Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0ad4a04d-fea6-4341-bc93-2743f2493a1e.roa
File: 0ad4a04d-fea6-4341-bc93-2743f2493a1e.roa (raw, json)
Hash identifier: m2T8vD3Mewo1W6whPc2l04ffq6GTx+NdVgIJn/n+QAo=
Subject key identifier: 8A:7F:22:58:D0:35:36:EC:51:B9:EC:86:5B:6E:11:4E:FF:13:00:8B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3121575FDD897EA0794277DC3C7A28953640CC04
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0ad4a04d-fea6-4341-bc93-2743f2493a1e.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:21:57:5f:dd:89:7e:a0:79:42:77:dc:3c:7a:28:95:36:40:cc:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=125012c46c8d798b5ff93f12e34ae3aab9cadcd6bbf0491d114332b00a4e61bd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:de:2e:10:6b:4c:81:d7:65:e7:74:65:53:d8:
46:5d:b1:06:82:28:ea:1a:e0:bb:9f:ff:eb:5d:b6:
68:87:91:db:07:5c:86:6c:98:ae:9a:b5:37:ba:18:
f6:26:c6:d2:36:48:5f:98:ea:ea:4e:1b:c8:ef:b3:
b3:42:e3:c5:8b:9a:05:d3:e4:66:d8:85:1b:fb:fb:
3c:58:53:df:d6:32:1f:e3:62:4a:47:c2:f6:a7:b9:
bc:e1:58:55:91:36:33:39:1a:29:06:9a:98:df:44:
ab:7e:6c:57:27:5c:4f:6c:0f:4a:e2:66:2c:3c:06:
c5:00:0c:47:ea:26:78:48:93:d8:de:4c:54:7b:98:
bd:43:ce:95:e8:df:6a:34:1a:20:bc:85:cb:db:6e:
35:c9:d9:b6:c3:17:51:80:72:36:86:56:e7:35:1b:
62:38:01:9e:35:2e:db:e6:08:b4:6d:b2:6f:77:5c:
08:03:8a:95:44:aa:8b:a0:96:e8:e5:3c:56:7c:87:
1f:9a:be:98:51:7e:d5:6a:90:a6:ed:63:82:80:82:
94:fd:d6:1d:05:57:3d:92:fc:3e:2a:8b:05:8a:3c:
53:01:a2:4c:ea:a7:3a:ec:8b:f9:a2:62:fd:76:dd:
f9:73:23:73:3b:fe:f5:e0:46:e9:ae:49:05:da:d2:
d3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:7F:22:58:D0:35:36:EC:51:B9:EC:86:5B:6E:11:4E:FF:13:00:8B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0ad4a04d-fea6-4341-bc93-2743f2493a1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/14
Signature Algorithm: sha256WithRSAEncryption
5c:f1:8d:8e:53:c9:24:7c:47:5b:c7:f1:e1:00:fa:ce:4b:b6:
73:64:cd:97:d7:39:96:1a:0a:c0:14:40:a9:e5:c2:20:95:4b:
c7:b2:2c:a7:46:21:39:60:ec:38:b4:2c:94:60:98:42:eb:76:
fe:72:7c:bf:2e:74:a1:a7:ad:50:c0:5a:f9:98:b4:bf:9c:be:
bd:37:af:b9:f9:61:cc:36:49:cc:99:b1:38:c8:44:47:da:ab:
33:63:8a:87:4c:95:ed:3a:52:77:8b:5f:76:00:bd:17:fc:c3:
f7:d3:70:12:1b:d0:8c:7f:ec:e6:66:fb:ce:d4:ca:96:aa:9d:
05:e3:16:0f:39:09:b2:fe:26:00:71:33:ac:27:72:85:e2:ff:
0f:70:07:3a:42:18:fd:68:d9:5e:ff:93:8e:b5:8b:58:0b:1b:
29:21:d6:bb:d6:f8:ff:c9:23:29:7b:8a:fa:64:ec:65:58:46:
6f:0e:5b:00:84:71:f6:a0:bc:ca:19:be:d8:80:61:6a:3c:a8:
2e:be:78:67:6e:a0:36:df:d4:51:2b:bf:63:e3:0a:7d:d3:fb:
4d:16:88:ac:37:d0:d7:2c:c9:7b:73:ef:9f:9b:9a:2b:d7:ee:
56:3a:ba:eb:77:da:05:78:d3:d3:e9:eb:50:84:cf:cf:57:9e:
0b:59:32:e6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMSFXX92JfqB5QnfcPHoolTZAzAQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyNTAxMmM0NmM4ZDc5OGI1ZmY5M2YxMmUzNGFlM2FhYjljYWRjZDZiYmYw
NDkxZDExNDMzMmIwMGE0ZTYxYmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXeLhBrTIHXZed0ZVPYRl2xBoIo6hrgu5//6122aIeR2wdchmyYrpq1N7oY
9ibG0jZIX5jq6k4byO+zs0LjxYuaBdPkZtiFG/v7PFhT39YyH+NiSkfC9qe5vOFY
VZE2MzkaKQaamN9Eq35sVydcT2wPSuJmLDwGxQAMR+omeEiT2N5MVHuYvUPOlejf
ajQaILyFy9tuNcnZtsMXUYByNoZW5zUbYjgBnjUu2+YItG2yb3dcCAOKlUSqi6CW
6OU8VnyHH5q+mFF+1WqQpu1jgoCClP3WHQVXPZL8PiqLBYo8UwGiTOqnOuyL+aJi
/Xbd+XMjczv+9eBG6a5JBdrS05UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSKfyJY
0DU27FG57IZbbhFO/xMAizAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGFkNGEwNGQtZmVhNi00MzQxLWJjOTMtMjc0M2YyNDkzYTFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNcMA0G
CSqGSIb3DQEBCwUAA4IBAQBc8Y2OU8kkfEdbx/HhAPrOS7ZzZM2X1zmWGgrAFECp
5cIglUvHsiynRiE5YOw4tCyUYJhC63b+cny/LnShp61QwFr5mLS/nL69N6+5+WHM
NknMmbE4yERH2qszY4qHTJXtOlJ3i192AL0X/MP303ASG9CMf+zmZvvO1MqWqp0F
4xYPOQmy/iYAcTOsJ3KF4v8PcAc6Qhj9aNle/5OOtYtYCxspIda71vj/ySMpe4r6
ZOxlWEZvDlsAhHH2oLzKGb7YgGFqPKguvnhnbqA239RRK79j4wp90/tNFoisN9DX
LMl7c++fm5or1+5WOrrrd9oFeNPT6etQhM/PV54LWTLm
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org