Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
File: 0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa (raw, json)
Hash identifier: mP6DT7MKlQQrUae4c4GfRmG/rUd+imkxq/E9hcGtnMs=
Subject key identifier: B3:E4:A4:6A:AC:D2:BC:54:01:1D:19:CC:05:3A:9E:C8:70:D6:8C:D4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 67DCA3A1A9B23FC75CC8C98BC4A33D30FFE34367
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:dc:a3:a1:a9:b2:3f:c7:5c:c8:c9:8b:c4:a3:3d:30:ff:e3:43:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=0c25a14e5599903ed535a3a454aa6492780cd68d06429a48a240e31623c17792, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cc:5b:ab:fd:82:11:fb:7e:3b:07:24:9b:a2:
89:dd:12:99:40:47:a0:84:0c:66:e6:ef:b2:c7:07:
ed:94:3b:37:a4:ef:ac:bc:48:76:3c:18:58:bd:6d:
00:50:a1:1f:3a:7c:f0:76:c9:ba:2d:87:f7:b1:4c:
32:60:d1:aa:93:9d:45:da:76:d3:25:d2:a8:0a:ed:
45:43:38:7e:01:fb:88:73:0e:d0:6e:00:98:5b:47:
8f:32:70:e6:2b:8f:cd:51:02:80:ac:57:f5:b9:4e:
46:73:38:2b:72:13:ff:7b:a0:24:5f:f6:5b:f0:b3:
1c:01:f7:ee:a1:95:c3:ee:4b:fd:a2:25:2e:11:89:
2b:8c:93:7c:f5:47:dc:99:57:5a:95:8b:60:2c:c1:
e9:45:8f:b6:dc:85:ff:58:bc:ab:c6:02:48:28:09:
0d:71:fb:67:88:ea:9f:d8:e1:1d:5f:89:a7:16:1b:
a9:c4:e9:23:ec:27:56:4f:4b:60:8e:6f:6e:60:cf:
46:a4:48:58:41:13:43:85:ee:a5:f9:2a:bc:0a:8a:
fe:ef:d4:94:a7:19:5f:17:8d:92:e7:0b:f5:cb:eb:
fc:15:38:e5:a7:d6:dd:b2:a0:14:1e:f1:1b:9d:ad:
82:eb:dd:d1:9a:22:05:df:ca:c9:27:e8:84:b7:69:
e0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E4:A4:6A:AC:D2:BC:54:01:1D:19:CC:05:3A:9E:C8:70:D6:8C:D4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
bc:36:58:4e:f4:69:7b:f1:f9:16:67:37:44:46:1f:de:97:0c:
82:6b:f5:f0:b6:9f:f0:56:42:84:d0:42:30:5f:95:7e:cd:b1:
da:21:2b:e0:a3:d0:80:6a:ee:17:3c:06:49:95:76:06:ab:ff:
dd:d9:60:8c:4e:14:cb:10:1f:f8:9d:92:1b:64:53:d4:d4:b9:
2e:b5:12:15:90:03:82:ed:22:53:a0:ab:b8:04:7b:cf:df:6e:
99:74:cf:b1:10:82:e2:86:35:b4:df:e7:62:a2:78:a4:43:8a:
26:3b:25:08:ea:65:34:e7:ca:e8:1d:5f:2d:00:2f:a6:aa:c7:
4f:33:dc:6c:ae:ea:17:6b:62:5d:39:0a:22:ed:be:ed:b5:c8:
f4:bf:ca:b6:7d:1d:bf:7b:94:90:74:ba:b0:d2:68:72:0c:78:
48:0c:a6:67:23:e5:4b:e8:a2:c1:42:6b:a1:9c:ed:a7:0d:ca:
80:82:71:31:a9:d3:0d:68:bb:a8:e3:16:43:5f:2e:27:6f:2f:
aa:aa:f8:5c:bb:f6:24:7c:7f:f2:f8:73:6e:c2:89:29:0a:65:
4e:fa:61:15:1c:98:00:18:18:f2:4d:7a:b7:38:e3:cc:f6:46:
23:f0:31:fc:3a:e5:f1:f3:b3:6b:87:a2:ac:28:5f:81:56:d7:
21:b2:f2:f9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZ9yjoamyP8dcyMmLxKM9MP/jQ2cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjMjVhMTRlNTU5OTkwM2VkNTM1YTNhNDU0YWE2NDkyNzgwY2Q2OGQwNjQy
OWE0OGEyNDBlMzE2MjNjMTc3OTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLMW6v9ghH7fjsHJJuiid0SmUBHoIQMZubvsscH7ZQ7N6TvrLxIdjwYWL1t
AFChHzp88HbJui2H97FMMmDRqpOdRdp20yXSqArtRUM4fgH7iHMO0G4AmFtHjzJw
5iuPzVECgKxX9blORnM4K3IT/3ugJF/2W/CzHAH37qGVw+5L/aIlLhGJK4yTfPVH
3JlXWpWLYCzB6UWPttyF/1i8q8YCSCgJDXH7Z4jqn9jhHV+JpxYbqcTpI+wnVk9L
YI5vbmDPRqRIWEETQ4XupfkqvAqK/u/UlKcZXxeNkucL9cvr/BU45afW3bKgFB7x
G52tguvd0ZoiBd/KySfohLdp4AMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSz5KRq
rNK8VAEdGcwFOp7IcNaM1DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGE1OGNlZjctNWZhNS00NTZkLTljZDctZDk2YmUxZjJmYWFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQC8NlhO9Gl78fkWZzdERh/elwyCa/Xwtp/wVkKE0EIw
X5V+zbHaISvgo9CAau4XPAZJlXYGq//d2WCMThTLEB/4nZIbZFPU1LkutRIVkAOC
7SJToKu4BHvP326ZdM+xEILihjW03+dionikQ4omOyUI6mU058roHV8tAC+mqsdP
M9xsruoXa2JdOQoi7b7ttcj0v8q2fR2/e5SQdLqw0mhyDHhIDKZnI+VL6KLBQmuh
nO2nDcqAgnExqdMNaLuo4xZDXy4nby+qqvhcu/YkfH/y+HNuwokpCmVO+mEVHJgA
GBjyTXq3OOPM9kYj8DH8OuXx87Nrh6KsKF+BVtchsvL5
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org