Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90388c93-39d3-4cb9-9baa-867b601facea.roa
File: 90388c93-39d3-4cb9-9baa-867b601facea.roa (raw, json)
Hash identifier: 6PpH85/gOmfKhR0xg4ch62GK/NzLLxXMVvd/4ri926o=
Subject key identifier: A3:E3:C8:C1:4A:D7:89:9A:C8:D0:4F:89:63:66:50:1B:7E:80:E5:F3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6335A3E3C54A7C3E9CE73530DFF2855537DF3914
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90388c93-39d3-4cb9-9baa-867b601facea.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:35:a3:e3:c5:4a:7c:3e:9c:e7:35:30:df:f2:85:55:37:df:39:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=a6dd710cd97965d232ceed41934c96d4b70d0ecf0c57328d3ff2dd835a0b90a0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:03:fb:f4:03:ea:82:41:1f:32:17:e4:22:87:
67:d6:f5:7f:e9:8b:fc:53:1c:81:8f:c4:0f:a9:4f:
66:79:51:0f:a8:c0:8c:8b:63:d2:00:b8:16:9c:9a:
40:6d:64:e5:96:1e:1e:68:b9:51:af:7f:58:79:c2:
28:96:3e:8d:81:66:14:52:06:08:5c:fc:4d:e5:df:
9f:38:dd:42:79:69:e1:c5:9e:e2:41:db:05:20:7b:
01:12:e7:82:ef:19:00:cd:05:31:0c:71:2c:43:aa:
86:7f:35:17:e6:64:70:c6:13:68:f9:59:98:e7:cc:
9e:b8:46:0d:d4:df:0a:d9:74:13:9b:dc:99:d7:fa:
93:1a:8b:b4:fd:d6:a4:49:4e:7f:b8:93:e2:67:a9:
e9:c7:37:e5:40:5f:38:86:97:4e:fc:3b:b8:56:64:
4b:f4:14:49:76:97:b0:20:c4:73:6b:28:6e:b3:e1:
37:ea:28:5e:4f:dc:4a:66:f5:7f:c4:d0:62:d7:98:
9e:82:93:4a:1f:ad:63:0d:0d:96:6e:de:1d:4c:bf:
1b:ad:2c:93:e7:e8:85:88:21:50:44:95:88:50:32:
76:84:98:56:26:fe:8c:89:ac:db:14:80:60:e2:9f:
b0:28:09:f7:f2:bb:d3:86:19:57:35:02:5e:9f:a6:
71:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E3:C8:C1:4A:D7:89:9A:C8:D0:4F:89:63:66:50:1B:7E:80:E5:F3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90388c93-39d3-4cb9-9baa-867b601facea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
ba:22:4b:ee:a9:2a:0a:72:99:f7:e2:7f:ff:97:31:75:7d:03:
64:72:35:9b:45:5d:cc:d5:94:eb:35:03:60:fc:42:ac:e6:1e:
c2:40:d3:a3:0c:97:2e:eb:c4:a9:82:16:e4:ef:e9:71:40:86:
90:3e:84:18:4c:32:cb:56:31:44:4b:18:04:b1:43:ac:54:b5:
1c:8f:ef:f5:2e:cf:55:96:77:cb:69:3c:34:fb:a0:ec:57:c9:
21:df:90:06:71:b4:30:e1:12:80:5c:3a:c0:80:17:a6:cc:51:
41:0b:5c:c2:4b:5c:3e:48:18:33:be:0b:53:e0:3e:ec:e0:47:
4a:e8:ac:5c:85:5a:b4:96:1b:10:8f:13:48:d3:23:55:57:dc:
7f:6c:b0:fa:a5:13:88:9a:2a:dd:f5:cd:cd:f8:d1:d8:81:67:
57:1a:f3:e3:34:22:ba:60:29:c4:2c:bb:fb:8f:ca:26:8a:7a:
c3:38:e4:0e:a1:8f:eb:53:56:d2:e0:8a:10:0d:4a:16:10:57:
eb:99:19:8a:ab:cd:1a:53:29:63:c8:11:d6:f6:77:9f:82:3e:
4b:86:4e:49:ee:c2:c7:aa:0c:da:03:80:86:98:91:5d:b3:ab:
b2:ae:a7:db:71:79:de:21:8e:62:61:9f:24:ef:f7:7b:1e:c8:
b0:3b:f8:d2
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUYzWj48VKfD6c5zUw3/KFVTffORQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2ZGQ3MTBjZDk3OTY1ZDIzMmNlZWQ0MTkzNGM5NmQ0YjcwZDBlY2YwYzU3
MzI4ZDNmZjJkZDgzNWEwYjkwYTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwD+/QD6oJBHzIX5CKHZ9b1f+mL/FMcgY/ED6lPZnlRD6jAjItj0gC4Fpya
QG1k5ZYeHmi5Ua9/WHnCKJY+jYFmFFIGCFz8TeXfnzjdQnlp4cWe4kHbBSB7ARLn
gu8ZAM0FMQxxLEOqhn81F+ZkcMYTaPlZmOfMnrhGDdTfCtl0E5vcmdf6kxqLtP3W
pElOf7iT4mep6cc35UBfOIaXTvw7uFZkS/QUSXaXsCDEc2sobrPhN+ooXk/cSmb1
f8TQYteYnoKTSh+tYw0Nlm7eHUy/G60sk+fohYghUESViFAydoSYVib+jIms2xSA
YOKfsCgJ9/K704YZVzUCXp+mcbcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSj48jB
SteJmsjQT4ljZlAbfoDl8zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTAzODhjOTMtMzlkMy00Y2I5LTliYWEtODY3YjYwMWZhY2VhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBALoiS+6pKgpymffif/+XMXV9A2RyNZtFXczVlOs1
A2D8QqzmHsJA06MMly7rxKmCFuTv6XFAhpA+hBhMMstWMURLGASxQ6xUtRyP7/Uu
z1WWd8tpPDT7oOxXySHfkAZxtDDhEoBcOsCAF6bMUUELXMJLXD5IGDO+C1PgPuzg
R0rorFyFWrSWGxCPE0jTI1VX3H9ssPqlE4iaKt31zc340diBZ1ca8+M0IrpgKcQs
u/uPyiaKesM45A6hj+tTVtLgihANShYQV+uZGYqrzRpTKWPIEdb2d5+CPkuGTknu
wseqDNoDgIaYkV2zq7Kup9txed4hjmJhnyTv93seyLA7+NI=
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:26 2024 by rpki-client on console-ams.rpki-client.org