Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dd037aef-fb5d-4fe4-8126-0957b823de58.roa
File: dd037aef-fb5d-4fe4-8126-0957b823de58.roa (raw, json)
Hash identifier: Pbiklz6lI0/50D8w7PAmgaH5ZPn5VRhFYlMfFFJ20To=
Subject key identifier: 10:61:C0:E2:84:A3:F7:15:0C:54:01:AE:FE:E8:A8:6E:C1:CE:AC:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6CFFC8467C2B443727C6FA38BE868CB3DC3FB337
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dd037aef-fb5d-4fe4-8126-0957b823de58.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Mar 2024 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:ff:c8:46:7c:2b:44:37:27:c6:fa:38:be:86:8c:b3:dc:3f:b3:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=caa58141e4530b7720c94de0f0b85a1ed0b97f1c31c41411a7f13a1c12a923c2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:27:2c:49:04:0d:54:97:d4:d4:1d:f9:4f:2a:
7b:06:81:28:63:48:82:be:f9:9a:c0:90:78:56:e4:
85:fd:a9:de:8a:6c:a1:8d:10:bf:43:66:10:c7:85:
b2:06:6f:2b:76:6b:cc:3e:6d:da:64:d8:80:2f:74:
b5:79:12:58:3b:e2:c7:21:9a:9a:6b:05:91:b7:57:
97:d2:af:24:19:bf:ba:ea:66:10:31:13:c3:b9:0e:
d8:78:5e:5f:9a:59:6c:a9:ac:50:03:d4:e2:4e:ef:
c8:88:a7:82:9b:ee:f8:4e:83:3a:ef:17:3b:57:38:
f7:d7:7e:ab:a9:9f:8a:fc:28:46:51:37:7c:25:e9:
91:6a:bc:ac:8a:10:9b:d9:c5:da:df:76:5f:f7:ab:
45:fe:1f:f0:7e:b7:93:39:9d:23:fb:4d:ae:12:66:
d1:cd:40:00:91:55:d9:33:fe:bf:a9:cd:9d:2f:b5:
e2:1b:15:0a:5c:39:1d:64:c7:72:11:fa:66:3c:80:
b1:77:22:de:55:c8:18:40:5c:71:9f:81:c1:48:a2:
1a:7a:be:3b:d2:d9:8b:d8:55:7f:10:e6:08:01:77:
26:03:48:a1:1a:b2:98:08:31:a8:f1:9d:22:ca:21:
ee:6d:8e:53:f8:2b:0e:34:dd:a2:3a:64:30:10:e9:
8b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:61:C0:E2:84:A3:F7:15:0C:54:01:AE:FE:E8:A8:6E:C1:CE:AC:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dd037aef-fb5d-4fe4-8126-0957b823de58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1100::/40
Signature Algorithm: sha256WithRSAEncryption
3a:11:5d:ab:f3:70:96:44:e4:68:7a:43:48:69:aa:46:86:8a:
2b:78:9f:41:a5:d1:63:fb:cb:2e:0b:39:32:db:9a:5f:ac:e3:
74:b6:c3:57:a6:57:ef:b6:9d:c2:ae:cf:36:98:2d:4f:60:d6:
91:b6:bd:96:b4:6b:3f:56:a7:b9:14:cd:44:cb:c4:01:a8:89:
bf:e2:e2:37:f6:87:c4:d5:8e:19:5a:1e:2c:26:e7:60:22:9d:
78:80:fc:ca:b3:0f:e6:5d:8b:ae:7a:19:fa:21:d7:a8:b5:22:
e6:23:da:7c:6a:2b:24:6e:c4:28:a6:1a:03:ad:69:2c:be:57:
92:a8:d1:4d:c7:55:1f:98:18:bd:91:cd:d6:27:4f:09:47:d5:
0f:cc:90:3b:d2:5f:2a:ab:df:09:d3:55:46:dc:74:f3:3e:88:
07:35:1b:b2:f8:05:96:4f:df:9c:ba:eb:c7:d8:64:b4:53:f4:
32:d9:be:b5:25:de:4f:dd:42:16:fe:b3:f6:36:d6:be:36:9f:
ae:61:bf:d3:1a:9f:91:2c:36:ab:3b:58:7e:19:3c:6e:88:c9:
b3:30:f3:32:9d:2c:f7:1c:5a:43:53:90:0a:f1:09:7d:cb:ed:
11:fa:d8:25:94:38:d2:fc:84:89:18:93:5f:f0:c7:82:2e:1d:
c6:9d:7a:de
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbP/IRnwrRDcnxvo4voaMs9w/szcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhYTU4MTQxZTQ1MzBiNzcyMGM5NGRlMGYwYjg1YTFlZDBiOTdmMWMzMWM0
MTQxMWE3ZjEzYTFjMTJhOTIzYzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOcnLEkEDVSX1NQd+U8qewaBKGNIgr75msCQeFbkhf2p3opsoY0Qv0NmEMeF
sgZvK3ZrzD5t2mTYgC90tXkSWDvixyGammsFkbdXl9KvJBm/uupmEDETw7kO2Hhe
X5pZbKmsUAPU4k7vyIingpvu+E6DOu8XO1c499d+q6mfivwoRlE3fCXpkWq8rIoQ
m9nF2t92X/erRf4f8H63kzmdI/tNrhJm0c1AAJFV2TP+v6nNnS+14hsVClw5HWTH
chH6ZjyAsXci3lXIGEBccZ+BwUiiGnq+O9LZi9hVfxDmCAF3JgNIoRqymAgxqPGd
Isoh7m2OU/grDjTdojpkMBDpi7MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQYcDi
hKP3FQxUAa7+6Khuwc6sPDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGQwMzdhZWYtZmI1ZC00ZmU0LTgxMjYtMDk1N2I4MjNkZTU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoBBXgR
MA0GCSqGSIb3DQEBCwUAA4IBAQA6EV2r83CWRORoekNIaapGhooreJ9BpdFj+8su
Czky25pfrON0tsNXplfvtp3Crs82mC1PYNaRtr2WtGs/Vqe5FM1Ey8QBqIm/4uI3
9ofE1Y4ZWh4sJudgIp14gPzKsw/mXYuuehn6IdeotSLmI9p8aiskbsQophoDrWks
vleSqNFNx1UfmBi9kc3WJ08JR9UPzJA70l8qq98J01VG3HTzPogHNRuy+AWWT9+c
uuvH2GS0U/Qy2b61Jd5P3UIW/rP2Nta+Np+uYb/TGp+RLDarO1h+GTxuiMmzMPMy
nSz3HFpDU5AK8Ql9y+0R+tgllDjS/ISJGJNf8MeCLh3GnXre
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:06:42 2024 by rpki-client on console-ams.rpki-client.org