Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
File: e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa (raw, json)
Hash identifier: 0bmTTqX4DusD+WYbshV5w6RvyB0ccLNMO1r9sbH2wfE=
Subject key identifier: 74:35:BB:49:5B:1A:5B:AD:B0:A1:35:EA:89:23:9D:9A:0F:52:4A:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 28185A0AB28F7166059931FC43353268EAAA684D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 62.230.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:18:5a:0a:b2:8f:71:66:05:99:31:fc:43:35:32:68:ea:aa:68:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=ec0be15d8aef6bebad63a7330b445cc7972e069891198a2261b54f05260d6118, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4f:be:b2:5e:0b:f7:68:3b:3f:c6:88:d0:d0:
61:83:30:1e:02:fd:98:95:44:cd:ea:7c:68:c1:4e:
67:06:5c:a7:90:50:0a:4b:f2:fc:fc:06:43:17:00:
2c:06:43:8f:3e:b1:0d:30:16:69:2f:82:fc:a1:b2:
7b:4c:fb:e2:70:ee:71:47:0d:0b:4b:52:5b:cb:c5:
0b:55:92:e5:7d:aa:9b:ac:e3:28:68:10:fd:90:d9:
5c:a8:71:11:bb:45:64:5c:b3:82:b4:a6:33:17:13:
2a:21:a5:33:98:21:d7:90:71:97:52:c4:7f:7e:2f:
ed:4b:bb:e7:d7:3b:2d:c4:bb:5e:5e:3d:83:54:ec:
16:29:18:12:dd:19:b8:83:51:21:8f:82:51:37:33:
66:87:a5:1b:71:5e:61:2f:e8:d1:c4:2a:17:af:84:
bb:2d:4a:54:dc:c8:42:0e:c9:4d:ca:51:70:63:fa:
44:fd:f3:6d:3e:b8:63:2b:10:d6:64:28:1f:78:fa:
f0:8a:7e:46:76:69:50:1d:67:ba:48:29:ad:fc:ff:
e4:9a:53:dc:a5:56:3c:ac:31:7f:fa:0e:a4:2a:5f:
06:9f:d4:99:fe:d1:4c:9b:96:94:e3:f5:89:e8:0d:
a3:e7:00:e4:7c:16:f6:47:99:8a:48:81:09:4e:f0:
d2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:35:BB:49:5B:1A:5B:AD:B0:A1:35:EA:89:23:9D:9A:0F:52:4A:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.230.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a8:ce:b1:9e:ba:0d:c5:e7:4e:b4:d0:01:93:04:0a:b8:1d:cf:
61:e8:c1:71:a2:46:2f:85:5e:3a:24:5f:70:b3:f6:07:1f:24:
e6:20:85:38:9d:b6:6f:ac:f5:62:d7:a0:01:54:24:95:13:0b:
f0:4e:ca:16:d1:61:e8:97:14:67:c3:bb:a5:db:47:ab:73:65:
e1:46:7b:7e:ed:f0:11:52:e4:5c:9c:06:0e:c2:e7:98:94:2f:
3f:7a:04:97:08:72:39:65:82:83:f8:99:47:98:41:19:4d:6c:
d6:46:23:4c:76:09:35:d8:28:bd:93:02:cd:a7:7e:bc:4b:4c:
c0:a3:14:67:63:fa:a9:6e:23:f3:f6:cc:41:3e:b4:fa:85:ca:
41:3b:54:49:75:b0:15:94:9e:75:65:1d:c7:98:09:12:de:a5:
c8:ec:c0:a2:93:9b:90:68:2c:f3:a3:f8:ca:6e:f0:c9:27:bb:
5a:70:11:0c:6c:68:88:4c:f0:63:7d:42:42:21:09:02:b1:5c:
3c:d9:13:cb:79:91:1d:cc:ad:bd:45:16:65:c2:d7:65:2a:ae:
8b:3d:b1:db:6e:57:04:5c:9d:82:44:ff:73:98:a7:26:f6:dc:
8d:d8:11:75:cf:ba:c6:b6:11:0d:f6:26:10:fe:cf:8b:fc:f0:
10:4e:c3:91
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKBhaCrKPcWYFmTH8QzUyaOqqaE0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjMGJlMTVkOGFlZjZiZWJhZDYzYTczMzBiNDQ1Y2M3OTcyZTA2OTg5MTE5
OGEyMjYxYjU0ZjA1MjYwZDYxMTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFPvrJeC/doOz/GiNDQYYMwHgL9mJVEzep8aMFOZwZcp5BQCkvy/PwGQxcA
LAZDjz6xDTAWaS+C/KGye0z74nDucUcNC0tSW8vFC1WS5X2qm6zjKGgQ/ZDZXKhx
EbtFZFyzgrSmMxcTKiGlM5gh15Bxl1LEf34v7Uu759c7LcS7Xl49g1TsFikYEt0Z
uINRIY+CUTczZoelG3FeYS/o0cQqF6+Euy1KVNzIQg7JTcpRcGP6RP3zbT64YysQ
1mQoH3j68Ip+RnZpUB1nukgprfz/5JpT3KVWPKwxf/oOpCpfBp/Umf7RTJuWlOP1
iegNo+cA5HwW9keZikiBCU7w0kUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR0NbtJ
WxpbrbChNeqJI52aD1JKwzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTkxYzFmNDAtOWY4MS00Nzk2LWI1Y2MtMmMxZmU5MjAyY2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAD7mMA0G
CSqGSIb3DQEBCwUAA4IBAQCozrGeug3F50600AGTBAq4Hc9h6MFxokYvhV46JF9w
s/YHHyTmIIU4nbZvrPVi16ABVCSVEwvwTsoW0WHolxRnw7ul20erc2XhRnt+7fAR
UuRcnAYOwueYlC8/egSXCHI5ZYKD+JlHmEEZTWzWRiNMdgk12Ci9kwLNp368S0zA
oxRnY/qpbiPz9sxBPrT6hcpBO1RJdbAVlJ51ZR3HmAkS3qXI7MCik5uQaCzzo/jK
bvDJJ7tacBEMbGiITPBjfUJCIQkCsVw82RPLeZEdzK29RRZlwtdlKq6LPbHbblcE
XJ2CRP9zmKcm9tyN2BF1z7rGthEN9iYQ/s+L/PAQTsOR
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org