Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4318df07-9ca9-4ca8-8daf-2c7e8b4424e4.roa
File: 4318df07-9ca9-4ca8-8daf-2c7e8b4424e4.roa (raw, json)
Hash identifier: /bzN5+WNLpPLpuaTE2COEKdWEDEP/gQfY6OygOBhgr4=
Subject key identifier: B3:E9:8C:E6:EF:18:89:68:53:91:55:98:4D:B5:65:05:E3:54:A3:26
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2A2AED35CA505B48584FEEE924F97C2502532CE7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4318df07-9ca9-4ca8-8daf-2c7e8b4424e4.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:2a:ed:35:ca:50:5b:48:58:4f:ee:e9:24:f9:7c:25:02:53:2c:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=08d6e4ed58b9e1f71e7d6e77b30b35d89b727c1e3bee61221daafdb0e63e6b53, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6c:d0:97:3c:98:93:16:7b:3a:f0:a3:56:5d:
37:15:db:0a:7b:a2:42:9b:d3:15:6a:b8:92:7c:29:
91:ff:f2:6f:8d:b6:40:ef:98:46:19:f7:6b:9e:95:
6e:77:70:d6:28:77:3b:82:ed:c8:58:15:f3:35:e8:
e1:0f:0e:4b:51:28:af:64:3c:a1:3a:ac:5e:96:95:
8f:b2:6d:67:f9:4e:ec:ac:57:2b:41:48:d4:af:e0:
75:e9:ac:78:85:37:36:b0:62:ce:42:20:c0:95:64:
a6:47:66:47:72:94:56:51:e0:c7:75:58:0f:a5:a2:
9b:8b:af:f1:f1:4f:2c:b2:8d:70:d7:56:1e:cc:b2:
7a:41:ed:3e:6b:bf:29:43:6b:b3:f7:09:a4:6d:cc:
f5:7e:5d:07:a1:4c:ae:b2:b0:2f:c5:cd:12:24:b8:
1d:e3:95:76:90:dd:36:bd:08:03:ed:31:46:c3:92:
03:7c:39:1c:d2:12:e4:f0:3c:dd:0c:77:0a:69:9c:
79:9e:3e:17:e5:28:8a:d2:04:95:5a:b0:97:b8:a5:
74:b5:e2:f4:b1:4b:91:20:25:b5:db:bf:3c:50:c9:
93:71:19:b1:06:1b:8c:38:5d:ad:55:71:7a:ad:51:
69:83:bd:ce:53:56:36:8e:77:c8:a0:50:bb:d2:5e:
fc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E9:8C:E6:EF:18:89:68:53:91:55:98:4D:B5:65:05:E3:54:A3:26
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4318df07-9ca9-4ca8-8daf-2c7e8b4424e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:15:0b:ba:36:4c:54:90:de:45:93:21:6d:4f:4b:10:68:8d:
1f:ff:f0:62:3c:f2:23:04:a0:4c:e7:55:e9:7e:34:e6:0c:e0:
73:41:ef:4c:c8:c3:34:d3:64:5d:60:5d:1d:90:90:7e:b6:c4:
f7:c4:d9:fa:5b:8a:21:f2:19:c9:4d:aa:72:34:9a:41:47:22:
4a:25:a8:70:6a:3c:34:0b:a0:b5:8e:30:38:be:37:37:9a:43:
94:1d:13:59:07:7f:1c:61:dc:ab:9a:84:3e:40:12:b1:f7:5b:
13:86:ee:ca:99:01:06:94:a5:47:c7:67:1e:07:f7:d9:06:b5:
72:1f:fd:5b:a4:16:e2:e1:4d:9d:ed:bb:d1:25:d0:ba:48:4a:
93:a6:91:12:f2:75:b6:ff:dc:2c:79:47:ac:86:7a:19:d5:0f:
51:66:04:62:4b:c0:b0:34:6b:41:8e:83:15:3a:ad:65:e5:99:
3e:4e:28:b2:b5:ff:76:fa:bb:9f:69:6a:f9:1f:cb:64:4b:9c:
70:6c:35:76:71:b6:6f:30:70:6d:77:d3:d6:96:b6:b5:34:27:
1c:56:4c:e3:5c:e2:9e:2e:87:90:7f:cb:29:e8:c2:10:21:76:
7b:f9:45:a2:62:22:74:7c:39:62:fd:ae:d8:1b:c4:8c:6e:e8:
84:54:e0:b6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKirtNcpQW0hYT+7pJPl8JQJTLOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4ZDZlNGVkNThiOWUxZjcxZTdkNmU3N2IzMGIzNWQ4OWI3MjdjMWUzYmVl
NjEyMjFkYWFmZGIwZTYzZTZiNTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJFs0Jc8mJMWezrwo1ZdNxXbCnuiQpvTFWq4knwpkf/yb422QO+YRhn3a56V
bndw1ih3O4LtyFgV8zXo4Q8OS1Eor2Q8oTqsXpaVj7JtZ/lO7KxXK0FI1K/gdems
eIU3NrBizkIgwJVkpkdmR3KUVlHgx3VYD6Wim4uv8fFPLLKNcNdWHsyyekHtPmu/
KUNrs/cJpG3M9X5dB6FMrrKwL8XNEiS4HeOVdpDdNr0IA+0xRsOSA3w5HNIS5PA8
3Qx3CmmceZ4+F+UoitIElVqwl7ildLXi9LFLkSAltdu/PFDJk3EZsQYbjDhdrVVx
eq1RaYO9zlNWNo53yKBQu9Je/JMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSz6Yzm
7xiJaFORVZhNtWUF41SjJjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDMxOGRmMDctOWNhOS00Y2E4LThkYWYtMmM3ZThiNDQyNGU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQBxFQu6NkxUkN5FkyFtT0sQaI0f//BiPPIjBKBM51Xp
fjTmDOBzQe9MyMM002RdYF0dkJB+tsT3xNn6W4oh8hnJTapyNJpBRyJKJahwajw0
C6C1jjA4vjc3mkOUHRNZB38cYdyrmoQ+QBKx91sThu7KmQEGlKVHx2ceB/fZBrVy
H/1bpBbi4U2d7bvRJdC6SEqTppES8nW2/9wseUeshnoZ1Q9RZgRiS8CwNGtBjoMV
Oq1l5Zk+Tiiytf92+rufaWr5H8tkS5xwbDV2cbZvMHBtd9PWlra1NCccVkzjXOKe
LoeQf8sp6MIQIXZ7+UWiYiJ0fDli/a7YG8SMbuiEVOC2
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org