Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
File: e1a46896-dfc0-4be1-91be-62fd0626c291.roa (raw, json)
Hash identifier: DGyDbBbh1UWfBeYS91OlL8YbIf1VG7YeR3NC0hOvRk0=
Subject key identifier: E9:8D:60:F0:98:15:D9:8B:90:E9:67:48:4C:58:97:A8:5D:97:48:2F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 230C528802C68A42CB7282FF4F5387D9ECD9B4B5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:0c:52:88:02:c6:8a:42:cb:72:82:ff:4f:53:87:d9:ec:d9:b4:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=352a2f4a2515b1e9ac634b4e0100029b2ff96489f365fb6a3f03b1dc25ca0e69, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e5:f0:ea:ee:96:f2:3b:ba:ba:65:b9:d5:b1:
02:ca:6f:84:d7:43:c4:29:6b:07:30:65:88:93:02:
81:7b:d8:69:89:12:aa:93:3e:18:ba:3e:00:96:ea:
20:15:63:5f:52:9e:65:c8:d3:79:30:9c:43:4c:18:
40:a1:f8:68:49:ab:17:5c:2c:ae:8b:11:61:63:94:
65:49:44:1c:e8:05:a6:f0:71:1a:8c:3c:b1:7f:fd:
5b:6b:7a:2a:b1:66:52:92:6b:f4:4a:40:7d:d6:75:
09:0e:9b:c2:de:e9:4a:e9:56:d4:1c:87:eb:83:d1:
c3:a1:81:08:47:e8:b2:67:f3:8a:07:ed:78:47:3d:
9b:3a:4e:ed:80:c3:d6:08:c7:1b:7f:7c:e0:39:b5:
33:21:44:c5:48:d9:3a:69:d4:d9:b0:e5:78:35:b6:
14:f5:9d:55:39:3e:ec:b6:bf:78:dd:15:4b:a6:66:
01:ee:f8:bc:97:b9:19:a7:21:df:17:8b:39:34:f4:
22:db:9d:51:9d:ad:94:65:51:b3:e7:14:48:65:13:
44:8b:4d:3f:9d:99:d8:d2:3d:52:d4:cd:55:7b:63:
65:80:a7:7c:ac:ca:da:8a:d9:4b:05:72:1f:8b:df:
f1:83:e7:5a:5c:e8:73:59:15:03:a0:46:fd:71:db:
f1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:8D:60:F0:98:15:D9:8B:90:E9:67:48:4C:58:97:A8:5D:97:48:2F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:13:e5:7d:7a:42:fb:a0:47:d9:36:7a:4e:d4:db:b2:a2:75:
2c:6e:ed:70:d0:55:17:6e:b9:16:c6:a2:a8:a9:20:a7:21:f5:
40:d1:7d:ac:af:75:51:e4:eb:d3:cb:f9:ff:2c:5d:aa:d0:2c:
76:7d:1f:48:4a:2d:91:05:f2:54:c0:3e:a9:19:ac:cb:81:bb:
b4:2d:fe:35:54:c3:db:7b:e4:2e:08:26:10:78:14:ca:72:49:
9f:fb:5a:b6:7b:e9:33:77:af:d5:15:a6:16:0c:3f:1b:c9:ea:
65:bf:50:03:bc:71:95:fd:db:7f:5d:0c:4c:2c:c5:d0:4d:6f:
5c:d8:fb:74:d2:7f:d9:3d:6b:cf:ea:5e:52:bd:76:a0:ea:a5:
ac:54:db:80:34:c0:24:4a:dd:67:58:66:d0:6e:b8:9f:6d:bc:
ad:98:e3:4a:1b:52:e4:c6:d6:5d:1b:70:d6:56:fd:82:96:85:
55:d6:fa:81:aa:76:03:26:32:8c:eb:3a:be:1e:a7:e3:ee:09:
03:51:70:ce:1d:56:15:63:9e:92:f5:28:97:bd:c9:9e:b1:88:
06:a0:a7:71:b6:21:e4:32:b2:1b:1c:66:c2:17:27:1a:8f:78:
88:b0:79:2b:ed:ff:33:17:f1:d0:b3:7a:16:08:cc:cf:5f:d0:
76:4b:01:00
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIwxSiALGikLLcoL/T1OH2ezZtLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1MmEyZjRhMjUxNWIxZTlhYzYzNGI0ZTAxMDAwMjliMmZmOTY0ODlmMzY1
ZmI2YTNmMDNiMWRjMjVjYTBlNjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7l8OrulvI7urpludWxAspvhNdDxClrBzBliJMCgXvYaYkSqpM+GLo+AJbq
IBVjX1KeZcjTeTCcQ0wYQKH4aEmrF1wsrosRYWOUZUlEHOgFpvBxGow8sX/9W2t6
KrFmUpJr9EpAfdZ1CQ6bwt7pSulW1ByH64PRw6GBCEfosmfzigfteEc9mzpO7YDD
1gjHG3984Dm1MyFExUjZOmnU2bDleDW2FPWdVTk+7La/eN0VS6ZmAe74vJe5Gach
3xeLOTT0ItudUZ2tlGVRs+cUSGUTRItNP52Z2NI9UtTNVXtjZYCnfKzK2orZSwVy
H4vf8YPnWlzoc1kVA6BG/XHb8fkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTpjWDw
mBXZi5DpZ0hMWJeoXZdILzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFhNDY4OTYtZGZjMC00YmUxLTkxYmUtNjJmZDA2MjZjMjkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQBqE+V9ekL7oEfZNnpO1NuyonUsbu1w0FUXbrkWxqKo
qSCnIfVA0X2sr3VR5OvTy/n/LF2q0Cx2fR9ISi2RBfJUwD6pGazLgbu0Lf41VMPb
e+QuCCYQeBTKckmf+1q2e+kzd6/VFaYWDD8byeplv1ADvHGV/dt/XQxMLMXQTW9c
2Pt00n/ZPWvP6l5SvXag6qWsVNuANMAkSt1nWGbQbrifbbytmONKG1LkxtZdG3DW
Vv2CloVV1vqBqnYDJjKM6zq+Hqfj7gkDUXDOHVYVY56S9SiXvcmesYgGoKdxtiHk
MrIbHGbCFycaj3iIsHkr7f8zF/HQs3oWCMzPX9B2SwEA
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org