Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4153cd44-f090-48a5-bffc-3b2fed0e0348.roa
File: 4153cd44-f090-48a5-bffc-3b2fed0e0348.roa (raw, json)
Hash identifier: jmvaazBFjTQ6nCc2ljCWR3m27OMjF5ixL9k1a+WB60c=
Subject key identifier: 34:6C:52:DE:DD:D4:0F:27:86:33:42:53:33:9A:5B:37:95:C7:34:C8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 065EE79CB67AE3E5B0E51A3D7EAE55620962A660
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4153cd44-f090-48a5-bffc-3b2fed0e0348.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.72.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:5e:e7:9c:b6:7a:e3:e5:b0:e5:1a:3d:7e:ae:55:62:09:62:a6:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=b36fc48101c3fa25d68a1bae56d8e3b49fc4f58647b641a970c6e8f57d74f101, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c5:30:ec:c3:ca:79:b6:2a:ee:10:b6:f5:10:
ac:7f:00:1d:fe:ce:8b:b2:e0:7a:b3:bb:5b:c0:78:
fc:fe:d4:e1:82:cc:3c:c6:32:6e:2a:ed:4a:57:34:
11:05:93:b9:35:c4:07:08:18:7e:a3:36:c8:7b:9b:
f9:3b:ed:f9:f9:d5:c2:7d:3c:81:34:84:02:5a:ea:
6f:2b:90:d3:0b:40:f3:29:b9:f8:33:36:4a:e7:17:
a6:78:80:2e:fe:95:3a:97:87:2d:5a:3d:dd:29:75:
8f:04:4c:15:1c:55:3f:54:d1:6b:76:61:02:52:39:
63:41:ca:18:87:ff:bd:fc:86:5b:a6:cf:30:b8:63:
5e:5b:6a:ee:29:36:24:f5:99:70:87:02:58:4f:a9:
e1:a0:d3:4e:ca:c8:79:41:4e:e1:2f:bd:bf:0f:0e:
bc:6a:00:fe:45:be:6d:59:95:eb:a5:03:3d:35:ff:
34:8a:90:26:dd:d4:24:1f:12:8f:99:26:f1:e0:c0:
74:fc:f0:90:8b:a0:32:fc:04:77:a6:21:5c:ff:01:
f9:da:65:18:91:f7:95:a3:cd:3b:19:e0:5a:af:85:
89:e9:6a:0a:be:13:d6:de:82:31:a7:be:01:b4:3b:
d2:ab:90:a4:8b:f4:e8:59:49:19:0f:37:47:c0:23:
6f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:6C:52:DE:DD:D4:0F:27:86:33:42:53:33:9A:5B:37:95:C7:34:C8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4153cd44-f090-48a5-bffc-3b2fed0e0348.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
28:80:0d:93:b9:b2:cc:f8:1b:85:40:0c:43:63:36:b6:fd:82:
a0:42:b5:f0:b8:ff:30:64:f9:35:08:0a:34:f7:c8:4e:9e:a1:
ba:5f:e4:f7:1d:25:55:93:50:26:ee:45:08:10:a5:eb:db:f0:
03:05:60:8e:79:1a:10:c1:87:ce:e7:82:1a:18:24:c0:c2:ba:
c4:44:3c:62:1d:06:1f:49:d0:ea:bd:81:d3:2d:45:ef:fc:57:
0f:49:7b:f3:57:20:fe:73:d8:d9:df:38:b5:da:87:d8:6d:3f:
e7:38:6d:74:8a:53:01:92:45:d6:d3:9b:31:fe:c7:78:40:f6:
1d:bd:05:c1:a3:b3:6f:b4:94:76:a1:8f:b5:10:a4:8b:22:1b:
a4:7c:34:13:39:f2:2b:d6:db:5f:6d:1e:22:bd:5a:78:e5:ef:
4f:88:bd:7c:1e:09:27:36:2e:88:f6:d3:15:19:a5:c6:49:89:
7f:ff:92:c6:55:b5:d6:b9:a5:fb:ee:f4:61:30:a6:4f:96:c6:
c9:76:e3:23:18:70:af:63:a0:ec:6b:52:a4:d5:11:49:35:a9:
6b:ea:2d:fa:05:0e:89:a0:19:17:86:aa:e6:ec:53:f1:43:ba:
04:fa:6c:74:dd:59:03:4d:dd:4a:ff:ae:d4:61:35:6d:43:c7:
52:3c:e4:1d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBl7nnLZ64+Ww5Ro9fq5VYglipmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzNmZjNDgxMDFjM2ZhMjVkNjhhMWJhZTU2ZDhlM2I0OWZjNGY1ODY0N2I2
NDFhOTcwYzZlOGY1N2Q3NGYxMDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzFMOzDynm2Ku4QtvUQrH8AHf7Oi7LgerO7W8B4/P7U4YLMPMYybirtSlc0
EQWTuTXEBwgYfqM2yHub+Tvt+fnVwn08gTSEAlrqbyuQ0wtA8ym5+DM2SucXpniA
Lv6VOpeHLVo93Sl1jwRMFRxVP1TRa3ZhAlI5Y0HKGIf/vfyGW6bPMLhjXltq7ik2
JPWZcIcCWE+p4aDTTsrIeUFO4S+9vw8OvGoA/kW+bVmV66UDPTX/NIqQJt3UJB8S
j5km8eDAdPzwkIugMvwEd6YhXP8B+dplGJH3laPNOxngWq+FielqCr4T1t6CMae+
AbQ70quQpIv06FlJGQ83R8Ajb2kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ0bFLe
3dQPJ4YzQlMzmls3lcc0yDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE1M2NkNDQtZjA5MC00OGE1LWJmZmMtM2IyZmVkMGUwMzQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNIMA0G
CSqGSIb3DQEBCwUAA4IBAQAogA2TubLM+BuFQAxDYza2/YKgQrXwuP8wZPk1CAo0
98hOnqG6X+T3HSVVk1Am7kUIEKXr2/ADBWCOeRoQwYfO54IaGCTAwrrERDxiHQYf
SdDqvYHTLUXv/FcPSXvzVyD+c9jZ3zi12ofYbT/nOG10ilMBkkXW05sx/sd4QPYd
vQXBo7NvtJR2oY+1EKSLIhukfDQTOfIr1ttfbR4ivVp45e9PiL18HgknNi6I9tMV
GaXGSYl//5LGVbXWuaX77vRhMKZPlsbJduMjGHCvY6Dsa1Kk1RFJNalr6i36BQ6J
oBkXhqrm7FPxQ7oE+mx03VkDTd1K/67UYTVtQ8dSPOQd
-----END CERTIFICATE-----
Generated at Sun May 5 00:12:17 2024 by rpki-client on console-fra.rpki-client.org