Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
File: c5b27928-f79b-49c0-80c5-88852eab11e3.roa (raw, json)
Hash identifier: 653G/G9H17tGwE7oysHh1uUswPCDb1XtbxFzocbfSN4=
Subject key identifier: C4:5B:AA:34:48:9F:F4:7D:C4:72:7D:B5:2D:6D:EE:44:81:3B:67:B9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7FEF69EBBFD3DF194F18363784A9282DB93B4141
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:ef:69:eb:bf:d3:df:19:4f:18:36:37:84:a9:28:2d:b9:3b:41:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=01fc30978bff4d523fd5bccf206b429e12c8cc07ee16fe21d7f33a12a6cd638b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f1:fe:f1:6d:37:06:26:1e:7d:b7:26:d2:b3:
9a:13:c9:33:c3:58:20:2b:15:5f:76:fa:7f:b7:72:
f1:83:40:fb:b3:01:4f:bf:1a:06:56:6b:70:56:88:
ac:8c:c9:4f:f6:8c:41:c6:6f:90:24:55:6a:7f:5d:
29:4e:8c:d2:51:e8:22:e6:9e:e7:4d:e6:b9:3d:4c:
c6:46:4f:79:ef:1b:f1:72:a4:b9:be:07:9b:af:c4:
4a:5a:3e:4b:9b:79:13:52:24:21:1b:19:bc:d4:76:
57:af:61:c1:d6:5d:9d:4d:da:91:6c:ea:09:fc:9f:
11:c0:4e:76:00:e5:94:f5:ab:0b:79:26:5d:25:b5:
f4:b4:0d:42:2a:b8:2c:3d:94:ea:46:b7:74:c5:33:
5b:59:e8:f6:1f:ff:1b:f1:9b:92:a4:98:ed:3a:67:
a7:77:48:4b:e1:ee:bf:22:9a:a3:4b:36:42:42:c1:
98:95:6d:c6:ab:ba:05:81:ac:1a:6e:ba:ef:d6:21:
a6:e3:c2:a3:d8:f8:d1:ca:0a:d9:23:15:a5:d8:86:
c7:15:80:04:bd:ff:7d:d9:7b:2d:19:47:f2:fe:f0:
9a:88:b5:48:bc:cd:90:ec:8e:24:87:77:f5:06:5a:
38:41:2c:1b:3e:7b:2c:d7:90:15:3c:e1:bf:c0:33:
70:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5B:AA:34:48:9F:F4:7D:C4:72:7D:B5:2D:6D:EE:44:81:3B:67:B9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:5b:65:2d:7b:16:81:9e:20:c6:8b:4e:3f:b0:29:57:fa:30:
e4:53:21:57:d4:d3:20:68:1d:fa:70:7c:6c:59:58:8a:13:2d:
38:8a:39:d9:83:bd:d2:df:0b:ba:9a:ee:eb:97:b5:3e:51:8f:
83:fa:49:f5:48:a9:bc:52:8f:ce:6b:2f:aa:70:77:83:3c:1a:
4c:c0:15:9c:1f:e0:22:da:4a:eb:7d:e6:b0:f1:26:74:14:40:
d4:31:4b:ed:44:15:d6:f8:7b:47:65:15:c0:ec:75:e1:87:ee:
0d:5b:02:85:58:ad:b5:70:e0:3e:7b:25:c9:c5:6b:a6:8d:fe:
aa:2b:d5:56:5a:a7:86:b0:6c:07:38:a0:cf:d4:43:c1:42:94:
9b:45:d3:da:d2:a2:07:70:f7:c9:a4:c9:f9:4c:19:90:de:84:
f6:bc:2d:36:7e:66:95:cf:9c:f0:6c:34:5f:a0:37:63:88:01:
21:5e:22:83:3a:a3:2f:a0:4a:fa:a4:e6:42:5b:1d:12:cd:44:
83:e7:0d:dc:22:a4:86:24:69:ea:0e:ae:27:0f:fa:6a:59:70:
72:60:6e:2c:83:af:d7:f2:2e:e4:07:16:5f:b1:21:33:99:dd:
d5:cc:79:81:98:c5:95:87:e9:3a:1f:1e:6e:a2:3a:d5:6e:c3:
b6:87:b0:96
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUf+9p67/T3xlPGDY3hKkoLbk7QUEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxZmMzMDk3OGJmZjRkNTIzZmQ1YmNjZjIwNmI0MjllMTJjOGNjMDdlZTE2
ZmUyMWQ3ZjMzYTEyYTZjZDYzOGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTx/vFtNwYmHn23JtKzmhPJM8NYICsVX3b6f7dy8YNA+7MBT78aBlZrcFaI
rIzJT/aMQcZvkCRVan9dKU6M0lHoIuae503muT1MxkZPee8b8XKkub4Hm6/ESlo+
S5t5E1IkIRsZvNR2V69hwdZdnU3akWzqCfyfEcBOdgDllPWrC3kmXSW19LQNQiq4
LD2U6ka3dMUzW1no9h//G/GbkqSY7Tpnp3dIS+HuvyKao0s2QkLBmJVtxqu6BYGs
Gm6679YhpuPCo9j40coK2SMVpdiGxxWABL3/fdl7LRlH8v7wmoi1SLzNkOyOJId3
9QZaOEEsGz57LNeQFTzhv8AzcPUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTEW6o0
SJ/0fcRyfbUtbe5EgTtnuTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzViMjc5MjgtZjc5Yi00OWMwLTgwYzUtODg4NTJlYWIxMWUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAjFtlLXsWgZ4gxotOP7ApV/ow5FMhV9TTIGgd+nB8
bFlYihMtOIo52YO90t8Lupru65e1PlGPg/pJ9UipvFKPzmsvqnB3gzwaTMAVnB/g
ItpK633msPEmdBRA1DFL7UQV1vh7R2UVwOx14YfuDVsChVittXDgPnslycVrpo3+
qivVVlqnhrBsBzigz9RDwUKUm0XT2tKiB3D3yaTJ+UwZkN6E9rwtNn5mlc+c8Gw0
X6A3Y4gBIV4igzqjL6BK+qTmQlsdEs1Eg+cN3CKkhiRp6g6uJw/6allwcmBuLIOv
1/Iu5AcWX7EhM5nd1cx5gZjFlYfpOh8ebqI61W7Dtoewlg==
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org