Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d9f56b92-7135-4c68-941d-3d63aa91ee36.roa
File: d9f56b92-7135-4c68-941d-3d63aa91ee36.roa (raw, json)
Hash identifier: MvdzhtId7Eapkf6gN8GqjI80LNDYLtCoa3Hr9tNt0eY=
Subject key identifier: BE:44:32:24:79:B9:08:15:6B:A5:6E:9D:54:EF:58:F7:DD:B9:F0:E8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 10935E33536F60E0E8512BDA1933C2FC0FBA96CF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d9f56b92-7135-4c68-941d-3d63aa91ee36.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:93:5e:33:53:6f:60:e0:e8:51:2b:da:19:33:c2:fc:0f:ba:96:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=c6ff63b5f1204694e527c0cd9f596cbf19e3e5b548efa916553590a6b5b95dfe, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:23:4a:38:e2:60:db:65:d5:b4:c1:b0:32:8c:
86:d0:30:21:2a:84:54:37:17:06:ce:9c:7e:88:48:
6b:d4:cd:69:ff:87:bd:60:2c:1f:68:54:39:6c:77:
db:63:61:03:9e:07:69:05:d5:77:79:f8:1f:e8:86:
be:3d:28:0e:a2:ee:bd:6d:69:23:7a:55:62:b2:92:
62:99:b0:27:f8:be:fa:38:a9:08:ea:e9:6a:dc:ae:
1b:a2:31:39:06:c7:79:7c:16:e1:2e:6d:0c:09:a1:
f5:79:61:43:fc:09:ef:62:17:b6:31:ce:66:46:15:
95:80:39:3d:34:0b:c0:c1:13:d1:ba:f0:6c:fa:7d:
7b:26:4d:37:95:96:87:20:df:24:10:3a:f0:40:95:
ba:0a:ac:d3:de:7c:cd:5c:85:56:e0:7a:f0:ff:4a:
a8:72:e1:35:de:db:45:c3:11:c1:d5:4d:f7:4a:41:
34:ba:94:dd:e7:f4:33:9e:b9:6e:52:2d:9b:ab:d4:
9f:5e:20:31:29:f0:09:a7:75:f8:80:2f:9b:df:a9:
42:73:9c:63:0a:c7:b6:ef:46:aa:ce:c1:56:21:c0:
04:a7:51:1d:5b:d3:f4:93:83:2d:6f:0a:32:1d:e5:
b2:a0:0b:eb:25:71:43:e5:fe:25:00:09:14:ab:24:
3b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:44:32:24:79:B9:08:15:6B:A5:6E:9D:54:EF:58:F7:DD:B9:F0:E8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d9f56b92-7135-4c68-941d-3d63aa91ee36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4d:13:8d:a7:71:70:e1:38:df:42:68:bb:0a:61:e7:93:b5:72:
d0:30:f8:7e:56:ce:bc:17:b8:a7:6d:ff:2a:32:be:b3:7b:c6:
f5:12:da:d8:47:49:4a:19:1b:e0:6b:81:9f:b4:94:97:3f:c0:
80:6a:17:4a:a8:64:c5:d4:6e:a4:b6:5b:65:50:d1:99:e3:27:
e9:a9:06:58:94:ab:26:68:c8:e4:23:4c:80:85:11:c0:f7:aa:
0f:a9:25:3e:b5:8b:a8:57:46:01:a0:9e:2b:1f:56:4c:fb:9b:
9d:7c:a6:9a:8b:ac:21:db:b9:f3:b5:b7:ae:ac:f2:be:ac:98:
0e:1f:df:c3:71:d8:fb:b8:ed:1c:5b:e9:7a:cd:03:b3:57:db:
b4:76:c0:87:1f:3a:8e:a0:3f:1f:a8:bb:b8:59:a4:ed:83:2c:
e7:4f:7f:d7:d7:0a:3f:8c:4f:71:b3:38:c7:e4:97:ab:5d:d2:
d7:99:1e:19:ae:f5:be:10:96:29:75:72:5f:37:94:75:89:0a:
a4:73:02:37:14:37:43:67:b7:2f:cc:5f:42:ff:ea:d7:73:a1:
a3:79:55:9c:0f:65:2f:b5:58:86:7f:7c:98:22:3a:ca:6a:46:
be:f2:82:5d:ad:8a:53:17:d3:25:7e:70:64:48:1e:69:82:0e:
29:da:1f:3a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEJNeM1NvYODoUSvaGTPC/A+6ls8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2ZmY2M2I1ZjEyMDQ2OTRlNTI3YzBjZDlmNTk2Y2JmMTllM2U1YjU0OGVm
YTkxNjU1MzU5MGE2YjViOTVkZmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgjSjjiYNtl1bTBsDKMhtAwISqEVDcXBs6cfohIa9TNaf+HvWAsH2hUOWx3
22NhA54HaQXVd3n4H+iGvj0oDqLuvW1pI3pVYrKSYpmwJ/i++jipCOrpatyuG6Ix
OQbHeXwW4S5tDAmh9XlhQ/wJ72IXtjHOZkYVlYA5PTQLwMET0brwbPp9eyZNN5WW
hyDfJBA68ECVugqs0958zVyFVuB68P9KqHLhNd7bRcMRwdVN90pBNLqU3ef0M565
blItm6vUn14gMSnwCad1+IAvm9+pQnOcYwrHtu9Gqs7BViHABKdRHVvT9JODLW8K
Mh3lsqAL6yVxQ+X+JQAJFKskO1cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS+RDIk
ebkIFWulbp1U71j33bnw6DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDlmNTZiOTItNzEzNS00YzY4LTk0MWQtM2Q2M2FhOTFlZTM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQBNE42ncXDhON9CaLsKYeeTtXLQMPh+Vs68F7inbf8q
Mr6ze8b1EtrYR0lKGRvga4GftJSXP8CAahdKqGTF1G6ktltlUNGZ4yfpqQZYlKsm
aMjkI0yAhRHA96oPqSU+tYuoV0YBoJ4rH1ZM+5udfKaai6wh27nztbeurPK+rJgO
H9/Dcdj7uO0cW+l6zQOzV9u0dsCHHzqOoD8fqLu4WaTtgyznT3/X1wo/jE9xszjH
5JerXdLXmR4ZrvW+EJYpdXJfN5R1iQqkcwI3FDdDZ7cvzF9C/+rXc6GjeVWcD2Uv
tViGf3yYIjrKaka+8oJdrYpTF9MlfnBkSB5pgg4p2h86
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:26 2024 by rpki-client on console-fra.rpki-client.org