Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
File: 9d2253ee-c082-458b-b16d-cb41103c4262.roa (raw, json)
Hash identifier: IO0yRguoEUhmcojlkoSjdNRmcU/C4fM5Z+HsOCSn8/w=
Subject key identifier: 58:92:94:F4:81:65:B0:A8:35:69:38:A8:E6:D9:08:3F:B1:F0:51:E0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 13971DE0671635C49DDB926112C0709EE27B4053
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1400::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:97:1d:e0:67:16:35:c4:9d:db:92:61:12:c0:70:9e:e2:7b:40:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=3e55efb1ad424e1a1f6b6de68da40e44d9194b161b4ba48e73584fc6fa96280c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fe:bd:7a:f0:84:50:12:46:58:28:94:6a:f1:
2a:02:ba:ef:11:17:20:9e:ff:72:57:e4:47:58:44:
4f:86:9f:7f:b9:73:eb:fd:d7:71:99:3b:15:4d:01:
9a:12:77:56:d6:fd:c4:e1:b9:0c:3c:1c:5e:7b:3f:
1b:76:10:9e:ad:cc:8d:92:da:8a:a4:b3:ce:55:fa:
9a:ac:f3:59:76:41:00:76:7e:71:1b:50:99:34:61:
cb:ec:df:17:5e:93:4a:7f:81:72:e4:4d:a1:7d:b4:
40:da:4a:8b:81:10:d8:dc:9d:37:43:fb:35:36:72:
b3:81:70:89:a4:10:af:ea:01:83:b5:88:25:5f:33:
ef:de:54:1a:78:6a:8d:89:2c:f3:bc:df:52:7d:e4:
d1:43:c5:9b:c1:6f:eb:9a:8d:d9:c4:1c:ca:b5:32:
34:0e:74:96:29:5b:a3:71:1c:7b:6b:f9:b2:6d:b3:
8c:0e:fe:e4:64:0f:7d:1f:e6:5a:a9:b4:84:45:47:
40:6f:17:04:24:12:70:c6:ba:60:be:de:01:62:56:
24:0a:94:5c:a8:b3:4a:aa:41:6d:17:88:11:a1:bd:
27:b0:e6:c6:e9:3a:04:ec:bd:4b:86:f5:2f:2e:3b:
48:9f:a4:a4:bf:81:70:bd:5e:23:ac:5f:a1:52:c1:
f6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:92:94:F4:81:65:B0:A8:35:69:38:A8:E6:D9:08:3F:B1:F0:51:E0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1400::/38
Signature Algorithm: sha256WithRSAEncryption
01:70:f0:0c:14:01:94:33:aa:4a:7b:61:52:eb:bd:42:5e:43:
58:04:06:2d:38:59:e9:17:21:c7:81:0e:90:66:93:db:6c:fc:
52:c0:f0:a3:28:e7:63:6c:0f:d3:be:f2:a6:c6:40:2b:e8:ec:
43:b2:26:25:f2:e2:f2:42:c7:31:21:7f:50:e8:a8:e0:75:6c:
35:20:66:79:6c:b4:14:0d:c6:af:10:20:b3:3a:b6:0a:a0:93:
97:a5:fe:b7:02:b6:2e:0d:03:51:68:9e:72:c5:0a:ac:e4:64:
6e:f6:4e:25:5c:3b:79:a0:89:d1:53:80:d4:f5:d6:46:c3:78:
be:8b:0e:ec:33:21:56:42:69:01:12:ac:f6:5c:5f:0e:de:83:
c4:27:cd:e1:07:b0:bd:81:3a:ae:92:aa:78:f9:86:c7:90:7d:
3a:2d:ce:b3:16:c2:99:46:20:87:ae:a6:e5:fe:f9:42:cd:cb:
bf:50:e6:f7:c6:08:c4:86:7b:e5:57:a0:57:d4:c5:31:8f:43:
2b:8d:68:3d:f7:30:9d:25:77:b3:a5:0f:84:84:ba:07:dc:8f:
92:ff:e0:92:1e:9a:f6:fd:2c:10:e3:a2:7e:ca:5a:6f:67:48:
41:25:8d:14:99:78:b6:ae:f0:e1:a0:77:f6:1f:97:13:0d:1a:
e8:3b:84:fd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE5cd4GcWNcSd25JhEsBwnuJ7QFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlNTVlZmIxYWQ0MjRlMWExZjZiNmRlNjhkYTQwZTQ0ZDkxOTRiMTYxYjRi
YTQ4ZTczNTg0ZmM2ZmE5NjI4MGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALj+vXrwhFASRlgolGrxKgK67xEXIJ7/clfkR1hET4aff7lz6/3XcZk7FU0B
mhJ3Vtb9xOG5DDwcXns/G3YQnq3MjZLaiqSzzlX6mqzzWXZBAHZ+cRtQmTRhy+zf
F16TSn+BcuRNoX20QNpKi4EQ2NydN0P7NTZys4FwiaQQr+oBg7WIJV8z795UGnhq
jYks87zfUn3k0UPFm8Fv65qN2cQcyrUyNA50lilbo3Ece2v5sm2zjA7+5GQPfR/m
Wqm0hEVHQG8XBCQScMa6YL7eAWJWJAqUXKizSqpBbReIEaG9J7Dmxuk6BOy9S4b1
Ly47SJ+kpL+BcL1eI6xfoVLB9jcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRYkpT0
gWWwqDVpOKjm2Qg/sfBR4DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWQyMjUzZWUtYzA4Mi00NThiLWIxNmQtY2I0MTEwM2M0MjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioBBXgU
MA0GCSqGSIb3DQEBCwUAA4IBAQABcPAMFAGUM6pKe2FS671CXkNYBAYtOFnpFyHH
gQ6QZpPbbPxSwPCjKOdjbA/TvvKmxkAr6OxDsiYl8uLyQscxIX9Q6KjgdWw1IGZ5
bLQUDcavECCzOrYKoJOXpf63ArYuDQNRaJ5yxQqs5GRu9k4lXDt5oInRU4DU9dZG
w3i+iw7sMyFWQmkBEqz2XF8O3oPEJ83hB7C9gTqukqp4+YbHkH06Lc6zFsKZRiCH
rqbl/vlCzcu/UOb3xgjEhnvlV6BX1MUxj0MrjWg99zCdJXezpQ+EhLoH3I+S/+CS
Hpr2/SwQ46J+ylpvZ0hBJY0UmXi2rvDhoHf2H5cTDRroO4T9
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org