Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa
File: ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa (raw, json)
Hash identifier: uPXac27XDEtgs0uQXHt3b4i77yG/PrAgNj1arGCCepc=
Subject key identifier: C3:C8:10:B5:52:CA:EE:E8:8B:3B:17:75:94:ED:0A:64:3C:B4:64:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 128E66F4AF5EDCCDCCC6209DA65B763E876DBE1B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:8e:66:f4:af:5e:dc:cd:cc:c6:20:9d:a6:5b:76:3e:87:6d:be:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=db2e68b6549bd2a94c5305821ca9b134d147873abae8cac1964493b152b2bc14, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9d:bb:05:d2:25:56:fb:1e:ae:e0:72:ad:c5:
d7:c7:a6:14:43:41:86:b5:7d:9f:ca:fe:61:67:1e:
6d:a4:2a:78:d1:6b:b5:ee:34:c0:51:94:17:c2:c8:
56:7a:4b:80:c6:0e:3d:24:96:fd:cc:f5:66:07:e2:
d6:46:52:cd:a9:d6:cb:46:f8:58:74:de:5b:d8:dc:
7e:42:f3:98:d4:ab:6f:0c:a4:39:ba:87:4b:3b:24:
2b:7f:4a:fb:d9:56:bd:c0:fe:37:5d:1d:6f:52:84:
41:41:ed:b8:bd:56:ee:1e:f3:33:57:9c:3c:bb:4b:
82:3e:7f:e4:8f:5c:1c:9e:9a:9f:6f:d4:8b:49:06:
11:87:5e:f7:9c:a9:90:90:b6:0e:a4:86:f6:e0:d7:
9d:43:70:48:ed:b6:e8:51:35:1e:cd:45:c0:db:38:
20:80:67:cd:f8:7a:ac:b5:94:bc:cc:6d:0e:8c:4e:
55:09:db:60:39:9c:86:12:ae:22:17:e6:38:5b:6f:
c1:e3:e0:60:22:5c:63:fa:cf:5d:4c:1a:11:27:56:
5f:df:c0:e5:ce:ee:15:1e:37:52:3a:e3:bb:58:30:
12:ef:93:f4:db:35:09:80:91:09:3b:27:bd:31:90:
75:29:cf:67:d9:21:97:4f:69:c3:ec:6d:79:58:af:
a5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:C8:10:B5:52:CA:EE:E8:8B:3B:17:75:94:ED:0A:64:3C:B4:64:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
ae:94:aa:32:d7:10:7c:15:52:ed:81:98:2c:70:d1:0e:7f:d8:
31:2d:4e:1e:9e:38:68:62:d3:45:f2:9c:f4:87:6c:93:3b:78:
21:d6:8e:3d:43:90:0e:a1:64:80:95:e0:6e:b4:bd:76:46:fd:
cb:20:26:59:56:43:24:d7:4a:a7:25:45:26:35:ff:f7:c3:80:
72:f3:1f:44:3d:bc:0d:09:6b:b6:e7:42:5a:b2:dd:3d:b8:63:
bb:8d:7c:3c:cd:8b:53:55:5a:12:ac:5f:ed:74:cb:ae:80:6d:
42:5c:49:17:fc:08:b4:2d:bd:30:47:07:f3:a8:a3:58:37:de:
35:63:0c:59:d0:22:75:45:9a:c0:c0:ae:f8:c3:a6:04:6b:a2:
ec:9d:0d:78:89:10:6d:f2:fe:b7:06:43:64:b1:33:86:88:30:
ec:fb:00:48:0c:43:eb:1f:62:4d:8a:6c:4c:c3:41:4f:47:26:
5c:3d:bf:1a:06:8f:99:d1:4e:e3:f7:3f:4f:91:63:f6:f4:1f:
ba:7c:ac:ed:a4:3e:fa:f5:6c:05:9a:90:a6:a9:bd:fe:34:90:
46:6f:ae:b8:0e:2c:7b:4f:0c:f4:d0:58:2d:44:58:d5:dd:06:
3d:92:52:ca:a9:26:cb:57:6e:de:5a:6d:03:14:23:40:d5:5d:
a3:11:4e:5f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEo5m9K9e3M3MxiCdplt2PodtvhswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiMmU2OGI2NTQ5YmQyYTk0YzUzMDU4MjFjYTliMTM0ZDE0Nzg3M2FiYWU4
Y2FjMTk2NDQ5M2IxNTJiMmJjMTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+duwXSJVb7Hq7gcq3F18emFENBhrV9n8r+YWcebaQqeNFrte40wFGUF8LI
VnpLgMYOPSSW/cz1Zgfi1kZSzanWy0b4WHTeW9jcfkLzmNSrbwykObqHSzskK39K
+9lWvcD+N10db1KEQUHtuL1W7h7zM1ecPLtLgj5/5I9cHJ6an2/Ui0kGEYde95yp
kJC2DqSG9uDXnUNwSO226FE1Hs1FwNs4IIBnzfh6rLWUvMxtDoxOVQnbYDmchhKu
IhfmOFtvwePgYCJcY/rPXUwaESdWX9/A5c7uFR43Ujrju1gwEu+T9Ns1CYCRCTsn
vTGQdSnPZ9khl09pw+xteVivpX8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTDyBC1
Usru6Is7F3WU7QpkPLRk1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWU4YjNhNWMtZWIxNC00Zjc2LTkyYjktYTliNDNhN2I4YWEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQCulKoy1xB8FVLtgZgscNEOf9gxLU4enjhoYtNF8pz0
h2yTO3gh1o49Q5AOoWSAleButL12Rv3LICZZVkMk10qnJUUmNf/3w4By8x9EPbwN
CWu250Jast09uGO7jXw8zYtTVVoSrF/tdMuugG1CXEkX/Ai0Lb0wRwfzqKNYN941
YwxZ0CJ1RZrAwK74w6YEa6LsnQ14iRBt8v63BkNksTOGiDDs+wBIDEPrH2JNimxM
w0FPRyZcPb8aBo+Z0U7j9z9PkWP29B+6fKztpD769WwFmpCmqb3+NJBGb664Dix7
Twz00FgtRFjV3QY9klLKqSbLV27eWm0DFCNA1V2jEU5f
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org