Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json)
Hash identifier: Eef0GHfYVYNsgcRrO7w8YSDj4z8DYkfZrhb7Kz82DxQ=
Subject key identifier: BE:F4:C3:01:F1:0F:A4:D3:77:24:D8:EC:36:84:3B:99:F9:B3:1F:8F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 23DDA8EA0CF5E1402A041A2B1D51CB1E624D31D2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:dd:a8:ea:0c:f5:e1:40:2a:04:1a:2b:1d:51:cb:1e:62:4d:31:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=8e1228015a402c6bdd4308d05402100e50cee1851ab6745dcba81f08cca5a407, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b3:ea:a9:96:20:b9:2d:a6:d5:4e:7e:91:71:
4d:c0:ed:3d:03:97:5b:a5:c0:5c:ff:d3:0c:ea:d2:
b0:15:6c:6b:99:40:b3:9c:bd:b6:85:53:5a:0e:e4:
52:ab:b9:73:85:3b:d4:20:5f:a1:1e:01:c7:a4:58:
40:6d:7c:d6:ff:16:73:cb:10:be:32:0f:2c:3f:8f:
e3:cd:1b:99:88:e0:0a:57:ef:89:78:4d:24:29:5c:
3f:8d:e3:dd:a1:e9:b4:f2:73:11:c3:c3:a6:ab:f7:
8e:0a:11:59:48:38:df:16:83:1d:9a:28:cf:74:d5:
01:3d:0b:0e:43:16:a6:20:79:e6:da:82:3e:d5:01:
c0:a3:64:b8:2f:b0:41:ed:24:e4:eb:99:7b:de:74:
91:a0:ab:81:13:8b:60:19:f1:aa:26:9c:e4:42:ad:
14:52:be:81:b1:28:38:92:bc:15:bc:d9:1b:50:b6:
c7:7f:d2:1c:1a:20:c4:19:16:1c:2f:d5:20:70:39:
6d:bc:14:a4:90:5b:ce:1b:82:fd:21:e1:8a:06:a9:
e0:92:04:b5:65:b0:dc:2e:60:11:d1:9f:a3:14:24:
bc:37:18:80:90:c5:3f:6c:b2:95:a6:9d:2a:e0:10:
8d:eb:af:79:f1:bf:54:b8:66:a2:ba:fa:71:ad:aa:
6d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:F4:C3:01:F1:0F:A4:D3:77:24:D8:EC:36:84:3B:99:F9:B3:1F:8F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1f:9d:14:0d:5c:80:ef:41:81:99:98:2c:a5:47:69:83:6b:0d:
2c:a4:c4:e4:24:9a:11:4e:d6:9d:d2:3b:ee:b8:7f:c6:5e:b1:
a7:d2:17:a2:83:50:38:e0:b4:ca:cd:14:ee:f0:db:a4:b3:79:
4e:0a:86:60:d7:4f:52:45:33:f6:9f:d0:a5:63:1d:6a:92:3b:
15:23:3b:d9:b3:9b:a3:9a:67:ae:e5:8b:2e:2c:5d:98:d4:13:
e4:a2:b3:0d:a8:5a:51:83:d6:6c:4e:6c:ce:ba:c3:eb:e2:e8:
80:41:74:d5:c8:cc:73:63:35:f1:cf:a6:ec:d2:ad:25:70:a9:
4f:0c:61:83:ae:d6:22:c4:bc:17:7c:95:db:b1:48:0a:91:a6:
a1:06:10:5d:80:e0:e2:d2:ac:72:b3:e8:53:23:58:5c:57:8d:
4e:28:ed:ed:45:be:6e:3b:1d:49:19:78:29:c2:a2:40:4e:81:
c8:6a:8f:20:a2:26:f8:3f:6b:41:a7:95:24:54:29:2f:d9:6c:
14:51:65:3a:27:7d:20:7e:1f:8e:8d:a6:aa:a1:fe:99:09:49:
7d:b4:d0:3a:30:1d:7c:de:46:3b:ac:0c:75:aa:4f:e5:05:ed:
10:0f:33:a2:e7:20:ab:7a:f9:fe:d3:7f:cf:8c:36:62:0a:35:
3d:8d:55:40
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUI92o6gz14UAqBBorHVHLHmJNMdIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlMTIyODAxNWE0MDJjNmJkZDQzMDhkMDU0MDIxMDBlNTBjZWUxODUxYWI2
NzQ1ZGNiYTgxZjA4Y2NhNWE0MDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2z6qmWILktptVOfpFxTcDtPQOXW6XAXP/TDOrSsBVsa5lAs5y9toVTWg7k
Uqu5c4U71CBfoR4Bx6RYQG181v8Wc8sQvjIPLD+P480bmYjgClfviXhNJClcP43j
3aHptPJzEcPDpqv3jgoRWUg43xaDHZooz3TVAT0LDkMWpiB55tqCPtUBwKNkuC+w
Qe0k5OuZe950kaCrgROLYBnxqiac5EKtFFK+gbEoOJK8FbzZG1C2x3/SHBogxBkW
HC/VIHA5bbwUpJBbzhuC/SHhigap4JIEtWWw3C5gEdGfoxQkvDcYgJDFP2yylaad
KuAQjeuvefG/VLhmorr6ca2qbbUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS+9MMB
8Q+k03ck2Ow2hDuZ+bMfjzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQAfnRQNXIDvQYGZmCylR2mDaw0spMTkJJoRTtad0jvu
uH/GXrGn0heig1A44LTKzRTu8Nuks3lOCoZg109SRTP2n9ClYx1qkjsVIzvZs5uj
mmeu5YsuLF2Y1BPkorMNqFpRg9ZsTmzOusPr4uiAQXTVyMxzYzXxz6bs0q0lcKlP
DGGDrtYixLwXfJXbsUgKkaahBhBdgODi0qxys+hTI1hcV41OKO3tRb5uOx1JGXgp
wqJAToHIao8goib4P2tBp5UkVCkv2WwUUWU6J30gfh+Ojaaqof6ZCUl9tNA6MB18
3kY7rAx1qk/lBe0QDzOi5yCrevn+03/PjDZiCjU9jVVA
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org