Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b3d1fcf7-e82a-4fe4-b1fe-abec2cc71d60.roa
File: b3d1fcf7-e82a-4fe4-b1fe-abec2cc71d60.roa (raw, json)
Hash identifier: ZjURJ8/70rr/KeRCWpQs6GP3iFtrj6QP02COk05m5F8=
Subject key identifier: FA:21:03:8E:14:E0:75:96:A7:CE:0C:A2:0A:0D:C0:13:7E:6E:D0:5F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5B8B94491127628E68CAE77290F2B8A9BD7E5609
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b3d1fcf7-e82a-4fe4-b1fe-abec2cc71d60.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.85.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:8b:94:49:11:27:62:8e:68:ca:e7:72:90:f2:b8:a9:bd:7e:56:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=ae3329bb77055b9024c2ecacd360d533fe2dff9269d4f72b43aea0522c571aff, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b0:b0:59:2b:05:bb:68:2c:2e:b8:7c:cb:87:
ef:13:1c:d0:83:8b:76:47:0d:7f:bc:c8:34:01:f2:
d0:3e:87:21:bf:6c:90:cc:d8:7f:12:3d:ec:82:d7:
e4:7a:0d:21:fd:65:ab:b4:2c:a7:f5:f4:e9:33:c4:
1e:1b:0a:eb:f7:f0:e6:9e:fd:5d:af:19:20:e4:19:
e9:dd:e1:cc:1d:26:43:07:94:99:40:04:ab:26:41:
6f:85:16:0b:65:08:3a:e1:74:6b:d4:1b:1f:fa:e5:
f8:89:21:22:88:09:f5:11:fe:46:9e:97:e9:87:25:
40:50:a3:a5:29:1b:c0:cc:91:69:93:59:21:42:65:
42:e2:82:75:d6:60:bc:f9:57:7e:58:75:8b:ec:cf:
8e:4a:6c:55:dd:4e:64:99:82:7c:9e:a9:9f:70:0c:
9c:aa:8e:de:6c:9b:a0:28:98:b8:3d:78:d9:06:f2:
12:a2:02:ee:c9:ff:2f:20:c0:8e:9a:f1:e7:57:d9:
82:78:f1:b9:aa:e4:37:9a:b2:64:56:b6:82:88:c1:
09:58:22:4b:86:d2:18:a9:c8:00:b1:39:dd:d7:fc:
0b:62:68:e6:a5:8e:7f:6f:14:12:2b:a0:07:8c:8e:
9c:06:3a:60:88:e8:9c:c6:49:29:04:2d:c5:03:5a:
86:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:21:03:8E:14:E0:75:96:A7:CE:0C:A2:0A:0D:C0:13:7E:6E:D0:5F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b3d1fcf7-e82a-4fe4-b1fe-abec2cc71d60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:3b:04:af:bf:f0:cf:7f:c9:1f:30:49:ae:f0:36:dd:e6:ce:
ff:61:e9:45:1c:7b:74:b4:67:d0:17:84:73:70:7d:24:b4:d1:
4d:9c:49:91:a1:5c:6b:f9:c4:12:68:b8:7b:3e:55:6f:b9:59:
c0:b5:96:fc:78:6d:c4:b8:87:29:1c:97:25:5e:ba:18:c4:06:
85:13:60:44:86:f6:81:09:a6:31:ae:b1:3c:98:72:15:f8:ed:
a7:13:4f:de:b5:f1:58:4e:1f:9f:ff:b3:bc:45:4c:3e:5c:32:
71:a1:71:04:d3:71:44:17:a9:97:37:ad:fc:53:25:2b:17:97:
8e:b0:d5:46:ee:69:02:8b:6b:81:e2:ec:2e:88:4d:7c:1c:b2:
3f:dc:e2:14:15:a5:94:08:11:28:4f:3e:a6:61:a0:67:f7:54:
e9:df:85:7e:4b:39:50:2e:58:e1:f3:cf:68:a2:d3:b1:ec:d8:
4d:5c:a3:02:ad:a4:6a:1b:4e:0c:57:b2:b0:1c:b0:f7:84:ec:
ba:75:ad:cf:b3:fc:11:7f:05:df:8a:a6:e4:6f:dd:2e:f2:ab:
0a:24:e9:08:e8:ca:35:18:94:15:30:27:74:62:72:e0:61:d5:
3f:a9:c7:f8:38:d3:78:35:84:ae:8c:e9:40:b8:b7:18:c7:df:
70:89:d4:cc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUW4uUSREnYo5oyudykPK4qb1+VgkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlMzMyOWJiNzcwNTViOTAyNGMyZWNhY2QzNjBkNTMzZmUyZGZmOTI2OWQ0
ZjcyYjQzYWVhMDUyMmM1NzFhZmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKKwsFkrBbtoLC64fMuH7xMc0IOLdkcNf7zINAHy0D6HIb9skMzYfxI97ILX
5HoNIf1lq7Qsp/X06TPEHhsK6/fw5p79Xa8ZIOQZ6d3hzB0mQweUmUAEqyZBb4UW
C2UIOuF0a9QbH/rl+IkhIogJ9RH+Rp6X6YclQFCjpSkbwMyRaZNZIUJlQuKCddZg
vPlXflh1i+zPjkpsVd1OZJmCfJ6pn3AMnKqO3myboCiYuD142QbyEqIC7sn/LyDA
jprx51fZgnjxuarkN5qyZFa2gojBCVgiS4bSGKnIALE53df8C2Jo5qWOf28UEiug
B4yOnAY6YIjonMZJKQQtxQNahrECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT6IQOO
FOB1lqfODKIKDcATfm7QXzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjNkMWZjZjctZTgyYS00ZmU0LWIxZmUtYWJlYzJjYzcxZDYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlVMA0G
CSqGSIb3DQEBCwUAA4IBAQCsOwSvv/DPf8kfMEmu8Dbd5s7/YelFHHt0tGfQF4Rz
cH0ktNFNnEmRoVxr+cQSaLh7PlVvuVnAtZb8eG3EuIcpHJclXroYxAaFE2BEhvaB
CaYxrrE8mHIV+O2nE0/etfFYTh+f/7O8RUw+XDJxoXEE03FEF6mXN638UyUrF5eO
sNVG7mkCi2uB4uwuiE18HLI/3OIUFaWUCBEoTz6mYaBn91Tp34V+SzlQLljh889o
otOx7NhNXKMCraRqG04MV7KwHLD3hOy6da3Ps/wRfwXfiqbkb90u8qsKJOkI6Mo1
GJQVMCd0YnLgYdU/qcf4ONN4NYSujOlAuLcYx99widTM
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org