Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09fd926-3f61-4391-9843-738e03da5e6a.roa
File: f09fd926-3f61-4391-9843-738e03da5e6a.roa (raw, json)
Hash identifier: GzXLXz0Tbi8IapunFP9Z5u1EfUmG19TLBfvyG94snWY=
Subject key identifier: 45:14:67:2D:8F:78:39:49:4D:88:29:52:84:B6:4C:38:CF:B0:A8:00
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 35BF5B2C5B5BF163165800A1856F1E5D3E6E38E9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09fd926-3f61-4391-9843-738e03da5e6a.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:bf:5b:2c:5b:5b:f1:63:16:58:00:a1:85:6f:1e:5d:3e:6e:38:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=af500286cd26a847b03694df828faedd08d8371274c4c3f7135b3b21a72b9360, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ea:de:03:41:e8:f6:14:f1:86:4f:b5:5a:c1:
51:06:0f:33:d4:25:cb:ba:35:65:a2:e6:d1:ff:3c:
27:91:84:85:76:59:64:16:84:c3:58:d3:aa:90:52:
f5:42:ec:b1:83:f5:13:a2:98:7a:5a:76:3e:d5:19:
4f:37:c2:ab:ae:b7:2e:7f:4f:30:13:85:bd:fb:c0:
cc:dd:4b:98:14:28:03:46:9c:37:99:8e:ef:2f:61:
02:b0:26:6f:35:5c:ae:6f:ac:4d:55:f9:e5:2b:0c:
55:bc:fe:25:0c:26:05:06:03:40:3f:93:8d:52:7d:
ef:5b:a5:46:d2:73:0c:66:17:3b:f5:e8:ea:ab:d4:
29:63:0b:92:f1:82:03:03:33:54:90:08:53:8d:34:
ac:36:07:15:e7:73:7f:93:a9:58:89:61:51:28:d8:
4e:ac:2f:e2:95:71:18:1c:0c:b3:ba:a3:88:b6:4c:
cf:b6:c0:8b:8a:b6:98:b9:86:70:ea:85:12:88:3d:
35:65:4b:f8:dd:c6:c7:5b:cc:b8:5d:20:5a:0f:7d:
c7:f2:6a:2c:6a:f9:be:70:6f:a9:16:64:d4:63:5f:
98:71:73:ba:77:d0:9c:82:7e:c4:84:a7:1f:a1:75:
18:e5:98:14:e4:17:b7:23:d2:d9:7c:b9:cc:fb:a5:
25:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:14:67:2D:8F:78:39:49:4D:88:29:52:84:B6:4C:38:CF:B0:A8:00
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09fd926-3f61-4391-9843-738e03da5e6a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:da:22:e3:94:97:32:b3:74:03:e3:76:31:08:fd:f7:64:39:
e8:fd:b9:b0:d9:36:0a:00:96:28:8f:bb:76:d1:3c:94:3c:49:
5b:41:72:ff:1c:63:22:df:c9:f4:33:68:4a:10:c4:4b:3c:b1:
68:8e:f9:87:9b:e2:9c:75:5b:23:68:79:f4:f8:29:5a:ce:58:
d4:0a:de:c7:09:13:98:e1:a6:92:ec:f1:e1:e9:ab:6b:c3:85:
f4:79:2e:4b:ae:63:d6:9e:96:c4:a4:90:11:ac:9a:f9:ed:1f:
be:cb:15:f6:d6:29:d2:e4:41:24:78:5f:cf:3a:8d:7e:48:30:
f9:74:85:a3:df:d9:5d:38:30:dd:06:f6:38:ba:3a:f9:b2:d1:
6b:8a:73:32:6f:ea:35:e6:4d:67:f3:6b:ed:b7:96:7f:aa:f3:
89:bd:76:12:1c:d4:7c:88:76:b6:55:87:a7:64:45:dd:df:03:
45:b2:2a:83:63:ec:76:5f:6a:8c:9d:bb:49:6a:37:fb:cf:bb:
27:ce:5a:99:70:08:0e:b5:d2:41:f7:78:2b:21:c5:07:ee:99:
8d:b1:30:ee:9a:98:8d:d3:ce:d4:63:e0:45:f2:49:6f:96:48:
32:98:4d:15:79:38:f1:9b:44:45:9d:0b:fc:67:71:d3:1f:10:
ba:b2:ae:71
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNb9bLFtb8WMWWAChhW8eXT5uOOkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmNTAwMjg2Y2QyNmE4NDdiMDM2OTRkZjgyOGZhZWRkMDhkODM3MTI3NGM0
YzNmNzEzNWIzYjIxYTcyYjkzNjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3q3gNB6PYU8YZPtVrBUQYPM9Qly7o1ZaLm0f88J5GEhXZZZBaEw1jTqpBS
9ULssYP1E6KYelp2PtUZTzfCq663Ln9PMBOFvfvAzN1LmBQoA0acN5mO7y9hArAm
bzVcrm+sTVX55SsMVbz+JQwmBQYDQD+TjVJ971ulRtJzDGYXO/Xo6qvUKWMLkvGC
AwMzVJAIU400rDYHFedzf5OpWIlhUSjYTqwv4pVxGBwMs7qjiLZMz7bAi4q2mLmG
cOqFEog9NWVL+N3Gx1vMuF0gWg99x/JqLGr5vnBvqRZk1GNfmHFzunfQnIJ+xISn
H6F1GOWYFOQXtyPS2Xy5zPulJeMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRFFGct
j3g5SU2IKVKEtkw4z7CoADAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjA5ZmQ5MjYtM2Y2MS00MzkxLTk4NDMtNzM4ZTAzZGE1ZTZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQCS2iLjlJcys3QD43YxCP33ZDno/bmw2TYKAJYoj7t2
0TyUPElbQXL/HGMi38n0M2hKEMRLPLFojvmHm+KcdVsjaHn0+ClazljUCt7HCROY
4aaS7PHh6atrw4X0eS5LrmPWnpbEpJARrJr57R++yxX21inS5EEkeF/POo1+SDD5
dIWj39ldODDdBvY4ujr5stFrinMyb+o15k1n82vtt5Z/qvOJvXYSHNR8iHa2VYen
ZEXd3wNFsiqDY+x2X2qMnbtJajf7z7snzlqZcAgOtdJB93grIcUH7pmNsTDumpiN
087UY+BF8klvlkgymE0VeTjxm0RFnQv8Z3HTHxC6sq5x
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:26 2024 by rpki-client on console-ams.rpki-client.org