Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4c449e-69e4-45a7-85e4-1915d006207d.roa
File: ac4c449e-69e4-45a7-85e4-1915d006207d.roa (raw, json)
Hash identifier: WJ+vWneiH+YRJFMd6SrLRzMTLNp5coc2xPfmcxA0cfY=
Subject key identifier: 39:1E:5E:3B:17:7D:6C:C6:D6:01:82:22:77:8E:29:67:EA:AB:1D:A3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 14D9CCE36041A780D753E52203B087A87B9184E7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4c449e-69e4-45a7-85e4-1915d006207d.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1080::/41 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:d9:cc:e3:60:41:a7:80:d7:53:e5:22:03:b0:87:a8:7b:91:84:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=2a43ddb931339d5b3762ab9b68f2f8516c6c582295e23fad7154d42eef490f70, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:55:bf:d1:0d:51:79:0e:d1:ab:64:9e:86:ca:
6f:a9:90:90:b6:5b:64:fd:56:6f:29:e9:91:03:ee:
c1:af:03:d7:62:31:0b:67:87:db:9b:37:1b:c0:70:
ca:de:48:93:47:2c:dc:37:10:5d:73:31:72:9a:7b:
9c:71:81:03:a6:0e:5a:2b:a5:87:7a:76:ee:7b:9b:
da:f1:b2:e6:43:b0:87:60:8f:8a:fc:0d:c9:34:a0:
8d:0b:d5:e3:55:95:12:db:cf:e6:18:3c:9b:06:99:
6c:11:53:e1:41:d2:78:9c:f6:e7:17:f4:94:13:44:
a8:e4:cc:51:12:4c:be:82:dc:e1:01:2d:73:d3:bc:
d0:fe:39:93:6e:ec:20:5a:ab:c1:17:ac:71:9f:56:
8c:25:09:65:c6:06:10:50:ce:22:16:61:98:55:00:
12:07:dd:b8:ab:f4:a8:57:9f:ab:cb:d3:0f:c6:01:
78:56:b7:e9:37:c5:1b:02:95:82:19:e8:48:4c:be:
a1:c6:c1:90:cb:78:3b:76:ff:f2:25:04:8b:4f:32:
43:06:da:26:eb:bd:16:88:2f:b7:34:f7:e8:7c:74:
47:ed:d6:5f:f4:06:f9:e9:f1:20:2d:f2:4d:de:f8:
3a:3f:d5:c5:4f:7c:00:30:05:df:6a:a6:8c:97:3a:
ae:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:1E:5E:3B:17:7D:6C:C6:D6:01:82:22:77:8E:29:67:EA:AB:1D:A3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4c449e-69e4-45a7-85e4-1915d006207d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1080::/41
Signature Algorithm: sha256WithRSAEncryption
8a:b5:5c:69:a2:eb:8f:be:b7:8f:7a:fb:c4:9c:f3:54:30:da:
87:7d:04:43:68:56:8e:98:c1:ef:1e:b8:2e:18:29:cb:38:94:
d0:a6:48:d1:0a:37:6f:d8:d0:2b:7b:0b:90:2a:d4:e7:f3:93:
54:77:08:65:2e:5e:dd:33:9f:a5:ee:3c:f5:55:31:c4:13:27:
2a:5e:34:c4:e0:20:18:00:f4:5d:57:6e:e7:86:17:da:86:3d:
23:b3:ee:ac:74:28:e6:c3:60:3a:c6:f7:ee:12:9e:26:10:9d:
30:8c:bc:fe:d6:e4:22:1a:a9:04:be:d7:b7:ff:44:6c:1a:48:
a1:45:80:c4:6d:e7:65:ea:a7:df:35:a9:a1:16:61:27:c3:75:
34:92:14:9a:f2:bb:04:a3:ff:74:a8:d3:7c:a7:fb:b3:64:96:
c9:1e:af:45:29:85:f4:55:35:d7:8b:74:44:81:96:ec:a3:1e:
17:02:41:06:93:2f:54:a9:b3:8e:57:91:aa:29:a3:d2:eb:57:
d1:d0:e7:d1:74:57:a8:db:84:b3:8c:1f:9a:2c:61:d0:c3:6d:
03:19:c6:97:96:c3:c5:82:6c:69:17:dd:3d:17:4c:ac:de:d0:
c9:27:60:ea:92:18:33:44:8f:2c:81:82:d8:a5:77:c1:14:dd:
aa:cd:b4:94
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFNnM42BBp4DXU+UiA7CHqHuRhOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhNDNkZGI5MzEzMzlkNWIzNzYyYWI5YjY4ZjJmODUxNmM2YzU4MjI5NWUy
M2ZhZDcxNTRkNDJlZWY0OTBmNzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtVv9ENUXkO0atknobKb6mQkLZbZP1WbynpkQPuwa8D12IxC2eH25s3G8Bw
yt5Ik0cs3DcQXXMxcpp7nHGBA6YOWiulh3p27nub2vGy5kOwh2CPivwNyTSgjQvV
41WVEtvP5hg8mwaZbBFT4UHSeJz25xf0lBNEqOTMURJMvoLc4QEtc9O80P45k27s
IFqrwRescZ9WjCUJZcYGEFDOIhZhmFUAEgfduKv0qFefq8vTD8YBeFa36TfFGwKV
ghnoSEy+ocbBkMt4O3b/8iUEi08yQwbaJuu9FogvtzT36Hx0R+3WX/QG+enxIC3y
Td74Oj/VxU98ADAF32qmjJc6rnkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ5Hl47
F31sxtYBgiJ3jiln6qsdozAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWM0YzQ0OWUtNjllNC00NWE3LTg1ZTQtMTkxNWQwMDYyMDdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHByoBBXgQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAirVcaaLrj763j3r7xJzzVDDah30EQ2hWjpjB
7x64LhgpyziU0KZI0Qo3b9jQK3sLkCrU5/OTVHcIZS5e3TOfpe489VUxxBMnKl40
xOAgGAD0XVdu54YX2oY9I7PurHQo5sNgOsb37hKeJhCdMIy8/tbkIhqpBL7Xt/9E
bBpIoUWAxG3nZeqn3zWpoRZhJ8N1NJIUmvK7BKP/dKjTfKf7s2SWyR6vRSmF9FU1
14t0RIGW7KMeFwJBBpMvVKmzjleRqimj0utX0dDn0XRXqNuEs4wfmixh0MNtAxnG
l5bDxYJsaRfdPRdMrN7QySdg6pIYM0SPLIGC2KV3wRTdqs20lA==
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:19 2024 by rpki-client on console-fra.rpki-client.org