Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
File: 95019996-0ef4-4f98-90e2-dd7efc004375.roa (raw, json)
Hash identifier: 1knJSjypn5ei5bZa1cR2jNVhAbSzNeawL8DzCv3R6t8=
Subject key identifier: B9:2E:17:6C:45:3D:DC:3B:0C:10:E7:51:94:1E:24:80:E1:DD:C5:A7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A6E9051C5367F7B8250188D702649644B8DADFD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 159.244.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:6e:90:51:c5:36:7f:7b:82:50:18:8d:70:26:49:64:4b:8d:ad:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=3b277815811fbc9551e2482e64b0bae2eaf0c141718ae46229390f8300608661, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a2:c0:a7:ce:0f:5d:8b:87:19:bf:7c:16:2b:
37:43:57:a1:b0:9d:76:b3:1b:f4:e4:5f:6c:bd:66:
34:12:b1:c5:b5:b5:79:78:23:bc:99:15:3c:07:16:
c1:30:b2:15:3b:b7:a3:b9:6b:1e:3d:35:52:de:0b:
7e:2d:73:0b:29:b1:de:fc:aa:c9:d4:31:b6:6f:9b:
b8:42:69:08:3e:2b:79:c8:8c:d5:40:97:7c:23:c2:
7f:54:4b:bc:45:29:86:66:b9:52:ac:7a:ed:de:e6:
42:72:09:26:c0:ef:c8:e5:bb:64:d3:b5:38:9a:c6:
81:3c:b7:49:ad:84:45:cd:00:30:19:89:b4:1a:68:
1c:4d:c3:04:5b:16:40:98:6a:e2:98:42:f9:5c:f6:
a7:fd:d1:e6:b1:5a:43:4f:5c:cb:7f:44:30:66:54:
62:88:89:98:79:c3:17:01:ec:49:8d:4d:67:d2:52:
9d:30:b6:97:84:49:c6:24:b8:1f:d0:70:0c:96:d9:
8d:88:41:6d:8e:9d:83:bf:12:ef:1b:d4:8b:23:6b:
3f:56:e6:54:72:f2:69:00:61:86:bd:43:a1:b7:4a:
34:7a:7a:0e:73:66:55:ee:14:48:bc:8e:65:6c:0d:
e2:86:01:b8:c9:f6:1d:af:ee:a7:12:03:08:de:08:
66:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:2E:17:6C:45:3D:DC:3B:0C:10:E7:51:94:1E:24:80:E1:DD:C5:A7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:f3:df:55:d9:0a:9f:6e:aa:b2:38:9d:16:b8:7c:3c:25:5b:
74:f6:81:1e:ee:51:7b:92:9b:f3:32:70:41:8c:47:3d:88:51:
af:60:8c:08:fc:4d:7a:7a:a0:6c:f5:fd:bb:b9:cb:ac:1b:fd:
b0:39:e1:32:13:b7:71:4f:9e:d3:be:34:97:c1:42:1c:31:af:
57:30:27:9d:10:5b:fd:14:b7:98:23:25:1c:8c:d1:39:1b:27:
dd:fa:5d:64:41:2b:1b:d7:5f:06:54:b6:3b:a8:e8:6b:e9:a8:
1a:bd:f8:eb:ce:45:16:4e:df:38:62:12:2c:a2:86:14:88:e7:
c8:61:49:8b:fb:34:21:e4:4b:bc:5c:95:ab:76:e2:8e:40:9e:
fc:0c:f3:4c:0c:7d:04:4f:12:0d:76:85:58:ca:04:0a:fe:ae:
e1:b1:61:34:5c:31:04:f7:3f:98:03:9a:40:f2:af:2b:4a:a1:
88:26:be:37:5c:0e:1a:de:e5:61:93:bc:76:39:77:ab:5b:ed:
8b:b6:b2:ed:bf:e7:17:8b:93:1d:6d:1b:71:bf:ea:39:c7:3e:
bd:8d:4e:ca:16:d8:0a:72:b9:85:33:fa:74:e5:ba:fe:f3:05:
80:6a:f0:56:06:63:6f:4a:cd:31:9c:dc:db:3e:7d:7a:42:8b:
45:83:18:3d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUem6QUcU2f3uCUBiNcCZJZEuNrf0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiMjc3ODE1ODExZmJjOTU1MWUyNDgyZTY0YjBiYWUyZWFmMGMxNDE3MThh
ZTQ2MjI5MzkwZjgzMDA2MDg2NjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyiwKfOD12Lhxm/fBYrN0NXobCddrMb9ORfbL1mNBKxxbW1eXgjvJkVPAcW
wTCyFTu3o7lrHj01Ut4Lfi1zCymx3vyqydQxtm+buEJpCD4reciM1UCXfCPCf1RL
vEUphma5Uqx67d7mQnIJJsDvyOW7ZNO1OJrGgTy3Sa2ERc0AMBmJtBpoHE3DBFsW
QJhq4phC+Vz2p/3R5rFaQ09cy39EMGZUYoiJmHnDFwHsSY1NZ9JSnTC2l4RJxiS4
H9BwDJbZjYhBbY6dg78S7xvUiyNrP1bmVHLyaQBhhr1DobdKNHp6DnNmVe4USLyO
ZWwN4oYBuMn2Ha/upxIDCN4IZvsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS5Lhds
RT3cOwwQ51GUHiSA4d3FpzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTUwMTk5OTYtMGVmNC00Zjk4LTkwZTItZGQ3ZWZjMDA0Mzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G
CSqGSIb3DQEBCwUAA4IBAQBo899V2QqfbqqyOJ0WuHw8JVt09oEe7lF7kpvzMnBB
jEc9iFGvYIwI/E16eqBs9f27ucusG/2wOeEyE7dxT57TvjSXwUIcMa9XMCedEFv9
FLeYIyUcjNE5Gyfd+l1kQSsb118GVLY7qOhr6agavfjrzkUWTt84YhIsooYUiOfI
YUmL+zQh5Eu8XJWrduKOQJ78DPNMDH0ETxINdoVYygQK/q7hsWE0XDEE9z+YA5pA
8q8rSqGIJr43XA4a3uVhk7x2OXerW+2LtrLtv+cXi5MdbRtxv+o5xz69jU7KFtgK
crmFM/p05br+8wWAavBWBmNvSs0xnNzbPn16QotFgxg9
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org