Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa
File: 356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa (raw, json)
Hash identifier: wMfSc+PedqOotny/DPo3ASorSgfMzzAOPumWEsJBDVk=
Subject key identifier: F7:91:39:84:45:93:32:4E:4B:9F:48:B5:89:74:33:5B:78:A1:51:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1CDBE41E911B607B78DB3E826A2253548435F49A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:db:e4:1e:91:1b:60:7b:78:db:3e:82:6a:22:53:54:84:35:f4:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=67f4edacdac1a70662eb252ed6280d93ae8e5c657497b0f14fc893d2d06333e8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:2b:d6:9c:e1:89:ad:75:3c:08:ae:d2:26:d7:
8a:a5:96:90:8c:c5:a6:9a:53:7e:39:3c:4d:a8:18:
f7:e0:d5:a7:98:ba:13:a9:f8:ef:1c:7c:a8:15:ad:
b2:d5:12:f0:ae:4a:a1:b7:e0:a1:9f:28:9e:81:26:
a8:35:00:22:06:69:15:6f:a4:6f:a4:4a:89:f7:02:
9e:ca:e9:ea:f5:57:4f:2f:01:30:5a:c5:6b:10:4e:
15:2e:19:16:58:f6:0e:84:23:22:ac:ab:0b:51:36:
ae:1b:68:f2:79:54:5f:8d:40:3b:2f:62:a6:51:58:
49:12:2a:ac:d2:c4:5f:a6:ce:78:90:4c:32:63:f4:
19:be:59:2b:c2:8a:62:7d:8a:0d:ae:19:1c:aa:99:
aa:69:5d:58:bc:cb:f0:2b:d8:43:54:fe:74:cb:d1:
2a:b6:a5:06:f0:20:bd:24:a8:1b:d3:66:72:d5:1f:
04:34:84:9e:fc:68:c2:82:ff:c0:4c:cc:73:a7:19:
ff:2d:2f:6d:93:ad:38:be:7f:73:f9:46:49:5a:6f:
47:64:7c:51:24:8c:01:45:87:6a:3b:eb:99:70:b9:
d6:15:a4:43:0c:ba:49:31:3e:e8:a7:2c:4c:05:36:
2f:4e:70:95:e0:f8:20:ac:15:48:6e:67:4a:bc:df:
26:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:91:39:84:45:93:32:4E:4B:9F:48:B5:89:74:33:5B:78:A1:51:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/356dd5ec-7559-45e8-81d0-9e45590b5ae5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0d:83:7f:4b:48:04:65:05:a3:86:27:0e:e2:23:d8:e9:cb:f2:
c6:32:57:b6:86:8d:3f:33:e1:ca:34:6d:fd:f0:04:3b:e9:1d:
1b:7c:91:d1:99:3d:4b:d6:e3:36:8a:f7:bd:f2:48:a2:c5:46:
e6:34:4b:00:96:b4:2d:9b:9f:57:3e:6e:4d:12:c3:35:49:28:
85:18:f6:fe:d4:af:bb:66:28:27:83:11:c2:47:34:15:97:01:
54:a6:04:eb:99:d3:93:ba:32:ce:f5:dd:40:df:57:23:86:7d:
1b:0a:25:25:9e:0e:86:99:2b:3f:70:9d:3a:e8:c6:a5:15:3c:
6c:5f:a0:00:ad:42:f4:cb:3b:c4:0c:5d:df:2d:58:a2:06:40:
42:8a:bf:35:06:7b:31:3e:8c:9f:bb:6e:3a:91:8c:72:a9:0d:
b0:25:49:f0:af:aa:25:7e:78:41:b9:83:16:bd:a8:6e:56:50:
dd:20:d4:a9:b6:d0:9d:e9:06:6c:ea:31:48:dd:26:2c:5f:68:
6a:24:a8:34:3d:d3:4d:1c:5c:da:fd:5b:25:90:e1:90:e8:48:
91:59:5f:c4:4b:1c:07:cf:45:e0:f8:77:2c:d5:a1:38:53:bd:
93:53:37:44:7b:d1:f8:f6:b2:81:8d:7a:3c:51:9b:65:2d:b4:
49:c4:4a:e3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHNvkHpEbYHt42z6CaiJTVIQ19JowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3ZjRlZGFjZGFjMWE3MDY2MmViMjUyZWQ2MjgwZDkzYWU4ZTVjNjU3NDk3
YjBmMTRmYzg5M2QyZDA2MzMzZTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO8r1pzhia11PAiu0ibXiqWWkIzFpppTfjk8TagY9+DVp5i6E6n47xx8qBWt
stUS8K5KobfgoZ8onoEmqDUAIgZpFW+kb6RKifcCnsrp6vVXTy8BMFrFaxBOFS4Z
Flj2DoQjIqyrC1E2rhto8nlUX41AOy9iplFYSRIqrNLEX6bOeJBMMmP0Gb5ZK8KK
Yn2KDa4ZHKqZqmldWLzL8CvYQ1T+dMvRKralBvAgvSSoG9NmctUfBDSEnvxowoL/
wEzMc6cZ/y0vbZOtOL5/c/lGSVpvR2R8USSMAUWHajvrmXC51hWkQwy6STE+6Kcs
TAU2L05wleD4IKwVSG5nSrzfJncCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT3kTmE
RZMyTkufSLWJdDNbeKFRajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzU2ZGQ1ZWMtNzU1OS00NWU4LTgxZDAtOWU0NTU5MGI1YWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQANg39LSARlBaOGJw7iI9jpy/LGMle2ho0/M+HKNG39
8AQ76R0bfJHRmT1L1uM2ive98kiixUbmNEsAlrQtm59XPm5NEsM1SSiFGPb+1K+7
ZigngxHCRzQVlwFUpgTrmdOTujLO9d1A31cjhn0bCiUlng6GmSs/cJ066MalFTxs
X6AArUL0yzvEDF3fLViiBkBCir81BnsxPoyfu246kYxyqQ2wJUnwr6olfnhBuYMW
vahuVlDdINSpttCd6QZs6jFI3SYsX2hqJKg0PdNNHFza/VslkOGQ6EiRWV/ESxwH
z0Xg+Hcs1aE4U72TUzdEe9H49rKBjXo8UZtlLbRJxErj
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org