Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4dc4706c-5c38-4195-b396-c038125e8874.roa
File: 4dc4706c-5c38-4195-b396-c038125e8874.roa (raw, json)
Hash identifier: rSYYLzrsvE/t0SH+XUtV2XF078POHGLNx/t28SNfG4M=
Subject key identifier: 2C:38:95:E3:13:32:CC:76:4E:88:CB:03:53:9E:82:2D:29:44:2C:07
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 484377BC6B885789E9F6A5A0E37C68EBAA6CCAE3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4dc4706c-5c38-4195-b396-c038125e8874.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:43:77:bc:6b:88:57:89:e9:f6:a5:a0:e3:7c:68:eb:aa:6c:ca:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=c89fec5e3b6bd8fc74b65d90dbb46359ae41f43409592a5facbcd4db74f2ee82, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:11:6a:84:29:c8:a0:0d:fe:9e:2f:38:50:1f:
07:4d:c4:fd:3b:9d:38:cf:0f:c9:ea:84:e9:47:55:
12:9a:9c:38:dc:ef:85:72:df:02:4e:0f:e8:b6:38:
1e:24:ee:b9:01:25:7e:53:70:e2:8d:39:a2:fc:3c:
f0:e2:ab:4f:15:a1:15:11:0b:ee:ed:9a:6a:20:03:
ea:96:33:2d:66:23:08:8f:35:0f:78:43:75:c5:e1:
cd:e2:b3:a0:95:c3:49:ae:32:4b:18:58:46:be:0d:
d5:62:75:09:58:e6:99:51:e7:8a:5b:c0:c4:f9:39:
59:d0:67:d3:48:09:96:46:0e:86:44:36:26:8f:8a:
9f:f6:1c:cb:6d:fc:55:b7:fa:2d:42:5b:af:25:bd:
c1:d2:3d:21:e5:99:57:f3:b6:c7:36:e7:71:15:62:
1f:cb:9c:5d:24:2a:b7:46:89:32:a3:2f:69:0a:87:
2e:dc:e5:68:4d:ef:46:a5:4e:e2:0e:48:7c:a2:d6:
90:db:c3:6c:a8:cc:51:c3:eb:a3:24:77:a9:c6:96:
54:96:bf:5e:a4:05:9a:06:ea:d5:04:74:f9:d8:74:
8b:52:cd:3c:2a:43:25:b1:3f:c3:af:30:3d:89:67:
5c:6f:67:d8:b8:0a:90:be:81:c3:5e:bf:cc:b4:6a:
b6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:38:95:E3:13:32:CC:76:4E:88:CB:03:53:9E:82:2D:29:44:2C:07
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4dc4706c-5c38-4195-b396-c038125e8874.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bb:ee:4a:93:f9:67:7f:d8:72:cf:4c:41:5e:35:7f:27:55:37:
85:6f:f6:18:06:78:08:86:d9:9c:14:fd:97:85:4e:b2:75:f8:
38:06:6c:fa:47:1c:4b:b9:e0:59:02:fc:9b:4d:a1:0d:95:75:
41:6f:f2:1c:98:b7:94:3d:9c:a7:78:3d:e2:9f:0a:11:96:3d:
98:03:df:5f:e4:6c:84:7f:ff:05:a8:e2:fc:e2:47:27:67:2e:
c8:cb:5f:d4:ed:ef:64:21:18:e2:62:aa:1b:72:d0:bc:92:53:
ff:26:ba:f8:a1:86:1e:71:cc:29:1e:14:f7:92:c7:67:6f:9d:
a6:f9:f6:25:9a:78:29:38:fc:48:74:6b:58:8c:08:dc:16:be:
28:30:d5:f4:bb:2a:41:8d:02:8c:63:e1:2d:99:e4:7f:97:10:
71:80:bd:2c:fd:46:7d:3d:cd:43:0b:75:de:66:8a:2f:b5:1d:
87:cf:b8:38:63:00:ef:6d:3f:75:3e:f4:d3:ed:eb:8a:ad:9e:
7b:0f:10:16:50:16:0c:50:47:d0:69:3f:d9:e4:33:80:f9:df:
a9:bc:4d:6f:5f:e2:35:75:95:8e:bf:80:ec:9e:48:12:78:25:
11:e0:73:83:14:45:88:df:7b:5c:27:66:55:9b:1f:1c:1c:1c:
8f:0c:18:bf
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSEN3vGuIV4np9qWg43xo66psyuMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4OWZlYzVlM2I2YmQ4ZmM3NGI2NWQ5MGRiYjQ2MzU5YWU0MWY0MzQwOTU5
MmE1ZmFjYmNkNGRiNzRmMmVlODIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALERaoQpyKAN/p4vOFAfB03E/TudOM8PyeqE6UdVEpqcONzvhXLfAk4P6LY4
HiTuuQElflNw4o05ovw88OKrTxWhFREL7u2aaiAD6pYzLWYjCI81D3hDdcXhzeKz
oJXDSa4ySxhYRr4N1WJ1CVjmmVHnilvAxPk5WdBn00gJlkYOhkQ2Jo+Kn/Ycy238
Vbf6LUJbryW9wdI9IeWZV/O2xzbncRViH8ucXSQqt0aJMqMvaQqHLtzlaE3vRqVO
4g5IfKLWkNvDbKjMUcProyR3qcaWVJa/XqQFmgbq1QR0+dh0i1LNPCpDJbE/w68w
PYlnXG9n2LgKkL6Bw16/zLRqtqcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQsOJXj
EzLMdk6IywNTnoItKUQsBzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGRjNDcwNmMtNWMzOC00MTk1LWIzOTYtYzAzODEyNWU4ODc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQC77kqT+Wd/2HLPTEFeNX8nVTeFb/YYBngIhtmcFP2X
hU6ydfg4Bmz6RxxLueBZAvybTaENlXVBb/IcmLeUPZyneD3inwoRlj2YA99f5GyE
f/8FqOL84kcnZy7Iy1/U7e9kIRjiYqobctC8klP/Jrr4oYYeccwpHhT3ksdnb52m
+fYlmngpOPxIdGtYjAjcFr4oMNX0uypBjQKMY+EtmeR/lxBxgL0s/UZ9Pc1DC3Xe
ZoovtR2Hz7g4YwDvbT91PvTT7euKrZ57DxAWUBYMUEfQaT/Z5DOA+d+pvE1vX+I1
dZWOv4DsnkgSeCUR4HODFEWI33tcJ2ZVmx8cHByPDBi/
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org