Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
File: 123b20eb-4142-4c18-96e0-d1871de66fd3.roa (raw, json)
Hash identifier: AtqWs6UC8GKjNpfz2O8HYUZOQYJSgcoKyO+c7iUi+tg=
Subject key identifier: 53:EC:81:1E:12:33:7D:76:B0:84:B7:77:6D:A5:D3:CA:ED:8A:49:69
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 40D86E54329D8CF7B8AE03AACB3A01BC29803F2E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.214.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:d8:6e:54:32:9d:8c:f7:b8:ae:03:aa:cb:3a:01:bc:29:80:3f:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=c44309dfebe8dd157dcf425d86fc2c4b90cc5dac9bb5c4d5eb5ffeee0525edb1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b6:1f:fe:21:a4:7a:ee:d8:45:7b:4e:7f:6d:
69:7f:4a:c4:86:ca:ff:c6:08:4c:23:03:c6:c4:a4:
a9:6a:36:d2:3f:e3:91:dd:f7:e4:aa:16:89:1c:da:
ea:af:86:03:7e:a7:94:2c:0d:a7:33:83:36:dd:6c:
68:4b:1b:d1:1a:ef:f3:06:e4:0d:86:7f:11:62:a2:
ac:b8:92:87:c2:ce:1e:79:90:be:85:df:24:e2:05:
be:d3:46:2a:1c:06:31:ad:11:b8:59:6e:aa:c7:88:
74:d6:ed:07:6e:d4:ed:c2:75:87:54:7e:0a:35:ee:
f6:1b:cb:8b:8e:35:ac:6f:99:56:ea:f4:2d:6d:6b:
9a:39:04:6c:66:fe:09:a5:33:ea:6c:bc:70:de:0a:
2d:b5:70:8b:a7:df:97:a3:38:93:e5:2b:30:f0:e6:
2e:49:ac:f9:83:ed:84:cc:2e:38:8b:12:dd:03:29:
01:b2:d2:f8:fe:26:fb:29:ff:7f:9a:1b:0b:1e:6a:
49:e7:86:65:c4:be:b0:bc:fd:23:ee:3d:ea:78:9b:
8a:fd:17:9d:fa:3f:15:be:aa:9d:ec:2a:4d:40:c1:
67:48:e7:f2:a3:9b:55:61:8c:34:7c:30:aa:84:c4:
21:2b:3e:27:32:f8:5e:34:04:10:69:69:80:90:71:
f4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EC:81:1E:12:33:7D:76:B0:84:B7:77:6D:A5:D3:CA:ED:8A:49:69
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.214.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3f:50:f7:4f:01:ea:f7:4d:eb:99:e4:1d:70:ad:39:48:50:7e:
65:46:52:8a:eb:9d:ec:e6:36:c5:5d:04:a0:78:ca:d1:1f:48:
10:c5:06:a1:ed:7b:d9:4d:f6:7b:3b:a9:1d:5a:37:e9:27:79:
3f:40:dd:34:52:04:16:94:27:91:4b:56:e3:d4:d7:ba:56:51:
7e:70:a2:9b:e8:72:aa:fe:92:5a:2c:cc:31:a6:c0:ef:3e:5a:
e9:b1:1c:35:84:98:97:4c:ac:fd:c2:52:ce:88:dd:dc:28:15:
9e:15:9b:74:83:59:6e:f5:61:45:cb:d1:1a:30:f7:ac:52:9e:
6b:3d:80:df:ab:6b:60:7d:5c:79:89:6c:e4:45:dd:1d:32:7d:
97:33:d6:5a:66:37:74:39:08:31:cc:4d:0e:83:ed:66:c2:1a:
99:1b:16:7c:a5:02:60:f8:68:88:78:ff:6f:32:10:dc:6c:6b:
6e:36:d1:d0:cd:c9:f5:cc:78:13:5e:81:8e:0e:ee:c1:30:79:
b9:ef:a0:ce:c5:ed:ca:34:df:20:ba:09:61:e2:dd:fb:7d:52:
58:c7:a7:cc:14:b9:5a:34:2f:48:ab:51:1d:87:dd:73:e1:49:
42:b6:38:30:91:06:69:33:22:51:df:47:7e:56:b5:ae:c6:f5:
39:73:98:2f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQNhuVDKdjPe4rgOqyzoBvCmAPy4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0NDMwOWRmZWJlOGRkMTU3ZGNmNDI1ZDg2ZmMyYzRiOTBjYzVkYWM5YmI1
YzRkNWViNWZmZWVlMDUyNWVkYjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANW2H/4hpHru2EV7Tn9taX9KxIbK/8YITCMDxsSkqWo20j/jkd335KoWiRza
6q+GA36nlCwNpzODNt1saEsb0Rrv8wbkDYZ/EWKirLiSh8LOHnmQvoXfJOIFvtNG
KhwGMa0RuFluqseIdNbtB27U7cJ1h1R+CjXu9hvLi441rG+ZVur0LW1rmjkEbGb+
CaUz6my8cN4KLbVwi6ffl6M4k+UrMPDmLkms+YPthMwuOIsS3QMpAbLS+P4m+yn/
f5obCx5qSeeGZcS+sLz9I+496nibiv0Xnfo/Fb6qnewqTUDBZ0jn8qObVWGMNHww
qoTEISs+JzL4XjQEEGlpgJBx9K8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRT7IEe
EjN9drCEt3dtpdPK7YpJaTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTIzYjIwZWItNDE0Mi00YzE4LTk2ZTAtZDE4NzFkZTY2ZmQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G
CSqGSIb3DQEBCwUAA4IBAQA/UPdPAer3TeuZ5B1wrTlIUH5lRlKK653s5jbFXQSg
eMrRH0gQxQah7XvZTfZ7O6kdWjfpJ3k/QN00UgQWlCeRS1bj1Ne6VlF+cKKb6HKq
/pJaLMwxpsDvPlrpsRw1hJiXTKz9wlLOiN3cKBWeFZt0g1lu9WFFy9EaMPesUp5r
PYDfq2tgfVx5iWzkRd0dMn2XM9ZaZjd0OQgxzE0Og+1mwhqZGxZ8pQJg+GiIeP9v
MhDcbGtuNtHQzcn1zHgTXoGODu7BMHm576DOxe3KNN8guglh4t37fVJYx6fMFLla
NC9Iq1Edh91z4UlCtjgwkQZpMyJR30d+VrWuxvU5c5gv
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org