Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa
File: 7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa (raw, json)
Hash identifier: LnE7kbz60+hXoEn+imWjx8FTuMJJL566Ey5tjt3tDOY=
Subject key identifier: 8D:36:41:44:F0:0B:D2:B5:8E:E6:AE:D7:B9:25:37:50:4D:32:16:9B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1BE894A88BF0AE0E90A03B144EA8C41F528958A6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa
Signing time: Fri 29 Mar 2024 00:00:00 +0000
ROA not before: Fri 29 Mar 2024 00:00:00 +0000
ROA not after: Fri 03 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:e8:94:a8:8b:f0:ae:0e:90:a0:3b:14:4e:a8:c4:1f:52:89:58:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 29 00:00:00 2024 GMT
Not After : May 3 23:59:59 2024 GMT
Subject: serialNumber=fc944b1f405a5a55a274bd8a8cce6c33b4f529a5aff45dc71919367ef74b7587, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b1:cd:5f:00:99:37:7f:89:17:aa:2a:4e:74:
20:34:59:e6:cb:07:a9:67:b7:82:c4:e5:97:8d:16:
c6:3a:e3:f6:09:f3:23:8f:6a:eb:f0:b7:73:d4:43:
6d:c3:a5:ef:d0:77:19:77:78:f8:77:22:67:30:6c:
d2:60:c9:f8:03:e0:03:8e:68:2d:19:d1:c1:4c:13:
65:13:31:9b:7a:18:63:9c:fe:3c:5b:cb:0e:ac:61:
29:cf:b9:87:b5:7f:bb:e3:65:f8:f0:ce:67:82:5d:
34:b7:4f:38:ea:5e:d2:a8:b0:b7:b4:2b:f8:65:65:
a9:12:8d:fe:22:72:40:9c:b1:94:fc:08:13:40:64:
64:6c:3c:91:0f:81:e9:80:80:d2:ff:ba:03:6e:01:
42:be:ac:12:09:59:52:2c:c9:7c:b8:bd:bc:c7:04:
bc:c3:c9:2c:16:81:e8:7a:7f:dd:71:06:34:2d:b8:
da:c2:07:43:61:4d:42:a9:b6:17:a0:ec:f3:c2:b3:
7a:0d:64:0a:e3:2b:cf:5b:7b:28:40:24:d9:c4:f0:
f0:85:fc:8c:46:46:77:7f:7b:fa:fc:e3:cc:02:80:
97:f9:27:5a:2e:eb:98:51:93:51:86:8c:49:ee:37:
ba:0f:2e:54:34:9d:1e:e9:0d:f8:5a:55:9a:27:d7:
97:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:36:41:44:F0:0B:D2:B5:8E:E6:AE:D7:B9:25:37:50:4D:32:16:9B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7fbd605b-d4e5-4b14-9ec0-e1b2f4ffb541.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
78:cb:09:19:4a:dd:65:3a:92:47:6a:52:69:26:49:41:13:12:
fe:fa:e2:f1:5f:01:e6:67:87:d3:32:db:36:ce:31:3d:fc:d1:
5e:97:55:7e:15:7a:06:6b:96:28:6e:40:da:7a:30:86:ae:0b:
1b:71:33:27:9c:f3:73:7f:68:43:e1:cb:2b:4e:3a:3d:29:4b:
e2:b1:eb:4b:17:3b:74:6f:6c:70:3a:ef:ba:7f:5e:7e:8c:64:
e7:dc:c4:a3:31:77:59:a6:b4:83:fb:92:e2:d3:5d:16:25:fa:
f2:04:36:f4:3c:99:b6:b8:f5:38:38:3f:49:cc:f8:89:06:3d:
67:da:d5:65:45:ba:15:f9:43:2a:8b:a4:94:8d:f7:e6:8f:ef:
ee:9d:74:1b:4f:18:40:1b:fc:c9:ec:93:d3:56:b4:99:56:bd:
ef:6f:47:bd:a5:9f:d0:5a:ba:b0:fc:cd:78:80:14:de:be:82:
48:eb:a7:0e:24:40:25:f0:d7:39:28:4a:82:70:20:f5:e9:c6:
b2:8b:2e:7a:7a:99:99:ac:04:93:02:83:53:11:ef:c7:e0:7e:
a0:f6:1f:73:17:80:78:f8:25:02:52:f0:5e:60:36:54:09:de:
07:d7:69:ad:2c:e5:7e:06:93:e2:6f:75:a8:1c:aa:38:8d:ac:
80:27:38:e0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUG+iUqIvwrg6QoDsUTqjEH1KJWKYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjkwMDAwMDBaFw0yNDA1MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjOTQ0YjFmNDA1YTVhNTVhMjc0YmQ4YThjY2U2YzMzYjRmNTI5YTVhZmY0
NWRjNzE5MTkzNjdlZjc0Yjc1ODcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqxzV8AmTd/iReqKk50IDRZ5ssHqWe3gsTll40Wxjrj9gnzI49q6/C3c9RD
bcOl79B3GXd4+HciZzBs0mDJ+APgA45oLRnRwUwTZRMxm3oYY5z+PFvLDqxhKc+5
h7V/u+Nl+PDOZ4JdNLdPOOpe0qiwt7Qr+GVlqRKN/iJyQJyxlPwIE0BkZGw8kQ+B
6YCA0v+6A24BQr6sEglZUizJfLi9vMcEvMPJLBaB6Hp/3XEGNC242sIHQ2FNQqm2
F6Ds88Kzeg1kCuMrz1t7KEAk2cTw8IX8jEZGd397+vzjzAKAl/knWi7rmFGTUYaM
Se43ug8uVDSdHukN+FpVmifXl2UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSNNkFE
8AvStY7mrte5JTdQTTIWmzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2ZiZDYwNWItZDRlNS00YjE0LTllYzAtZTFiMmY0ZmZiNTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQB4ywkZSt1lOpJHalJpJklBExL++uLxXwHmZ4fTMts2
zjE9/NFel1V+FXoGa5YobkDaejCGrgsbcTMnnPNzf2hD4csrTjo9KUvisetLFzt0
b2xwOu+6f15+jGTn3MSjMXdZprSD+5Li010WJfryBDb0PJm2uPU4OD9JzPiJBj1n
2tVlRboV+UMqi6SUjffmj+/unXQbTxhAG/zJ7JPTVrSZVr3vb0e9pZ/QWrqw/M14
gBTevoJI66cOJEAl8Nc5KEqCcCD16cayiy56epmZrASTAoNTEe/H4H6g9h9zF4B4
+CUCUvBeYDZUCd4H12mtLOV+BpPib3WoHKo4jayAJzjg
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:44 2024 by rpki-client on console-ams.rpki-client.org