Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a4f9b1d-c483-4904-8d04-be1592cba27d.roa
File: 9a4f9b1d-c483-4904-8d04-be1592cba27d.roa (raw, json)
Hash identifier: IdfUfDxUoU8zuDd31FP/eKJMEtdq6jpr9emdqqujGN0=
Subject key identifier: 27:C4:BE:E3:E9:94:37:72:57:22:DC:11:6D:ED:0F:7E:7B:DC:D2:97
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 78C46837D2D707C2907C902DED6517E4E9F24C99
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a4f9b1d-c483-4904-8d04-be1592cba27d.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:c4:68:37:d2:d7:07:c2:90:7c:90:2d:ed:65:17:e4:e9:f2:4c:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=918545883768882ece2ef1a47fa67d7d5373596c271c4aa584d44cd766aa070d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:3c:d7:24:2c:ba:d8:ee:37:68:94:f2:b8:df:
7d:f1:8d:af:ae:0f:b5:af:cc:33:9b:0e:be:5c:48:
06:81:3e:f2:6c:10:3f:a5:76:98:b8:d0:bd:a3:21:
67:ca:25:b6:37:26:e6:fc:37:74:da:78:b3:e9:82:
96:0f:96:76:74:d7:7d:3b:d5:d5:f5:8a:b4:60:96:
77:00:a7:f4:90:6e:55:ab:47:52:6a:7b:2f:72:2b:
61:5a:5e:5e:3a:ad:02:81:ea:0f:0d:b0:66:6a:b2:
4b:86:35:89:9f:02:b3:b2:b0:a3:41:db:56:02:ce:
90:c5:2b:47:6e:62:ac:36:57:28:38:38:71:86:ed:
a6:8d:61:fe:c5:cd:25:bd:7d:d6:ef:52:94:da:b7:
69:03:e9:b3:a6:fd:80:69:4e:5c:fa:85:3a:cc:76:
a6:c7:6c:6b:01:08:a0:2b:f0:fa:fd:98:59:fa:17:
86:21:6c:d3:55:92:01:a6:12:01:b6:7b:86:65:95:
53:de:0b:4c:c6:49:c5:20:20:86:f9:f7:9b:02:a1:
b4:a1:9f:d5:95:f1:37:9c:53:8a:91:ac:58:72:47:
e1:cf:d8:5b:af:26:8a:22:ad:2f:fa:3d:e4:54:8a:
90:6a:da:22:9a:11:cc:ce:67:e9:5e:24:22:6e:f2:
2b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:C4:BE:E3:E9:94:37:72:57:22:DC:11:6D:ED:0F:7E:7B:DC:D2:97
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a4f9b1d-c483-4904-8d04-be1592cba27d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:2b:66:b8:84:8f:4a:af:96:8e:c9:1d:c2:a6:fa:ff:1b:92:
20:77:2d:8a:d1:ad:d1:4a:52:7e:01:a4:0f:aa:e4:bc:7b:a8:
de:8d:d7:1f:2f:a1:44:e9:75:43:fe:59:40:27:35:39:86:a1:
cf:ff:79:cf:77:19:57:18:9c:ec:2c:4b:93:fe:da:2e:a2:a8:
08:9b:35:82:5f:14:85:17:1d:9c:f5:5c:fb:59:e3:14:e9:54:
f5:eb:c8:6c:49:0f:aa:b2:c1:ca:5b:84:d8:42:2f:ee:92:3b:
d4:b0:9b:3d:ab:38:57:bf:c6:03:4d:da:18:be:a3:de:00:50:
0d:1a:86:8c:16:8b:f6:f9:77:58:b3:e8:7b:d4:42:0b:0f:bf:
d6:3a:c6:00:7a:ef:43:bb:0f:67:06:be:6b:d7:66:0d:52:57:
87:27:cf:5d:6d:26:24:86:7c:e4:4f:9f:8a:b1:f9:15:29:24:
e9:f5:74:76:6e:4a:34:d9:bd:fe:ed:31:6e:9e:19:26:2f:d5:
38:07:d5:f1:f1:37:a5:f5:2d:f9:c0:4c:49:00:cb:b0:8b:e5:
03:2f:8d:7b:b8:15:8c:0a:68:c4:c9:e0:7d:d8:af:e2:9e:25:
15:56:8d:bc:37:e1:81:21:df:20:2a:87:59:66:01:1c:3a:0a:
63:fb:66:6e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeMRoN9LXB8KQfJAt7WUX5OnyTJkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxODU0NTg4Mzc2ODg4MmVjZTJlZjFhNDdmYTY3ZDdkNTM3MzU5NmMyNzFj
NGFhNTg0ZDQ0Y2Q3NjZhYTA3MGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANU81yQsutjuN2iU8rjfffGNr64Pta/MM5sOvlxIBoE+8mwQP6V2mLjQvaMh
Z8oltjcm5vw3dNp4s+mClg+WdnTXfTvV1fWKtGCWdwCn9JBuVatHUmp7L3IrYVpe
XjqtAoHqDw2wZmqyS4Y1iZ8Cs7Kwo0HbVgLOkMUrR25irDZXKDg4cYbtpo1h/sXN
Jb191u9SlNq3aQPps6b9gGlOXPqFOsx2psdsawEIoCvw+v2YWfoXhiFs01WSAaYS
AbZ7hmWVU94LTMZJxSAghvn3mwKhtKGf1ZXxN5xTipGsWHJH4c/YW68miiKtL/o9
5FSKkGraIpoRzM5n6V4kIm7yK3cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQnxL7j
6ZQ3clci3BFt7Q9+e9zSlzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWE0ZjliMWQtYzQ4My00OTA0LThkMDQtYmUxNTkyY2JhMjdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQCOK2a4hI9Kr5aOyR3Cpvr/G5Igdy2K0a3RSlJ+AaQP
quS8e6jejdcfL6FE6XVD/llAJzU5hqHP/3nPdxlXGJzsLEuT/touoqgImzWCXxSF
Fx2c9Vz7WeMU6VT168hsSQ+qssHKW4TYQi/ukjvUsJs9qzhXv8YDTdoYvqPeAFAN
GoaMFov2+XdYs+h71EILD7/WOsYAeu9Duw9nBr5r12YNUleHJ89dbSYkhnzkT5+K
sfkVKSTp9XR2bko02b3+7TFunhkmL9U4B9Xx8Tel9S35wExJAMuwi+UDL417uBWM
CmjEyeB92K/iniUVVo28N+GBId8gKodZZgEcOgpj+2Zu
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:31 2024 by rpki-client on console-fra.rpki-client.org