Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa
File: b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa (raw, json)
Hash identifier: fHYPslYqqL6zm8LE0EvUNVATnfT+K9zFKgOBp0hvFj0=
Subject key identifier: 32:1F:50:07:95:6F:07:02:0C:3B:C2:69:1B:6E:5E:CF:4E:55:E9:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7264A88B4F0550C743D799BE107C72DCDB53E067
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa
Signing time: Tue 26 Mar 2024 00:00:00 +0000
ROA not before: Tue 26 Mar 2024 00:00:00 +0000
ROA not after: Tue 30 Apr 2024 23:59:59 +0000
asID: 8987
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:64:a8:8b:4f:05:50:c7:43:d7:99:be:10:7c:72:dc:db:53:e0:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 26 00:00:00 2024 GMT
Not After : Apr 30 23:59:59 2024 GMT
Subject: serialNumber=5f5d0d3906d908e0beacd45ce1c11bd8065dca930407d5e861f27672b7f78a94, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e9:f8:0b:04:5c:0a:9f:69:70:ad:d0:12:c9:
e9:58:c9:e3:10:93:1f:a7:3f:20:78:b4:7a:d3:d2:
2d:34:da:c1:46:30:a8:37:e5:18:cc:e8:ea:e4:82:
c9:1b:ee:14:cd:34:05:ff:c3:d5:09:5f:41:1b:04:
d2:6b:f0:74:b5:8e:f0:a9:f4:a3:cd:31:88:48:a4:
01:7c:80:34:8c:4a:8f:d9:39:06:41:ab:fe:b9:f8:
fa:f8:a3:52:72:dc:51:98:7a:85:02:34:18:7d:a9:
ce:f0:83:dc:43:09:ff:f2:bb:f7:72:b3:81:50:9c:
ed:b2:df:b0:93:c9:7f:f8:76:95:f0:18:88:8e:83:
ed:b6:38:13:d8:4a:36:53:c9:96:ad:00:69:fa:c6:
3f:17:ee:36:3a:b7:1c:3f:98:d3:ac:83:2b:06:74:
75:3a:62:78:86:de:97:14:19:76:28:a7:e6:be:66:
7a:ab:05:0b:b0:7d:ec:5b:76:cc:cf:4e:cc:4e:75:
95:25:c3:d8:c4:dd:6c:2f:3d:70:e5:9e:00:f3:c1:
a4:0d:a2:7d:d6:81:cc:16:15:ac:46:d3:49:84:73:
6a:cf:20:c9:79:5a:d5:eb:5b:55:0c:5e:29:7a:8f:
6e:f3:12:62:f0:fa:b5:93:a5:53:c9:3c:2c:99:75:
b9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:1F:50:07:95:6F:07:02:0C:3B:C2:69:1B:6E:5E:CF:4E:55:E9:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b8:c1:6e:d6:f9:40:72:af:ac:7b:a0:5d:fd:e1:dc:4c:89:94:
7a:7c:36:8e:fb:8f:fe:b9:66:c5:e7:26:d3:d7:b6:85:f5:e7:
49:b3:d6:3a:05:13:a3:9c:bb:70:29:0b:7f:64:81:70:f1:b3:
13:b9:ad:6c:83:9a:43:cf:27:9c:05:69:34:bd:3b:3f:40:52:
c7:5c:5a:c1:c0:14:7a:93:bc:5a:32:f6:05:4f:0b:71:f0:38:
84:47:fb:70:1c:13:ec:81:86:22:e0:39:fc:67:4a:15:54:04:
ce:53:39:eb:ae:92:e6:1d:c3:5f:bc:3e:23:ad:72:a1:a5:bf:
ce:93:2b:2e:91:0f:82:ba:49:01:c7:ac:34:45:af:47:0c:33:
3b:8a:20:cb:e0:41:27:ce:6d:f0:72:01:10:d6:93:16:c2:74:
3a:13:18:bc:f0:74:2a:7e:1c:79:91:aa:c1:45:6c:a5:f2:a0:
b7:63:76:bc:e3:23:20:02:33:5b:f0:76:7b:27:86:85:73:42:
cc:d0:78:e3:7b:01:a0:5a:56:db:6c:52:ed:0e:16:98:c3:9e:
7f:82:e5:d5:5b:5f:74:65:b1:19:9a:ab:b5:5b:a4:a2:74:02:
bf:3e:3c:2a:22:bd:b2:0c:58:6c:0d:e1:ce:3f:6d:1b:01:06:
13:b8:01:4a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcmSoi08FUMdD15m+EHxy3NtT4GcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjYwMDAwMDBaFw0yNDA0MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmNWQwZDM5MDZkOTA4ZTBiZWFjZDQ1Y2UxYzExYmQ4MDY1ZGNhOTMwNDA3
ZDVlODYxZjI3NjcyYjdmNzhhOTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3p+AsEXAqfaXCt0BLJ6VjJ4xCTH6c/IHi0etPSLTTawUYwqDflGMzo6uSC
yRvuFM00Bf/D1QlfQRsE0mvwdLWO8Kn0o80xiEikAXyANIxKj9k5BkGr/rn4+vij
UnLcUZh6hQI0GH2pzvCD3EMJ//K793KzgVCc7bLfsJPJf/h2lfAYiI6D7bY4E9hK
NlPJlq0AafrGPxfuNjq3HD+Y06yDKwZ0dTpieIbelxQZdiin5r5meqsFC7B97Ft2
zM9OzE51lSXD2MTdbC89cOWeAPPBpA2ifdaBzBYVrEbTSYRzas8gyXla1etbVQxe
KXqPbvMSYvD6tZOlU8k8LJl1uSUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQyH1AH
lW8HAgw7wmkbbl7PTlXpETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjhhMmI0MmEtOWVhMy00ZThkLTkyZWMtZTg5YzljNDQ2NzA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQC4wW7W+UByr6x7oF394dxMiZR6fDaO+4/+uWbF5ybT
17aF9edJs9Y6BROjnLtwKQt/ZIFw8bMTua1sg5pDzyecBWk0vTs/QFLHXFrBwBR6
k7xaMvYFTwtx8DiER/twHBPsgYYi4Dn8Z0oVVATOUznrrpLmHcNfvD4jrXKhpb/O
kysukQ+CukkBx6w0Ra9HDDM7iiDL4EEnzm3wcgEQ1pMWwnQ6Exi88HQqfhx5karB
RWyl8qC3Y3a84yMgAjNb8HZ7J4aFc0LM0HjjewGgWlbbbFLtDhaYw55/guXVW190
ZbEZmqu1W6SidAK/PjwqIr2yDFhsDeHOP20bAQYTuAFK
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:59:32 2024 by rpki-client on console-ams.rpki-client.org