Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa
File: ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa (raw, json)
Hash identifier: rFXvPSQrgV/YigEBSOrahtGBdWlzAne9eptvK23fFQI=
Subject key identifier: D4:49:38:77:8F:ED:60:C0:55:93:50:6A:49:43:80:33:DB:DE:49:62
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D393C89A4E9CE0CB8DBFC08009031ADAEE59827
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:39:3c:89:a4:e9:ce:0c:b8:db:fc:08:00:90:31:ad:ae:e5:98:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=7e8fb9c716cd877e64c1aeaaba39cfb339ee0fadaf108afd76f17b2db956cbd4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:02:33:b2:d0:e7:5e:27:22:d4:34:b2:d1:e3:
b6:66:e7:6f:fc:74:4d:50:6b:88:b1:ab:8d:1e:97:
70:ab:c4:93:74:9f:80:ce:e7:e9:14:23:12:aa:e0:
95:31:68:4d:e8:9d:84:fe:a8:d7:1b:6f:e2:b5:f7:
8a:1d:08:0a:7b:d7:f1:ab:a1:17:2d:e4:d0:a0:53:
f6:e8:22:63:23:b1:6b:d8:8f:c9:6c:4e:2c:46:30:
f2:48:c6:d5:e8:c2:f3:f9:86:1e:5c:67:1f:10:35:
d8:23:44:08:fb:26:a0:40:cc:99:0a:a5:ca:9f:de:
13:d9:1c:40:4d:2a:e4:a7:12:76:db:30:bc:18:5d:
a9:ae:ef:58:f9:9b:6c:91:75:25:10:3b:db:71:54:
06:ae:ad:f8:4b:b0:39:bf:c9:7f:0e:0c:56:ef:dc:
a9:e3:47:b5:8e:08:fb:05:df:49:5e:52:66:a4:4b:
a9:37:1e:19:60:50:3c:bd:bd:14:9a:c6:1c:2e:1a:
67:89:dc:32:6d:76:4f:58:28:c1:8e:9d:d4:65:e5:
eb:72:e4:3a:57:a1:cc:90:7e:8f:b9:9b:bd:7e:2d:
8f:dd:5d:d2:76:7d:f2:40:42:6e:0e:36:e8:f2:5c:
ff:18:c9:22:12:19:57:e6:9a:7a:f6:65:fc:bc:34:
3e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:49:38:77:8F:ED:60:C0:55:93:50:6A:49:43:80:33:DB:DE:49:62
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae8b3a5c-eb14-4f76-92b9-a9b43a7b8aa3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
5c:a1:75:94:c9:df:d4:fa:3b:20:b7:27:38:a9:c3:20:06:88:
c7:6b:8d:e1:26:3e:73:d1:40:32:b7:8c:6b:e8:76:44:a7:d4:
10:a3:e0:27:17:e8:83:f7:d0:fc:e4:40:03:ef:02:cf:15:f7:
80:b0:a4:e8:c8:ce:d5:b2:28:ad:52:55:35:13:c9:6e:be:cb:
7d:c1:56:9b:c9:14:53:98:76:67:0a:c2:d4:5d:b7:e4:76:96:
34:fc:10:d9:7a:a9:22:70:37:6f:a8:bd:d5:23:55:a9:db:57:
03:28:66:7b:20:c0:46:70:20:c0:1b:89:03:7b:84:df:fc:4b:
33:97:4d:fb:d9:53:93:ba:02:e9:a4:62:d7:53:ea:cd:d9:65:
d1:22:8c:38:ed:1a:24:9a:8e:d8:60:45:ec:d3:61:10:ac:cd:
78:b2:ce:ec:c0:e5:76:fb:c3:89:28:ed:d2:96:77:70:4a:bd:
ab:0e:b0:40:4d:ee:cc:e4:84:b0:e4:b4:e8:50:dd:80:1e:ef:
84:c2:2c:8e:1f:a0:34:16:60:d8:54:db:f2:ff:7f:89:3e:7b:
94:39:76:18:49:e8:fc:27:07:32:25:63:cc:4d:4c:87:21:39:
b2:e7:e7:52:18:dc:d0:44:8a:d0:b7:7c:f3:f4:3e:8b:cb:3a:
68:e7:d5:41
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfTk8iaTpzgy42/wIAJAxra7lmCcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlOGZiOWM3MTZjZDg3N2U2NGMxYWVhYWJhMzljZmIzMzllZTBmYWRhZjEw
OGFmZDc2ZjE3YjJkYjk1NmNiZDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPUCM7LQ514nItQ0stHjtmbnb/x0TVBriLGrjR6XcKvEk3SfgM7n6RQjEqrg
lTFoTeidhP6o1xtv4rX3ih0ICnvX8auhFy3k0KBT9ugiYyOxa9iPyWxOLEYw8kjG
1ejC8/mGHlxnHxA12CNECPsmoEDMmQqlyp/eE9kcQE0q5KcSdtswvBhdqa7vWPmb
bJF1JRA723FUBq6t+EuwOb/Jfw4MVu/cqeNHtY4I+wXfSV5SZqRLqTceGWBQPL29
FJrGHC4aZ4ncMm12T1gowY6d1GXl63LkOlehzJB+j7mbvX4tj91d0nZ98kBCbg42
6PJc/xjJIhIZV+aaevZl/Lw0PjkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTUSTh3
j+1gwFWTUGpJQ4Az295JYjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWU4YjNhNWMtZWIxNC00Zjc2LTkyYjktYTliNDNhN2I4YWEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQBcoXWUyd/U+jsgtyc4qcMgBojHa43hJj5z0UAyt4xr
6HZEp9QQo+AnF+iD99D85EAD7wLPFfeAsKToyM7VsiitUlU1E8luvst9wVabyRRT
mHZnCsLUXbfkdpY0/BDZeqkicDdvqL3VI1Wp21cDKGZ7IMBGcCDAG4kDe4Tf/Esz
l0372VOTugLppGLXU+rN2WXRIow47Rokmo7YYEXs02EQrM14ss7swOV2+8OJKO3S
lndwSr2rDrBATe7M5ISw5LToUN2AHu+EwiyOH6A0FmDYVNvy/3+JPnuUOXYYSej8
JwcyJWPMTUyHITmy5+dSGNzQRIrQt3zz9D6Lyzpo59VB
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:17:13 2024 by rpki-client on console-fra.rpki-client.org