Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a4f9b1d-c483-4904-8d04-be1592cba27d.roa
File: 9a4f9b1d-c483-4904-8d04-be1592cba27d.roa (raw, json)
Hash identifier: NaadXobBE0LvdoZnk0zm/KDFNxKhKCESkFu1h8v3nPg=
Subject key identifier: 71:14:47:D6:AC:4A:1D:DD:95:71:D1:D3:BA:01:44:6C:9E:A7:4A:4F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5C6726BC77A312C572B468DC8C119E62D83F90BC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a4f9b1d-c483-4904-8d04-be1592cba27d.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:67:26:bc:77:a3:12:c5:72:b4:68:dc:8c:11:9e:62:d8:3f:90:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=3e05ba27248934b66b9a34fc73587d9623a1cd16652fb4b6b3c6d21f710d5f2f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:27:70:86:ad:0a:45:f2:89:d4:ca:b6:65:32:
86:28:eb:a7:f8:5f:bd:d9:df:88:88:94:5b:4a:e3:
2d:e3:57:87:00:7c:49:96:df:ce:5b:a9:f9:a1:b2:
c9:36:9c:5e:e5:4f:82:fc:17:f7:64:3a:04:78:66:
91:1b:40:ae:71:0f:01:92:22:07:1b:3d:0c:5a:9b:
27:a7:48:67:2c:6c:aa:73:77:d9:89:a5:cf:b1:18:
88:e7:0d:e2:52:0a:4c:1d:b2:52:01:10:fd:f1:5f:
89:4a:71:15:41:19:ed:19:78:fb:dc:bc:fa:45:ab:
7c:59:3c:b9:09:61:20:7a:16:61:9d:3e:87:ba:f2:
b0:1b:79:b7:0b:7e:4a:ef:c6:51:c4:cb:88:bc:5d:
ee:7e:5b:ea:c5:65:f0:5b:c5:27:3c:97:f7:b6:5c:
bd:4d:ff:fd:23:cc:c8:53:9e:95:7a:2d:37:1d:b7:
3f:12:93:7d:9b:8f:68:4e:7b:30:71:1b:93:3b:69:
fb:e8:11:c5:be:fd:18:39:f9:72:aa:04:d8:91:59:
5f:b1:52:c8:7f:9f:86:4b:0b:c3:88:06:8d:c9:8b:
ad:16:15:b2:75:f7:36:c7:f7:87:84:93:13:91:e2:
6f:ec:4c:0c:fc:51:c3:2d:ac:98:13:51:2b:58:d7:
89:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:14:47:D6:AC:4A:1D:DD:95:71:D1:D3:BA:01:44:6C:9E:A7:4A:4F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a4f9b1d-c483-4904-8d04-be1592cba27d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:5c:5e:af:29:66:60:08:36:0a:c2:61:28:2f:d0:8a:4b:6e:
96:8d:32:93:32:5b:60:d3:58:39:04:65:fd:69:05:82:d6:18:
1b:1e:4d:af:b6:51:23:d5:6a:6b:d4:b7:a8:12:56:ed:71:af:
95:72:3b:c3:53:11:1a:68:3a:3b:74:60:c8:bc:66:ec:a5:55:
ae:19:25:d3:bf:67:9b:47:b6:5d:c8:4f:a4:f4:92:98:b3:cd:
62:e2:6c:aa:4b:5a:e6:b4:df:9c:51:dc:de:4c:9b:95:80:05:
79:65:43:65:c9:c0:37:4e:db:2e:81:d9:9e:9c:0e:3d:d1:7a:
ad:f2:d8:f4:f3:72:b5:ea:6e:ad:ee:f5:b5:2f:b9:a2:38:42:
0b:45:a6:0a:96:da:53:42:1b:e0:a7:c5:c2:70:85:b3:bc:6a:
1c:73:a2:c8:bf:d9:4b:1f:2e:c5:e9:f0:54:88:43:0e:99:a4:
78:4d:09:60:3f:9e:4a:d6:f5:43:b3:47:f8:2d:81:34:06:aa:
4a:48:cf:a5:12:d0:94:3e:12:9b:73:97:11:5e:a6:48:32:8a:
5f:e8:e2:74:0a:1c:fd:e4:d8:2e:f6:dd:69:57:e5:6d:cc:02:
eb:63:b9:71:28:54:47:45:fe:62:a3:40:4e:9e:94:9d:aa:12:
ba:2e:9d:e8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXGcmvHejEsVytGjcjBGeYtg/kLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlMDViYTI3MjQ4OTM0YjY2YjlhMzRmYzczNTg3ZDk2MjNhMWNkMTY2NTJm
YjRiNmIzYzZkMjFmNzEwZDVmMmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMncIatCkXyidTKtmUyhijrp/hfvdnfiIiUW0rjLeNXhwB8SZbfzlup+aGy
yTacXuVPgvwX92Q6BHhmkRtArnEPAZIiBxs9DFqbJ6dIZyxsqnN32Ymlz7EYiOcN
4lIKTB2yUgEQ/fFfiUpxFUEZ7Rl4+9y8+kWrfFk8uQlhIHoWYZ0+h7rysBt5twt+
Su/GUcTLiLxd7n5b6sVl8FvFJzyX97ZcvU3//SPMyFOelXotNx23PxKTfZuPaE57
MHEbkztp++gRxb79GDn5cqoE2JFZX7FSyH+fhksLw4gGjcmLrRYVsnX3Nsf3h4ST
E5Hib+xMDPxRwy2smBNRK1jXia8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRxFEfW
rEod3ZVx0dO6AURsnqdKTzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWE0ZjliMWQtYzQ4My00OTA0LThkMDQtYmUxNTkyY2JhMjdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQBSXF6vKWZgCDYKwmEoL9CKS26WjTKTMltg01g5BGX9
aQWC1hgbHk2vtlEj1Wpr1LeoElbtca+VcjvDUxEaaDo7dGDIvGbspVWuGSXTv2eb
R7ZdyE+k9JKYs81i4myqS1rmtN+cUdzeTJuVgAV5ZUNlycA3TtsugdmenA490Xqt
8tj083K16m6t7vW1L7miOEILRaYKltpTQhvgp8XCcIWzvGocc6LIv9lLHy7F6fBU
iEMOmaR4TQlgP55K1vVDs0f4LYE0BqpKSM+lEtCUPhKbc5cRXqZIMopf6OJ0Chz9
5Ngu9t1pV+VtzALrY7lxKFRHRf5io0BOnpSdqhK6Lp3o
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org