Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bdc7597-5430-429b-990a-e3659e2e6227.roa
File: 0bdc7597-5430-429b-990a-e3659e2e6227.roa (raw, json)
Hash identifier: /pXQGkLVViG2JcBdFOM4I7KtrRWGmHGSfCDolOOhcmQ=
Subject key identifier: C4:C4:A1:A3:B1:96:CB:91:51:FF:9D:BE:2E:B2:24:B2:AD:E5:99:FA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66FB1DCB5FC5A21DEB6072ACF1BD2FED35D29275
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bdc7597-5430-429b-990a-e3659e2e6227.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.84.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:fb:1d:cb:5f:c5:a2:1d:eb:60:72:ac:f1:bd:2f:ed:35:d2:92:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=cb5ee32033333226760d468d78ac629fcdb8a7a34bff9ee8ef7880794b50bf2a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2b:2a:a4:88:1c:10:88:f8:40:fd:cd:4c:de:
6d:06:b1:75:fc:7d:73:3b:cc:c4:94:0d:7c:16:46:
18:36:d7:ed:de:c8:c8:55:ac:40:a0:7e:6d:8f:a7:
0d:1d:42:a2:72:fa:06:24:ea:92:d2:33:28:40:2c:
07:9a:24:9c:e8:d3:41:9c:0d:ab:4d:40:c0:69:44:
a0:27:5a:74:66:13:10:2b:60:3b:e2:bd:1d:b6:7f:
97:da:37:fc:3e:8e:49:9b:b1:cd:88:b1:9a:23:80:
2c:b7:69:2b:76:02:14:1c:23:a1:73:8e:a7:ec:63:
90:2b:2c:b9:1c:54:3a:0d:5a:ab:5c:6f:38:a8:2c:
70:20:f5:18:61:db:a7:21:f8:58:63:10:0d:28:32:
da:02:eb:a6:d7:df:e4:59:e9:19:85:e5:59:44:f0:
24:e5:21:de:8d:80:49:bf:83:45:61:dc:fa:4c:83:
2e:c1:8c:06:82:fe:be:cf:e8:c1:c7:b1:13:b3:9a:
60:83:0f:84:f2:17:a9:1f:08:94:75:a2:2a:af:2f:
e5:18:17:7a:75:6f:1e:55:a3:5d:d2:14:ac:ab:c7:
bf:75:59:28:61:1f:fe:ff:ee:d0:4f:1e:79:bf:ee:
b2:bd:2c:f2:0a:e8:1e:00:4f:fc:aa:d2:2b:cd:ac:
3b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C4:A1:A3:B1:96:CB:91:51:FF:9D:BE:2E:B2:24:B2:AD:E5:99:FA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bdc7597-5430-429b-990a-e3659e2e6227.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
77:83:3d:03:50:27:24:a2:eb:d8:99:31:24:c6:5f:f4:1d:1a:
e4:da:37:6d:76:a9:3d:23:38:59:1d:dc:8b:ad:e0:4b:73:bb:
8c:ef:e4:b5:b7:f0:8f:32:4c:1a:6e:85:24:2a:bd:46:24:84:
9f:7c:35:90:54:2d:b6:c7:a3:c8:b5:8e:4c:72:2c:af:5b:8e:
77:50:aa:00:5f:61:29:ba:b1:eb:89:9c:a2:21:1e:f7:7f:52:
7c:b2:20:b6:e9:86:9b:4c:64:f1:c1:b0:64:f7:44:3c:76:62:
51:77:64:b9:d7:d5:e6:60:82:6d:03:03:73:97:7e:04:e5:6a:
b9:7e:03:9f:8a:3a:62:9a:15:57:a0:6d:e6:76:6d:9a:c3:fb:
83:90:05:75:a9:cf:b3:e4:df:f9:88:0c:9c:77:31:8c:c6:78:
72:06:0f:44:a0:9d:b1:37:ef:a6:a1:3b:8a:1a:c5:34:f7:2b:
c5:73:b2:36:2f:3d:6c:92:cc:dc:fb:e9:57:0e:89:fa:cc:12:
d4:ae:da:7a:06:8b:60:b3:65:a8:ff:64:cb:df:f3:97:7e:43:
41:cd:d0:fe:75:5e:d6:9f:06:cc:53:55:b8:1e:24:0c:c0:90:
a0:1b:b7:02:cb:d6:bb:e9:20:aa:ea:f7:aa:98:b6:da:a2:f1:
a4:54:8f:7f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZvsdy1/Foh3rYHKs8b0v7TXSknUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiNWVlMzIwMzMzMzMyMjY3NjBkNDY4ZDc4YWM2MjlmY2RiOGE3YTM0YmZm
OWVlOGVmNzg4MDc5NGI1MGJmMmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4rKqSIHBCI+ED9zUzebQaxdfx9czvMxJQNfBZGGDbX7d7IyFWsQKB+bY+n
DR1ConL6BiTqktIzKEAsB5oknOjTQZwNq01AwGlEoCdadGYTECtgO+K9HbZ/l9o3
/D6OSZuxzYixmiOALLdpK3YCFBwjoXOOp+xjkCssuRxUOg1aq1xvOKgscCD1GGHb
pyH4WGMQDSgy2gLrptff5FnpGYXlWUTwJOUh3o2ASb+DRWHc+kyDLsGMBoL+vs/o
wcexE7OaYIMPhPIXqR8IlHWiKq8v5RgXenVvHlWjXdIUrKvHv3VZKGEf/v/u0E8e
eb/usr0s8groHgBP/KrSK82sO50CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTExKGj
sZbLkVH/nb4usiSyreWZ+jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGJkYzc1OTctNTQzMC00MjliLTk5MGEtZTM2NTllMmU2MjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQB3gz0DUCckouvYmTEkxl/0HRrk2jdtdqk9IzhZHdyL
reBLc7uM7+S1t/CPMkwaboUkKr1GJISffDWQVC22x6PItY5MciyvW453UKoAX2Ep
urHriZyiIR73f1J8siC26YabTGTxwbBk90Q8dmJRd2S519XmYIJtAwNzl34E5Wq5
fgOfijpimhVXoG3mdm2aw/uDkAV1qc+z5N/5iAycdzGMxnhyBg9EoJ2xN++moTuK
GsU09yvFc7I2Lz1skszc++lXDon6zBLUrtp6Botgs2Wo/2TL3/OXfkNBzdD+dV7W
nwbMU1W4HiQMwJCgG7cCy9a76SCq6veqmLbaovGkVI9/
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org