Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f1811046-5771-480f-9f42-c00f33e984a8.roa
File: f1811046-5771-480f-9f42-c00f33e984a8.roa (raw, json)
Hash identifier: IdJGtLcPsMLhuAxjhB0F0ilhhngrW7+dkXlYlOY/P14=
Subject key identifier: CC:C5:01:E4:12:B2:8D:32:B0:94:6A:98:E2:DE:55:A1:C5:BC:5A:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 570E08C7CD78AD87F93D4F02B13FAAC553D1600A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f1811046-5771-480f-9f42-c00f33e984a8.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1040::/42 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:0e:08:c7:cd:78:ad:87:f9:3d:4f:02:b1:3f:aa:c5:53:d1:60:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=877b2d9b582ee9d898f275ded68b4b8feb1a2e7389a65faf861ef0399e47060b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:79:87:4f:c3:43:e8:39:41:6e:91:02:46:75:
82:5d:d5:27:0d:bf:d6:16:20:99:19:d1:e6:7b:a7:
1c:54:1a:d5:78:12:19:75:09:28:d5:5f:66:e3:13:
b9:d4:44:9c:62:0b:6e:e7:7d:32:dc:50:30:1d:30:
87:a1:66:de:b1:f0:49:d0:3c:e3:94:44:9e:62:02:
c7:90:05:90:26:4b:be:d7:e2:2d:54:1f:2f:0e:4f:
c6:54:6e:6b:18:ed:17:cb:e8:22:5e:4f:7a:2c:4b:
52:48:c2:d5:3a:8e:64:71:90:5e:ae:25:83:5e:b0:
5e:ce:86:df:08:f9:ce:d2:04:20:e8:16:33:bc:5c:
b8:71:8b:c8:39:11:fa:89:d5:13:2d:8c:e0:81:35:
0f:1f:a7:4e:e2:18:49:64:e7:b1:87:99:d6:f2:a7:
ee:41:aa:4d:e4:09:ae:e0:61:5d:37:19:7b:9e:89:
2d:ef:74:ab:f9:b3:c7:8a:41:d3:9f:04:ce:19:50:
f1:6e:85:29:f1:68:b8:02:07:e2:f9:98:88:83:a6:
89:cb:21:18:e2:91:9c:11:43:c0:24:35:af:4d:5c:
3e:55:42:35:1f:00:39:4c:d9:6f:86:33:9f:60:c7:
da:93:15:e1:c4:7f:93:df:a5:87:34:39:35:d7:7f:
4d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:C5:01:E4:12:B2:8D:32:B0:94:6A:98:E2:DE:55:A1:C5:BC:5A:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f1811046-5771-480f-9f42-c00f33e984a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1040::/42
Signature Algorithm: sha256WithRSAEncryption
c0:ff:5b:dc:b9:f6:2e:09:50:06:3b:9e:20:57:65:fb:fb:a7:
36:f1:b9:7c:0a:57:07:a8:e7:37:0f:f1:7d:47:51:d6:b1:c0:
c2:12:f1:53:c8:ff:9b:23:c2:a0:d0:24:c0:33:93:a8:05:2a:
d1:eb:3d:a1:1e:c4:67:77:96:d7:ed:fc:a9:6e:9f:c0:8a:a4:
0d:f0:b2:29:a9:50:09:68:52:6e:10:a3:2d:73:5b:d8:11:ad:
6d:ea:44:6b:48:12:cd:e3:21:30:17:7c:42:17:83:39:da:3f:
ce:24:37:73:71:df:93:66:90:1a:54:59:fd:03:ee:0e:c8:d7:
6a:cc:77:f1:d5:85:f7:82:32:4e:d2:b4:3c:db:ab:ad:57:cb:
b6:ec:51:12:86:19:fc:cb:4e:19:86:e8:34:1a:7b:53:6e:28:
7e:e4:4f:fd:59:dc:33:bb:28:4d:f0:73:4e:63:b8:9a:ca:d2:
4e:8c:38:0f:e3:1d:7a:23:ed:71:0c:68:3d:24:72:a0:2c:27:
97:8b:7b:4c:9c:71:94:a4:1c:2e:df:c4:5b:83:d1:ec:89:c6:
5c:c4:1a:8c:c1:9c:66:dd:06:fc:c1:32:3b:60:00:ea:88:0c:
49:ee:5f:7d:d9:58:c5:1c:0e:9b:28:80:db:f5:de:8d:a2:54:
5f:9d:49:16
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVw4Ix814rYf5PU8CsT+qxVPRYAowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3N2IyZDliNTgyZWU5ZDg5OGYyNzVkZWQ2OGI0YjhmZWIxYTJlNzM4OWE2
NWZhZjg2MWVmMDM5OWU0NzA2MGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANh5h0/DQ+g5QW6RAkZ1gl3VJw2/1hYgmRnR5nunHFQa1XgSGXUJKNVfZuMT
udREnGILbud9MtxQMB0wh6Fm3rHwSdA845REnmICx5AFkCZLvtfiLVQfLw5PxlRu
axjtF8voIl5PeixLUkjC1TqOZHGQXq4lg16wXs6G3wj5ztIEIOgWM7xcuHGLyDkR
+onVEy2M4IE1Dx+nTuIYSWTnsYeZ1vKn7kGqTeQJruBhXTcZe56JLe90q/mzx4pB
058EzhlQ8W6FKfFouAIH4vmYiIOmicshGOKRnBFDwCQ1r01cPlVCNR8AOUzZb4Yz
n2DH2pMV4cR/k9+lhzQ5Ndd/TccCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTMxQHk
ErKNMrCUapji3lWhxbxahjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjE4MTEwNDYtNTc3MS00ODBmLTlmNDItYzAwZjMzZTk4NGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBioBBXgQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAwP9b3Ln2LglQBjueIFdl+/unNvG5fApXB6jn
Nw/xfUdR1rHAwhLxU8j/myPCoNAkwDOTqAUq0es9oR7EZ3eW1+38qW6fwIqkDfCy
KalQCWhSbhCjLXNb2BGtbepEa0gSzeMhMBd8QheDOdo/ziQ3c3Hfk2aQGlRZ/QPu
DsjXasx38dWF94IyTtK0PNurrVfLtuxREoYZ/MtOGYboNBp7U24ofuRP/VncM7so
TfBzTmO4msrSTow4D+MdeiPtcQxoPSRyoCwnl4t7TJxxlKQcLt/EW4PR7InGXMQa
jMGcZt0G/MEyO2AA6ogMSe5ffdlYxRwOmyiA2/XejaJUX51JFg==
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:26 2024 by rpki-client on console-ams.rpki-client.org