Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8f4b2da-8da0-4108-b565-e257413d5a23.roa
File: b8f4b2da-8da0-4108-b565-e257413d5a23.roa (raw, json)
Hash identifier: VD6F9Czsep0YfXzXw14Da4r3ENdOyqm4NWEdZON06Qk=
Subject key identifier: 41:DF:81:48:D2:29:A4:42:06:E6:86:AF:DA:09:F6:C6:5B:B7:C5:9D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3D18F7162B24AF481CDD0A0FCA90C11D04081DA0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8f4b2da-8da0-4108-b565-e257413d5a23.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:18:f7:16:2b:24:af:48:1c:dd:0a:0f:ca:90:c1:1d:04:08:1d:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=7f9d50b5fcb753941cc3fb52006035ef993257e2916ea22c200c071fffc7eb1d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ed:d9:37:0f:2c:d3:4a:ac:a7:e7:44:2a:13:
06:42:e5:46:4d:09:cc:4f:4f:16:09:29:41:83:c9:
4f:5a:f9:15:77:7a:76:66:ff:b5:a7:dc:a7:27:e1:
89:55:46:2a:50:cd:d9:f6:e7:b8:9b:83:37:36:3f:
31:91:1c:79:0a:ad:7e:e9:26:2a:26:6a:c2:ae:60:
bc:95:76:f4:05:d4:45:59:07:14:98:dc:7c:b7:78:
85:55:29:73:84:fc:af:57:85:02:50:dd:a8:11:92:
09:e0:22:0b:a2:b9:1f:e0:44:53:5f:b5:51:ea:9d:
0b:7f:0f:7d:8b:39:91:bb:5d:0d:fa:cc:4a:f2:fc:
06:47:23:ec:b4:f4:c7:06:68:fc:57:ce:ad:56:e8:
ea:8a:33:f0:ad:ed:d5:c9:b5:58:96:2d:2a:4a:3b:
7a:ef:82:2d:18:8d:37:72:45:5c:68:2d:08:f0:8f:
27:ed:e7:40:74:80:47:ed:47:d8:72:09:cc:ba:5e:
b3:9b:8e:a5:54:6c:d1:0b:c6:4e:1f:5b:f3:a7:2e:
7e:b2:c4:1c:cb:0b:2c:40:c7:70:49:8a:22:66:f7:
39:82:53:21:3a:ef:a0:35:47:7f:1a:93:27:f5:0d:
a9:bf:93:fd:8d:26:dd:c6:1a:25:cf:b3:34:0c:cc:
d9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:DF:81:48:D2:29:A4:42:06:E6:86:AF:DA:09:F6:C6:5B:B7:C5:9D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8f4b2da-8da0-4108-b565-e257413d5a23.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
06:31:95:bc:d8:e5:91:72:b5:d7:07:45:11:39:a8:7d:2e:07:
dc:ec:e3:0d:d6:ae:1f:28:17:0e:61:1b:46:44:9d:70:c6:95:
fe:16:01:68:56:20:e8:3e:dd:63:bd:72:38:0f:76:d2:75:c2:
48:27:40:c6:23:30:6c:78:3a:7f:0c:f7:6b:89:d1:9a:a5:aa:
34:e8:85:cd:f0:0d:9c:9a:3d:1b:eb:b4:b1:68:99:91:28:3e:
f4:27:0b:4c:28:20:8d:47:18:c0:74:2e:8a:42:2c:d8:8b:20:
dd:35:b6:e8:10:2e:bc:66:1b:79:8c:2e:e5:5c:10:d9:df:89:
30:b3:cd:e1:10:fe:53:e6:a0:66:98:35:1c:5e:ca:9c:4b:c3:
6a:36:63:55:81:3c:91:9d:ef:4d:d5:ad:41:4e:dd:8b:5f:a3:
d7:c9:fb:c2:36:99:a4:04:d2:7e:90:9b:76:9a:f3:af:f1:c3:
c4:a6:03:ed:85:a3:6b:73:c0:d5:60:97:59:23:ae:da:91:47:
7f:5f:5d:37:bf:77:37:89:d6:dc:8f:0f:20:1c:3b:54:89:7a:
b0:77:8e:80:0c:b3:16:02:f9:52:87:6c:7e:41:f2:60:98:7b:
78:53:4f:8e:37:8a:e3:0c:a0:5a:27:ce:d3:bd:37:b9:26:6b:
6b:4d:e1:08
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPRj3Fiskr0gc3QoPypDBHQQIHaAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmOWQ1MGI1ZmNiNzUzOTQxY2MzZmI1MjAwNjAzNWVmOTkzMjU3ZTI5MTZl
YTIyYzIwMGMwNzFmZmZjN2ViMWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbt2TcPLNNKrKfnRCoTBkLlRk0JzE9PFgkpQYPJT1r5FXd6dmb/tafcpyfh
iVVGKlDN2fbnuJuDNzY/MZEceQqtfukmKiZqwq5gvJV29AXURVkHFJjcfLd4hVUp
c4T8r1eFAlDdqBGSCeAiC6K5H+BEU1+1UeqdC38PfYs5kbtdDfrMSvL8Bkcj7LT0
xwZo/FfOrVbo6ooz8K3t1cm1WJYtKko7eu+CLRiNN3JFXGgtCPCPJ+3nQHSAR+1H
2HIJzLpes5uOpVRs0QvGTh9b86cufrLEHMsLLEDHcEmKImb3OYJTITrvoDVHfxqT
J/UNqb+T/Y0m3cYaJc+zNAzM2dUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRB34FI
0imkQgbmhq/aCfbGW7fFnTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjhmNGIyZGEtOGRhMC00MTA4LWI1NjUtZTI1NzQxM2Q1YTIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEABjGVvNjlkXK11wdFETmofS4H3OzjDdauHygXDmEb
RkSdcMaV/hYBaFYg6D7dY71yOA920nXCSCdAxiMwbHg6fwz3a4nRmqWqNOiFzfAN
nJo9G+u0sWiZkSg+9CcLTCggjUcYwHQuikIs2Isg3TW26BAuvGYbeYwu5VwQ2d+J
MLPN4RD+U+agZpg1HF7KnEvDajZjVYE8kZ3vTdWtQU7di1+j18n7wjaZpATSfpCb
dprzr/HDxKYD7YWja3PA1WCXWSOu2pFHf19dN793N4nW3I8PIBw7VIl6sHeOgAyz
FgL5UodsfkHyYJh7eFNPjjeK4wygWifO0703uSZra03hCA==
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org