Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b61821-4c64-448c-91eb-241e2326e11e.roa
File: a8b61821-4c64-448c-91eb-241e2326e11e.roa (raw, json)
Hash identifier: DVWJxsT3GE8K+E8YHkmzpc1kxlQ5ae+K/ShgeFE1m9Q=
Subject key identifier: 3E:9C:8D:39:A3:7A:7A:FD:27:28:7E:A3:76:BA:79:97:A7:DC:43:0D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26F95FFDABCFA5BC1DDA774525B89DC2B0C7CDE8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b61821-4c64-448c-91eb-241e2326e11e.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1400::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:f9:5f:fd:ab:cf:a5:bc:1d:da:77:45:25:b8:9d:c2:b0:c7:cd:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=2c69953b811a4531df9b1b63a4a4ae6b948c69ca425a9d86a307af03485ea07e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:73:5d:41:92:29:07:d5:7a:56:70:a2:d6:0e:
2c:79:1e:e9:68:70:72:6b:3a:40:e9:3f:d0:b9:48:
ca:86:e8:57:51:c7:1f:7f:cd:a9:96:af:26:a4:c0:
14:32:39:2a:48:f2:7c:3a:a6:68:d9:e2:52:80:65:
05:31:52:cb:c9:bd:1c:d3:79:94:24:cb:e9:e2:3c:
f3:5b:a4:7f:c6:a4:17:9d:3f:b0:8d:33:e7:0d:33:
55:63:94:6d:f5:46:14:47:24:18:39:d9:ab:5d:67:
19:d0:2b:71:9c:f4:64:b0:80:5a:9d:db:90:03:cc:
10:e0:26:de:82:f7:73:b0:82:50:d3:49:59:ba:ef:
f7:58:cb:7f:6b:7f:22:8b:cb:e0:09:14:01:a7:bc:
c1:bc:7c:a6:ab:a0:ae:1a:3c:e9:4e:ff:6f:7b:7e:
0d:36:47:ce:ef:5d:c5:01:3a:c9:3c:00:fe:8d:e2:
f0:d9:7a:ce:16:e7:57:4f:cc:99:70:fb:fa:10:e6:
11:2d:66:8a:cd:3a:70:c6:5f:57:a7:84:df:3f:4a:
33:ac:e5:37:b1:3c:12:97:44:e5:89:14:e6:1e:6e:
83:53:ad:23:68:33:e6:42:ce:6a:61:db:f6:cd:d3:
c4:5c:2c:74:48:1b:f9:7b:b3:fe:93:06:79:c6:3a:
ff:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:9C:8D:39:A3:7A:7A:FD:27:28:7E:A3:76:BA:79:97:A7:DC:43:0D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b61821-4c64-448c-91eb-241e2326e11e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1400::/38
Signature Algorithm: sha256WithRSAEncryption
c1:41:88:5e:23:d3:f1:d7:39:f2:41:5e:e2:07:21:11:48:91:
2a:de:c4:22:31:a0:5d:27:90:39:42:7e:1b:d4:79:9f:fb:d2:
f8:9e:05:7b:04:43:1b:38:eb:71:01:f6:c5:84:f8:da:3c:81:
65:ae:21:36:33:40:69:10:54:ae:95:5c:c5:8e:1c:21:f5:e3:
37:34:71:b4:ef:6b:ff:0f:37:25:92:45:94:bb:3b:2c:b3:88:
09:6a:f7:98:69:65:b5:79:2f:aa:f0:f9:6e:56:68:06:68:98:
b9:3a:b4:30:1f:eb:20:78:08:2b:1e:e6:c6:40:ea:b0:bd:d0:
ff:09:ac:d8:4f:1f:c5:28:64:46:ae:c3:df:60:62:01:f8:9c:
6d:f5:b1:0e:67:7b:f6:2f:9f:1a:99:1c:c5:31:ea:10:44:e9:
70:5a:ff:cc:2b:3b:87:be:20:1a:46:a9:ca:72:e7:98:fa:91:
0b:83:6c:6d:99:ca:cc:68:5c:42:f9:1d:ff:37:51:d3:0e:0d:
ea:17:ba:06:dc:ef:91:41:75:4a:8e:b8:87:63:be:22:64:3e:
6f:ba:50:1f:37:b0:e9:ea:96:9c:ae:21:67:24:8b:25:38:11:
3b:75:2a:b7:6e:ff:3e:d3:e5:e6:84:62:06:ab:c4:7a:cc:61:
af:34:a8:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJvlf/avPpbwd2ndFJbidwrDHzegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjNjk5NTNiODExYTQ1MzFkZjliMWI2M2E0YTRhZTZiOTQ4YzY5Y2E0MjVh
OWQ4NmEzMDdhZjAzNDg1ZWEwN2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN5zXUGSKQfVelZwotYOLHke6Whwcms6QOk/0LlIyoboV1HHH3/NqZavJqTA
FDI5KkjyfDqmaNniUoBlBTFSy8m9HNN5lCTL6eI881ukf8akF50/sI0z5w0zVWOU
bfVGFEckGDnZq11nGdArcZz0ZLCAWp3bkAPMEOAm3oL3c7CCUNNJWbrv91jLf2t/
IovL4AkUAae8wbx8pqugrho86U7/b3t+DTZHzu9dxQE6yTwA/o3i8Nl6zhbnV0/M
mXD7+hDmES1mis06cMZfV6eE3z9KM6zlN7E8EpdE5YkU5h5ug1OtI2gz5kLOamHb
9s3TxFwsdEgb+Xuz/pMGecY6/1sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ+nI05
o3p6/ScofqN2unmXp9xDDTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YThiNjE4MjEtNGM2NC00NDhjLTkxZWItMjQxZTIzMjZlMTFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioBBXgU
MA0GCSqGSIb3DQEBCwUAA4IBAQDBQYheI9Px1znyQV7iByERSJEq3sQiMaBdJ5A5
Qn4b1Hmf+9L4ngV7BEMbOOtxAfbFhPjaPIFlriE2M0BpEFSulVzFjhwh9eM3NHG0
72v/DzclkkWUuzsss4gJaveYaWW1eS+q8PluVmgGaJi5OrQwH+sgeAgrHubGQOqw
vdD/CazYTx/FKGRGrsPfYGIB+Jxt9bEOZ3v2L58amRzFMeoQROlwWv/MKzuHviAa
RqnKcueY+pELg2xtmcrMaFxC+R3/N1HTDg3qF7oG3O+RQXVKjriHY74iZD5vulAf
N7Dp6pacriFnJIslOBE7dSq3bv8+0+XmhGIGq8R6zGGvNKh1
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org