Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e43baaa-efa7-4143-a595-a0519a0318ec.roa
File: 8e43baaa-efa7-4143-a595-a0519a0318ec.roa (raw, json)
Hash identifier: 2Au9gbCXBGQzZ9NWUhTx2naygDe7q80obee4IgEs2UA=
Subject key identifier: D6:B1:54:29:0B:1A:A6:AE:62:04:E1:F6:7C:A1:2C:FC:DA:26:86:0E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 31481B6652C2C5B0902C4E53F942789B77B09819
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e43baaa-efa7-4143-a595-a0519a0318ec.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:48:1b:66:52:c2:c5:b0:90:2c:4e:53:f9:42:78:9b:77:b0:98:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=92f922938a81f04c4b1224c45accc6ebc48aebb5723e1bdb3474f4a83b317a33, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ea:ef:06:62:52:f8:79:5c:93:48:df:24:aa:
92:b0:84:39:31:07:c3:a3:7e:fe:63:1c:eb:1e:52:
af:42:ec:e6:b8:51:32:81:8f:eb:23:dd:e7:79:53:
a7:f7:85:bc:9c:87:bb:85:fa:a7:5d:3b:76:a0:83:
67:f6:01:2b:cf:03:9c:73:41:5b:d4:bb:7d:b9:21:
ed:e5:c5:d3:59:04:7c:44:f4:c2:d0:7c:36:cf:a8:
da:4b:55:eb:c8:c5:cd:6d:34:b5:90:d3:30:6c:6c:
00:6e:53:26:0b:9f:8e:8c:2f:04:81:c1:72:d1:2c:
5d:67:ec:ed:b0:45:09:f0:30:40:48:2a:81:f2:d8:
e6:e5:ea:32:57:20:da:e0:03:9b:b2:d4:e3:ad:67:
84:9a:c4:cd:07:95:8b:ab:83:f9:6c:96:ac:52:07:
e7:e0:ad:81:fc:e0:74:ca:29:45:7f:4f:fe:37:30:
9c:37:d9:5f:ca:06:81:9e:f5:5f:34:4e:c0:07:b3:
96:4a:63:b6:8c:a8:71:6f:b0:1b:7a:a6:63:6c:b2:
71:de:84:76:65:20:fb:64:79:6d:6d:6a:82:b5:24:
32:39:45:38:83:e7:17:25:d3:bf:a5:4a:7a:9d:cd:
6c:a0:ca:d9:a4:06:8f:24:8d:42:76:55:e6:be:53:
28:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B1:54:29:0B:1A:A6:AE:62:04:E1:F6:7C:A1:2C:FC:DA:26:86:0E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e43baaa-efa7-4143-a595-a0519a0318ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:eb:f7:ef:0f:0f:09:83:85:95:9d:8e:97:bb:f6:f3:31:07:
8d:84:d4:bf:6c:e9:d3:41:56:fc:d1:fd:36:a5:45:c3:7d:1d:
3c:f5:87:52:ef:97:15:82:2a:19:8b:cb:27:51:4a:cf:d9:31:
32:67:d3:41:6e:c2:11:e1:84:d5:b9:39:0a:0a:2a:d9:23:24:
84:cd:8f:9b:75:eb:e7:3d:76:bc:63:ac:04:df:b8:6e:67:78:
8e:f4:d7:74:58:c0:7e:86:0e:a9:89:37:0e:19:43:62:e8:c6:
f5:78:a9:22:78:55:91:5e:a5:96:2b:0c:b5:11:a4:aa:fe:aa:
5d:ee:03:f7:fd:59:6a:6d:c3:b7:d8:d9:02:ee:02:4e:74:9d:
e1:12:45:6d:90:be:44:c5:70:a6:15:88:04:ca:54:41:de:63:
68:d8:5c:82:e6:7c:db:93:57:3f:cd:2f:5e:70:1b:67:1e:aa:
21:96:d9:df:8c:01:8b:d5:c7:00:3e:f1:b4:4f:60:d1:d0:87:
9d:25:95:fb:67:90:c8:84:c7:b8:e5:d3:c0:ff:35:e1:6c:25:
a4:59:de:bb:94:35:ec:61:38:16:03:27:63:cb:a3:14:54:8d:
1d:ac:2d:79:be:d5:e8:85:4d:ba:d9:51:c2:13:30:f3:09:55:
33:e8:7a:b4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMUgbZlLCxbCQLE5T+UJ4m3ewmBkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyZjkyMjkzOGE4MWYwNGM0YjEyMjRjNDVhY2NjNmViYzQ4YWViYjU3MjNl
MWJkYjM0NzRmNGE4M2IzMTdhMzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHq7wZiUvh5XJNI3ySqkrCEOTEHw6N+/mMc6x5Sr0Ls5rhRMoGP6yPd53lT
p/eFvJyHu4X6p107dqCDZ/YBK88DnHNBW9S7fbkh7eXF01kEfET0wtB8Ns+o2ktV
68jFzW00tZDTMGxsAG5TJgufjowvBIHBctEsXWfs7bBFCfAwQEgqgfLY5uXqMlcg
2uADm7LU461nhJrEzQeVi6uD+WyWrFIH5+CtgfzgdMopRX9P/jcwnDfZX8oGgZ71
XzROwAezlkpjtoyocW+wG3qmY2yycd6EdmUg+2R5bW1qgrUkMjlFOIPnFyXTv6VK
ep3NbKDK2aQGjySNQnZV5r5TKKMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTWsVQp
CxqmrmIE4fZ8oSz82iaGDjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGU0M2JhYWEtZWZhNy00MTQzLWE1OTUtYTA1MTlhMDMxOGVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEAbev37w8PCYOFlZ2Ol7v28zEHjYTUv2zp00FW/NH9
NqVFw30dPPWHUu+XFYIqGYvLJ1FKz9kxMmfTQW7CEeGE1bk5Cgoq2SMkhM2Pm3Xr
5z12vGOsBN+4bmd4jvTXdFjAfoYOqYk3DhlDYujG9XipInhVkV6llisMtRGkqv6q
Xe4D9/1Zam3Dt9jZAu4CTnSd4RJFbZC+RMVwphWIBMpUQd5jaNhcguZ825NXP80v
XnAbZx6qIZbZ34wBi9XHAD7xtE9g0dCHnSWV+2eQyITHuOXTwP814WwlpFneu5Q1
7GE4FgMnY8ujFFSNHawteb7V6IVNutlRwhMw8wlVM+h6tA==
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:26 2024 by rpki-client on console-ams.rpki-client.org