Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa
File: 8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa (raw, json)
Hash identifier: URaIhYSs6ZtRzuJSO04aK+5AR2q34gme5CT6pN8Oxgs=
Subject key identifier: E9:D9:1A:3E:11:94:85:F3:8C:F9:BD:C8:40:FE:81:33:A8:D1:77:6D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 14CF61B3D0CDE0054E2F203F6A7F1E3FB91197F2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.99.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:cf:61:b3:d0:cd:e0:05:4e:2f:20:3f:6a:7f:1e:3f:b9:11:97:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=9d3ef14e0c743921b7711093fc3537265357281b9c4f6308fb9c38508081ef87, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:44:25:df:7a:7d:60:12:6b:8f:17:3c:47:ef:
33:44:1f:bb:ef:04:c4:67:b5:3a:3b:fd:78:ca:f2:
ff:9f:6e:75:4a:53:d6:50:81:5b:fc:5b:de:d5:d5:
7c:23:18:50:7d:4f:6a:95:53:63:94:c4:2b:a3:6d:
e0:5e:56:a6:8b:7b:b6:74:16:90:fb:9b:2c:1b:ab:
85:d7:28:e7:3c:f8:b8:4b:7c:a7:2f:eb:97:c9:ea:
8f:07:04:4f:d3:9f:ce:db:32:a1:10:fc:03:79:80:
e2:01:d3:af:13:e5:64:cc:4f:66:ec:e6:fd:de:0d:
40:cd:e8:2c:15:a9:7b:8e:9d:60:57:de:4e:a6:bf:
0d:1a:6f:5d:20:ad:87:0a:24:fb:4d:88:1b:63:3f:
fe:ee:bd:d2:78:27:0d:38:47:20:db:57:a6:fb:39:
b0:7a:b2:95:36:06:c0:12:ec:e7:a2:db:ed:8e:b4:
87:3f:4e:64:c3:08:69:a9:5f:8b:5a:89:34:05:7a:
c9:02:60:33:65:60:2b:25:14:6e:07:ca:3a:85:04:
88:ee:14:70:bd:cf:ae:80:ec:00:46:6a:4b:aa:1d:
bb:47:26:8d:ff:13:10:ce:af:e6:9f:54:d6:99:34:
99:13:63:9d:1e:36:70:a6:c1:4d:be:d9:96:64:4e:
32:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:D9:1A:3E:11:94:85:F3:8C:F9:BD:C8:40:FE:81:33:A8:D1:77:6D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:7b:0c:74:86:78:cc:82:b3:a0:24:04:49:76:2b:55:52:19:
db:15:62:5b:8c:d3:bd:da:c8:0d:04:ff:01:d2:fc:2a:d5:f5:
99:66:c7:38:16:75:83:46:b2:da:d1:18:8e:62:60:b5:8f:08:
9a:df:f9:d4:37:a2:bf:f0:0c:e8:db:14:e9:08:28:84:8e:6f:
f5:64:af:50:5b:76:28:9d:21:89:9c:2f:ae:8b:50:1c:89:10:
fe:df:b1:52:6e:e4:94:eb:7f:4a:4a:8f:af:01:62:94:66:50:
ed:de:51:9f:62:e3:88:50:c5:2c:e9:a1:ce:16:d0:6e:c9:65:
2e:e5:19:91:8c:0a:db:53:9e:b7:97:2f:c2:41:55:28:8b:b8:
16:a5:b7:44:35:dc:00:26:0c:a8:cc:e1:ac:73:3d:ae:a0:5c:
3d:27:2a:fd:6e:1e:b5:29:ab:20:5f:c4:3c:dd:41:a9:c4:a7:
38:ae:95:63:d7:36:6e:ed:90:64:81:0a:50:81:b6:c6:57:88:
e5:37:bb:e0:b9:47:c3:7d:cd:b2:11:32:7e:fc:c1:95:7e:20:
1d:4c:8c:51:2a:04:7d:24:64:f4:22:bc:7f:68:df:04:c6:46:
3e:c3:67:41:58:13:66:d7:f8:dc:c3:b6:b0:e1:65:f5:5f:01:
fd:0c:93:9a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFM9hs9DN4AVOLyA/an8eP7kRl/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkM2VmMTRlMGM3NDM5MjFiNzcxMTA5M2ZjMzUzNzI2NTM1NzI4MWI5YzRm
NjMwOGZiOWMzODUwODA4MWVmODcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9EJd96fWASa48XPEfvM0Qfu+8ExGe1Ojv9eMry/59udUpT1lCBW/xb3tXV
fCMYUH1PapVTY5TEK6Nt4F5Wpot7tnQWkPubLBurhdco5zz4uEt8py/rl8nqjwcE
T9OfztsyoRD8A3mA4gHTrxPlZMxPZuzm/d4NQM3oLBWpe46dYFfeTqa/DRpvXSCt
hwok+02IG2M//u690ngnDThHINtXpvs5sHqylTYGwBLs56Lb7Y60hz9OZMMIaalf
i1qJNAV6yQJgM2VgKyUUbgfKOoUEiO4UcL3ProDsAEZqS6odu0cmjf8TEM6v5p9U
1pk0mRNjnR42cKbBTb7ZlmROMkkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTp2Ro+
EZSF84z5vchA/oEzqNF3bTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGIxNGEwZjktODYyNy00ZTIzLWI5YWItZmE4ZGRkODM1ZjFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADljMA0G
CSqGSIb3DQEBCwUAA4IBAQANewx0hnjMgrOgJARJditVUhnbFWJbjNO92sgNBP8B
0vwq1fWZZsc4FnWDRrLa0RiOYmC1jwia3/nUN6K/8Azo2xTpCCiEjm/1ZK9QW3Yo
nSGJnC+ui1AciRD+37FSbuSU639KSo+vAWKUZlDt3lGfYuOIUMUs6aHOFtBuyWUu
5RmRjArbU563ly/CQVUoi7gWpbdENdwAJgyozOGscz2uoFw9Jyr9bh61KasgX8Q8
3UGpxKc4rpVj1zZu7ZBkgQpQgbbGV4jlN7vguUfDfc2yETJ+/MGVfiAdTIxRKgR9
JGT0Irx/aN8ExkY+w2dBWBNm1/jcw7aw4WX1XwH9DJOa
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org