Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa4e984-a5f7-4c42-8d75-506f4844be77.roa
File: 1fa4e984-a5f7-4c42-8d75-506f4844be77.roa (raw, json)
Hash identifier: 5aYJvzCDonhWUn3cjGl5m1GZhy9Tv9VdzMv3y7mq6lE=
Subject key identifier: 78:5E:47:C5:59:AC:66:A4:8F:A3:80:FD:17:4C:21:BB:C2:5C:D7:D8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1290E2AB5D18BBC97FAF70D6BB0A89EF1805722B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa4e984-a5f7-4c42-8d75-506f4844be77.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:90:e2:ab:5d:18:bb:c9:7f:af:70:d6:bb:0a:89:ef:18:05:72:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=53447f1f9a206f983ce5da79c46ab97f84147b77dbd4479a98b05bfb70b25d06, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d5:4c:c3:61:01:f3:68:52:f9:ab:69:b9:e7:
ec:13:ba:04:82:99:99:3e:19:a0:14:81:fe:2a:b0:
c0:a9:7d:8b:0c:04:36:0b:2b:45:0a:4c:5a:9a:e9:
14:27:c1:b7:98:42:1a:de:d0:36:93:3d:69:a9:6b:
8b:d1:47:38:f8:c3:66:07:45:6c:5e:ae:89:2e:ad:
24:0a:a6:a6:1c:c6:f5:08:3a:d1:66:b4:bb:45:ab:
20:44:83:97:51:ac:86:f5:1f:24:e7:3e:e2:b8:b7:
c9:85:7f:a1:67:66:75:ce:e5:1d:4e:4d:c4:69:e6:
77:bd:62:ff:b9:98:2b:d5:62:d1:be:0d:f1:bc:9f:
1f:02:7c:eb:ab:45:84:48:a4:b5:68:ee:bb:69:a2:
a6:86:a3:f2:e6:63:83:8c:91:e4:10:b6:cc:07:87:
b0:bf:9b:26:26:11:fb:69:44:c1:6e:e3:54:a3:42:
2e:08:0f:04:db:ee:4a:50:02:ac:8d:b9:a0:b7:4d:
69:c2:95:85:de:7b:70:b3:0b:03:f1:f1:c7:bc:f5:
f6:60:08:88:0d:43:1c:30:34:1a:fa:93:d6:8a:d2:
75:8f:aa:7b:c5:8b:14:f6:cf:e3:5f:d5:f5:0b:c9:
7e:15:55:d8:08:9f:fd:63:22:e2:d6:b0:37:0a:86:
25:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:5E:47:C5:59:AC:66:A4:8F:A3:80:FD:17:4C:21:BB:C2:5C:D7:D8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa4e984-a5f7-4c42-8d75-506f4844be77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
75:cc:46:9d:25:17:86:8d:e7:6a:e9:28:b4:79:9e:7b:0b:fb:
6f:91:9f:41:ee:d3:a0:f3:22:32:16:10:b8:27:d7:06:bd:0a:
78:fc:d6:58:cf:8a:0d:3c:4d:f1:1d:76:1a:c4:15:22:d6:83:
a6:29:35:3f:ee:ac:63:37:07:35:0d:7e:74:8b:37:6e:f1:b2:
6e:cc:9e:89:88:38:6a:3f:15:11:31:ef:73:a1:99:8f:2b:82:
8a:d7:fd:59:c7:ed:df:f9:b9:d8:9a:e9:ec:d7:a5:bc:28:b5:
a0:09:81:90:1b:e6:df:f3:1b:8c:d1:a5:f2:2a:26:3a:09:e8:
ce:45:68:d8:96:03:8a:11:67:5b:38:ea:22:20:57:52:76:29:
e5:09:18:94:50:33:af:e2:d6:26:e7:dd:b6:fe:d5:8c:60:38:
05:c9:be:7e:2f:74:0a:67:e6:9c:31:8d:9f:15:aa:21:75:22:
5a:68:9b:8b:bf:a4:aa:d8:b5:74:eb:b5:6a:b3:e5:5e:1d:93:
35:ec:0c:ae:2f:2e:34:fe:d3:23:8f:a8:21:ec:3f:80:7b:37:
15:d9:87:66:f3:f2:98:91:d2:50:fc:44:37:56:6f:1f:7f:02:
36:e5:79:92:7e:1e:b6:c6:ba:bf:f5:4b:cf:c0:e9:a1:4c:87:
38:0e:11:6d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEpDiq10Yu8l/r3DWuwqJ7xgFciswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzNDQ3ZjFmOWEyMDZmOTgzY2U1ZGE3OWM0NmFiOTdmODQxNDdiNzdkYmQ0
NDc5YTk4YjA1YmZiNzBiMjVkMDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPVTMNhAfNoUvmrabnn7BO6BIKZmT4ZoBSB/iqwwKl9iwwENgsrRQpMWprp
FCfBt5hCGt7QNpM9aalri9FHOPjDZgdFbF6uiS6tJAqmphzG9Qg60Wa0u0WrIESD
l1GshvUfJOc+4ri3yYV/oWdmdc7lHU5NxGnmd71i/7mYK9Vi0b4N8byfHwJ866tF
hEiktWjuu2mipoaj8uZjg4yR5BC2zAeHsL+bJiYR+2lEwW7jVKNCLggPBNvuSlAC
rI25oLdNacKVhd57cLMLA/Hxx7z19mAIiA1DHDA0GvqT1orSdY+qe8WLFPbP41/V
9QvJfhVV2Aif/WMi4tawNwqGJX8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR4XkfF
WaxmpI+jgP0XTCG7wlzX2DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNGU5ODQtYTVmNy00YzQyLThkNzUtNTA2ZjQ4NDRiZTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQB1zEadJReGjedq6Si0eZ57C/tvkZ9B7tOg8yIyFhC4
J9cGvQp4/NZYz4oNPE3xHXYaxBUi1oOmKTU/7qxjNwc1DX50izdu8bJuzJ6JiDhq
PxURMe9zoZmPK4KK1/1Zx+3f+bnYmuns16W8KLWgCYGQG+bf8xuM0aXyKiY6CejO
RWjYlgOKEWdbOOoiIFdSdinlCRiUUDOv4tYm5922/tWMYDgFyb5+L3QKZ+acMY2f
FaohdSJaaJuLv6Sq2LV067Vqs+VeHZM17AyuLy40/tMjj6gh7D+AezcV2Ydm8/KY
kdJQ/EQ3Vm8ffwI25XmSfh62xrq/9UvPwOmhTIc4DhFt
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org