Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa
File: 3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa (raw, json)
Hash identifier: gAMJHIQFdiSyJRpeBOGf1rfVXgTb22Ef3D8cwGq0W8g=
Subject key identifier: 80:15:0B:E5:4E:12:3B:98:F6:7B:13:43:7D:B4:AD:5A:1A:D9:AF:09
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 541A31819DC5D6E12C994DD59D78A7B60B25B4A9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.108.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:1a:31:81:9d:c5:d6:e1:2c:99:4d:d5:9d:78:a7:b6:0b:25:b4:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=718002587b49e606b33ab75bb9a3662382063fe7480b8c45c8aada7c3b4212d2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e9:7a:66:89:18:f0:d8:93:fa:af:c5:99:b8:
d2:c0:34:f0:6f:ae:fc:6f:e8:b4:84:47:33:bb:9a:
57:65:78:de:08:ca:00:4f:16:f0:e4:04:d3:df:bc:
4b:6c:0e:f2:f0:35:27:ff:21:47:11:94:07:e9:97:
7a:5f:52:59:79:4e:43:d0:be:a5:ac:97:85:55:4b:
96:ac:e5:cb:07:eb:a9:2d:69:57:ad:df:45:67:e4:
0a:44:3b:00:22:1e:ed:c2:d5:7b:21:ef:2f:21:ee:
ff:8c:a2:33:38:99:40:3e:31:6e:a7:2c:98:e7:67:
06:c5:f1:ac:d7:35:cb:1b:17:0a:bf:b6:6d:0b:db:
89:6b:83:7b:8e:66:76:2e:61:ae:9f:53:84:fa:3d:
ea:c5:44:f5:aa:c7:67:ea:a7:5d:cc:0c:0f:98:87:
2e:9d:43:64:d0:d8:d5:a0:dc:8a:2f:a0:fd:bf:4d:
d5:81:39:f2:fd:b0:fe:3a:03:d0:37:1a:40:97:3b:
75:45:55:a4:4c:5a:14:88:b7:93:9e:9e:4e:34:85:
63:03:01:47:e8:cc:fe:72:3d:91:a4:f5:79:92:07:
8f:d1:4a:49:f0:b6:fa:c6:e8:ea:10:3c:8c:03:f2:
db:7d:89:9e:c3:7e:f2:e7:1b:9d:65:a9:a7:d1:b2:
15:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:15:0B:E5:4E:12:3B:98:F6:7B:13:43:7D:B4:AD:5A:1A:D9:AF:09
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b7d2dc9-a8a3-4f79-b9fd-1aacf4f4373a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:d7:b7:91:1c:54:99:54:d3:b8:1c:a3:a6:44:4d:15:d5:7b:
50:5d:ce:2e:83:66:40:e6:56:50:63:48:3c:a3:01:6c:14:e7:
69:6b:e1:99:f7:3b:f8:30:2d:b4:f6:7e:3e:3a:81:e8:58:8a:
c9:d8:22:7c:79:46:9e:88:ee:dc:56:60:8b:94:57:33:94:ba:
77:b3:1b:72:2f:2f:b1:a3:d7:f2:3e:86:c4:af:ee:3c:19:f6:
d6:8e:e2:e8:ec:e8:2d:32:de:c0:ba:34:e3:31:e6:dc:35:5f:
de:b6:87:bb:b1:20:33:73:5d:c5:53:5a:a0:53:91:08:17:cd:
a1:7e:14:15:eb:15:5a:aa:72:1f:68:45:ef:92:ea:f1:4f:8c:
4f:87:3d:f5:5f:d6:d4:a1:be:4a:24:de:81:44:0d:57:25:a4:
30:ec:ec:28:fa:66:bb:d1:2f:63:45:f4:a2:91:d8:51:4b:90:
8d:0a:5d:de:0a:c3:72:e4:03:c0:5a:b0:52:e7:5a:77:06:74:
34:df:39:48:9f:b1:40:0c:c1:51:b1:8f:0c:9c:d1:69:d3:bc:
6f:97:38:1c:35:3a:dc:32:a2:37:ec:b7:42:72:3c:04:ac:ba:
04:7b:ab:5c:13:f8:64:b1:78:79:95:23:f7:c5:37:63:f7:ca:
09:e9:7e:46
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVBoxgZ3F1uEsmU3VnXintgsltKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxODAwMjU4N2I0OWU2MDZiMzNhYjc1YmI5YTM2NjIzODIwNjNmZTc0ODBi
OGM0NWM4YWFkYTdjM2I0MjEyZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJnpemaJGPDYk/qvxZm40sA08G+u/G/otIRHM7uaV2V43gjKAE8W8OQE09+8
S2wO8vA1J/8hRxGUB+mXel9SWXlOQ9C+payXhVVLlqzlywfrqS1pV63fRWfkCkQ7
ACIe7cLVeyHvLyHu/4yiMziZQD4xbqcsmOdnBsXxrNc1yxsXCr+2bQvbiWuDe45m
di5hrp9ThPo96sVE9arHZ+qnXcwMD5iHLp1DZNDY1aDcii+g/b9N1YE58v2w/joD
0DcaQJc7dUVVpExaFIi3k56eTjSFYwMBR+jM/nI9kaT1eZIHj9FKSfC2+sbo6hA8
jAPy232JnsN+8ucbnWWpp9GyFW8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSAFQvl
ThI7mPZ7E0N9tK1aGtmvCTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2I3ZDJkYzktYThhMy00Zjc5LWI5ZmQtMWFhY2Y0ZjQzNzNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G
CSqGSIb3DQEBCwUAA4IBAQBQ17eRHFSZVNO4HKOmRE0V1XtQXc4ug2ZA5lZQY0g8
owFsFOdpa+GZ9zv4MC209n4+OoHoWIrJ2CJ8eUaeiO7cVmCLlFczlLp3sxtyLy+x
o9fyPobEr+48GfbWjuLo7OgtMt7AujTjMebcNV/etoe7sSAzc13FU1qgU5EIF82h
fhQV6xVaqnIfaEXvkurxT4xPhz31X9bUob5KJN6BRA1XJaQw7Owo+ma70S9jRfSi
kdhRS5CNCl3eCsNy5APAWrBS51p3BnQ03zlIn7FADMFRsY8MnNFp07xvlzgcNTrc
MqI37LdCcjwErLoEe6tcE/hksXh5lSP3xTdj98oJ6X5G
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org