Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
File: 7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa (raw, json)
Hash identifier: bZignuYyUS+3O2uRDmWFQCAAxifHjDcQe8sSsV1k/ww=
Subject key identifier: 40:65:41:CA:5A:11:F4:CA:F1:99:AD:C4:22:24:F6:8C:CC:2A:1E:9E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1ED2A74370C08EF52C90BC5F617A4B712DFF59B8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:d2:a7:43:70:c0:8e:f5:2c:90:bc:5f:61:7a:4b:71:2d:ff:59:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=ebb338bc6c59289e88b3e5c299cecaf9dff5415244e2a6b389f8435cd38b0633, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:52:ef:d1:29:d7:07:30:4a:68:f8:45:eb:aa:
c7:d5:2c:78:e2:42:78:a4:9e:99:49:31:de:dc:0a:
c9:9e:9c:55:d0:8a:dd:4e:f7:cd:a9:9e:1e:19:07:
c6:3f:a2:63:41:b8:d0:0c:47:6d:e0:26:5c:8a:12:
2f:5a:b6:89:fb:e9:8a:54:72:6b:11:d7:70:f0:e1:
bd:2e:b3:27:ea:0b:16:a8:2f:61:7d:53:15:ee:10:
e0:20:3d:cb:27:23:33:65:25:0f:ea:6a:36:10:71:
6c:80:32:c8:4e:da:b6:c8:4e:b0:37:34:ae:18:62:
c5:7e:d5:16:77:a5:c5:59:6e:68:08:e9:ec:38:8f:
f6:2e:c6:c6:61:e7:3b:b3:cb:63:5d:b6:c7:7d:03:
fe:62:96:2f:8d:8b:3b:0a:d9:d9:56:94:cd:6f:72:
e4:49:05:96:9d:e4:96:c7:70:9b:35:77:5b:1c:65:
ca:7a:70:b6:49:7e:91:7d:c4:7d:5e:ca:ac:b5:89:
f2:78:33:d4:19:6d:e7:47:44:07:f1:05:8a:84:57:
f1:89:55:14:97:7c:30:d2:7d:54:d7:0d:07:6f:3c:
48:15:91:67:ec:61:8b:a8:43:b7:45:e0:44:c5:5e:
50:8c:1d:35:44:37:4c:89:94:bb:cc:55:f6:65:a9:
fb:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:65:41:CA:5A:11:F4:CA:F1:99:AD:C4:22:24:F6:8C:CC:2A:1E:9E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7f:de:13:67:70:33:5f:8d:6e:99:ce:bb:b9:94:a9:1e:70:2b:
0c:65:c3:b5:90:4a:44:1f:da:f3:8c:50:a9:be:28:c3:4f:58:
d4:f1:e1:bb:be:a0:ed:02:ec:6a:9d:8d:96:21:d2:19:45:d9:
cf:57:91:2d:cb:e6:41:7a:51:b9:37:9b:70:d6:52:33:b9:0e:
e3:ac:37:01:a2:e9:6c:95:51:47:d8:ac:e4:0a:3f:dc:6d:e3:
bc:c9:a3:42:f9:9b:c0:a7:30:42:a1:09:60:30:ea:ee:17:d6:
c6:0d:81:c2:22:1f:ae:ae:38:59:e4:10:72:74:20:f9:96:67:
2d:7a:3c:96:f9:9e:86:21:5e:09:2d:3f:f6:37:6a:4e:5d:a9:
36:4a:9b:3b:e1:76:59:75:c9:cf:01:ad:ec:fd:92:0d:2a:ea:
ce:b4:92:a5:29:73:61:f3:0b:4f:f7:8b:1b:f4:a5:11:75:76:
bd:ae:eb:79:5e:23:f4:3a:89:31:79:38:a8:dd:e6:55:f0:8b:
07:60:55:9a:49:8f:62:b5:f3:07:1f:2d:14:28:63:eb:d5:41:
49:0e:92:34:97:2d:e2:60:8f:14:2a:ae:55:8d:de:3f:0f:5e:
ed:d7:d3:2e:25:0a:78:12:59:9b:44:da:59:4d:ea:46:4f:b0:
0a:39:15:55
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHtKnQ3DAjvUskLxfYXpLcS3/WbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGViYjMzOGJjNmM1OTI4OWU4OGIzZTVjMjk5Y2VjYWY5ZGZmNTQxNTI0NGUy
YTZiMzg5Zjg0MzVjZDM4YjA2MzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRS79Ep1wcwSmj4Reuqx9UseOJCeKSemUkx3twKyZ6cVdCK3U73zameHhkH
xj+iY0G40AxHbeAmXIoSL1q2ifvpilRyaxHXcPDhvS6zJ+oLFqgvYX1TFe4Q4CA9
yycjM2UlD+pqNhBxbIAyyE7atshOsDc0rhhixX7VFnelxVluaAjp7DiP9i7GxmHn
O7PLY122x30D/mKWL42LOwrZ2VaUzW9y5EkFlp3klsdwmzV3Wxxlynpwtkl+kX3E
fV7KrLWJ8ngz1Blt50dEB/EFioRX8YlVFJd8MNJ9VNcNB288SBWRZ+xhi6hDt0Xg
RMVeUIwdNUQ3TImUu8xV9mWp+0ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRAZUHK
WhH0yvGZrcQiJPaMzCoenjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y1YzMwZDAtZWZhOC00MWMwLWFhN2QtYzUwMTZlOTMxNWQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQB/3hNncDNfjW6Zzru5lKkecCsMZcO1kEpEH9rzjFCp
vijDT1jU8eG7vqDtAuxqnY2WIdIZRdnPV5Ety+ZBelG5N5tw1lIzuQ7jrDcBouls
lVFH2KzkCj/cbeO8yaNC+ZvApzBCoQlgMOruF9bGDYHCIh+urjhZ5BBydCD5lmct
ejyW+Z6GIV4JLT/2N2pOXak2Sps74XZZdcnPAa3s/ZINKurOtJKlKXNh8wtP94sb
9KURdXa9rut5XiP0OokxeTio3eZV8IsHYFWaSY9itfMHHy0UKGPr1UFJDpI0ly3i
YI8UKq5Vjd4/D17t19MuJQp4ElmbRNpZTepGT7AKORVV
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org