Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
File: 06aca655-45be-4c1b-a8aa-1f048326385e.roa (raw, json)
Hash identifier: IYTJMxLfe1gslyQvf39Gwq49yyJENBOi0RSD2+mzh/4=
Subject key identifier: D6:E4:F6:06:86:7D:54:CE:A9:29:0A:FA:A1:37:28:69:A9:58:2A:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 75FC900BBEAD49D87B0238A6E4D7226D39F0BD8E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:fc:90:0b:be:ad:49:d8:7b:02:38:a6:e4:d7:22:6d:39:f0:bd:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=3c3c7ec61c876ecd67c869835fd10befa82c1d1013e2d56997ba4fe820c26779, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7e:d4:75:d9:1a:98:2d:e8:03:1b:a8:30:29:
54:31:82:7a:e0:5f:5e:95:54:93:49:e7:3b:8a:c8:
12:e7:b9:1b:08:28:c4:85:9d:9d:d4:83:54:a5:7b:
cd:da:fd:24:8f:37:b5:3f:ba:18:68:50:0a:f0:df:
3f:c8:09:f1:b2:14:7a:18:cd:08:69:aa:5d:96:6c:
f9:34:c1:5e:1c:62:0e:ee:7c:1d:5c:8b:56:d2:3c:
ff:dc:d0:8f:9e:31:84:cb:c5:f3:27:a6:17:56:24:
06:d5:eb:47:16:7c:70:03:77:15:79:1d:d2:b3:1f:
e1:e8:31:49:a4:a4:35:40:be:7b:33:87:57:36:5e:
94:3a:e9:eb:cd:cf:dc:a5:66:86:ad:b8:86:0d:af:
b4:90:8f:10:82:9a:ab:cc:f7:3f:43:82:04:9a:4e:
84:1a:9c:2e:c0:c6:1b:b4:14:71:34:9a:27:dc:9b:
d8:fc:71:e3:8a:a2:28:2e:ca:78:0e:b1:b4:67:e9:
d8:3c:4f:6d:51:d2:86:13:68:87:d2:95:08:18:ab:
06:54:84:ab:2f:45:28:0a:67:a0:63:ce:14:6a:5f:
af:59:70:c0:5e:44:a0:ef:a5:57:0a:d7:2f:f2:4d:
ca:05:1f:51:a8:53:c9:95:7c:05:7e:36:e0:9a:0c:
dc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E4:F6:06:86:7D:54:CE:A9:29:0A:FA:A1:37:28:69:A9:58:2A:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
86:66:74:8f:41:f0:2d:93:b2:7a:2c:1b:c5:42:54:16:a2:b3:
8c:71:15:0f:06:42:bf:66:63:18:05:a9:9a:a4:c5:0c:eb:1a:
cc:c1:f5:0b:0a:28:01:47:d4:07:c6:43:a7:ec:94:70:be:c5:
e8:aa:99:bb:fb:57:7f:ce:69:d3:ad:02:5d:2c:2d:c4:1c:77:
a0:5d:67:0e:3c:1d:70:b3:0d:06:7d:98:fd:7f:c7:71:53:d6:
cc:74:cd:72:09:7a:94:43:63:68:ce:b2:d3:40:76:40:69:b1:
dc:e0:8a:4b:0c:af:91:b4:65:04:64:16:9a:1c:4a:81:58:01:
19:3a:c6:45:db:12:3d:b3:f6:54:03:cb:b6:47:8d:37:73:36:
a1:eb:98:db:2f:c4:b6:27:fe:0a:e6:44:e1:62:d6:28:0c:7b:
b6:76:20:5e:13:0c:09:23:76:68:e6:e3:a4:be:cf:3b:be:82:
b2:04:74:9d:20:63:92:6b:3f:c7:40:79:7a:8a:85:e8:ea:96:
38:79:96:23:78:d9:3a:95:6c:26:f1:69:6d:28:d0:eb:1b:7d:
b0:f3:3a:1a:fc:ee:4f:a9:b1:1e:18:14:32:db:61:e8:8c:fe:
18:c3:ae:7b:d8:5b:c6:23:e2:eb:ff:f6:5f:76:34:7a:23:6b:
2e:bf:c6:d9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdfyQC76tSdh7Ajim5NcibTnwvY4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjM2M3ZWM2MWM4NzZlY2Q2N2M4Njk4MzVmZDEwYmVmYTgyYzFkMTAxM2Uy
ZDU2OTk3YmE0ZmU4MjBjMjY3NzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI9+1HXZGpgt6AMbqDApVDGCeuBfXpVUk0nnO4rIEue5GwgoxIWdndSDVKV7
zdr9JI83tT+6GGhQCvDfP8gJ8bIUehjNCGmqXZZs+TTBXhxiDu58HVyLVtI8/9zQ
j54xhMvF8yemF1YkBtXrRxZ8cAN3FXkd0rMf4egxSaSkNUC+ezOHVzZelDrp683P
3KVmhq24hg2vtJCPEIKaq8z3P0OCBJpOhBqcLsDGG7QUcTSaJ9yb2Pxx44qiKC7K
eA6xtGfp2DxPbVHShhNoh9KVCBirBlSEqy9FKApnoGPOFGpfr1lwwF5EoO+lVwrX
L/JNygUfUahTyZV8BX424JoM3FsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTW5PYG
hn1UzqkpCvqhNyhpqVgqSjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDZhY2E2NTUtNDViZS00YzFiLWE4YWEtMWYwNDgzMjYzODVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQCGZnSPQfAtk7J6LBvFQlQWorOMcRUPBkK/ZmMYBama
pMUM6xrMwfULCigBR9QHxkOn7JRwvsXoqpm7+1d/zmnTrQJdLC3EHHegXWcOPB1w
sw0GfZj9f8dxU9bMdM1yCXqUQ2NozrLTQHZAabHc4IpLDK+RtGUEZBaaHEqBWAEZ
OsZF2xI9s/ZUA8u2R403czah65jbL8S2J/4K5kThYtYoDHu2diBeEwwJI3Zo5uOk
vs87voKyBHSdIGOSaz/HQHl6ioXo6pY4eZYjeNk6lWwm8WltKNDrG32w8zoa/O5P
qbEeGBQy22HojP4Yw6572FvGI+Lr//ZfdjR6I2suv8bZ
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org