Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/27a797e0-d86a-4e56-8092-d84689502090.roa
File: 27a797e0-d86a-4e56-8092-d84689502090.roa (raw, json)
Hash identifier: IiyAFTAqkqnSdLumWTQgxLladAgQf5gJYZVuIC/uk34=
Subject key identifier: D6:EF:8B:82:B2:1B:BB:FD:D6:EB:7E:26:A4:98:11:D0:E5:4A:12:DF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05D81B1C7761E9C53F568831AAB8CE125041D0C3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/27a797e0-d86a-4e56-8092-d84689502090.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:d8:1b:1c:77:61:e9:c5:3f:56:88:31:aa:b8:ce:12:50:41:d0:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=bd0695388d1c5878788cc6af7374227735cb462963eaf9e138ffbc38a80b0a7f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:55:d3:e6:6b:7f:e7:42:2b:26:8e:65:64:44:
1b:08:d3:a9:e7:5a:70:c5:bb:bc:89:33:58:b2:7e:
22:32:a9:85:5c:b5:c4:87:a8:48:c4:f9:6a:40:92:
5d:be:fd:24:cd:68:62:67:1f:6e:ae:1e:46:f8:77:
9c:40:27:5a:db:bc:d9:20:4a:3d:5e:c5:ef:03:b4:
47:b7:6c:5c:71:3f:be:fb:cc:d9:8b:77:b4:73:74:
ed:e8:bf:20:8f:9a:4d:a7:24:58:b9:af:dd:cc:01:
7c:49:2f:ff:e3:b4:33:83:c5:af:6c:cc:72:f5:63:
bf:df:4a:ca:a9:aa:17:07:36:56:a8:68:b1:d7:9e:
98:93:0c:39:66:1f:50:bf:69:a7:0f:04:16:0f:2d:
0e:14:9d:e7:41:50:5d:aa:34:ea:c6:a9:e8:89:5d:
12:4e:f6:e1:c2:3f:7a:d1:84:5e:49:23:ca:5b:6c:
70:4f:e6:f4:04:ed:15:dc:bf:f1:64:82:42:ce:40:
aa:2c:99:b4:64:e4:21:d2:87:c4:9a:3f:b1:4b:0e:
d2:fd:0a:df:f5:93:a5:ef:54:e6:a1:94:40:53:68:
bc:4a:96:39:2c:95:28:f2:4a:ec:cd:9f:48:cb:99:
64:f3:cc:38:9d:90:57:0f:af:31:90:26:32:8e:a6:
13:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:EF:8B:82:B2:1B:BB:FD:D6:EB:7E:26:A4:98:11:D0:E5:4A:12:DF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/27a797e0-d86a-4e56-8092-d84689502090.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
47:40:f5:7c:d6:0f:16:02:56:fa:12:5d:a8:02:0d:eb:bd:1f:
00:25:56:2f:66:16:23:76:8e:b6:40:d4:10:6c:d8:e5:dc:0e:
e3:52:da:f9:f9:da:69:95:b2:fd:72:0b:6c:ee:de:ee:43:d5:
c4:69:da:a1:e8:10:31:c2:13:e4:df:4f:ee:a3:50:4b:10:f1:
55:45:7f:1b:dc:38:c8:c1:b6:18:8c:7b:d5:61:93:31:d7:4b:
61:03:a5:c4:35:8e:71:8d:8f:c1:75:d6:2e:ca:51:1b:ad:e5:
39:11:16:72:88:99:53:43:b6:cd:c1:9e:56:9f:f0:e7:44:54:
b1:f6:ef:57:06:ba:e1:26:8b:af:03:43:43:fe:82:9f:a1:97:
6f:d0:54:cc:b1:87:70:e1:8b:dd:15:14:29:0a:f8:f4:e6:1c:
60:e6:39:1a:8b:db:26:5b:4a:77:9b:40:c0:43:56:95:65:0b:
78:4c:f6:6f:62:ed:b5:fe:ec:ad:90:de:b7:5e:d4:6c:d2:28:
93:66:3c:77:42:e7:5d:c2:b7:79:36:69:a4:16:4f:af:97:b0:
75:fa:01:f5:a6:03:c1:2b:c2:92:11:b4:3c:33:88:59:80:c3:
9c:eb:37:a0:1f:83:77:2d:a3:40:8e:26:97:5a:49:37:97:f0:
5a:46:d1:00
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBdgbHHdh6cU/VogxqrjOElBB0MMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkMDY5NTM4OGQxYzU4Nzg3ODhjYzZhZjczNzQyMjc3MzVjYjQ2Mjk2M2Vh
ZjllMTM4ZmZiYzM4YTgwYjBhN2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9V0+Zrf+dCKyaOZWREGwjTqedacMW7vIkzWLJ+IjKphVy1xIeoSMT5akCS
Xb79JM1oYmcfbq4eRvh3nEAnWtu82SBKPV7F7wO0R7dsXHE/vvvM2Yt3tHN07ei/
II+aTackWLmv3cwBfEkv/+O0M4PFr2zMcvVjv99KyqmqFwc2VqhosdeemJMMOWYf
UL9ppw8EFg8tDhSd50FQXao06sap6IldEk724cI/etGEXkkjyltscE/m9ATtFdy/
8WSCQs5AqiyZtGTkIdKHxJo/sUsO0v0K3/WTpe9U5qGUQFNovEqWOSyVKPJK7M2f
SMuZZPPMOJ2QVw+vMZAmMo6mE1UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTW74uC
shu7/dbrfiakmBHQ5UoS3zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjdhNzk3ZTAtZDg2YS00ZTU2LTgwOTItZDg0Njg5NTAyMDkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQBHQPV81g8WAlb6El2oAg3rvR8AJVYvZhYjdo62QNQQ
bNjl3A7jUtr5+dpplbL9cgts7t7uQ9XEadqh6BAxwhPk30/uo1BLEPFVRX8b3DjI
wbYYjHvVYZMx10thA6XENY5xjY/BddYuylEbreU5ERZyiJlTQ7bNwZ5Wn/DnRFSx
9u9XBrrhJouvA0ND/oKfoZdv0FTMsYdw4YvdFRQpCvj05hxg5jkai9smW0p3m0DA
Q1aVZQt4TPZvYu21/uytkN63XtRs0iiTZjx3Quddwrd5NmmkFk+vl7B1+gH1pgPB
K8KSEbQ8M4hZgMOc6zegH4N3LaNAjiaXWkk3l/BaRtEA
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org