:25:1F:7C:64:70:13:74:20
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 15509D46C2C66F4E4053FD7EABF889C39C3961B6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:50:9d:46:c2:c6:6f:4e:40:53:fd:7e:ab:f8:89:c3:9c:39:61:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=61e261bb01032beed8c590544397b9038dce79d369bcf3b146b1c29b72a3f9d4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8a:20:e6:b7:33:83:cd:ce:86:5f:05:fa:e2:
9c:41:85:0c:93:ce:9b:9e:6b:b5:f2:9e:11:7b:2b:
7a:bf:fc:ed:0c:ec:7d:dc:7c:6b:4d:03:ff:a2:89:
fe:76:9b:ef:33:70:1b:f6:eb:6d:67:14:3d:bf:18:
ae:35:dd:f7:3f:15:8a:54:c2:78:74:39:16:7c:99:
c3:28:95:bb:71:a3:d0:7d:c0:52:84:3f:3c:0e:99:
c5:3b:0e:22:6d:17:5e:fe:1d:91:9d:c0:ac:e9:44:
86:dc:97:5f:fc:83:93:2e:cf:80:3c:ff:01:55:ac:
25:05:ce:f1:78:75:8a:9f:41:9b:9d:57:05:a0:0e:
3a:f5:a4:6b:45:f2:1d:24:72:17:ab:c4:9c:ec:37:
47:01:fa:80:a6:71:bf:59:29:3e:83:e3:6e:8b:e9:
80:1c:20:3c:56:f4:a9:77:b5:e6:a9:5f:cc:c4:ee:
72:9f:f0:f8:ef:38:df:be:70:f4:d3:62:8f:5d:6e:
b0:8a:2c:97:2b:d0:b3:5c:3f:97:df:b3:0b:da:78:
2d:da:de:e8:04:a6:3a:c8:86:b9:e6:b7:ba:07:be:
a1:3c:63:94:0b:cd:fa:8f:3b:24:42:17:62:21:6d:
be:cb:af:9a:13:0b:54:0d:4d:b6:95:93:15:e3:61:
1a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:36:FD:EF:0B:9E:23:24:04:95:44:9D:25:1F:7C:64:70:13:74:20
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:99:b4:94:82:e9:2b:f6:d1:5f:af:a5:00:86:ed:df:64:74:
4e:aa:1e:db:94:72:66:07:42:fc:15:56:c7:8b:97:c5:21:04:
cd:52:9e:64:8b:d9:4d:a4:37:7a:10:b6:61:ac:63:78:f6:f7:
5b:62:3e:6c:1d:37:80:e9:9c:6d:fa:ed:00:19:ad:79:ac:01:
63:6e:38:31:a6:d2:a5:88:3d:a5:39:92:15:e2:1f:41:4a:45:
31:ed:59:4f:e9:a8:7f:46:60:10:fc:f2:89:c5:cd:82:b8:79:
25:40:23:16:6b:a2:e9:83:47:98:42:d9:5a:0c:15:2b:fb:27:
c0:14:06:9d:c8:11:a2:bb:88:1b:61:70:b8:70:d8:af:b3:a9:
d6:30:d5:5f:bd:f1:79:53:5c:d5:27:92:c8:52:db:f5:05:93:
b1:ec:96:a5:a9:47:15:0b:08:01:73:7d:60:4b:fc:7f:68:ff:
a3:9e:00:04:c0:01:11:f7:fb:a5:51:b1:8e:08:dd:fc:33:89:
21:47:aa:0c:a5:3b:65:f1:39:fe:7f:b1:fb:45:04:f7:1f:81:
8c:09:57:8f:7e:7a:51:8f:c1:d9:6b:46:e0:ed:cd:fc:57:b8:
c8:df:aa:2c:98:6e:9d:ae:ba:97:4b:db:eb:29:f0:b9:bf:02:
8d:d5:ef:ce
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFVCdRsLGb05AU/1+q/iJw5w5YbYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxZTI2MWJiMDEwMzJiZWVkOGM1OTA1NDQzOTdiOTAzOGRjZTc5ZDM2OWJj
ZjNiMTQ2YjFjMjliNzJhM2Y5ZDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2KIOa3M4PNzoZfBfrinEGFDJPOm55rtfKeEXsrer/87Qzsfdx8a00D/6KJ
/nab7zNwG/brbWcUPb8YrjXd9z8VilTCeHQ5FnyZwyiVu3Gj0H3AUoQ/PA6ZxTsO
Im0XXv4dkZ3ArOlEhtyXX/yDky7PgDz/AVWsJQXO8Xh1ip9Bm51XBaAOOvWka0Xy
HSRyF6vEnOw3RwH6gKZxv1kpPoPjbovpgBwgPFb0qXe15qlfzMTucp/w+O84375w
9NNij11usIoslyvQs1w/l9+zC9p4Ldre6ASmOsiGuea3uge+oTxjlAvN+o87JEIX
YiFtvsuvmhMLVA1NtpWTFeNhGskCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSCNv3v
C54jJASVRJ0lH3xkcBN0IDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y1YzMwZDAtZWZhOC00MWMwLWFhN2QtYzUwMTZlOTMxNWQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQB3mbSUgukr9tFfr6UAhu3fZHROqh7blHJmB0L8FVbH
i5fFIQTNUp5ki9lNpDd6ELZhrGN49vdbYj5sHTeA6Zxt+u0AGa15rAFjbjgxptKl
iD2lOZIV4h9BSkUx7VlP6ah/RmAQ/PKJxc2CuHklQCMWa6Lpg0eYQtlaDBUr+yfA
FAadyBGiu4gbYXC4cNivs6nWMNVfvfF5U1zVJ5LIUtv1BZOx7JalqUcVCwgBc31g
S/x/aP+jngAEwAER9/ulUbGOCN38M4khR6oMpTtl8Tn+f7H7RQT3H4GMCVePfnpR
j8HZa0bg7c38V7jI36osmG6drrqXS9vrKfC5vwKN1e/O
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org