Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c9f87ee-a903-4f2f-8bba-31a4ab5f74b8.roa
File: 8c9f87ee-a903-4f2f-8bba-31a4ab5f74b8.roa (raw, json)
Hash identifier: PioHAQqwhVyNjkhNuhWMfhy5McDzjEJL0DM0BgdV9wM=
Subject key identifier: DF:58:8F:97:CE:D3:A1:14:3D:CE:84:99:05:F3:D4:26:C0:3D:3D:12
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 54DD98FE181558ABF675422493AE609798444F1C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c9f87ee-a903-4f2f-8bba-31a4ab5f74b8.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:dd:98:fe:18:15:58:ab:f6:75:42:24:93:ae:60:97:98:44:4f:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=0ca86f72f8b66427f3e92a6f131936b85416ad2f62c9001930bf01e3f0ffa807, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:94:2a:14:58:bd:b3:e8:f9:5a:4c:bf:4c:a5:
3a:60:78:d7:fa:0c:66:82:78:d9:78:40:34:e0:d3:
cf:6d:0e:1d:fc:81:22:7b:72:83:42:4b:ce:25:67:
3e:65:60:62:0c:3e:9d:57:d6:3f:8d:74:aa:d3:b2:
a8:fb:f3:0b:68:61:45:d4:f5:35:65:9e:f8:31:7a:
64:40:d6:7c:01:91:d3:bd:8d:69:78:31:d3:c4:6f:
a2:74:44:e2:92:c5:1a:a3:be:9b:05:51:67:ba:55:
50:ef:5c:ac:c7:57:61:93:7d:dd:7d:85:60:b7:7b:
01:a4:5c:20:3d:6c:b8:ba:68:4c:8d:8c:aa:69:08:
4c:86:6b:f5:25:63:fb:5d:b8:b5:9b:97:80:9f:32:
14:e8:81:4f:02:fd:5f:1d:74:25:1e:46:87:32:56:
89:0f:37:bc:5b:57:44:55:7b:6e:7c:f5:83:a5:78:
5b:c8:6c:a6:ad:09:77:e6:20:7f:4c:88:9a:e0:66:
30:e3:82:3c:94:e1:9d:03:bf:4b:0e:0a:df:da:09:
31:14:9a:7c:49:fd:39:c9:a6:32:90:6d:55:04:61:
60:67:4f:26:1a:ba:2d:37:dd:be:38:53:22:d7:06:
20:d3:f1:ac:4f:32:a8:97:49:80:d6:5a:04:4e:b5:
62:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:58:8F:97:CE:D3:A1:14:3D:CE:84:99:05:F3:D4:26:C0:3D:3D:12
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c9f87ee-a903-4f2f-8bba-31a4ab5f74b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:7f:7d:8d:89:83:9c:f7:8e:d3:d0:b1:98:fe:8b:66:38:67:
7b:61:d9:9c:fb:59:d6:d7:66:b5:74:54:b3:5d:22:e9:db:3f:
88:7d:6a:b9:91:45:64:0e:03:c1:e5:40:89:4d:16:08:3a:39:
5e:44:2f:37:fd:76:5b:14:37:06:8d:bf:95:3e:3a:f9:ea:a5:
55:1e:17:ea:71:d3:44:46:81:18:84:58:0c:fd:e3:aa:69:d2:
e5:f3:f9:26:82:d8:0a:7f:13:5e:53:8c:a6:c5:8c:8d:c0:e2:
08:f3:f3:4e:71:7c:e7:fa:c3:c4:af:6a:2e:31:fd:95:b6:9d:
09:19:05:86:27:29:7f:34:3a:bd:29:9b:cf:a0:fb:dd:62:cd:
fb:e9:e0:5e:96:0d:70:da:85:e5:e4:df:8b:0a:e0:9f:22:c1:
6c:db:fa:eb:3a:69:a8:00:ee:18:c7:7d:4c:ee:63:68:0f:24:
c0:2c:87:31:db:ce:16:dc:6e:da:2a:f7:a2:8c:76:09:b1:84:
71:69:25:51:51:89:d5:4e:1c:de:f8:3f:b1:23:a8:1e:fc:c6:
b9:95:3e:78:a8:2a:16:25:fc:98:ac:ea:a3:af:70:5c:cb:f5:
ee:4d:a9:33:79:f3:19:ea:56:cb:d8:74:6b:c5:bb:b1:d2:48:
82:27:98:bf
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVN2Y/hgVWKv2dUIkk65gl5hETxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjYTg2ZjcyZjhiNjY0MjdmM2U5MmE2ZjEzMTkzNmI4NTQxNmFkMmY2MmM5
MDAxOTMwYmYwMWUzZjBmZmE4MDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+UKhRYvbPo+VpMv0ylOmB41/oMZoJ42XhANODTz20OHfyBIntyg0JLziVn
PmVgYgw+nVfWP410qtOyqPvzC2hhRdT1NWWe+DF6ZEDWfAGR072NaXgx08RvonRE
4pLFGqO+mwVRZ7pVUO9crMdXYZN93X2FYLd7AaRcID1suLpoTI2MqmkITIZr9SVj
+124tZuXgJ8yFOiBTwL9Xx10JR5GhzJWiQ83vFtXRFV7bnz1g6V4W8hspq0Jd+Yg
f0yImuBmMOOCPJThnQO/Sw4K39oJMRSafEn9OcmmMpBtVQRhYGdPJhq6LTfdvjhT
ItcGINPxrE8yqJdJgNZaBE61YnkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTfWI+X
ztOhFD3OhJkF89QmwD09EjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGM5Zjg3ZWUtYTkwMy00ZjJmLThiYmEtMzFhNGFiNWY3NGI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQARf32NiYOc947T0LGY/otmOGd7Ydmc+1nW12a1dFSz
XSLp2z+IfWq5kUVkDgPB5UCJTRYIOjleRC83/XZbFDcGjb+VPjr56qVVHhfqcdNE
RoEYhFgM/eOqadLl8/kmgtgKfxNeU4ymxYyNwOII8/NOcXzn+sPEr2ouMf2Vtp0J
GQWGJyl/NDq9KZvPoPvdYs376eBelg1w2oXl5N+LCuCfIsFs2/rrOmmoAO4Yx31M
7mNoDyTALIcx284W3G7aKveijHYJsYRxaSVRUYnVThze+D+xI6ge/Ma5lT54qCoW
JfyYrOqjr3Bcy/XuTakzefMZ6lbL2HRrxbux0kiCJ5i/
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:44 2024 by rpki-client on console-ams.rpki-client.org