Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f4d4070b-fb20-4536-8c71-53420a83e347.roa
File: f4d4070b-fb20-4536-8c71-53420a83e347.roa (raw, json)
Hash identifier: Kgnf7H2QjSRyS83Tldrx0Hbr110FFd1P0KIcnsBqqRA=
Subject key identifier: 02:E8:9E:59:92:06:B5:06:98:8B:5F:62:D3:CA:05:30:09:19:5B:B3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5583AD0BF15B961176A440FE46F4C4AE0B854004
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f4d4070b-fb20-4536-8c71-53420a83e347.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:83:ad:0b:f1:5b:96:11:76:a4:40:fe:46:f4:c4:ae:0b:85:40:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=73b61e4f38563a36facb37a94846b94726276be5ccb046d437083e7cac6e44f3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e4:10:b9:6c:20:59:e2:ab:5a:30:8d:5e:c0:
c6:59:f5:89:de:5c:54:7a:90:54:9c:f0:16:1a:97:
e6:83:65:01:5e:96:ab:23:15:93:70:69:76:6b:be:
ed:70:dc:0a:ec:16:b1:f3:9e:61:b5:0c:69:92:46:
f6:34:ba:39:28:af:48:85:32:b9:7d:3a:36:e0:4b:
65:3a:45:57:a3:ff:e6:26:17:9e:02:8f:3b:37:4c:
c6:a8:b3:8f:4e:29:a9:11:77:e5:08:35:81:1e:d2:
ce:5f:cf:d8:df:7a:a5:6b:7f:46:92:55:98:53:85:
1e:10:90:7e:93:9e:e5:03:03:30:fd:15:36:e5:d9:
58:a0:5e:3e:12:04:72:c8:fb:67:47:b3:dd:e2:e8:
d0:5e:78:d2:d8:63:4b:58:47:8e:97:e1:a8:f7:6a:
37:de:ca:33:ad:97:92:c7:a2:a4:35:70:83:57:c6:
91:65:57:86:54:9a:c3:27:0a:ff:76:35:4b:31:38:
6a:dd:91:10:19:6c:a6:be:aa:95:c2:1d:f4:78:4b:
c1:cc:95:8a:2b:be:b8:24:cf:1b:d6:11:11:8a:53:
ac:d1:c5:f9:42:cb:d0:7b:4b:eb:f0:eb:c1:0b:93:
61:9b:7a:95:a2:3d:a3:1d:80:b6:80:64:5c:8a:7e:
f2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:E8:9E:59:92:06:B5:06:98:8B:5F:62:D3:CA:05:30:09:19:5B:B3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f4d4070b-fb20-4536-8c71-53420a83e347.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:2b:37:bb:e5:5c:2f:4b:62:7a:37:00:f1:fa:9e:f4:d5:fc:
b4:27:37:7d:32:01:c2:d0:43:67:bb:ca:f6:5a:6d:07:2e:bb:
5f:68:1e:5f:80:6a:c5:cf:fe:44:1d:ae:0b:7f:0d:d0:8b:7e:
0f:98:f0:03:27:1d:c4:18:e2:b0:e9:6a:96:69:4b:2b:78:b2:
a4:66:29:3c:a9:01:20:b1:4f:63:ea:31:1f:74:a9:b8:d0:cc:
32:01:d9:95:06:23:b5:89:c3:e5:bd:38:a7:39:22:56:e4:29:
b9:2b:34:54:f0:48:db:a6:7a:cb:99:08:e4:cb:09:d5:7b:8b:
df:0c:1a:86:88:31:03:1e:11:05:da:ff:fa:84:cf:3d:9e:4c:
35:40:23:60:31:09:c6:66:e3:87:4c:cf:e8:61:a9:5f:87:b9:
09:a1:7c:d0:63:2d:d1:bf:de:be:6f:bb:35:57:22:80:76:d0:
ce:8a:07:b2:25:a3:f4:a6:ab:40:2a:4c:64:1b:71:af:c9:60:
9d:7e:38:10:ee:9a:ae:d3:a1:c3:dc:fb:45:00:ee:ab:a3:de:
c0:0f:5c:48:61:ea:24:59:59:e0:6e:3e:7f:cb:64:9d:cc:b9:
73:f7:7d:34:08:e6:c1:2b:b0:bc:28:13:4d:9c:e5:29:6b:35:
d1:7e:66:38
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVYOtC/FblhF2pED+RvTErguFQAQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDczYjYxZTRmMzg1NjNhMzZmYWNiMzdhOTQ4NDZiOTQ3MjYyNzZiZTVjY2Iw
NDZkNDM3MDgzZTdjYWM2ZTQ0ZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3kELlsIFniq1owjV7Axln1id5cVHqQVJzwFhqX5oNlAV6WqyMVk3Bpdmu+
7XDcCuwWsfOeYbUMaZJG9jS6OSivSIUyuX06NuBLZTpFV6P/5iYXngKPOzdMxqiz
j04pqRF35Qg1gR7Szl/P2N96pWt/RpJVmFOFHhCQfpOe5QMDMP0VNuXZWKBePhIE
csj7Z0ez3eLo0F540thjS1hHjpfhqPdqN97KM62XkseipDVwg1fGkWVXhlSawycK
/3Y1SzE4at2REBlspr6qlcId9HhLwcyViiu+uCTPG9YREYpTrNHF+ULL0HtL6/Dr
wQuTYZt6laI9ox2AtoBkXIp+8h0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQC6J5Z
kga1BpiLX2LTygUwCRlbszAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjRkNDA3MGItZmIyMC00NTM2LThjNzEtNTM0MjBhODNlMzQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQAOKze75VwvS2J6NwDx+p701fy0Jzd9MgHC0ENnu8r2
Wm0HLrtfaB5fgGrFz/5EHa4Lfw3Qi34PmPADJx3EGOKw6WqWaUsreLKkZik8qQEg
sU9j6jEfdKm40MwyAdmVBiO1icPlvTinOSJW5Cm5KzRU8EjbpnrLmQjkywnVe4vf
DBqGiDEDHhEF2v/6hM89nkw1QCNgMQnGZuOHTM/oYalfh7kJoXzQYy3Rv96+b7s1
VyKAdtDOigeyJaP0pqtAKkxkG3GvyWCdfjgQ7pqu06HD3PtFAO6ro97AD1xIYeok
WVngbj5/y2SdzLlz9300CObBK7C8KBNNnOUpazXRfmY4
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org