Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20422b97-bbd3-43a5-bd9e-56380296a638.roa
File: 20422b97-bbd3-43a5-bd9e-56380296a638.roa (raw, json)
Hash identifier: ECY0yO7pnk82UD6xF0DS+DuypPFT5L39GEhUx8+/w7E=
Subject key identifier: 16:10:62:8C:1E:4E:39:8D:B9:50:89:62:2B:D4:5F:60:68:3D:0B:68
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 34C55F9CF5939B850AB5E420B54ED306D44F81D9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20422b97-bbd3-43a5-bd9e-56380296a638.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:c5:5f:9c:f5:93:9b:85:0a:b5:e4:20:b5:4e:d3:06:d4:4f:81:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=07e37ebd6444d55d96874312964cde43d54cb4d9dfd71df8673d9872e35dce2c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9c:2e:43:a4:e3:32:7b:99:69:cc:81:94:04:
28:7d:bb:1a:fd:cb:99:4e:55:53:5e:ad:63:a3:4c:
1e:eb:39:a8:0c:cc:36:bd:30:c0:83:e7:1e:e3:68:
69:12:64:dd:58:90:03:21:ef:2a:a1:e0:ec:89:84:
bf:4e:25:cd:ff:c0:a3:85:1e:45:5f:f1:0a:0f:18:
7d:37:22:66:96:83:1e:3e:0c:e5:b1:69:6f:e9:11:
a8:27:9e:b3:11:87:69:c5:f7:25:90:c0:0b:dd:0a:
d9:fb:96:61:ce:00:fd:6d:9c:87:9c:1d:73:01:64:
43:e6:84:4e:57:ef:fd:4e:bf:d7:11:59:12:3b:bb:
0f:bf:18:7d:c7:e1:46:d4:fa:86:0b:2a:1e:00:85:
41:fc:cb:75:d5:6a:bb:9a:26:f5:f2:8d:f5:f4:db:
84:b8:a4:e3:02:f4:d6:90:00:bc:71:84:18:a4:8c:
61:b9:a7:cc:a3:f8:5c:e1:cc:af:cf:e8:34:47:62:
ae:98:1a:69:79:f8:26:15:9b:cb:68:b4:b1:ed:4b:
6e:ea:7a:f4:cb:3d:f1:82:51:6b:0d:4f:24:e0:90:
2f:7d:88:14:a3:ee:da:c0:ac:94:6b:fd:de:80:d7:
48:31:d1:26:86:0b:55:ff:51:02:fe:94:39:3b:1e:
2f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:10:62:8C:1E:4E:39:8D:B9:50:89:62:2B:D4:5F:60:68:3D:0B:68
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20422b97-bbd3-43a5-bd9e-56380296a638.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
88:05:8d:43:69:41:0c:bf:c2:31:81:be:6d:be:2c:d2:b8:00:
b0:fe:d9:b0:a0:b9:ad:18:44:ed:9f:ac:f1:0e:a1:83:e1:50:
7e:53:24:e7:dc:cc:d1:c2:c5:ca:de:35:6e:5d:75:9f:bb:f1:
07:54:2d:e5:11:85:22:1f:4e:3c:47:0b:4e:58:a1:5d:40:96:
5c:c4:64:e4:9b:17:48:41:45:03:94:eb:26:91:c0:a3:6a:a0:
bc:27:d3:9f:4e:54:1d:1a:90:81:ea:f9:66:3a:f0:21:42:36:
cc:c8:90:fa:cc:0f:fd:f9:24:e8:9e:d5:95:67:da:9e:8d:64:
46:f7:17:9e:1f:a8:6f:2a:96:37:3e:a7:c7:31:1a:e0:17:9c:
4c:42:62:3f:59:61:c6:8a:86:99:72:20:17:1d:c3:b8:9a:a1:
03:57:04:23:9e:e1:da:01:6d:6e:58:0b:8b:e7:e1:d0:60:fb:
34:b8:74:93:ba:97:8e:b2:20:3e:79:11:7d:fa:0e:08:b9:48:
bc:f8:b0:86:1d:f9:7a:00:8d:78:3a:b2:f8:53:1c:33:48:b1:
a9:0f:5d:d4:8c:10:08:ba:52:7a:80:3b:a9:77:64:d6:67:21:
c0:cf:34:f0:ee:9b:c0:70:13:0c:f3:ed:fd:4d:c6:82:8e:ba:
46:70:e0:41
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNMVfnPWTm4UKteQgtU7TBtRPgdkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3ZTM3ZWJkNjQ0NGQ1NWQ5Njg3NDMxMjk2NGNkZTQzZDU0Y2I0ZDlkZmQ3
MWRmODY3M2Q5ODcyZTM1ZGNlMmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALacLkOk4zJ7mWnMgZQEKH27Gv3LmU5VU16tY6NMHus5qAzMNr0wwIPnHuNo
aRJk3ViQAyHvKqHg7ImEv04lzf/Ao4UeRV/xCg8YfTciZpaDHj4M5bFpb+kRqCee
sxGHacX3JZDAC90K2fuWYc4A/W2ch5wdcwFkQ+aETlfv/U6/1xFZEju7D78Yfcfh
RtT6hgsqHgCFQfzLddVqu5om9fKN9fTbhLik4wL01pAAvHGEGKSMYbmnzKP4XOHM
r8/oNEdirpgaaXn4JhWby2i0se1Lbup69Ms98YJRaw1PJOCQL32IFKPu2sCslGv9
3oDXSDHRJoYLVf9RAv6UOTseL5cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQWEGKM
Hk45jblQiWIr1F9gaD0LaDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA0MjJiOTctYmJkMy00M2E1LWJkOWUtNTYzODAyOTZhNjM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQCIBY1DaUEMv8Ixgb5tvizSuACw/tmwoLmtGETtn6zx
DqGD4VB+UyTn3MzRwsXK3jVuXXWfu/EHVC3lEYUiH048RwtOWKFdQJZcxGTkmxdI
QUUDlOsmkcCjaqC8J9OfTlQdGpCB6vlmOvAhQjbMyJD6zA/9+STontWVZ9qejWRG
9xeeH6hvKpY3PqfHMRrgF5xMQmI/WWHGioaZciAXHcO4mqEDVwQjnuHaAW1uWAuL
5+HQYPs0uHSTupeOsiA+eRF9+g4IuUi8+LCGHfl6AI14OrL4UxwzSLGpD13UjBAI
ulJ6gDupd2TWZyHAzzTw7pvAcBMM8+39TcaCjrpGcOBB
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org