Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa
File: 7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa (raw, json)
Hash identifier: gWuxKVedW2pkX5NXjQgFBXxUrITE8iN0keuViztFfYs=
Subject key identifier: 1E:61:40:E6:C1:03:6E:CA:C2:FA:75:5E:11:90:0D:10:D0:72:26:CA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1CAF9879B35F652A8E97B40B188ADD3743175070
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:af:98:79:b3:5f:65:2a:8e:97:b4:0b:18:8a:dd:37:43:17:50:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=b44095d984fe49732772a59a731893666da568a6c86ed8a6f99185af357067aa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:33:dd:f2:af:ac:c8:92:2e:e3:04:c8:e1:66:
f2:83:13:06:01:45:d8:d7:91:c0:99:76:65:e1:01:
ea:4f:45:2c:a5:b3:1b:bf:03:cc:bc:03:b5:d7:ef:
e4:68:c2:69:27:5d:f6:f8:04:f5:6b:5c:28:61:48:
bc:e6:58:5c:90:54:16:36:af:9f:02:b6:a4:21:80:
1a:da:e1:21:c6:6d:64:5f:b6:ba:ee:8a:e5:0c:a8:
a9:43:4c:e8:8d:f9:33:9f:9d:97:d7:5c:f0:b5:9b:
93:10:6f:80:40:5a:b9:59:7a:36:c3:7a:80:5e:31:
76:ed:9f:5c:18:e7:9d:41:17:e1:b3:b5:9b:4c:48:
f3:3c:84:08:2b:99:f7:79:36:3b:5f:1c:b5:68:be:
b3:49:e3:b3:70:4b:a8:a0:6e:47:20:0e:fe:66:26:
92:9f:ba:d3:89:41:d3:dd:68:7b:13:52:85:7b:db:
35:34:af:48:7f:bc:6c:72:03:2c:af:7b:97:bc:58:
5d:4a:26:a5:46:f0:69:12:4c:b1:ba:9b:89:4b:17:
bd:e0:42:81:14:ab:57:db:99:2d:71:3b:be:b5:86:
fb:57:01:07:b4:1b:f8:0a:fd:01:7c:48:c4:d1:4a:
26:8a:2f:d9:73:dc:3f:e5:7f:31:d1:2c:6a:ac:19:
40:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:61:40:E6:C1:03:6E:CA:C2:FA:75:5E:11:90:0D:10:D0:72:26:CA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6c:b8:70:28:5c:77:2f:90:b6:3c:c6:ff:9f:da:2d:de:64:3d:
bc:41:e6:60:8f:25:36:ad:c0:64:20:e6:87:51:bf:ac:91:85:
6f:5a:68:e6:f5:bc:2a:7f:5a:db:a1:d0:d3:ea:94:22:6b:f9:
1f:df:d2:22:5e:46:cb:93:7f:91:54:d0:81:0a:ff:63:7a:51:
60:ae:d5:51:2c:98:fb:45:84:70:94:9f:dc:1b:b8:e5:a8:d1:
2c:ef:bd:fa:2b:c2:de:1f:25:98:ab:25:82:f5:50:73:4f:dc:
8f:19:bd:c9:12:4b:ca:d4:b8:8e:84:98:04:3f:ac:1a:a2:fc:
74:ff:1d:0f:b7:2d:68:17:38:c8:07:35:d8:f9:0b:d8:d2:1d:
0e:da:4a:e3:bb:df:65:10:ef:81:89:49:a7:f3:f1:ff:19:73:
58:3d:a7:d2:e3:1b:45:31:c8:d7:a8:21:53:38:50:71:af:ea:
94:cf:c5:ce:a4:05:c4:f3:76:7f:55:9e:71:88:81:54:64:15:
b0:5e:55:93:b6:36:1b:c9:47:05:3b:12:e3:2d:6e:3f:e5:47:
c1:dc:b2:a7:a5:62:a3:71:db:5b:1b:f0:c2:f1:6a:b7:d9:86:
c9:cb:90:36:8b:33:39:af:88:e2:92:58:f2:d4:9a:d1:71:50:
89:f3:8b:8e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHK+YebNfZSqOl7QLGIrdN0MXUHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0NDA5NWQ5ODRmZTQ5NzMyNzcyYTU5YTczMTg5MzY2NmRhNTY4YTZjODZl
ZDhhNmY5OTE4NWFmMzU3MDY3YWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIoz3fKvrMiSLuMEyOFm8oMTBgFF2NeRwJl2ZeEB6k9FLKWzG78DzLwDtdfv
5GjCaSdd9vgE9WtcKGFIvOZYXJBUFjavnwK2pCGAGtrhIcZtZF+2uu6K5QyoqUNM
6I35M5+dl9dc8LWbkxBvgEBauVl6NsN6gF4xdu2fXBjnnUEX4bO1m0xI8zyECCuZ
93k2O18ctWi+s0njs3BLqKBuRyAO/mYmkp+604lB091oexNShXvbNTSvSH+8bHID
LK97l7xYXUompUbwaRJMsbqbiUsXveBCgRSrV9uZLXE7vrWG+1cBB7Qb+Ar9AXxI
xNFKJoov2XPcP+V/MdEsaqwZQEUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQeYUDm
wQNuysL6dV4RkA0Q0HImyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2ZiZDYwNWItZDRlNS00YjE0LTllYzAtZTFiMmY0ZmZiNTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQBsuHAoXHcvkLY8xv+f2i3eZD28QeZgjyU2rcBkIOaH
Ub+skYVvWmjm9bwqf1rbodDT6pQia/kf39IiXkbLk3+RVNCBCv9jelFgrtVRLJj7
RYRwlJ/cG7jlqNEs7736K8LeHyWYqyWC9VBzT9yPGb3JEkvK1LiOhJgEP6waovx0
/x0Pty1oFzjIBzXY+QvY0h0O2krju99lEO+BiUmn8/H/GXNYPafS4xtFMcjXqCFT
OFBxr+qUz8XOpAXE83Z/VZ5xiIFUZBWwXlWTtjYbyUcFOxLjLW4/5UfB3LKnpWKj
cdtbG/DC8Wq32YbJy5A2izM5r4jikljy1JrRcVCJ84uO
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org