Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8f14f0ce-b5e8-4e22-a5b1-e47a3bd77b1e.roa
File: 8f14f0ce-b5e8-4e22-a5b1-e47a3bd77b1e.roa (raw, json)
Hash identifier: iTyIy4Ai/MMewgiNJXoCiinm0Z4Vtt+AzcnNzkrDjII=
Subject key identifier: 04:5D:7F:0B:B5:35:91:06:36:92:6B:9A:2E:F9:3C:0E:D1:AB:A1:D2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 15C1EA4BC660504F1FA6B75588EDB2CBEE289FDA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8f14f0ce-b5e8-4e22-a5b1-e47a3bd77b1e.roa
Signing time: Tue 26 Mar 2024 00:00:00 +0000
ROA not before: Tue 26 Mar 2024 00:00:00 +0000
ROA not after: Tue 30 Apr 2024 23:59:59 +0000
asID: 14618
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:c1:ea:4b:c6:60:50:4f:1f:a6:b7:55:88:ed:b2:cb:ee:28:9f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 26 00:00:00 2024 GMT
Not After : Apr 30 23:59:59 2024 GMT
Subject: serialNumber=7572a49a6ed1cd5777318e5cae9de9747363b89dacea6e43e104fa2846018e52, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:53:81:f6:97:ac:9c:2f:83:db:cf:d7:ef:83:
33:1f:59:9e:bc:34:ef:07:50:72:47:22:73:1d:d2:
d8:62:8c:8e:7d:d3:1d:71:7f:dc:84:8e:cb:2d:ea:
14:49:31:55:bc:3b:3f:c8:73:a1:f5:1b:a4:49:a7:
71:01:a0:b1:4d:02:6e:70:81:5b:29:f9:ac:8d:65:
2d:40:dd:9d:a4:8a:be:88:65:54:f7:02:be:ae:7d:
8f:38:83:1d:84:ad:06:42:1f:92:5c:16:bc:81:dd:
bf:b8:fa:4d:cf:70:6a:32:c3:84:eb:3a:c3:05:b8:
ac:24:24:46:d0:ae:a3:a3:8f:b2:42:63:48:c1:be:
22:59:09:dd:66:4c:a3:ba:10:00:27:71:b0:e1:70:
9c:64:50:7c:4c:ac:77:22:e8:4e:d7:a2:5f:87:5e:
64:e7:30:ee:7f:61:b5:ac:0a:90:49:e1:52:f1:55:
81:29:fc:5b:d2:33:82:87:c3:78:24:94:7a:d2:6f:
3f:78:96:0a:aa:f4:a9:dc:81:7d:fc:b5:f4:79:7b:
82:69:52:91:33:2f:03:12:be:83:e3:68:c4:30:9b:
a9:b7:e8:d7:3a:f2:34:bb:8d:4b:30:de:4b:84:2b:
bb:f7:61:63:c3:1c:1c:9a:7e:8e:1a:36:a7:67:f7:
d2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5D:7F:0B:B5:35:91:06:36:92:6B:9A:2E:F9:3C:0E:D1:AB:A1:D2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8f14f0ce-b5e8-4e22-a5b1-e47a3bd77b1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:3e:69:e9:60:37:8a:e7:e1:e8:45:fd:a7:37:fe:28:d7:e7:
3f:22:d0:1d:e8:3a:35:d3:18:96:25:c5:5f:15:3b:8d:e3:62:
83:69:67:1a:0a:fa:21:32:39:98:90:0c:f6:92:95:d3:8c:61:
7c:e2:9e:e8:8f:89:52:66:96:14:b8:eb:32:5b:ef:26:32:ee:
58:4c:51:f1:86:60:33:2e:94:7e:f0:db:a3:4d:83:82:be:bd:
3f:7c:63:7d:2a:41:1b:a7:7b:ca:f4:6b:60:34:ce:e9:25:86:
4d:06:1b:0a:3f:66:7b:2b:2d:ea:e7:c5:e1:26:98:3d:2e:38:
05:ef:9d:55:df:79:a9:16:ce:14:23:48:13:df:b3:97:42:9f:
6c:3c:c3:cb:e7:14:78:ce:7e:8a:cd:44:dd:ba:c7:27:13:6f:
d8:05:e3:f1:22:54:be:47:29:1d:a7:e9:1b:c7:8b:15:85:d9:
8c:c7:f5:34:9e:96:5d:ca:74:c0:34:13:55:ff:f3:90:b2:41:
00:55:1f:2c:1b:59:8d:e4:d7:00:e8:ab:20:d2:df:52:42:73:
d4:28:26:f5:c4:7c:ce:84:07:a0:8f:17:2e:1e:c6:4c:ca:58:
d4:6c:3e:14:27:2d:cc:27:04:00:44:15:cc:5b:af:73:9d:aa:
96:c6:94:21
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFcHqS8ZgUE8fprdViO2yy+4on9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjYwMDAwMDBaFw0yNDA0MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1NzJhNDlhNmVkMWNkNTc3NzMxOGU1Y2FlOWRlOTc0NzM2M2I4OWRhY2Vh
NmU0M2UxMDRmYTI4NDYwMThlNTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBTgfaXrJwvg9vP1++DMx9Znrw07wdQckcicx3S2GKMjn3THXF/3ISOyy3q
FEkxVbw7P8hzofUbpEmncQGgsU0CbnCBWyn5rI1lLUDdnaSKvohlVPcCvq59jziD
HYStBkIfklwWvIHdv7j6Tc9wajLDhOs6wwW4rCQkRtCuo6OPskJjSMG+IlkJ3WZM
o7oQACdxsOFwnGRQfEysdyLoTteiX4deZOcw7n9htawKkEnhUvFVgSn8W9IzgofD
eCSUetJvP3iWCqr0qdyBffy19Hl7gmlSkTMvAxK+g+NoxDCbqbfo1zryNLuNSzDe
S4Qru/dhY8McHJp+jho2p2f30oMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQEXX8L
tTWRBjaSa5ou+TwO0auh0jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGYxNGYwY2UtYjVlOC00ZTIyLWE1YjEtZTQ3YTNiZDc3YjFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQB3PmnpYDeK5+HoRf2nN/4o1+c/ItAd6Do10xiWJcVf
FTuN42KDaWcaCvohMjmYkAz2kpXTjGF84p7oj4lSZpYUuOsyW+8mMu5YTFHxhmAz
LpR+8NujTYOCvr0/fGN9KkEbp3vK9GtgNM7pJYZNBhsKP2Z7Ky3q58XhJpg9LjgF
751V33mpFs4UI0gT37OXQp9sPMPL5xR4zn6KzUTduscnE2/YBePxIlS+Rykdp+kb
x4sVhdmMx/U0npZdynTANBNV//OQskEAVR8sG1mN5NcA6Ksg0t9SQnPUKCb1xHzO
hAegjxcuHsZMyljUbD4UJy3MJwQARBXMW69znaqWxpQh
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:46:56 2024 by rpki-client on console-fra.rpki-client.org