Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/30196813-1f5f-45cc-801b-df800afa3d6d.roa
File: 30196813-1f5f-45cc-801b-df800afa3d6d.roa (raw, json)
Hash identifier: 8iPIDvtvHn4L8U7R2yVJ/5/6q3aEB8BsKb+9SXM5waE=
Subject key identifier: 57:A0:93:DD:22:48:86:DB:0B:8F:5B:91:F7:23:C0:38:0A:52:C0:2A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7ECBB11A0322F036BF41A259EF998C134BF031F3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/30196813-1f5f-45cc-801b-df800afa3d6d.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:cb:b1:1a:03:22:f0:36:bf:41:a2:59:ef:99:8c:13:4b:f0:31:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=52953ae63d10f92851721649096a8a2bb69d17c76d689f084fb9e9c7851bc084, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:53:a4:b3:51:80:24:f0:8f:f8:5d:85:90:9f:
1e:25:a9:b7:bf:01:bf:de:3c:92:f7:67:98:e6:a5:
fe:e2:c9:ae:e0:f0:33:22:81:18:07:1c:9d:07:48:
02:9e:50:44:84:4b:d2:7a:e0:49:f2:1a:64:51:53:
a0:d4:cc:33:fd:b0:84:2e:94:36:dd:2d:44:11:fa:
d1:61:38:54:47:7d:9b:f0:a2:d7:d3:98:33:60:48:
89:86:68:58:ea:fd:a4:bc:16:f5:bd:13:dc:15:f8:
55:9e:ff:09:de:bf:59:7a:5e:d5:2e:3b:1e:33:c7:
b0:27:30:a3:bb:af:75:4e:37:af:d5:b0:28:20:bf:
3c:46:d7:0c:ea:0e:71:3f:0e:c3:75:93:57:54:b2:
24:1e:c1:ed:a5:db:ec:10:84:87:eb:1f:e6:56:21:
e6:77:c8:bf:fe:66:d3:e3:3b:c2:56:de:93:9d:73:
e0:3e:d5:22:89:fc:13:a1:8b:52:37:54:eb:f5:ce:
e7:7e:67:2f:4e:ad:a4:dc:84:94:2f:3c:8e:1f:ba:
06:a1:11:8b:fe:6b:19:91:fe:bc:47:d9:4e:aa:1c:
a9:28:43:f9:b8:09:0c:9b:a6:a3:d3:a3:fa:fe:1d:
e4:7c:19:e1:31:1a:9b:f1:00:50:3d:3f:27:cf:b5:
07:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:A0:93:DD:22:48:86:DB:0B:8F:5B:91:F7:23:C0:38:0A:52:C0:2A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/30196813-1f5f-45cc-801b-df800afa3d6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:98:e6:e7:a2:3c:53:8e:72:44:27:04:d5:78:26:ed:44:7d:
74:dc:e6:b0:8a:19:1e:52:43:77:c7:41:f9:28:75:3b:23:ac:
c3:26:ee:aa:5b:91:04:be:45:34:fd:e3:7b:45:e0:58:91:af:
1b:c9:9f:91:14:43:93:01:85:c9:e2:f9:5c:c4:07:9a:d4:de:
7d:3f:ce:f7:f2:0e:25:9d:df:e6:ac:40:2b:17:a1:4c:a9:e1:
53:39:7c:9c:07:3f:37:09:a0:c6:02:38:69:8c:62:d8:8f:4f:
ea:7c:e7:a2:28:bf:ec:c3:57:94:b1:e1:d6:27:aa:fc:6e:82:
6b:3f:05:e8:81:ef:87:bc:78:f1:9f:8c:70:33:1f:a6:64:63:
0e:59:2b:37:54:c3:43:6a:a3:4d:71:d4:1f:53:62:3c:53:1d:
77:6f:4f:2e:e7:d7:60:b0:2c:f6:b7:36:e5:c2:b9:02:cf:21:
f5:64:40:b5:09:72:1d:33:e6:07:55:2d:96:18:b9:72:e8:07:
ab:6a:ef:26:60:dc:e4:0c:de:4a:8f:0e:f0:53:0c:b8:05:5c:
2f:e7:29:61:c2:e3:f3:bf:4b:b9:fc:34:a0:e3:e9:4e:03:03:
26:4e:cc:d9:ab:da:b3:de:ea:16:9e:4e:f3:04:6c:5c:4a:6f:
4d:f9:69:3d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfsuxGgMi8Da/QaJZ75mME0vwMfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyOTUzYWU2M2QxMGY5Mjg1MTcyMTY0OTA5NmE4YTJiYjY5ZDE3Yzc2ZDY4
OWYwODRmYjllOWM3ODUxYmMwODQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxTpLNRgCTwj/hdhZCfHiWpt78Bv948kvdnmOal/uLJruDwMyKBGAccnQdI
Ap5QRIRL0nrgSfIaZFFToNTMM/2whC6UNt0tRBH60WE4VEd9m/Ci19OYM2BIiYZo
WOr9pLwW9b0T3BX4VZ7/Cd6/WXpe1S47HjPHsCcwo7uvdU43r9WwKCC/PEbXDOoO
cT8Ow3WTV1SyJB7B7aXb7BCEh+sf5lYh5nfIv/5m0+M7wlbek51z4D7VIon8E6GL
UjdU6/XO535nL06tpNyElC88jh+6BqERi/5rGZH+vEfZTqocqShD+bgJDJumo9Oj
+v4d5HwZ4TEam/EAUD0/J8+1BykCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRXoJPd
IkiG2wuPW5H3I8A4ClLAKjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzAxOTY4MTMtMWY1Zi00NWNjLTgwMWItZGY4MDBhZmEzZDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQCSmObnojxTjnJEJwTVeCbtRH103OawihkeUkN3x0H5
KHU7I6zDJu6qW5EEvkU0/eN7ReBYka8byZ+RFEOTAYXJ4vlcxAea1N59P8738g4l
nd/mrEArF6FMqeFTOXycBz83CaDGAjhpjGLYj0/qfOeiKL/sw1eUseHWJ6r8boJr
PwXoge+HvHjxn4xwMx+mZGMOWSs3VMNDaqNNcdQfU2I8Ux13b08u59dgsCz2tzbl
wrkCzyH1ZEC1CXIdM+YHVS2WGLly6Aerau8mYNzkDN5Kjw7wUwy4BVwv5ylhwuPz
v0u5/DSg4+lOAwMmTszZq9qz3uoWnk7zBGxcSm9N+Wk9
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org