Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
File: c806309a-9e3e-4b0e-aad2-1356d070a437.roa (raw, json)
Hash identifier: fxKbDDQ1X7NRz3zhQECfBUDtCz5AsVz2wxs76jIrCsY=
Subject key identifier: 9F:57:81:ED:B0:64:0F:6F:8A:9C:2B:97:25:68:18:A9:9B:B3:50:F6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3C4B71407993B6814A252485052B49D4BBB8E6F4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:4b:71:40:79:93:b6:81:4a:25:24:85:05:2b:49:d4:bb:b8:e6:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=4bc6104e892293986f0f9cd56c2b1b55574f336be5eac01f7aeff46644c7dd9b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a9:83:d7:16:a8:9e:3a:ab:dc:a1:4d:9b:61:
ec:49:58:ea:ae:6e:29:e7:04:7c:ad:6c:b3:e0:3e:
0b:b3:be:06:37:f2:38:e6:b2:1a:c6:5c:e1:20:9b:
58:5c:75:c1:7a:6c:3e:d1:b0:5e:3c:6d:4e:09:4a:
64:73:8d:52:a0:ca:75:ca:34:a6:91:92:ea:47:b0:
73:fe:10:6a:39:da:db:9d:7b:fb:c1:a7:33:ec:24:
ed:f2:f0:1b:ad:af:68:7c:f3:28:72:9f:08:49:0d:
db:29:4a:21:0d:3f:c3:a4:d4:48:e0:65:93:10:c7:
3e:08:e7:00:15:ee:99:24:0a:f5:ed:52:bc:d5:7d:
f5:6a:6a:a3:96:3c:49:13:17:1e:d9:b5:95:c6:fb:
b3:17:9d:2d:13:29:3f:27:c7:ec:ab:9d:59:4b:da:
9e:45:4a:7f:32:52:d7:64:e1:b2:39:b0:bf:03:26:
dd:d7:d5:52:80:ce:62:40:33:5f:3d:69:ea:6a:17:
c2:ed:ae:35:0a:31:8e:fa:91:a6:58:a4:95:64:3e:
24:b6:21:04:b8:6c:e8:62:3f:8f:25:55:30:b0:e4:
61:fe:5c:e6:1f:e3:b7:72:5c:df:88:ea:9d:7c:39:
9f:bb:cf:40:24:be:e5:72:38:54:ff:2e:03:d0:63:
f7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:57:81:ED:B0:64:0F:6F:8A:9C:2B:97:25:68:18:A9:9B:B3:50:F6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:13::/48
Signature Algorithm: sha256WithRSAEncryption
4d:46:eb:5a:39:8a:f2:c0:db:0c:73:e6:b5:97:dc:e7:52:77:
54:48:f5:5a:f4:40:03:9b:59:c1:53:2d:65:88:14:3d:90:ed:
db:f7:49:0a:f1:f4:e7:f9:4a:5b:3a:fa:ed:25:74:d3:e6:05:
7f:67:7b:53:9b:d3:25:e7:26:49:d4:01:7c:98:55:0d:0d:d4:
8c:11:48:82:3e:fe:17:91:6f:55:7d:f7:ec:91:a0:8f:71:9a:
b2:a8:c2:c0:f0:4b:68:ad:16:7f:52:69:0d:e7:46:31:e2:37:
96:4c:ec:e8:c7:ad:8a:30:55:7d:ce:89:81:0a:d2:a6:d6:2d:
02:f2:3e:bb:9a:d9:c8:86:03:b3:13:7a:3a:99:f7:a6:3c:5d:
75:33:05:1a:b0:19:8d:6e:1d:42:00:71:a6:13:ef:ba:16:07:
26:ad:85:f1:da:50:b7:f5:4c:ae:ad:4a:32:e5:9b:29:90:96:
e4:4b:71:76:bc:40:e4:f8:db:b3:7f:c5:ab:72:d3:52:bc:e7:
02:9c:3f:54:85:33:e5:dc:5e:a0:48:f2:d5:b3:1c:36:37:de:
c5:84:c2:cb:ff:cd:00:93:f7:5c:13:5a:6d:b0:91:84:2a:fa:
f7:a6:d1:c4:4f:27:f2:59:e3:19:a2:fa:1c:a4:9d:fe:3d:63:
3a:ab:11:2d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPEtxQHmTtoFKJSSFBStJ1Lu45vQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiYzYxMDRlODkyMjkzOTg2ZjBmOWNkNTZjMmIxYjU1NTc0ZjMzNmJlNWVh
YzAxZjdhZWZmNDY2NDRjN2RkOWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKipg9cWqJ46q9yhTZth7ElY6q5uKecEfK1ss+A+C7O+BjfyOOayGsZc4SCb
WFx1wXpsPtGwXjxtTglKZHONUqDKdco0ppGS6kewc/4Qajna2517+8GnM+wk7fLw
G62vaHzzKHKfCEkN2ylKIQ0/w6TUSOBlkxDHPgjnABXumSQK9e1SvNV99Wpqo5Y8
SRMXHtm1lcb7sxedLRMpPyfH7KudWUvankVKfzJS12ThsjmwvwMm3dfVUoDOYkAz
Xz1p6moXwu2uNQoxjvqRpliklWQ+JLYhBLhs6GI/jyVVMLDkYf5c5h/jt3Jc34jq
nXw5n7vPQCS+5XI4VP8uA9Bj96cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSfV4Ht
sGQPb4qcK5claBipm7NQ9jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzgwNjMwOWEtOWUzZS00YjBlLWFhZDItMTM1NmQwNzBhNDM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
EzANBgkqhkiG9w0BAQsFAAOCAQEATUbrWjmK8sDbDHPmtZfc51J3VEj1WvRAA5tZ
wVMtZYgUPZDt2/dJCvH05/lKWzr67SV00+YFf2d7U5vTJecmSdQBfJhVDQ3UjBFI
gj7+F5FvVX337JGgj3GasqjCwPBLaK0Wf1JpDedGMeI3lkzs6MetijBVfc6JgQrS
ptYtAvI+u5rZyIYDsxN6Opn3pjxddTMFGrAZjW4dQgBxphPvuhYHJq2F8dpQt/VM
rq1KMuWbKZCW5EtxdrxA5Pjbs3/Fq3LTUrznApw/VIUz5dxeoEjy1bMcNjfexYTC
y//NAJP3XBNabbCRhCr696bRxE8n8lnjGaL6HKSd/j1jOqsRLQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org