Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
File: c0cc077c-c457-49fe-8373-08e978cb64fd.roa (raw, json)
Hash identifier: KHrkdITPbtBA1GpRnuNaRknNkRFvLMS2TqEpYIzgjH0=
Subject key identifier: F3:60:98:0E:5D:17:99:C9:13:64:24:0E:97:C8:A6:6A:51:69:F0:B1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 21487EA63CCED239FFA96913B74A4B850E37FC2E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:48:7e:a6:3c:ce:d2:39:ff:a9:69:13:b7:4a:4b:85:0e:37:fc:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=72bc31f4e990a056e9dbfd0e24041dae3494257fbad96f3ee3306ada1f87883f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d2:67:8e:69:e6:e8:88:0a:c8:0b:de:e0:1f:
40:d1:c1:6a:90:f7:52:ef:bf:33:83:b0:9a:3b:58:
82:94:07:9c:e6:8a:0d:6a:63:23:8e:a5:f4:07:ad:
23:90:df:6a:3a:c5:59:4b:48:65:b1:ed:78:4f:48:
c2:97:59:57:10:db:64:5d:70:26:36:60:1d:84:02:
39:80:fe:35:1f:82:63:fe:83:53:17:b2:db:b4:32:
79:ab:37:2e:90:6f:19:1e:d1:06:e8:86:b2:47:79:
7b:82:76:06:ae:77:0a:d7:ed:d8:4e:6b:ed:db:e5:
d6:38:d4:5a:96:f7:7e:7b:a9:5d:15:b3:e6:32:33:
2f:9b:84:6b:4c:16:9a:60:c0:28:de:ea:a1:1d:ff:
cb:ca:ae:ce:ce:95:01:b8:e6:3b:6e:9f:d0:34:58:
e8:0a:07:0b:8a:7f:c7:17:ec:53:ce:d3:db:e3:01:
a8:b5:5b:9d:2a:05:a1:e5:da:e6:2b:9d:21:d7:12:
f4:06:18:a5:48:d6:c6:2a:c7:de:76:87:9d:ed:24:
6d:f4:76:1f:51:df:fd:9e:af:d2:fe:3c:f4:70:c4:
a7:7a:ee:54:b8:a6:5e:46:dc:5f:a2:4b:ef:21:ed:
fd:dc:aa:b1:67:c0:db:88:53:b3:b5:21:8d:67:0c:
f3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:60:98:0E:5D:17:99:C9:13:64:24:0E:97:C8:A6:6A:51:69:F0:B1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
9c:b5:57:d8:a0:2b:65:1d:68:46:de:19:a1:bc:f0:24:0b:71:
4d:88:ce:af:29:61:52:68:da:d0:fa:c4:4b:25:83:b8:3d:86:
06:a7:70:8d:e2:38:9b:2e:b3:bf:7e:32:78:a6:f8:01:ee:c5:
17:bd:3c:d3:3b:7a:68:a8:6f:44:68:97:6e:9a:f7:6e:2a:dc:
cd:d6:02:f1:df:06:5d:13:ef:4c:af:9e:b9:5f:26:c3:22:6d:
d9:f9:b9:f3:d9:1e:5b:74:ce:ec:5b:36:3b:58:a9:ae:60:95:
72:b6:50:5d:04:0f:34:b7:cd:55:51:3a:01:56:07:f8:48:dd:
cb:34:94:63:6b:fa:8a:bc:28:7a:01:d4:94:3a:7d:db:67:44:
fa:b7:fa:7e:39:ce:bb:58:77:0a:54:58:4f:ac:1e:f1:ce:13:
2b:c8:90:ba:52:5e:6f:54:3f:c4:75:d2:77:e9:13:00:0f:a2:
86:7a:91:79:24:d1:38:16:a4:b2:18:36:7e:1e:90:4b:04:8c:
2a:a9:74:ba:67:31:39:df:75:b6:b3:ed:61:8f:5b:f8:36:32:
fe:26:1a:26:73:79:e4:dc:52:33:26:c5:bf:2a:1f:8d:9f:2b:
85:88:6f:8c:92:3a:8f:65:8a:df:59:8c:9d:c3:45:c8:42:a6:
61:d8:fc:10
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIUh+pjzO0jn/qWkTt0pLhQ43/C4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyYmMzMWY0ZTk5MGEwNTZlOWRiZmQwZTI0MDQxZGFlMzQ5NDI1N2ZiYWQ5
NmYzZWUzMzA2YWRhMWY4Nzg4M2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbSZ45p5uiICsgL3uAfQNHBapD3Uu+/M4OwmjtYgpQHnOaKDWpjI46l9Aet
I5DfajrFWUtIZbHteE9IwpdZVxDbZF1wJjZgHYQCOYD+NR+CY/6DUxey27Qyeas3
LpBvGR7RBuiGskd5e4J2Bq53Ctft2E5r7dvl1jjUWpb3fnupXRWz5jIzL5uEa0wW
mmDAKN7qoR3/y8quzs6VAbjmO26f0DRY6AoHC4p/xxfsU87T2+MBqLVbnSoFoeXa
5iudIdcS9AYYpUjWxirH3naHne0kbfR2H1Hf/Z6v0v489HDEp3ruVLimXkbcX6JL
7yHt/dyqsWfA24hTs7UhjWcM860CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTzYJgO
XReZyRNkJA6XyKZqUWnwsTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzBjYzA3N2MtYzQ1Ny00OWZlLTgzNzMtMDhlOTc4Y2I2NGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAnLVX2KArZR1oRt4ZobzwJAtxTYjOrylhUmja0PrE
SyWDuD2GBqdwjeI4my6zv34yeKb4Ae7FF7080zt6aKhvRGiXbpr3birczdYC8d8G
XRPvTK+euV8mwyJt2fm589keW3TO7Fs2O1iprmCVcrZQXQQPNLfNVVE6AVYH+Ejd
yzSUY2v6irwoegHUlDp922dE+rf6fjnOu1h3ClRYT6we8c4TK8iQulJeb1Q/xHXS
d+kTAA+ihnqReSTROBakshg2fh6QSwSMKql0umcxOd91trPtYY9b+DYy/iYaJnN5
5NxSMybFvyofjZ8rhYhvjJI6j2WK31mMncNFyEKmYdj8EA==
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:28 2024 by rpki-client on console-ams.rpki-client.org