Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
File: 444db014-8d2a-4c59-af9c-399bacab4f3f.roa (raw, json)
Hash identifier: fURaZkdj8IJnMxbNBUJ3sksPPO8crysr/yHRwaXQXg4=
Subject key identifier: 59:E2:01:6E:29:6F:68:33:E8:2C:0F:5D:3D:46:3D:3C:05:C3:99:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3FDB17ABA08F301F8556A1393D9299F8F546F52F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:db:17:ab:a0:8f:30:1f:85:56:a1:39:3d:92:99:f8:f5:46:f5:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=174f62df2e81f43176730e9ab97e80f860e4ebfd3574de7b61281d3407caf5ec, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3e:16:15:6d:82:a9:c3:28:e6:c1:2a:54:92:
c5:e3:c8:20:58:07:c4:4f:80:10:d6:31:02:65:7a:
05:7a:8d:e6:d9:bc:43:cc:e6:ac:11:a8:8a:a5:c7:
a8:a7:81:5a:70:98:1d:f3:c5:24:4d:8a:d1:e9:f2:
1a:17:5e:8d:81:b2:cb:d8:fb:da:df:19:99:f2:03:
6a:06:68:ca:b0:96:4b:af:fa:90:95:c1:dd:43:3e:
c4:66:40:3f:fa:e0:cb:8d:6f:5c:84:a8:18:0b:67:
cc:2a:5b:d0:b0:1b:4b:1f:37:8f:07:f7:b4:fc:5b:
4a:4c:98:5f:b3:ef:c5:01:b2:fa:ab:48:59:30:94:
1b:28:2b:3b:bc:09:01:ed:af:30:3c:86:f8:bc:39:
72:c0:ec:f1:d1:ba:9b:ee:c0:7e:27:04:57:56:95:
13:93:e6:00:d0:67:c8:cc:1b:dc:d8:19:fb:5b:51:
c9:24:39:07:48:df:bc:43:fc:51:fb:a2:09:fb:a7:
7e:0d:72:2f:83:69:9d:e0:4d:0b:39:dd:7c:e2:ae:
eb:44:fc:12:56:72:79:9c:55:22:65:27:15:0c:be:
4e:87:e9:9d:de:d9:6a:1c:ff:4c:53:13:32:c6:2e:
98:bf:af:d4:d1:30:04:0b:c4:b4:02:a2:2f:33:39:
06:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:E2:01:6E:29:6F:68:33:E8:2C:0F:5D:3D:46:3D:3C:05:C3:99:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7c:03:d0:da:a3:51:80:67:93:a0:8d:71:82:81:7b:27:2a:91:
a7:8b:f0:2d:33:59:77:24:1d:4c:08:a6:bc:2a:9f:3f:50:82:
10:9d:63:33:21:38:ef:ed:6a:29:7a:4c:9c:b3:39:60:13:24:
d7:5c:dd:c1:b4:cd:cc:a2:02:72:22:d5:ee:dc:3a:17:a2:0e:
b2:82:9b:28:aa:44:c2:88:89:4a:8f:4e:69:73:b0:dd:1e:13:
7c:d9:06:eb:db:f4:a3:01:f6:49:5f:31:09:f6:aa:cd:0b:c9:
38:b7:fb:28:b8:8c:09:ae:72:31:0c:0b:95:04:e4:6a:28:be:
18:15:cb:96:2b:9f:07:fa:e6:b4:bb:83:45:9f:75:5a:79:22:
47:99:7f:b2:03:84:69:d2:7f:f0:5d:ec:e0:2f:7e:72:52:38:
aa:a2:29:31:81:77:74:39:aa:10:c8:49:92:b8:a9:d8:a8:49:
f7:db:c9:ad:63:3b:e0:67:4e:f6:12:4a:75:eb:38:a3:b8:83:
ea:ab:f4:7e:fe:f2:98:c6:d3:55:47:e3:a4:14:21:98:f4:a0:
ab:eb:dc:fa:80:61:af:e4:5b:96:66:39:99:aa:c2:5d:4f:dd:
32:fb:a9:71:1f:98:54:6f:54:c9:6f:7e:ea:e3:7f:64:0d:b7:
aa:f0:9f:22
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUP9sXq6CPMB+FVqE5PZKZ+PVG9S8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3NGY2MmRmMmU4MWY0MzE3NjczMGU5YWI5N2U4MGY4NjBlNGViZmQzNTc0
ZGU3YjYxMjgxZDM0MDdjYWY1ZWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKE+FhVtgqnDKObBKlSSxePIIFgHxE+AENYxAmV6BXqN5tm8Q8zmrBGoiqXH
qKeBWnCYHfPFJE2K0enyGhdejYGyy9j72t8ZmfIDagZoyrCWS6/6kJXB3UM+xGZA
P/rgy41vXISoGAtnzCpb0LAbSx83jwf3tPxbSkyYX7PvxQGy+qtIWTCUGygrO7wJ
Ae2vMDyG+Lw5csDs8dG6m+7AficEV1aVE5PmANBnyMwb3NgZ+1tRySQ5B0jfvEP8
UfuiCfunfg1yL4NpneBNCzndfOKu60T8ElZyeZxVImUnFQy+Tofpnd7Zahz/TFMT
MsYumL+v1NEwBAvEtAKiLzM5Bo0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRZ4gFu
KW9oM+gsD109Rj08BcOZ1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDQ0ZGIwMTQtOGQyYS00YzU5LWFmOWMtMzk5YmFjYWI0ZjNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQB8A9Dao1GAZ5OgjXGCgXsnKpGni/AtM1l3JB1MCKa8
Kp8/UIIQnWMzITjv7WopekycszlgEyTXXN3BtM3MogJyItXu3DoXog6ygpsoqkTC
iIlKj05pc7DdHhN82Qbr2/SjAfZJXzEJ9qrNC8k4t/souIwJrnIxDAuVBORqKL4Y
FcuWK58H+ua0u4NFn3VaeSJHmX+yA4Rp0n/wXezgL35yUjiqoikxgXd0OaoQyEmS
uKnYqEn328mtYzvgZ072Ekp16zijuIPqq/R+/vKYxtNVR+OkFCGY9KCr69z6gGGv
5FuWZjmZqsJdT90y+6lxH5hUb1TJb37q439kDbeq8J8i
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org