Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ab3c8eee-3c0b-43c3-912a-c318c46504aa.roa
File: ab3c8eee-3c0b-43c3-912a-c318c46504aa.roa (raw, json)
Hash identifier: OZmY/TBUbOI17gg3RhsRfr3A/UKe1LEH2ST+aPx1s2E=
Subject key identifier: E0:BC:7A:93:BA:0B:FC:BB:7F:BD:74:FE:F0:6E:BC:1C:10:1C:2C:1B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6DE798E143E932CC45F1AE138128BB72DB3B9A3B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ab3c8eee-3c0b-43c3-912a-c318c46504aa.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 57.99.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:e7:98:e1:43:e9:32:cc:45:f1:ae:13:81:28:bb:72:db:3b:9a:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=01fcbf55964fa608e516bda94826ea25a4cfb3fdd00cca2725d25f37068792b7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3e:ce:61:e2:f7:6e:9b:1b:fc:40:8a:2f:22:
43:3b:0b:80:4d:76:57:60:89:f7:fb:06:a0:2f:1b:
b4:f0:f5:15:b6:2a:ba:01:22:6e:29:1c:37:46:89:
40:c2:97:6e:8c:2e:d1:6f:d5:2d:0b:14:07:bc:4e:
20:41:44:3b:ce:0d:de:05:93:f6:8b:51:26:58:a6:
ee:7b:96:67:f3:10:d0:81:ae:2e:b4:08:a1:60:45:
6b:fc:a1:49:41:32:7a:b4:85:ef:e9:e0:b9:a8:fa:
aa:27:0f:42:e6:d5:7f:59:b3:38:d0:db:59:9f:84:
56:a4:d7:1b:41:d2:63:06:e3:a3:11:c8:27:72:d2:
c5:3e:1e:bc:85:b5:a3:39:58:28:5e:a2:6e:9e:00:
0b:7e:4f:23:b8:ff:11:c5:10:ca:84:35:7b:9e:92:
a4:fa:82:4e:b4:42:c1:41:d8:e3:bf:ae:28:44:61:
2d:e4:32:cc:ac:02:27:2d:8a:27:86:a5:94:32:6b:
e6:d8:aa:1e:9c:cc:bf:0e:9c:e4:cd:5d:3e:83:0d:
43:fc:fb:3e:a9:f5:51:90:1e:e4:49:eb:ea:67:3b:
5b:60:80:5d:d1:fd:82:03:c7:d7:ab:91:22:7e:bd:
1c:20:af:ae:ac:e4:d3:2f:40:dd:59:13:ed:0a:00:
3f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:BC:7A:93:BA:0B:FC:BB:7F:BD:74:FE:F0:6E:BC:1C:10:1C:2C:1B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ab3c8eee-3c0b-43c3-912a-c318c46504aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:6b:9f:5c:fb:03:fd:d4:1d:97:99:40:d0:60:5a:60:cc:83:
85:f4:fc:91:10:b1:dd:d5:8c:0a:c1:f3:ab:48:68:80:ad:23:
cc:0b:f4:4f:11:f5:5a:08:39:91:c8:0c:82:68:4f:d9:ac:83:
65:72:04:b6:f4:ae:6d:0f:81:69:18:51:d0:20:6f:20:8d:12:
b8:38:ad:74:29:fe:4f:d7:2a:4e:d3:b6:f7:57:44:a0:db:9d:
ab:af:13:00:98:17:26:22:96:9e:fc:73:f9:c6:ba:a6:ed:42:
35:b7:f7:8c:96:16:6e:df:2b:d7:68:b5:69:0e:b5:9d:8b:da:
d1:5e:1f:1c:25:fc:ce:9f:87:61:f9:25:b9:24:3d:51:99:8f:
fc:7a:2a:50:45:b8:38:66:31:cd:c3:d1:33:fd:d6:ad:6f:5f:
b8:1d:e5:1e:cb:26:32:c4:75:4f:bf:eb:eb:e9:b5:0a:fe:60:
ec:57:38:59:07:75:aa:91:34:25:0a:a3:14:21:11:13:cd:52:
e7:df:7d:be:bd:6b:09:5f:c4:99:d2:58:86:28:e8:6d:9e:fd:
0f:ad:8e:0d:37:bf:08:20:67:72:36:17:9f:a4:80:e1:27:c4:
f5:b5:aa:15:da:e9:74:c9:a8:d9:81:34:92:82:fc:a9:c4:d2:
7d:21:9f:8e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbeeY4UPpMsxF8a4TgSi7cts7mjswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxZmNiZjU1OTY0ZmE2MDhlNTE2YmRhOTQ4MjZlYTI1YTRjZmIzZmRkMDBj
Y2EyNzI1ZDI1ZjM3MDY4NzkyYjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKU+zmHi926bG/xAii8iQzsLgE12V2CJ9/sGoC8btPD1FbYqugEibikcN0aJ
QMKXbowu0W/VLQsUB7xOIEFEO84N3gWT9otRJlim7nuWZ/MQ0IGuLrQIoWBFa/yh
SUEyerSF7+nguaj6qicPQubVf1mzONDbWZ+EVqTXG0HSYwbjoxHIJ3LSxT4evIW1
ozlYKF6ibp4AC35PI7j/EcUQyoQ1e56SpPqCTrRCwUHY47+uKERhLeQyzKwCJy2K
J4allDJr5tiqHpzMvw6c5M1dPoMNQ/z7Pqn1UZAe5Enr6mc7W2CAXdH9ggPH16uR
In69HCCvrqzk0y9A3VkT7QoAPxkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTgvHqT
ugv8u3+9dP7wbrwcEBwsGzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWIzYzhlZWUtM2MwYi00M2MzLTkxMmEtYzMxOGM0NjUwNGFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADljMA0G
CSqGSIb3DQEBCwUAA4IBAQAma59c+wP91B2XmUDQYFpgzIOF9PyRELHd1YwKwfOr
SGiArSPMC/RPEfVaCDmRyAyCaE/ZrINlcgS29K5tD4FpGFHQIG8gjRK4OK10Kf5P
1ypO07b3V0Sg252rrxMAmBcmIpae/HP5xrqm7UI1t/eMlhZu3yvXaLVpDrWdi9rR
Xh8cJfzOn4dh+SW5JD1RmY/8eipQRbg4ZjHNw9Ez/datb1+4HeUeyyYyxHVPv+vr
6bUK/mDsVzhZB3WqkTQlCqMUIRETzVLn332+vWsJX8SZ0liGKOhtnv0PrY4NN78I
IGdyNhefpIDhJ8T1taoV2ul0yajZgTSSgvypxNJ9IZ+O
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:59:32 2024 by rpki-client on console-ams.rpki-client.org