Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
File: 83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa (raw, json)
Hash identifier: AQuizFtvStOuW2korU9kXbTD9km9inL0R4d951sEEiY=
Subject key identifier: 83:FD:EE:D5:F7:48:48:FF:19:87:D7:3C:66:A4:05:FE:99:1E:2C:CC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C1F01025FE08A9E0589C1E9FD71A113BA266C82
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:1f:01:02:5f:e0:8a:9e:05:89:c1:e9:fd:71:a1:13:ba:26:6c:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=9695e3584cc9fde377ecfaae9cdcacac8f03570dacf97d07379aad7dc7594406, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d3:6b:eb:03:e5:de:0e:80:ed:f5:d8:75:b5:
83:e0:60:af:fd:ed:52:4b:1c:af:ff:db:04:6f:90:
2a:a0:98:85:a8:c7:06:ab:d2:ee:08:2e:b3:2f:5a:
72:48:44:1b:f2:2c:5f:c7:ef:87:06:a7:0f:51:d8:
2c:d0:16:8b:0b:dd:fe:f2:00:8a:73:eb:8a:48:49:
dc:b9:58:aa:ed:22:dd:62:6b:49:46:f4:23:e9:3c:
f1:3c:36:77:04:51:ef:b6:9e:ef:d7:c3:99:83:3c:
04:2c:05:41:cb:55:ca:29:83:01:ed:39:0a:4f:b1:
78:2a:6a:5d:b3:23:2e:cb:fa:a9:16:6a:3d:3e:a9:
ce:80:d8:0c:00:a9:39:98:83:b1:0f:64:86:09:4d:
94:12:2f:fc:d3:f2:a1:a0:18:ec:de:1d:1e:c9:bb:
bd:d1:3e:4e:99:0c:f4:ea:7a:06:ed:31:c5:a4:56:
80:b0:7f:57:53:8d:c6:e0:fd:65:53:2f:59:a3:65:
59:58:e4:d5:31:ab:9e:5d:43:e9:da:d7:6c:d3:4e:
21:42:0b:57:08:20:e9:64:c9:9d:d7:7d:13:f4:ae:
60:37:bd:b7:0f:b3:4f:10:72:2b:d6:c0:3d:09:77:
17:a4:b9:48:ea:46:9b:be:15:5f:f6:cf:27:6e:2a:
37:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:FD:EE:D5:F7:48:48:FF:19:87:D7:3C:66:A4:05:FE:99:1E:2C:CC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
0f:40:64:34:66:70:37:1e:06:cb:33:df:e5:ee:22:bc:21:6a:
20:74:c3:80:ee:92:f8:e4:0a:c4:bb:db:26:b7:c8:3b:7e:3a:
e8:aa:b5:2f:6b:b0:51:18:b6:e1:5c:3d:53:d5:89:34:c0:8a:
22:f2:e2:2f:90:f1:bc:ab:92:1d:7c:a4:ef:3d:9b:8a:cc:fd:
c4:b9:cb:84:ce:1a:88:e6:dc:22:09:74:7c:b7:27:21:6a:0e:
c3:10:d3:86:87:9c:1d:97:c7:a6:55:0c:a0:26:6e:80:ed:70:
de:c9:6d:f4:3c:24:d6:8b:47:f5:2b:88:76:06:4b:d3:02:62:
54:fc:a7:d6:68:a2:6d:95:03:c4:ee:f6:9b:18:33:d0:89:0f:
6c:26:06:8a:30:ac:20:cd:81:c8:06:86:49:bc:e9:90:ed:70:
d7:60:79:f1:89:9e:26:aa:f7:a8:2a:56:1f:b6:7b:a9:0c:1a:
e7:8d:d6:1a:95:4a:92:32:e3:f2:09:12:00:ab:07:2a:2b:aa:
01:d3:99:b7:47:d6:59:ec:b9:40:56:95:a4:10:ed:d5:ad:31:
65:36:43:10:93:60:21:40:4f:46:c6:c2:ab:1e:0f:cb:2c:1c:
f7:2a:14:85:c4:b1:bc:c9:1a:2a:48:7c:2e:95:f5:7c:f5:db:
67:40:8d:68
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDB8BAl/gip4FicHp/XGhE7ombIIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2OTVlMzU4NGNjOWZkZTM3N2VjZmFhZTljZGNhY2FjOGYwMzU3MGRhY2Y5
N2QwNzM3OWFhZDdkYzc1OTQ0MDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjTa+sD5d4OgO312HW1g+Bgr/3tUkscr//bBG+QKqCYhajHBqvS7ggusy9a
ckhEG/IsX8fvhwanD1HYLNAWiwvd/vIAinPrikhJ3LlYqu0i3WJrSUb0I+k88Tw2
dwRR77ae79fDmYM8BCwFQctVyimDAe05Ck+xeCpqXbMjLsv6qRZqPT6pzoDYDACp
OZiDsQ9khglNlBIv/NPyoaAY7N4dHsm7vdE+TpkM9Op6Bu0xxaRWgLB/V1ONxuD9
ZVMvWaNlWVjk1TGrnl1D6drXbNNOIUILVwgg6WTJndd9E/SuYDe9tw+zTxByK9bA
PQl3F6S5SOpGm74VX/bPJ24qN/MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSD/e7V
90hI/xmH1zxmpAX+mR4szDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNhM2RiZDUtMDU5YS00Zjk1LWI1NWItMjZjNzg2ZjkxZTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAD0BkNGZwNx4GyzPf5e4ivCFqIHTDgO6S+OQKxLvb
JrfIO3466Kq1L2uwURi24Vw9U9WJNMCKIvLiL5DxvKuSHXyk7z2bisz9xLnLhM4a
iObcIgl0fLcnIWoOwxDThoecHZfHplUMoCZugO1w3slt9Dwk1otH9SuIdgZL0wJi
VPyn1miibZUDxO72mxgz0IkPbCYGijCsIM2ByAaGSbzpkO1w12B58YmeJqr3qCpW
H7Z7qQwa543WGpVKkjLj8gkSAKsHKiuqAdOZt0fWWey5QFaVpBDt1a0xZTZDEJNg
IUBPRsbCqx4Pyywc9yoUhcSxvMkaKkh8LpX1fPXbZ0CNaA==
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:50 2024 by rpki-client on console-ams.rpki-client.org