Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
File: c806309a-9e3e-4b0e-aad2-1356d070a437.roa (raw, json)
Hash identifier: 0LMoX+58VjCmcQNik8PZfR27OX/n6M8RB2HefF9tO9E=
Subject key identifier: D9:5D:06:81:CA:D3:37:35:C1:8B:B9:96:DE:DE:C3:C3:B1:AB:17:02
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1181DB0E5A483D9803AB24E611B7DE0D4A6B5E9F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:81:db:0e:5a:48:3d:98:03:ab:24:e6:11:b7:de:0d:4a:6b:5e:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=511ddd7395213a5febb6566d00be54e98eb0df2d2e3c4b71cbe2bce9dfe87ffb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5f:bf:39:86:cf:93:3e:fd:bd:97:8e:fb:5a:
d1:27:2b:fd:46:9b:81:b5:3c:ad:76:9a:b3:74:b4:
4d:6a:3a:f4:cf:d7:c6:94:c1:d9:02:cb:2e:a2:f8:
fb:03:9e:9d:0d:20:45:59:eb:be:62:44:60:ae:a1:
19:63:8c:dd:1e:1c:79:4b:24:9c:87:a8:5d:b2:8d:
6f:84:81:13:fa:c1:fa:8e:e3:e6:83:1a:d5:d2:ea:
37:e9:f0:20:05:62:ba:c7:bf:b3:53:ca:45:1b:75:
af:17:82:23:0e:58:d0:97:cf:fb:80:55:5c:e6:06:
67:66:a8:58:9b:b5:62:69:a5:64:34:d0:68:2e:ce:
ab:3a:45:5d:ec:e1:a7:67:0a:0e:c4:ad:eb:a0:02:
e3:4c:7a:b2:ac:fc:f7:89:64:90:8a:d9:e9:04:b6:
af:77:21:a8:05:02:98:59:bc:20:2c:de:f4:7f:f0:
d5:4d:92:57:19:74:a4:5d:3e:83:5f:16:0d:35:4c:
da:94:cd:b3:ca:67:02:d9:9d:0e:fb:7c:bd:e8:ea:
f5:21:25:76:91:60:11:2f:55:c6:70:ab:55:11:77:
1d:09:4b:7c:3a:b7:e1:92:2a:df:89:0c:9f:e8:68:
8a:4d:03:26:68:37:4a:61:29:6a:e8:91:3f:d7:0b:
5f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:5D:06:81:CA:D3:37:35:C1:8B:B9:96:DE:DE:C3:C3:B1:AB:17:02
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:13::/48
Signature Algorithm: sha256WithRSAEncryption
5c:46:81:62:b9:95:28:75:28:a9:9f:fe:0e:c1:6c:ac:fc:00:
d6:fc:c2:73:03:dd:42:0d:90:9a:ba:a4:80:7d:2b:13:d7:ac:
70:44:50:3c:2f:df:9e:b2:38:2c:66:06:72:17:ba:93:4e:06:
ea:df:0a:6c:dc:0f:e0:6c:0b:a7:41:73:6d:a4:8c:0d:b9:27:
20:04:d9:e0:74:b2:e2:38:5e:2e:f3:c2:6f:a1:d8:3a:e2:68:
cd:46:48:7a:ad:0d:a1:7a:5e:cf:52:58:76:9d:25:7e:19:03:
55:60:da:ed:f3:3d:e6:8d:0d:22:bb:68:58:bf:e7:b7:14:a7:
49:3a:dc:b2:0a:17:42:f0:bc:c7:92:d1:ed:33:4f:ed:ac:45:
ba:39:93:b5:91:4b:71:7c:6a:e4:41:c6:1a:10:8b:ca:c9:2b:
f4:ac:27:4b:0b:7c:3a:45:cd:3e:10:bb:26:9c:9f:e0:10:2f:
28:82:87:51:83:f1:b7:a4:a4:8e:d8:be:2a:05:40:25:2b:5d:
fc:80:34:72:22:bb:bd:77:e5:47:3d:ab:50:e8:1e:d2:4e:2c:
49:a1:f3:38:3b:a5:e7:d2:ad:c2:6a:39:73:1d:2b:10:f7:04:
b8:c7:f4:a0:31:75:54:2f:22:89:d1:d0:ba:70:ee:21:5b:1f:
8e:a0:c8:9b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEYHbDlpIPZgDqyTmEbfeDUprXp8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxMWRkZDczOTUyMTNhNWZlYmI2NTY2ZDAwYmU1NGU5OGViMGRmMmQyZTNj
NGI3MWNiZTJiY2U5ZGZlODdmZmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNfvzmGz5M+/b2Xjvta0Scr/UabgbU8rXaas3S0TWo69M/XxpTB2QLLLqL4
+wOenQ0gRVnrvmJEYK6hGWOM3R4ceUsknIeoXbKNb4SBE/rB+o7j5oMa1dLqN+nw
IAViuse/s1PKRRt1rxeCIw5Y0JfP+4BVXOYGZ2aoWJu1YmmlZDTQaC7OqzpFXezh
p2cKDsSt66AC40x6sqz894lkkIrZ6QS2r3chqAUCmFm8ICze9H/w1U2SVxl0pF0+
g18WDTVM2pTNs8pnAtmdDvt8vejq9SEldpFgES9VxnCrVRF3HQlLfDq34ZIq34kM
n+hoik0DJmg3SmEpauiRP9cLX7sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTZXQaB
ytM3NcGLuZbe3sPDsasXAjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzgwNjMwOWEtOWUzZS00YjBlLWFhZDItMTM1NmQwNzBhNDM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
EzANBgkqhkiG9w0BAQsFAAOCAQEAXEaBYrmVKHUoqZ/+DsFsrPwA1vzCcwPdQg2Q
mrqkgH0rE9escERQPC/fnrI4LGYGche6k04G6t8KbNwP4GwLp0FzbaSMDbknIATZ
4HSy4jheLvPCb6HYOuJozUZIeq0NoXpez1JYdp0lfhkDVWDa7fM95o0NIrtoWL/n
txSnSTrcsgoXQvC8x5LR7TNP7axFujmTtZFLcXxq5EHGGhCLyskr9KwnSwt8OkXN
PhC7Jpyf4BAvKIKHUYPxt6Skjti+KgVAJStd/IA0ciK7vXflRz2rUOge0k4sSaHz
ODul59Ktwmo5cx0rEPcEuMf0oDF1VC8iidHQunDuIVsfjqDImw==
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org