Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
File: 83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa (raw, json)
Hash identifier: jjLrtxXnRUuJmWLM8dhejj9p297D2WDIUBoFP0OAcUo=
Subject key identifier: 51:97:96:EA:9F:86:C4:6B:87:82:11:74:12:2A:EC:A0:EE:4E:E0:D6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 24E5FC0B2B73660D0427EFD70218C96FE881A323
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:e5:fc:0b:2b:73:66:0d:04:27:ef:d7:02:18:c9:6f:e8:81:a3:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=cb94a11dfc328cae444914d301a5ce6b5ae3c948aae1c7293b3cc1e70386bf64, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:02:eb:09:0f:6e:1d:69:b0:96:c1:55:c6:99:
b6:e9:ac:32:62:a7:35:5d:31:0b:e6:a0:64:67:a1:
e9:ec:76:50:cb:e8:54:76:66:46:13:68:9e:06:a1:
20:ad:47:5f:98:92:98:0c:b0:9f:d9:c6:f4:86:ed:
00:fd:31:0b:23:86:52:61:5c:6e:ef:aa:f1:91:56:
80:1d:1d:33:6f:79:38:20:d1:a6:d3:d9:34:47:c4:
1c:19:98:19:66:4f:1c:9f:be:d0:78:31:4f:11:25:
1a:bc:5d:bf:18:f9:65:18:5f:11:e4:58:ff:ea:ef:
9c:f8:14:af:8a:bb:47:cf:d5:f4:6a:4b:43:b1:f6:
20:7e:2a:a6:b9:4d:61:55:86:7b:98:08:81:95:87:
b0:df:6f:db:07:62:92:e1:1b:c8:2c:10:1b:cb:b3:
c7:b6:10:0b:19:3e:93:3a:d5:e7:aa:64:83:84:c8:
45:5c:a2:3f:a6:cd:76:21:41:97:f4:92:06:db:32:
88:8f:00:2f:20:aa:bb:32:eb:90:e8:0d:00:f1:dd:
dc:55:a9:18:20:c1:88:67:cf:1f:9a:50:7e:23:5a:
a2:f8:35:af:3d:51:4c:4b:c5:56:eb:76:aa:23:f6:
e0:3e:0b:68:a6:c5:cf:b3:12:3f:a2:df:c7:af:70:
46:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:97:96:EA:9F:86:C4:6B:87:82:11:74:12:2A:EC:A0:EE:4E:E0:D6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
96:8d:61:a6:43:37:73:56:31:f1:cf:32:29:a6:f8:03:b7:ef:
69:08:cc:a4:94:25:f3:cf:13:10:81:ce:91:9d:d7:18:fa:9b:
05:ff:8e:9d:5c:52:fc:a1:d2:f9:cf:e5:99:07:ff:ea:40:93:
ac:d8:fb:e7:86:ab:d9:c0:94:ac:0f:a1:a6:5c:df:34:eb:63:
22:e3:3b:d6:3f:57:ed:b6:64:7a:02:64:cf:04:91:a6:f4:55:
d2:ee:28:97:e9:43:5f:92:df:01:8e:a2:81:36:d4:e8:bc:b0:
1b:53:17:df:a7:43:0b:bd:c9:66:a7:4e:6f:fa:54:1c:9f:41:
0f:79:ce:dd:55:5e:71:9d:39:b5:30:1d:f3:ce:a3:8e:de:d4:
0f:d9:36:c0:90:f5:29:ce:f9:f5:30:80:e6:23:83:5f:83:4a:
b1:44:12:92:7c:63:e1:cd:8f:f7:1d:69:e2:dc:c5:6b:2c:83:
44:10:4a:f0:ef:fb:f7:59:11:54:4b:b3:e6:06:f0:06:29:2e:
92:be:f4:e4:7a:a6:df:47:6b:0a:55:1b:e7:51:0b:05:77:e7:
e6:49:d6:bc:0f:3e:84:fa:cd:c7:b8:ce:38:91:51:e2:18:46:
31:1f:c8:75:5b:d8:c4:b9:46:4f:23:50:e5:01:2b:76:00:f3:
f0:23:ae:8d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJOX8CytzZg0EJ+/XAhjJb+iBoyMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiOTRhMTFkZmMzMjhjYWU0NDQ5MTRkMzAxYTVjZTZiNWFlM2M5NDhhYWUx
YzcyOTNiM2NjMWU3MDM4NmJmNjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkC6wkPbh1psJbBVcaZtumsMmKnNV0xC+agZGeh6ex2UMvoVHZmRhNongah
IK1HX5iSmAywn9nG9IbtAP0xCyOGUmFcbu+q8ZFWgB0dM295OCDRptPZNEfEHBmY
GWZPHJ++0HgxTxElGrxdvxj5ZRhfEeRY/+rvnPgUr4q7R8/V9GpLQ7H2IH4qprlN
YVWGe5gIgZWHsN9v2wdikuEbyCwQG8uzx7YQCxk+kzrV56pkg4TIRVyiP6bNdiFB
l/SSBtsyiI8ALyCquzLrkOgNAPHd3FWpGCDBiGfPH5pQfiNaovg1rz1RTEvFVut2
qiP24D4LaKbFz7MSP6Lfx69wRpECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRRl5bq
n4bEa4eCEXQSKuyg7k7g1jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNhM2RiZDUtMDU5YS00Zjk1LWI1NWItMjZjNzg2ZjkxZTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAlo1hpkM3c1Yx8c8yKab4A7fvaQjMpJQl888TEIHO
kZ3XGPqbBf+OnVxS/KHS+c/lmQf/6kCTrNj754ar2cCUrA+hplzfNOtjIuM71j9X
7bZkegJkzwSRpvRV0u4ol+lDX5LfAY6igTbU6LywG1MX36dDC73JZqdOb/pUHJ9B
D3nO3VVecZ05tTAd886jjt7UD9k2wJD1Kc759TCA5iODX4NKsUQSknxj4c2P9x1p
4tzFayyDRBBK8O/791kRVEuz5gbwBikukr705Hqm30drClUb51ELBXfn5knWvA8+
hPrNx7jOOJFR4hhGMR/IdVvYxLlGTyNQ5QErdgDz8COujQ==
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:48:10 2024 by rpki-client on console-fra.rpki-client.org