Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1350b3cb-6def-4283-90f3-051faef7a4e3.roa
File: 1350b3cb-6def-4283-90f3-051faef7a4e3.roa (raw, json)
Hash identifier: icbFslpqcBpx+y6HTHdDb9apBfu+JeN9mGvPV0KDKs4=
Subject key identifier: 6C:D3:94:DC:58:67:34:D6:1F:44:37:7D:6E:60:15:AA:12:93:D2:E2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7163872D993DCD1B03D834D673C1B03C0830F0A0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1350b3cb-6def-4283-90f3-051faef7a4e3.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:63:87:2d:99:3d:cd:1b:03:d8:34:d6:73:c1:b0:3c:08:30:f0:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=51070a5e8eb197b519bdb9cdd87c2e9e5bcfb7b9cf7cda5703bbaf00fe1ba6ce, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:3a:fb:c1:f3:37:a0:b7:5e:1b:00:01:00:23:
90:50:9c:31:60:cd:1c:98:0e:6e:6f:35:22:13:13:
29:b3:8b:86:c6:03:4e:68:f8:9e:27:a4:56:d9:2f:
2c:b8:d5:51:83:c1:3e:9f:95:ab:7c:9a:eb:63:86:
e6:c9:d5:ae:35:7f:26:49:05:d0:59:20:29:ae:96:
69:77:6f:6f:04:ad:02:40:f5:58:5d:2e:15:93:f9:
21:22:fc:3b:01:91:5a:80:32:f0:07:a6:1c:98:ef:
c6:3d:62:03:fd:82:1d:b2:68:a4:9f:99:0a:bb:0f:
c6:1f:01:cf:16:80:59:e1:28:b4:a7:f1:b7:a8:7a:
8c:d0:92:84:c6:fb:9d:b6:5c:98:cc:7e:e1:5b:ed:
77:a9:c9:1a:20:02:46:9f:c2:13:52:28:35:59:46:
3c:c4:f8:fe:7e:70:5b:34:3c:ce:df:a5:88:6f:09:
e8:e9:9e:ab:60:06:48:16:e6:a4:36:bb:ce:5a:f7:
9c:ec:4c:b0:5d:ec:d0:54:d4:43:f4:b4:e2:45:8b:
e6:9e:1f:25:fb:a7:0d:e2:92:0c:d9:31:ed:c4:7f:
b9:d5:1a:86:e8:1c:47:97:db:a1:eb:a9:65:84:80:
3c:36:af:e3:6b:8d:85:d7:57:af:48:03:37:b9:43:
c2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D3:94:DC:58:67:34:D6:1F:44:37:7D:6E:60:15:AA:12:93:D2:E2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1350b3cb-6def-4283-90f3-051faef7a4e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
25:e5:f0:9d:c9:8f:f3:94:f9:80:a8:73:50:59:7d:f6:ff:d0:
dd:5e:a3:de:17:1c:0b:0b:c8:23:ff:99:c6:9f:0f:d3:73:9f:
67:1b:16:ff:6f:94:48:67:27:1c:1c:83:52:12:4b:6b:90:32:
81:9f:d8:d2:08:bd:58:3c:67:08:e5:bf:83:c1:ce:1b:43:19:
0d:e9:18:26:80:fd:f0:0f:71:71:e7:09:3a:b4:6d:31:c8:ba:
40:01:27:71:b5:4c:82:99:b0:00:46:fd:66:8b:2d:f1:45:5f:
f0:73:3f:58:96:18:af:57:10:7b:44:2e:d9:4f:b0:76:72:80:
64:21:dd:db:69:ac:ee:c9:ab:68:d9:7e:1f:d4:52:38:bc:d1:
a6:86:a2:5c:63:50:75:fa:ba:1d:62:86:e6:86:e6:fe:9b:fd:
cf:62:d7:24:10:a9:b8:40:4b:8d:eb:3e:f4:25:5e:97:7e:e3:
c6:95:7f:85:64:62:6a:3f:90:28:3b:56:5f:be:4a:47:a0:ce:
38:fb:11:77:1f:4f:19:5e:6f:2d:ca:2f:23:1c:95:28:ee:d8:
2d:ce:65:45:82:cb:86:1a:43:b8:05:a1:38:11:f0:ce:cf:72:
c7:95:3d:66:74:29:b2:04:0f:95:62:a5:25:67:49:b2:14:25:
99:53:c9:91
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcWOHLZk9zRsD2DTWc8GwPAgw8KAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxMDcwYTVlOGViMTk3YjUxOWJkYjljZGQ4N2MyZTllNWJjZmI3YjljZjdj
ZGE1NzAzYmJhZjAwZmUxYmE2Y2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOI6+8HzN6C3XhsAAQAjkFCcMWDNHJgObm81IhMTKbOLhsYDTmj4niekVtkv
LLjVUYPBPp+Vq3ya62OG5snVrjV/JkkF0FkgKa6WaXdvbwStAkD1WF0uFZP5ISL8
OwGRWoAy8AemHJjvxj1iA/2CHbJopJ+ZCrsPxh8BzxaAWeEotKfxt6h6jNCShMb7
nbZcmMx+4Vvtd6nJGiACRp/CE1IoNVlGPMT4/n5wWzQ8zt+liG8J6Omeq2AGSBbm
pDa7zlr3nOxMsF3s0FTUQ/S04kWL5p4fJfunDeKSDNkx7cR/udUahugcR5fboeup
ZYSAPDav42uNhddXr0gDN7lDwtMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRs05Tc
WGc01h9EN31uYBWqEpPS4jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTM1MGIzY2ItNmRlZi00MjgzLTkwZjMtMDUxZmFlZjdhNGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQAl5fCdyY/zlPmAqHNQWX32/9DdXqPeFxwLC8gj/5nG
nw/Tc59nGxb/b5RIZyccHINSEktrkDKBn9jSCL1YPGcI5b+Dwc4bQxkN6RgmgP3w
D3Fx5wk6tG0xyLpAASdxtUyCmbAARv1miy3xRV/wcz9YlhivVxB7RC7ZT7B2coBk
Id3baazuyato2X4f1FI4vNGmhqJcY1B1+rodYobmhub+m/3PYtckEKm4QEuN6z70
JV6XfuPGlX+FZGJqP5AoO1ZfvkpHoM44+xF3H08ZXm8tyi8jHJUo7tgtzmVFgsuG
GkO4BaE4EfDOz3LHlT1mdCmyBA+VYqUlZ0myFCWZU8mR
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org