Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4ed45413-5d05-4a62-b756-1f16aacf1cb3.roa
File: 4ed45413-5d05-4a62-b756-1f16aacf1cb3.roa (raw, json)
Hash identifier: Nr4gOqOFVrG1SQUmkmOmGER/WfKHLFYzTh1+D0pmDeg=
Subject key identifier: 05:AE:99:C2:2A:6F:79:17:92:F1:01:42:65:06:18:70:DF:0A:3A:13
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3AC334CC4DD693802DC6A049F22189B8A1D61C3F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4ed45413-5d05-4a62-b756-1f16aacf1cb3.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.48.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:c3:34:cc:4d:d6:93:80:2d:c6:a0:49:f2:21:89:b8:a1:d6:1c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=742333201ad996dd67e36f7bc172212a67626a5b5c71179f968ff872daa5b373, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:46:f3:4d:a3:a1:33:fa:18:7c:77:0c:37:50:
5d:21:15:da:58:b4:fe:ed:51:65:6e:b4:30:e3:87:
ac:3a:7a:fd:6f:d7:ed:f2:cc:bc:e9:8b:28:fd:93:
de:e4:2b:bc:4c:b6:f2:9e:c5:72:3f:08:65:02:40:
32:f2:57:09:65:80:2e:84:8a:5f:c0:85:99:6c:23:
83:b5:51:30:4e:71:64:d7:38:56:bd:f7:49:97:ae:
68:12:b3:54:99:ac:2a:93:dc:13:9b:ac:4a:15:10:
95:88:4e:30:18:0e:0a:63:ad:db:7e:6e:91:58:a9:
3e:7d:f6:27:43:b3:72:7c:e9:d3:25:ef:be:56:51:
5f:ee:b8:26:27:b4:28:5e:7e:e5:6f:07:d1:48:4c:
7a:4e:fc:44:7c:a3:f4:fb:26:2e:c2:ee:d0:6d:9a:
51:e1:39:d9:bd:d9:17:9c:52:cc:1b:a6:d0:8e:77:
b9:13:39:64:2c:31:0c:ad:9e:f0:b7:d3:0d:47:a0:
15:19:55:9f:74:a2:27:12:2a:0a:54:83:73:25:a1:
fb:aa:ad:30:87:87:60:0f:50:48:85:54:55:c7:28:
f4:5f:56:0c:ce:3b:68:95:da:80:04:66:a1:01:db:
d9:4b:1f:8c:56:ed:be:df:cb:03:2f:29:e9:ea:10:
28:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:AE:99:C2:2A:6F:79:17:92:F1:01:42:65:06:18:70:DF:0A:3A:13
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4ed45413-5d05-4a62-b756-1f16aacf1cb3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ce:50:23:b8:4a:33:fd:3e:7c:2c:6a:8c:b3:e1:e8:d6:f7:91:
ea:47:23:64:be:1f:84:36:fc:4b:b0:f0:f3:fc:77:e7:1a:8a:
02:86:f7:40:eb:9c:03:c7:50:08:d4:f1:da:2a:05:59:49:00:
22:2e:c5:d6:8d:2b:ec:62:75:43:fa:a5:84:11:5b:e6:11:e8:
c7:86:f6:f5:c6:78:4a:69:a6:c3:f7:74:b3:23:9b:71:75:42:
78:c3:d6:c8:10:75:cb:3e:f7:da:62:b7:27:15:da:38:6b:d1:
a1:e3:e8:2a:49:29:1b:c2:d3:d4:a9:d5:7b:6a:3d:b6:f1:06:
ac:de:0d:81:19:62:a7:ba:bf:8b:3a:10:f1:64:a0:0e:6e:ef:
bc:8d:66:25:eb:e7:35:51:ba:8b:32:79:2f:f0:9c:6d:74:d9:
fe:a6:62:55:c9:17:01:5d:87:16:f4:93:b9:21:ee:78:93:9c:
33:4a:f2:cf:66:dd:6f:70:84:fb:b0:fd:d1:fb:7f:b8:e3:44:
88:9f:e1:4e:75:70:1e:47:8e:af:cc:2b:67:0b:e3:d4:8b:6a:
a0:78:3b:85:ca:54:74:d5:68:db:c8:7c:96:ae:d2:7e:3b:1c:
03:9b:91:30:ba:1b:4e:ff:f0:1c:a1:e9:2f:5f:8d:92:83:9a:
0c:b9:c7:48
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOsM0zE3Wk4AtxqBJ8iGJuKHWHD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0MjMzMzIwMWFkOTk2ZGQ2N2UzNmY3YmMxNzIyMTJhNjc2MjZhNWI1Yzcx
MTc5Zjk2OGZmODcyZGFhNWIzNzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpG802joTP6GHx3DDdQXSEV2li0/u1RZW60MOOHrDp6/W/X7fLMvOmLKP2T
3uQrvEy28p7Fcj8IZQJAMvJXCWWALoSKX8CFmWwjg7VRME5xZNc4Vr33SZeuaBKz
VJmsKpPcE5usShUQlYhOMBgOCmOt235ukVipPn32J0Ozcnzp0yXvvlZRX+64Jie0
KF5+5W8H0UhMek78RHyj9PsmLsLu0G2aUeE52b3ZF5xSzBum0I53uRM5ZCwxDK2e
8LfTDUegFRlVn3SiJxIqClSDcyWh+6qtMIeHYA9QSIVUVcco9F9WDM47aJXagARm
oQHb2UsfjFbtvt/LAy8p6eoQKDMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQFrpnC
Km95F5LxAUJlBhhw3wo6EzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGVkNDU0MTMtNWQwNS00YTYyLWI3NTYtMWYxNmFhY2YxY2IzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQDOUCO4SjP9Pnwsaoyz4ejW95HqRyNkvh+ENvxLsPDz
/HfnGooChvdA65wDx1AI1PHaKgVZSQAiLsXWjSvsYnVD+qWEEVvmEejHhvb1xnhK
aabD93SzI5txdUJ4w9bIEHXLPvfaYrcnFdo4a9Gh4+gqSSkbwtPUqdV7aj228Qas
3g2BGWKnur+LOhDxZKAObu+8jWYl6+c1UbqLMnkv8JxtdNn+pmJVyRcBXYcW9JO5
Ie54k5wzSvLPZt1vcIT7sP3R+3+440SIn+FOdXAeR46vzCtnC+PUi2qgeDuFylR0
1WjbyHyWrtJ+OxwDm5EwuhtO//AcoekvX42Sg5oMucdI
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org