Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1db20bc8-3bbe-45ae-975a-e89becd95e47.roa
File: 1db20bc8-3bbe-45ae-975a-e89becd95e47.roa (raw, json)
Hash identifier: 9TdJmIYwjp14Cca6EYCNvNa5PnosSJN0qHr2ycSABH4=
Subject key identifier: F8:66:44:F4:33:4D:F4:FB:00:CA:7E:0D:04:16:98:4C:7C:12:F5:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3C4B55D4A7C361A05C1816C9D000EDF4C6B97F08
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1db20bc8-3bbe-45ae-975a-e89becd95e47.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.44.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:4b:55:d4:a7:c3:61:a0:5c:18:16:c9:d0:00:ed:f4:c6:b9:7f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=d2274c8bc48786499a6d5769ee3340a3870e8a7343bb4d69c471f082f0f20650, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:52:46:21:c1:d5:c1:cc:bb:f8:f0:64:ad:1d:
f2:7b:b7:b6:30:5c:ca:2b:3e:84:be:6a:7c:32:38:
ce:96:ce:0d:84:f6:71:f9:e5:ad:fd:f3:bf:b8:dd:
7a:b7:62:eb:f4:da:1a:e5:72:77:5e:17:72:0a:fc:
75:4b:59:6d:b9:ed:c0:68:1d:0e:59:47:ae:b5:25:
16:6c:e5:4f:31:8c:1b:4e:81:17:ab:54:26:d6:5b:
bd:16:ea:0a:20:02:e7:51:cb:81:80:ec:5d:af:25:
e4:62:18:d2:a2:79:a2:ae:56:13:a2:58:e3:71:1f:
09:da:94:4f:79:e0:e9:72:a6:02:f5:a1:30:cb:84:
e2:c5:02:97:9a:33:d1:ef:a1:42:52:26:61:5a:7a:
65:30:55:9f:10:98:ef:af:d0:01:6e:25:93:a3:76:
40:42:0c:80:b0:cf:cb:1e:19:28:ef:32:3c:dc:7b:
2b:d6:67:12:41:6f:30:38:95:8b:08:24:8b:54:ed:
ef:65:4a:1a:e0:44:98:10:b6:37:8c:be:4a:df:d3:
9c:c7:e3:46:46:47:26:af:4c:53:02:46:b0:fa:db:
c5:e9:77:44:0d:69:f2:01:5a:7f:d7:fd:71:26:02:
02:1d:e7:25:57:c8:52:43:d7:4f:fc:c5:f6:f0:8f:
2e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:66:44:F4:33:4D:F4:FB:00:CA:7E:0D:04:16:98:4C:7C:12:F5:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1db20bc8-3bbe-45ae-975a-e89becd95e47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
90:14:8c:1c:4c:7d:18:25:3c:5a:29:8c:06:5b:c0:0a:bd:07:
e7:c2:8c:0c:29:a4:d3:aa:a2:7a:ba:2e:ff:cd:71:1d:da:ee:
76:82:9d:e1:7f:9b:57:41:ad:d7:f2:65:3e:04:8e:22:ec:27:
ee:47:5c:d7:09:3a:01:fc:ff:f6:11:e0:aa:28:29:7a:bf:cd:
cc:47:41:4c:af:0a:cf:f3:85:d7:32:54:7d:b2:a4:73:2a:78:
15:7d:ac:80:fc:2a:bf:40:b4:5f:e4:e4:ef:ae:af:e5:58:22:
9e:cf:89:66:d7:46:77:9f:40:49:88:4e:c5:a2:a9:94:ba:42:
e4:eb:59:74:52:0f:11:6f:7d:31:e4:89:6a:19:f4:db:e4:58:
c0:34:38:27:b5:1c:03:5f:6f:bc:d9:6b:5f:ae:92:bb:e6:cf:
4b:e0:6e:48:24:74:44:c8:39:00:1e:b9:a8:93:32:f7:c1:ff:
6c:92:0f:23:4a:71:6e:83:79:89:be:07:78:5c:13:53:22:d1:
d7:c7:59:da:08:37:14:2c:c5:0a:5d:9b:a7:43:b6:b4:b3:d0:
24:a7:68:f2:4f:77:97:32:b6:4e:f5:88:ca:97:20:3c:20:3b:
08:97:01:ac:ef:a6:80:b9:ee:c4:e3:a4:61:6e:af:b6:2b:28:
a0:f4:06:7b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPEtV1KfDYaBcGBbJ0ADt9Ma5fwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyMjc0YzhiYzQ4Nzg2NDk5YTZkNTc2OWVlMzM0MGEzODcwZThhNzM0M2Ji
NGQ2OWM0NzFmMDgyZjBmMjA2NTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAORSRiHB1cHMu/jwZK0d8nu3tjBcyis+hL5qfDI4zpbODYT2cfnlrf3zv7jd
erdi6/TaGuVyd14Xcgr8dUtZbbntwGgdDllHrrUlFmzlTzGMG06BF6tUJtZbvRbq
CiAC51HLgYDsXa8l5GIY0qJ5oq5WE6JY43EfCdqUT3ng6XKmAvWhMMuE4sUCl5oz
0e+hQlImYVp6ZTBVnxCY76/QAW4lk6N2QEIMgLDPyx4ZKO8yPNx7K9ZnEkFvMDiV
iwgki1Tt72VKGuBEmBC2N4y+St/TnMfjRkZHJq9MUwJGsPrbxel3RA1p8gFaf9f9
cSYCAh3nJVfIUkPXT/zF9vCPLvECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT4ZkT0
M030+wDKfg0EFphMfBL1hjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRiMjBiYzgtM2JiZS00NWFlLTk3NWEtZTg5YmVjZDk1ZTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQCQFIwcTH0YJTxaKYwGW8AKvQfnwowMKaTTqqJ6ui7/
zXEd2u52gp3hf5tXQa3X8mU+BI4i7CfuR1zXCToB/P/2EeCqKCl6v83MR0FMrwrP
84XXMlR9sqRzKngVfayA/Cq/QLRf5OTvrq/lWCKez4lm10Z3n0BJiE7FoqmUukLk
61l0Ug8Rb30x5IlqGfTb5FjANDgntRwDX2+82WtfrpK75s9L4G5IJHREyDkAHrmo
kzL3wf9skg8jSnFug3mJvgd4XBNTItHXx1naCDcULMUKXZunQ7a0s9Akp2jyT3eX
MrZO9YjKlyA8IDsIlwGs76aAue7E46Rhbq+2Kyig9AZ7
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org