Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
File: e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa (raw, json)
Hash identifier: yLYoNaw4+ojKCyMjIftR2AAVIWGJhAqi1nD0VXYhERw=
Subject key identifier: 56:54:8A:48:BF:2A:B0:D1:7D:7A:E8:70:33:25:19:54:55:A2:FE:80
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7BE857C02D04C8064100D7021BF6AE3FB8F9D111
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1040::/42 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:e8:57:c0:2d:04:c8:06:41:00:d7:02:1b:f6:ae:3f:b8:f9:d1:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=334894f2b82ddbdbdf2f15dcde8c2181aaef6ba23a752ae22135cb40864e3af4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9d:0d:80:7e:8d:be:9d:d9:84:bf:46:29:b0:
c7:8a:56:82:aa:c4:52:13:ca:85:fa:a2:71:3e:1e:
92:27:f2:3a:c1:c9:15:2c:4d:4b:5e:a2:e9:c9:a9:
54:72:fa:4b:04:51:64:95:d4:c2:35:60:a5:00:67:
e3:4e:ae:87:23:1c:58:65:88:b3:d2:26:b5:26:4f:
fb:e8:8f:b5:0d:86:e9:b0:3c:01:be:30:8c:94:cb:
29:48:6a:70:c0:5f:6a:df:9c:0e:dc:51:34:11:dc:
27:10:38:8c:6c:26:7f:09:7f:98:ce:22:b0:f3:c3:
3a:b0:be:7c:74:ce:4c:6f:1a:da:7a:d1:4e:64:7b:
a4:75:91:e0:85:5d:fb:a0:51:e2:64:99:bd:31:49:
85:6b:1c:67:9d:1f:1a:df:91:9e:ac:72:ac:f7:6e:
6e:c9:23:fb:b9:f1:0b:04:7c:0b:bb:6c:0e:d1:4c:
82:64:e4:31:c6:0c:6f:0d:b4:f9:2a:bc:13:6c:22:
d4:30:73:8a:fb:2e:c6:e5:61:ea:42:c7:1e:d2:c4:
74:d5:13:63:bb:54:60:30:ea:b4:5d:79:de:c9:ca:
d1:cd:6d:3a:d7:3e:8e:29:aa:d9:3e:14:2c:e6:f7:
f5:2a:a4:aa:be:dc:05:42:0b:9c:46:42:3b:cd:9f:
ba:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:54:8A:48:BF:2A:B0:D1:7D:7A:E8:70:33:25:19:54:55:A2:FE:80
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1040::/42
Signature Algorithm: sha256WithRSAEncryption
2a:07:2c:d9:75:12:76:3b:4f:d1:52:0b:2c:cc:b2:1d:6e:c9:
ef:b5:de:60:2c:1a:99:b3:53:92:9e:73:a7:fc:30:c6:e9:99:
0c:b4:3c:47:2d:98:1e:df:29:95:9d:48:fd:59:c5:5c:45:11:
a0:02:9f:24:70:80:5e:f5:ba:34:e5:ac:24:08:6e:48:08:56:
1b:1d:1e:bd:f0:ad:c8:0e:1a:76:40:48:74:eb:1e:e7:5a:d7:
6e:6b:ea:99:f1:f9:35:17:33:6c:c2:fb:99:12:a2:31:5b:5e:
77:91:cf:51:7f:eb:b1:0e:88:a7:2d:6f:59:b9:16:51:05:28:
19:c5:16:35:52:ef:a3:56:cc:58:fb:80:f5:9d:10:b8:c0:c4:
ab:3a:af:8b:e5:9b:be:d3:2b:cc:a4:09:11:74:bd:f0:b8:6c:
23:17:d7:8b:ef:c8:53:a2:c3:9f:2d:59:44:c4:0e:a0:32:5c:
bd:1f:dd:0e:e5:f0:b2:c4:66:e0:67:9a:a2:72:04:af:33:65:
7e:45:d4:de:16:82:78:57:06:b4:29:68:38:46:3b:fb:6f:81:
61:ff:e5:3c:bf:57:33:35:fa:fa:52:ae:a8:f5:5d:bf:05:68:
13:56:e0:eb:10:28:b2:dd:fa:1d:ce:82:84:60:41:95:34:a2:
68:60:11:53
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe+hXwC0EyAZBANcCG/auP7j50REwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzNDg5NGYyYjgyZGRiZGJkZjJmMTVkY2RlOGMyMTgxYWFlZjZiYTIzYTc1
MmFlMjIxMzVjYjQwODY0ZTNhZjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJudDYB+jb6d2YS/Rimwx4pWgqrEUhPKhfqicT4ekifyOsHJFSxNS16i6cmp
VHL6SwRRZJXUwjVgpQBn406uhyMcWGWIs9ImtSZP++iPtQ2G6bA8Ab4wjJTLKUhq
cMBfat+cDtxRNBHcJxA4jGwmfwl/mM4isPPDOrC+fHTOTG8a2nrRTmR7pHWR4IVd
+6BR4mSZvTFJhWscZ50fGt+RnqxyrPdubskj+7nxCwR8C7tsDtFMgmTkMcYMbw20
+Sq8E2wi1DBzivsuxuVh6kLHHtLEdNUTY7tUYDDqtF153snK0c1tOtc+jimq2T4U
LOb39Sqkqr7cBUILnEZCO82fukECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRWVIpI
vyqw0X166HAzJRlUVaL+gDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTBkZjQyY2MtMWM3MC00ZTViLTkzZGEtM2Y2NmNlZjkzYTg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBioBBXgQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAKgcs2XUSdjtP0VILLMyyHW7J77XeYCwambNT
kp5zp/wwxumZDLQ8Ry2YHt8plZ1I/VnFXEURoAKfJHCAXvW6NOWsJAhuSAhWGx0e
vfCtyA4adkBIdOse51rXbmvqmfH5NRczbML7mRKiMVted5HPUX/rsQ6Ipy1vWbkW
UQUoGcUWNVLvo1bMWPuA9Z0QuMDEqzqvi+WbvtMrzKQJEXS98LhsIxfXi+/IU6LD
ny1ZRMQOoDJcvR/dDuXwssRm4GeaonIErzNlfkXU3haCeFcGtCloOEY7+2+BYf/l
PL9XMzX6+lKuqPVdvwVoE1bg6xAost36Hc6ChGBBlTSiaGARUw==
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:08 2024 by rpki-client on console-fra.rpki-client.org