Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3f70d8a-f35a-4409-8c26-390948a7b181.roa
File: c3f70d8a-f35a-4409-8c26-390948a7b181.roa (raw, json)
Hash identifier: FKICnYsq/TSebEZlWNvMlFJ/wYNnGnS/DbUrlkAJNj4=
Subject key identifier: 16:43:86:A0:C0:8D:89:65:F2:B9:98:45:89:F4:E8:60:1F:35:93:F8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 68E87FE7BF745FA8F13C90BF56B7081B9A97EE28
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3f70d8a-f35a-4409-8c26-390948a7b181.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:e8:7f:e7:bf:74:5f:a8:f1:3c:90:bf:56:b7:08:1b:9a:97:ee:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=0f464846348037e7b64655e898a2ab48b5f7f16be38fc045a35e94b02a2ca2b8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f0:86:94:8b:78:ea:57:7c:12:d8:6f:b7:df:
d7:c3:1c:6c:c4:97:43:3a:bb:2d:bb:3a:74:d8:43:
8b:5f:25:75:25:5c:f2:17:88:ca:34:ec:79:1c:8f:
d5:ba:af:28:69:ab:a5:2e:5b:0c:8b:0a:82:7a:26:
8a:b8:7a:95:83:7f:4e:d3:68:21:72:60:f2:f3:90:
4a:61:25:21:d3:2c:bc:c2:94:24:4a:b5:1f:89:72:
67:d5:3d:c5:c9:72:03:f9:3f:dc:f2:a8:aa:f2:2d:
1f:13:f5:11:05:f8:58:97:24:25:06:07:44:50:16:
6a:6c:8e:82:06:5d:8c:c9:93:a6:08:dc:db:d6:b4:
00:8b:be:4d:75:12:4f:f0:26:4f:84:bc:bd:16:aa:
ac:67:01:ce:32:2d:da:00:5d:05:bf:7e:3b:16:85:
48:6f:ca:c3:33:63:93:46:b9:ac:e6:f5:c7:14:db:
ab:5d:54:28:85:03:07:60:0d:48:a9:28:42:d6:9f:
01:2d:6e:cd:e1:43:ee:51:d5:ef:23:f0:88:b8:0f:
96:9c:f0:82:cf:ef:90:d6:09:fb:6d:72:74:0c:b4:
89:10:1c:2f:7b:ce:e2:dd:f7:fe:81:27:15:a1:40:
bd:a9:95:b1:62:2d:7c:b2:72:5b:54:86:21:36:56:
15:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:43:86:A0:C0:8D:89:65:F2:B9:98:45:89:F4:E8:60:1F:35:93:F8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3f70d8a-f35a-4409-8c26-390948a7b181.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
18:ef:8e:6a:bd:88:fd:6e:c3:2a:32:c3:d1:ca:b0:3d:54:0c:
16:6d:27:26:ce:00:08:aa:35:44:aa:15:bc:e0:e1:0d:ed:b9:
7d:06:17:6f:d5:22:ec:2d:84:a8:92:9a:ed:cf:7e:7a:3e:b4:
0d:76:d7:cd:e5:4b:a8:dc:04:a2:5c:90:f7:55:db:84:8f:77:
eb:5a:83:09:b6:fd:6f:a4:4b:64:09:35:2f:1d:fa:ae:34:f3:
5f:bf:7d:4a:e1:82:45:38:81:01:89:a8:79:7f:7b:ac:ba:f1:
c9:d5:90:11:1e:fc:3b:b3:fd:80:21:1a:3c:76:14:d9:3e:73:
83:2b:8e:64:40:66:65:be:8e:13:d0:88:ec:98:e0:0b:25:ec:
28:b7:0a:98:04:84:b6:19:bb:f6:45:a7:1c:c6:4e:de:6a:ba:
fd:6c:de:bf:2f:95:29:e4:ee:79:8a:2f:58:fd:1d:a3:ee:58:
87:3a:7e:cb:15:bc:01:30:f3:d7:be:3d:42:bb:30:12:bd:29:
6e:4d:9d:04:5d:1c:fb:ce:7a:77:e6:97:45:ad:07:a5:68:ee:
42:2b:57:4e:a8:d4:cf:a7:b6:5e:af:b9:7e:b5:c9:f1:94:ef:
66:cd:4a:dc:71:27:6e:48:4e:b8:1b:14:65:45:77:c5:37:33:
0e:4d:2f:56
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaOh/5790X6jxPJC/VrcIG5qX7igwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNDY0ODQ2MzQ4MDM3ZTdiNjQ2NTVlODk4YTJhYjQ4YjVmN2YxNmJlMzhm
YzA0NWEzNWU5NGIwMmEyY2EyYjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3whpSLeOpXfBLYb7ff18McbMSXQzq7Lbs6dNhDi18ldSVc8heIyjTseRyP
1bqvKGmrpS5bDIsKgnomirh6lYN/TtNoIXJg8vOQSmElIdMsvMKUJEq1H4lyZ9U9
xclyA/k/3PKoqvItHxP1EQX4WJckJQYHRFAWamyOggZdjMmTpgjc29a0AIu+TXUS
T/AmT4S8vRaqrGcBzjIt2gBdBb9+OxaFSG/KwzNjk0a5rOb1xxTbq11UKIUDB2AN
SKkoQtafAS1uzeFD7lHV7yPwiLgPlpzwgs/vkNYJ+21ydAy0iRAcL3vO4t33/oEn
FaFAvamVsWItfLJyW1SGITZWFaUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQWQ4ag
wI2JZfK5mEWJ9OhgHzWT+DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzNmNzBkOGEtZjM1YS00NDA5LThjMjYtMzkwOTQ4YTdiMTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAGO+Oar2I/W7DKjLD0cqwPVQMFm0nJs4ACKo1RKoV
vODhDe25fQYXb9Ui7C2EqJKa7c9+ej60DXbXzeVLqNwEolyQ91XbhI9361qDCbb9
b6RLZAk1Lx36rjTzX799SuGCRTiBAYmoeX97rLrxydWQER78O7P9gCEaPHYU2T5z
gyuOZEBmZb6OE9CI7JjgCyXsKLcKmASEthm79kWnHMZO3mq6/Wzevy+VKeTueYov
WP0do+5Yhzp+yxW8ATDz1749QrswEr0pbk2dBF0c+856d+aXRa0HpWjuQitXTqjU
z6e2Xq+5frXJ8ZTvZs1K3HEnbkhOuBsUZUV3xTczDk0vVg==
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:48:10 2024 by rpki-client on console-fra.rpki-client.org