Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
File: ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa (raw, json)
Hash identifier: UivL5A+yvxu0Isf1cyJz2280I1FyJdoHJJQYQp0hPW0=
Subject key identifier: EF:31:D9:13:E9:99:2C:A0:BC:16:27:C4:D8:41:D2:1B:7B:BF:D4:0A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 218B7D69701DA763D1370E43515199707B2C980A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 83.116.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:8b:7d:69:70:1d:a7:63:d1:37:0e:43:51:51:99:70:7b:2c:98:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=c7cfbfdc412ba44edadbb98a4d95bb3a386cfab0bd5c2ed9b25adbb9bd06a041, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1e:2e:d6:58:23:14:82:8a:a6:89:76:39:23:
e2:43:34:81:67:cb:c5:5a:a6:7c:59:06:b3:20:c4:
d8:d5:31:47:2b:28:79:6f:4f:fd:28:2d:ff:53:64:
ea:fb:9b:74:5a:39:60:bb:ce:9a:8b:07:02:ba:00:
6c:cf:87:f6:66:8f:17:f8:de:11:8e:a4:e5:e7:61:
9c:79:39:93:18:5d:33:8f:a7:b5:32:c9:f3:80:eb:
fc:76:b5:b8:d8:0a:81:4f:8a:0b:ff:ba:9f:ee:f0:
48:03:eb:82:42:4c:b2:bc:fc:3d:3a:e8:79:24:4d:
0e:f2:65:93:8c:13:65:87:9d:3c:ec:29:4b:94:f1:
b7:b5:4e:7c:65:78:14:40:4e:59:ca:00:1f:4f:0f:
e1:42:4d:b4:b5:3d:e4:37:90:c7:74:75:3e:b2:02:
a4:b1:65:d9:0b:e8:5e:ac:6b:c1:ef:a6:02:04:16:
06:2f:14:5c:c2:cd:9e:da:24:fd:14:82:85:98:79:
d3:09:84:8b:d2:47:ae:ec:29:e3:b9:fd:eb:74:5a:
54:64:c8:bd:4d:a2:e0:f4:50:a7:97:ab:10:5c:4d:
07:44:21:d3:b2:0c:20:35:4c:af:4d:37:c3:65:fb:
fe:b7:f8:e5:a4:7b:b8:50:10:c2:52:4e:a5:43:11:
f6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:31:D9:13:E9:99:2C:A0:BC:16:27:C4:D8:41:D2:1B:7B:BF:D4:0A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.116.0.0/15
Signature Algorithm: sha256WithRSAEncryption
bd:09:e2:d4:a7:fe:56:58:b3:92:14:2b:6c:40:71:8b:6d:45:
68:9a:ae:f8:e8:07:3d:ba:49:a9:6e:e1:5d:2f:6f:4f:38:ab:
04:7d:a0:81:74:72:b0:cb:60:c4:32:0f:86:67:19:04:ab:e9:
57:13:e4:f8:2d:54:a1:38:37:ac:7f:4d:0b:35:36:c0:94:c4:
3d:e9:6c:87:e7:e8:c0:97:0c:0d:26:df:cb:d8:32:99:87:04:
af:90:0b:b2:b9:fd:aa:89:27:1d:96:36:df:39:84:a6:58:6f:
ee:65:f7:72:dc:c2:4a:3f:b6:11:82:aa:3a:2b:de:a7:23:8c:
e0:4d:19:36:11:49:4f:97:a0:30:96:e7:46:b8:05:c6:86:d9:
dc:da:f6:7d:8a:67:53:d4:2e:92:8c:4a:c8:ad:e0:81:70:f6:
d1:92:56:e2:1d:65:b1:70:b2:af:f0:e8:62:4f:0a:9c:36:35:
8f:d1:06:1c:04:c1:13:d3:3d:2b:ee:e3:41:c7:e1:d9:52:57:
da:94:b8:e8:69:08:75:4d:39:8b:03:d2:cd:5e:23:f3:91:37:
4c:9a:3f:25:31:45:e1:d5:26:3a:df:06:9b:6c:a6:66:e1:6f:
8e:7e:56:70:79:53:6e:8a:28:ac:0f:7b:92:38:15:9d:98:29:
69:db:e1:15
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIYt9aXAdp2PRNw5DUVGZcHssmAowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3Y2ZiZmRjNDEyYmE0NGVkYWRiYjk4YTRkOTViYjNhMzg2Y2ZhYjBiZDVj
MmVkOWIyNWFkYmI5YmQwNmEwNDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALweLtZYIxSCiqaJdjkj4kM0gWfLxVqmfFkGsyDE2NUxRysoeW9P/Sgt/1Nk
6vubdFo5YLvOmosHAroAbM+H9maPF/jeEY6k5edhnHk5kxhdM4+ntTLJ84Dr/Ha1
uNgKgU+KC/+6n+7wSAPrgkJMsrz8PTroeSRNDvJlk4wTZYedPOwpS5Txt7VOfGV4
FEBOWcoAH08P4UJNtLU95DeQx3R1PrICpLFl2QvoXqxrwe+mAgQWBi8UXMLNntok
/RSChZh50wmEi9JHruwp47n963RaVGTIvU2i4PRQp5erEFxNB0Qh07IMIDVMr003
w2X7/rf45aR7uFAQwlJOpUMR9pECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTvMdkT
6ZksoLwWJ8TYQdIbe7/UCjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWM0YTZkNzEtOGYyYy00YTUxLWI3M2QtMjNhYmNiODFhM2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAVN0MA0G
CSqGSIb3DQEBCwUAA4IBAQC9CeLUp/5WWLOSFCtsQHGLbUVomq746Ac9ukmpbuFd
L29POKsEfaCBdHKwy2DEMg+GZxkEq+lXE+T4LVShODesf00LNTbAlMQ96WyH5+jA
lwwNJt/L2DKZhwSvkAuyuf2qiScdljbfOYSmWG/uZfdy3MJKP7YRgqo6K96nI4zg
TRk2EUlPl6AwludGuAXGhtnc2vZ9imdT1C6SjErIreCBcPbRklbiHWWxcLKv8Ohi
TwqcNjWP0QYcBMET0z0r7uNBx+HZUlfalLjoaQh1TTmLA9LNXiPzkTdMmj8lMUXh
1SY63wabbKZm4W+OflZweVNuiiisD3uSOBWdmClp2+EV
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org